Whistleblower Policy
General Statement
Breast Cancer Alliance (the “BCA”) is committed to observing high standards of legal and ethical business conduct. The Breast Cancer Alliance expects its officers, directors and employees to exercise honesty and integrity in fulfilling Breast Cancer Alliance’s responsibilities and complying with all applicable laws and regulations. This policy is intended to encourage and enable good faith reporting of Wrongful Conduct and to protect individuals from retaliation who make such reports.
Purpose
This policy creates a mechanism for officers, directors and employees to report Wrongful Conduct. Wrongful Conduct is defined as a violation of applicable law or regulations or material violations of Breast Cancer Alliance’s operating policies (“Wrongful Conduct”).
Examples of Wrongful Conduct that this policy is intended to address include, but are not limited to:
No officer, director or employee (a “Reporting Person”) who in good faith reports Wrongful Conduct will suffer retaliation, harassment or adverse employment consequences.
Reporting
A Reporting Person may report Wrongful Conduct directly to the Executive Director, any director-level employee, any officer or any member of the Executive Committee of the Board of the Breast Cancer Alliance . Such persons are required to report immediately any allegation of Wrongful Conduct to the President of the Board of Directors, in his capacity as Chairperson of the Executive Committee, who has specific and exclusive authority to investigate all reported violations. If the Reporting Person believes that the concerns reported will not be fairly considered, the Reporting Person may report Wrongful Conduct directly to any member of the Board of Directors.
Breast Cancer Alliance will make every effort to treat the Reporting Person’s identity with confidentiality, with the understanding that details of the allegations concerning the Wrongful Conduct may need to be shared with others in order to conduct a comprehensive investigation.
Anonymous reports, while accepted, impact the Breast Cancer Alliance ’s ability to conduct an investigation. Thus, Reporting Persons are encouraged to disclose their identity to increase the credibility of the report and to enable the Breast Cancer Alliance to investigate the matter thoroughly.
The Reporting Person will not be expected to prove the truth of his or her allegations of Wrongful Conduct, but he or she should be prepared to demonstrate that the allegations are made in good faith and to submit whatever evidence is available to support the allegations. Reports of unfounded allegations of Wrongful Conduct that are demonstrated to have been made recklessly, maliciously or with the knowledge that the allegations were false may lead to disciplinary action, up to and including termination.
Response
The President of the Board of Directors, in his capacity as Chairperson of the Executive Committee, is responsible to supervise and direct a prompt investigation. The action taken will be dependent on the nature of the concern. The President of the Board of Directors, in his capacity as Chairperson of the Executive Committee, shall provide a report of the conclusions of the investigation and a recommendation for the disciplinary and corrective action to be taken, if any, to the Board of Directors, who will determine by majority vote whether to adopt such recommendation or adopt an alternative action.
Due to the important yet sensitive nature of the suspected violations, effective professional follow-up is critical. Reporting Persons and officers who become aware of Wrongful Conduct, while appropriately concerned about “getting to the bottom” of such issues, should not in any circumstances perform any investigative or other follow-up steps on their own. Accordingly, a Reporting Person or officer who becomes aware of Wrongful Misconduct:
Retaliation Prohibited
No Reporting Person who reports Wrongful Conduct in good faith under this policy shall suffer threats, abuse, harassment, retaliation, discrimination or any other or adverse employment consequence. A person within the Breast Cancer Alliance who does retaliate against a Reporting Person is subject to discipline up to, and including, termination of employment.
Any Reporting Person who believes he or she has been retaliated against should report it to the President of the Board of Directors, Executive Director or other member of the Board of Directors.
Violations of this Policy
Violations of this policy will be subject to such disciplinary and corrective action as the Board of Directors deems appropriate.
Periodic Review
The Board of Directors shall review this policy periodically to ensure that it continues to satisfy the obligations of the Breast Cancer Alliance. Any changes to the policy will be communicated timely to all employees.
Privacy Policy
Breast Cancer Alliance ("BCA") has adopted this Privacy Statement in order to demonstrate to you our commitment to privacy and to inform you of our policies with respect to information collected on this website. By visiting or using this website, you acknowledge and agree to the terms of this Privacy Statement. BCA is the sole owner of and the only organization that uses the personal information collected on this site. We will not sell or rent this information to others under any circumstances. This Privacy Policy applies to all information received by BCA, both online and offline, as well as any electronic, written or oral communication.
Automatic Collection of Anonymous Information
Breast Cancer Alliance has a strong commitment to internet privacy. When you visit our website, like when you visit most other websites, certain anonymous information about your visit may be automatically logged, including the server name and IP address through which you access the internet (such as "aol.com" or "earthlink.net"), the date and time you access our site, the pages you access while at our website, the Internet address of the website from which you linked directly to our site, the Internet address of the website to which you link if and when you leave this website by clicking on a link at this website. This information is not personally identifiable. We use this information to generate statistics and measure site activity to improve the usefulness of the BCA site to our visitors.
Personally Identifiable Information
Your submission of personally identifiable information to us is entirely your choice. You may visit and browse our website without revealing any personally identifiable information about yourself to us. However, you may also choose to disclose personally identifiable information about yourself by conducting business with us. We may collect personally identifiable information about you if you:
communicate such information to us;
subscribe to receive our newsletter or other communications;
make an on-line donation;
purchase a product from one of our corporate partners and donate a portion of the purchase price to BCA.
The personally identifiable information we collect may consist of contact information (such as your name, email address, postal address or telephone number), your preferences (such as where you go on our site), financial and transaction-related information (if you make an on-line donation to us), and any other information you communicate to us (for example in an email or phone call).
Information Use and Disclosure
Breast Cancer Alliance makes every effort to insure the secure collection and transmission of sensitive user information using industry accepted data collection and encryption methodologies.
BCA does not sell or otherwise disclose user information outside the organization. This policy has no exceptions. We do not sell or exchange your information with any other organization, public, private, or non-profit.
Personally identifiable information we collect may be used for such purposes as:
providing services and support to users;
processing authorized transactions (including, without limitation, donations);
improving our website, including tailoring it to users' preferences;
providing users with information through our Newsletter and other communications;
responding to your questions inquiries, comments and instructions;
maintaining records about donations;
maintaining the security and integrity of our systems;
pursuant to legal process or any other purpose required by law.
We do not keep record of payment methods so that you cannot be charged for any donations or purchases except when specifically requested.
Please see the Choice/Opt-Out section below for your options regarding the use of personally identifiable information about you.
Choice/Opt-Out
In order to provide service to you, we will occasionally send you communications related to your transactions, security or the administration of our website. From time to time, we may also wish to send you our newsletter or other communications such as those concerning upcoming events. If you do not wish to receive our newsletter or such other communications, please send an email containing your request to info@breastcanceralliance.org.
Cookies
BCA's server, or the servers of companies that we use to help us operate our site, may place a "cookie" on your computer. A "cookie" is a small piece of data that can be sent by a web server to your computer, which then may be stored by your browser on your computer's hard drive. Cookies allow our computer to recognize your computer while you are on our website and help customize your online experience and make it more convenient for you, for example by allowing us to save information related to a previous contribution. The information collected from cookies may also be used to improve the functionality of our website.
Most web browser applications (such as Microsoft Internet Explorer and Google Chrome) have features that can notify you when you receive a cookie or prevent cookies from being sent. If you disable cookies, however, you may not be able to use certain personalized functions of this website.
External Links
Our website may contain links to other websites controlled by third parties. While we try to link only to websites of reputable organizations, please be aware that BCA is not responsible for the privacy practices or the content of other websites. We encourage you to read the privacy statements provided by other websites before you provide personally identifiable information to them. We will endeavor to inform you when you are leaving our website.
Security
We maintain physical, electronic and procedural safeguards to help protect your personal information. Among other things, we:
use industry-standard secure encryption software to protect information that you submit to us over the secure portions of our website;
restrict access to your personal information to only those persons who need to know that information to provide information to you and for other authorized purposes consistent with this privacy policy (including, but not limited to, our employees) and who have agreed to hold such information confidentially and use such information only for the purposes for which that information was provided; and maintain our web servers in an environment in which access to such servers is limited to authorized individuals and is subject to a variety of electronic, physical and procedural security measures.
In spite of the safeguards that we maintain, no data transmission over the Internet or any wireless network is 100% secure. Accordingly, we cannot ensure or warrant the security of any information that you transmit to us and you must do so at your own risk. However, once we have received your information, we will use commercially reasonable efforts to protect its security.
Changes to this Privacy Policy
BCA reserves the right to modify or supplement this policy at any time. If we make a material change to the terms of this policy, we will post a notice on our homepage and link to the new policy.
Contacting Us
If you have questions or concerns about this Privacy Policy or our practices with respect to personally identifiable information, please contact us at: Breast Cancer Alliance, Attention: Yonni Wattenmaker, Executive Director, 48 Maple Avenue, Greenwich, CT 06830.
Solicitations
Breast Cancer Alliance never solicits donations by phone, nor do we employ paid professionals or volunteers to do so on our behalf.
If you receive such a call, please contact us immediately at: 203.861.0014 or info@breastcanceralliance.org
Conflict of Interest
All members of the Breast Cancer Alliance's Board of Directors sign a conflict of interest policy as part of their Board reponsibility.
Gift Policies
For a list of our giving policies and procedures, click here.
Social Media Policy
Breast Cancer Alliance recognizes the importance of social media in shaping public thinking about our organization and is committed to supporting honest, transparent, and knowledgeable dialogue on the Internet through social media.
Employees and volunteers shall not post confidential information about Breast Cancer Alliance on Breast Cancer Alliance or personal social media accounts. This includes financial information, legal matters, organizational internal strategies, campaign benchmarks, unreleased advertising or promotions, internal processes or methodologies, circulating rumors, and colleagues’ or members’ personal information. Employees and volunteers posting on behalf of Breast Cancer Alliance are to represent the organization respectfully and professionally, adhere to the terms and conditions of any third-party sites, and take full responsibility for their communication.
Representing Breast Cancer Alliance’s presence on a public social network must be authorized beforehand by the Executive Director. Reposting a Breast Cancer Alliance-created post as it was initially shared is acceptable.
A friendly and professional tone is advised when posting updates and having conversations with supporters or customers. A healthy dialog with constructive criticism can be useful in the comments section of posts but refrain from engaging in dialogue that could disparage colleagues, competitors, or critics if a reply is warranted.
When posting or replying to a message, take the time to review the content to ensure it cannot be interpreted in any negative light. Reply to comments in a timely manner if a response is needed.
Record Retention Policy
Policy brief & purpose
Our Record Retention policy describes our guidelines to create, preserve and access our organization’s records. To ensure that our records are accurate and secure, we ask our employees to adhere to this policy.
Scope
In this policy, a “record” is any type of electronic or paper file (document, spreadsheet, database entries) that we store in our systems. This includes files both employees and external sources create. All legal and business documents, as well as formal internal and external communications, fall under this policy’s purview. This policy applies to employees who may create, access and manage records. Every other employee who creates and stores important records should follow this policy too.
Policy elements
Creating records
We place high value on our company’s records. Creating and storing certain types of records are mandatory. Employees should:
Authorization
Records may have different levels of authorization that limit their accessibility. The authorization level is usually determined by those who create the records, BCA’s official policy or the law (the law always take precedence.) The following records are strictly confidential and require a high-level authorization:
Access to those records is restricted to employees who directly manage that information. Other types of records, like company performance metrics and internal policies, may be accessible by all permanent employees. Employees must not disclose records to people outside of our company, unless authorized.
Retaining records
Our employees must protect our records, whether marked as confidential or not.
Physical records
Printed records must be stored safely in filing cabinets or closed offices. We advise our employees to avoid relocating records as much as possible.
Electronic records
Electronic records will be protected by passwords, firewalls and other security settings, both locally and in the cloud. Employees are responsible for keeping these records intact. For example, if an employee shares a Google spreadsheet, they must decide whether to give colleagues permission to edit, view or comment. Employees should not grant editing privileges unless necessary. Also, when employees access electronic, confidential records outside of our office, they should ensure that both their devices and networks are secure. They should not leave their screens and devices unattended while logged in to our company’s accounts.
Data retention period
As a general rule, we keep all records for a minimum of two years. The law may oblige us to retain certain records for a longer period. In this case, we will abide by the law. Also, the following records must be preserved indefinitely:
Discarding records
After the data retention period has passed, authorized employees may choose to discard records for a specific reason. They will usually do this either by shredding physical documents or deleting data from a database or computer. Printed copies of electronic files should be shredded, too. Records may also be discarded upon request from a stakeholder. For example, a customer or partner may ask us to delete their information from our databases. In this case, managers should authorize employees to discard relevant records. We expect our employees to always respect our confidentiality policy. When files need to be discarded, employees must not create copies or store information on their devices. This may constitute a security breach and warrant disciplinary action.