Disclosure

Transparency, Privacy & Security Commitment

At The Good News #planetclenaup, we are committed to maintaining the highest standards of integrity, transparency, privacy, and digital security for our donors, volunteers, beneficiaries, and community members.

In the event that a security vulnerability, data breach, or unauthorized access issue arises involving our website, systems, or user information, our organization will take immediate and responsible action to protect all affected parties and secure our operations.

Our response procedures include:

  • Promptly investigating the nature and scope of the issue

  • Securing affected systems and addressing vulnerabilities

  • Working with qualified cybersecurity and legal professionals

  • Evaluating whether personal or sensitive information may be impacted

  • Notifying affected individuals when appropriate and in accordance with applicable laws

  • Strengthening safeguards to reduce future risk

To protect both our users and the integrity of our systems, certain technical details may be withheld from public disclosure while investigations or remediation efforts are ongoing.

We are committed to complying with relevant privacy, security, and nonprofit governance standards while prioritizing user trust and responsible stewardship of all information entrusted to us.

Our organization encourages all users to practice good digital safety habits and to report any suspected security concerns to  – info@planetcleanup.org.

The Good News #planetcleanup views security preparedness as an essential part of our mission and is dedicated to responding swiftly, transparently, and responsibly should any issue arise. Protecting our community remains a core priority.

Security Incident Response Plan

The Good News #PlanetCleanup / PlanetCleanup.org

To resolve a website security vulnerability and protect both the organization and its users, The Good News #PlanetCleanup should take the following steps:

1. Immediate Containment

  • Restrict access to affected pages or systems

  • Change all admin passwords and security credentials

  • Disable vulnerable plugins, forms, or third-party tools

  • Back up systems for investigation

2. Investigate the Issue

  • Review website/server logs to identify the source

  • Determine what data may have been exposed

  • Document findings and timeline

3. Secure & Repair

  • Update website software, plugins, and security patches

  • Fix vulnerabilities in code or database settings

  • Install SSL, firewall protection, and two-factor authentication

  • Encrypt sensitive user data

4. Protect Users

  • Assess whether personal information was affected

  • Notify impacted users privately if necessary

  • Encourage password changes and safe online practices

5. Legal & Transparency Compliance

  • Follow applicable privacy and data protection laws

  • Prepare a clear public disclosure statement

  • Avoid sharing technical details that could worsen risk

6. Ongoing Monitoring

  • Conduct regular security scans and audits

  • Monitor suspicious activity

  • Limit internal access to sensitive information

7. Strengthen Internal Policies

  • Train staff on cybersecurity awareness

  • Improve password, data privacy, and access control policies

  • Minimize unnecessary data collection