Global
Countries
Global
Australia
Belgium
Brazil
Canada
France
Germany
India
Indonesia
Italy
Japan
Netherlands
South Korea
United States
Home About Shop FAQs Help Contact
Search Campaigns Membership Blog
Privacy Policy
Privacy Policy

Last updated: [13 August 2025]

Who we are

SignItNow (“we”, “us”, “our”) operates the website at https://www.signitnow.org and related services that let people start petitions, sign, comment, and (where available) donate.
Contact: contact@signitnow.org
Data controller: SignItNow [Company/Org name & postal address]

What personal data we collect & why

Accounts & profiles

  • Data: name, display name, email, password (hashed), country/locale, settings.

  • Why: create/manage your account; secure access; communicate service updates.

Petitions, signatures & comments

  • Data: petition text, images, targets; signatures and “reason for signing”; comments and replies; timestamps.

  • Why: publish petitions, show support counts, enable discussion, and power discovery.

  • Visibility: petition content is public. Your name/reason for signing may be shown publicly unless you choose available privacy options at sign.

Donations & payments (if used)

  • Data: amount, currency, transaction IDs, limited billing details.

  • Why: process contributions, receipts, fraud prevention, compliance.

  • Note: Card data is processed by Stripe; PayPal by Braintree/PayPal. We do not store full card numbers.

Communications & support

  • Data: emails, messages, support tickets, marketing preferences.

  • Why: respond to you, send service messages, send optional updates with your consent.

Device & usage

  • Data: IP address, browser/user-agent, device identifiers, referring URLs, pages viewed, cookies, approximate location.

  • Why: security (anti-abuse/spam), analytics, site performance.

Media uploads

  • Data: images you upload.

  • Tip: remove embedded location data (EXIF/GPS) before uploading; visitors may download images and extract metadata.

Comments (WordPress)

  • We collect the data shown in the comment form, your IP and user-agent to help spam detection. An anonymized hash of your email may be sent to the Gravatar service to display an avatar (subject to Gravatar/Automattic’s policy).

Legal bases (GDPR/UK GDPR)

We process your data because it is necessary to perform a contract (provide the service), based on legitimate interests (security, abuse prevention, improvement), with your consent (e.g., marketing cookies/emails), or to comply with legal obligations (tax, fraud, court orders).

Cookies & similar tech

We use cookies to:

  • keep you logged in and remember preferences;

  • measure performance and improve the product;

  • (where enabled) support promotion/attribution.

Examples (WordPress defaults): login/session cookies; screen-options cookies; editor/post cookies. “Remember me” keeps you signed in for up to two weeks. You can clear cookies in your browser or use our cookie settings (where available).

Embedded content

Pages may include embedded content (videos, posts, etc.). Embedded content from other sites behaves as if you visited those sites directly and may set cookies or track you under their policies.

Analytics

We use privacy-respecting analytics and/or third-party analytics to understand aggregate usage and improve the service. Where required, we’ll ask for consent.

Who we share data with

  • Service providers (processors): hosting, email delivery, analytics, spam/fraud prevention, customer support, payment processing. Bound by contract to protect your data.

  • Public/petition audiences: petition text, counts, and (subject to your settings) your name/reason for signing are public.

  • Legal & safety: to comply with law, enforce terms, or protect rights, safety, and security.

  • Transfers: if we undergo a merger/reorganization, we’ll ensure protections remain in place.

International transfers

Where data moves outside your country/region, we use lawful safeguards (e.g., EU Standard Contractual Clauses/UK addenda) plus technical and organizational measures.

How long we keep data

  • Account data: while your account is active and for a reasonable period afterward for security/compliance.

  • Petitions/signatures/comments: retained while the petition remains published and for archiving/legal purposes.

  • Payment records: retained to meet tax and accounting rules.
    We delete or anonymize data when no longer needed.

Your rights

Subject to local law, you can access, correct, delete, restrict, or object to processing of your data, and export/port a copy. Where we rely on consent, you can withdraw it at any time.
To exercise rights: contact@signitnow.org. You can also complain to your local data protection authority.

Security

We use layered security controls, including encryption in transit, hardened infrastructure, access controls, monitoring, and regular patching. No system is perfect; if we detect a breach affecting your data, we’ll notify you and regulators when required.

Automated decisions

We may use automated checks (e.g., spam/fraud detection, abuse prevention). These do not produce legal or similarly significant effects without human review.

Children

Our services are not directed to children under the minimum age required by local law (e.g., 13 or 16 in the EU). If you believe a child has used the service, contact us to remove the data.

Where we send data

Visitor comments may be checked via automated spam-detection services. Payment data is handled by our processors as described above.

Changes to this policy

We may update this policy from time to time. We’ll post changes here and update the “Last updated” date. Material changes may be communicated by email or in-product notice.

Contact us

Questions or requests about privacy: contact@signitnow.org