ACCEPTANCE OF TERMS
USING OUR SYSTEMS
HOW WE USE YOUR PERSONAL INFORMATION
We will generally only collect and use your personal information where we have your consent to do so, when it is needed to process donations or to comply with our legal obligations.
We set out below a table where we describe each of the ways in which we use your Personal Information, the types of Personal Information that we use and the legal basis that applies to that use. Where the legal basis is “legitimate interest” we also set out some further details.
How we use your Personal Information
The types of Personal Information involved
For electronic marketing/prayer communication
Identity data; contact details (email, sms etc); marketing & communication data
Consent or Legitimate Interest where it follows something you have donated
When you engage with us (for example, financially), the law permits illumiNations to send you relevant email marketing
To allow you to login and to access our Systems
Identity data; authentication data
Contract and Legitimate Interests
To ensure that your accounts on our Systems are kept safe and private
For advocacy and fundraising
Identity data; Financial data; financial transaction data; contact details; contact details; marketing & communication data
To provide opportunities for you to partner with us through financial giving, communication or prayer
To process donations
Identity data; Financial data; financial transaction data; contact details; and tax status
Contract and Legitimate interests
To securely receive your donation toward our charitable aims
For statutory reporting
Identity data; contact details; tax status
Legal Obligations and Legitimate Interests
We may have obligations to report to the authorities in other countries
To improve our tools and improve your experience of our Systems, to maintain an audit trail of access to data, troubleshooting, data analysis, and system maintenance
Identity data; Historical transaction data; contact details; system data; audit logs; and location data; marketing & communication data; demographics
To manage, protect, and improve our Systems; to ensure that our services run effectively and to track who is accessing your data
To respond to complaints and requests
Identity data; contact details; historical transaction data; application data
Legal obligation and Legitimate Interests
To ensure that your concerns are addressed
HOW WE COLLECT PERSONAL INFORMATION
We obtain personal information about you through:
- Direct Interactions – when you enquire about our activities, engage in an activity with us, make a donation, register through one of our sites or at an event, or otherwise give us your personal information. If you meet with us for discipleship or spiritual advice, we may take confidential notes for spiritual guidance and support. If you prefer that we do not take notes, please let us know. The information you disclose is entirely at your discretion.
- Third parties [or other publicly available sources] – we may from time to time obtain personal information about you from third parties and public sources (e.g. US Census Data). We will only collect personal information from third parties if they have obtained that information in a legal and proper way.
- Referral of Information by Individuals – Your name and contact details may have been passed to us by someone you know, who indicated that you might be interested in hearing about our ministry, according to the chart in section 2.
TYPES OF PERSONAL INFORMATION THAT WE COLLECT
We collect the following types of personal information:
- Application Data – employment history, qualifications and references (if applicable).
- Authentication Data – usernames and password used in our Systems.
- Contact Details – email address, postal address, and telephone number.
- Demographics – information that allows us to better understand who you are and the Bible Translation projects in which you are most interested.
- Financial Data – bank account and payment bank details.
- Financial Transaction Data – details about donations you have made.
- Historical Transaction Data – communication history, your past donations, applications and interactions with us.
- Identity Data – name, date of birth, gender, marital status.
- Location Data – physical location, including IP address, and lat/long coordinates and country of origin (where applicable).
- Marketing & Communications Data – preference in receiving marketing or communication from illumiNations. • System Data – Information about how you use our Systems.
- Tax Status – Information for statutory reporting.
HOW/WHEN WE DISCLOSE PERSONAL INFORMATION
Generally, we will not disclose or share your personal information (including your email address) with anyone outside our organization without your permission. However, we may need to use or share your information with our partners and agents who provide goods and services to you on our behalf. Your information may be disclosed:
- To other parts of our organization;
- To our Alliance Organizations;
- To public or regulatory authorities, including in response to requests by law enforcement or other governmental entities, in response to requests by third parties in response to subpoenas, court orders or other legal processes, or when we believe it is necessary to exercise our legal rights or defend against legal claims; and
- To third party service providers, including:
- Cloud service providers for the hosting of apps and sites;
- Direct and email marketing service providers (e.g. MailChimp); and
- Companies that assist us in processing your donations.
The following rights under the GDPR are available to you if you are located in the European Economic Area (EEA). If you wish to exercise any of these rights, please email us at [email protected]. We will respond to your request within 30 days of receiving it. In order to properly respond to your request we may request reasonable documentation to verify your identity so that we don’t inadvertently provide your personal information to someone else.
Editing and updating personal information. If you find that your personal information needs to be edited or updated, you can change your personal information directly on the site. Our Systems offer different options for you to access, change, and modify the information you previously provided, such as your donor or customer record (for registered users only), email address, postal address, or to change your email preferences. If one of our Systems does not give you the option to edit personal information yourself or you wish to update the personal information we otherwise hold about you, you can ask us to update it by contacting us at [email protected]. Please make sure to provide us with all the information we need to be able to address your request, including both the old and new information.
Accessing personal information. You can request details of your personal information we hold. We will confirm whether we are processing your personal information and provide additional details including what kind of information we have about you, where we collected it, how we use it (including the legal basis for our processing), how long we expect to keep it, details of any automated decision making or profiling and the safeguards regarding data transfers to non-EEA countries, subject to the limitations set out in applicable laws and regulations. If you ask us, we will provide you with a copy of your personal information. We may charge you a fee to cover our administrative costs or if the requests are manifestly unfounded or excessive.
Deletion of personal information. At your request, we will delete your personal information if any of the following conditions are met:
- Your personal information is no longer necessary for the purpose for which illumiNations originally collected and processed it,
- You withdraw consent which formed the basis of retaining and processing your personal information;
- You have successfully objected to the processing of your personal information;
- Your personal information was processed unlawfully, or
- We are required to delete your personal information to comply with our legal obligations.
We will review requests on a case by case basis and we might not be able to comply with your request if we need to process your personal information:
- To exercise the right of freedom of expression and information,
- To comply with our legal obligations,
- To establish, exercise or defend a legal claim, or
- To perform a task in the public interest.
If this is the case, we will notify you of the reasons why your request was rejected.
Restriction of processing of personal information. You have the right to request us to limit the processing of your personal information if:
- You dispute the accuracy of your personal information,
- Your personal information was processed unlawfully and you request a limitation on processing, rather than a deletion of your personal information,
- We no longer need to process your personal information, but you need your personal information to establish, exercise or defend a legal claim, or
- You object to the processing of your personal information based on our legitimate interests pending verification as to whether we have an overriding legitimate ground for such processing.
We may be required to retain some of your personal data in addition to any personal data you have otherwise we requested we retain or process to ensure we can comply with your request to limit processing or for other legal purposes. To the extent, we are required to retain additional personal data, we will notify you of the personal data we are required to retain and the reason for the continued processing of such personal data.
Objecting to certain types of processing including automated decision making. Where we process your personal information based upon our legitimate interests, you have the right to object to this processing on grounds relating to your particular situation and we will no longer process this personal data unless we have compelling legitimate grounds for processing. Where we process your personal information based upon our legitimate interests and where decisions are made by automated processing which has a legal or other significant effect on you, you may also object to such automated decision making.
Portability of personal information. You can request us to send you your personal information in a structured, commonly used, machine-readable format to you or another third party that you specify if:
- You provided us with the personal information,
- The lawful basis for processing of your personal information is based on your consent or the performance of a contract, or
- The processing is carried out by automated means.
Withdrawing consent. We primarily rely on legitimate business interests as the lawful basis for processing your data, but to the extent we rely on consent as the lawful basis for processing your data, you have the right to withdraw any consent you may have given us at any time. We will comply with your request promptly. If you withdraw your consent, we might not be able to provide some of our products and services to you. At any point, you have the right to object to processing of your personal information for direct marketing purposes and we will promptly comply with your request.
Filing a complaint with a data protection authority. We will try to resolve any problems that you have but you are always able to contact your local data protection authority for assistance or to make a complaint.
INTERNATIONAL TRANSFER OF YOUR PERSONAL INFORMATION
We have put in place appropriate security measures to protect your personal information from being accidentally lost, misused or accessed in an unauthorised way, altered or disclosed. These include technical, administrative and physical security measures to ensure that any information we collect is stored and processed securely.
For example, for Systems that require personal or sensitive data to be collected or displayed, a Secured Socket Layer (SSL) connection is required, to ensure that the data is encrypted as it is transferred to the browser. All credit card payments are processed using PCI compliant technology, to ensure that your credit card number is securely passed to the merchant/service provider. We do not store your credit card details.
We have procedures to deal with any suspected personal data breach and we will promptly notify you and any applicable regulator of a breach in accordance with our legal obligations.
We cannot guarantee that the security measures we implement in connection with the operation of the site will absolutely prevent others from accessing or acquiring any information that you provide while using the site. You can help us protect your personal information by properly protecting your password and remembering to log out of your account and close your browser window when you finish visiting our site, especially if you are on a shared or public computer.
Most website browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience certain interactive features of our Systems or access all of the services provided on our Systems.
HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We keep your information as long as it is needed to achieve our purposes listed above, as well as for the amount of time necessary to meet any legal, tax, or reporting requirements.
We do not keep your personal information for longer than necessary and up to 7 years after your last interaction with us (e.g. making a donation or using one of our Systems). We may keep your data for longer than 7 years if we cannot delete it for legal or technical reasons. We may also keep it for statistical purposes. However, if we do, we will ensure that your privacy continues to be protected and only use it for these purposes.
We also provide content created by third parties on some of our Systems. These third-party sites or providers have separate privacy policies. We are not responsible for the privacy practices or the content of such content providers or third-party sites.
We do not knowingly collect personal information from children under the age of 13. If we discover that we have accidentally collected personal information from a child below the age of 13, we will delete it from our records as soon as reasonably possible.
Minors under the age of 18 should seek their parent’s or legal guardian’s permission and assistance to register with one of our Systems, purchase products or materials, or participate in an activity requiring the submittal of personally identifiable information.. However, parents may choose to provide information regarding a minor that is necessary for the minor to participate in activities on our Systems. Parents and legal guardians have the right to request at any time that the information collected about their child is removed from our Systems.
YOUR CALIFORNIA PRIVACY RIGHTS
If you have any questions about this policy or the way we use your personal information, you may contact us at [email protected].