Prison Fellowship International Privacy Policy

1. Introduction

This Privacy Policy describes how PFI collects and uses Personal Data about you through the use of our Websites and through email, text, and other electronic communications between you and PFI.

Prison Fellowship International (“PFI” or “We”) respect your privacy and are committed to protecting it through our compliance with this policy.

This Privacy Policy (our “Privacy Policy”) describes the types of information we may collect from you or that you may provide when you visit the websites www.pfi.org and www.restorativejustice.org (each, a “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

  • on our Websites;
  • when you make a donation;
  • when you join us in prayer on our Websites;
  • in email, text, and other electronic messages between you and our Websites; and
  • when you interact with our advertising on third-party websites, if that advertising include links to our Websites.

It does not apply to information collected by:

  • us offline or through any other means, including on any other website operated by PFI or any third-party (including our affiliates and subsidiaries); or
  • any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to the Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Websites. By accessing or using our Websites, you agree to this Privacy Policy. This Privacy Policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of our Websites after we make changes is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates.

2. Data Controller, Data Protection Officer, and Representative

PFI is the data controller of the Personal Data you provide on the Websites. PFI will appoint a Data Protection Officer and a representative prior to May 25, 2018 and will update this Privacy Policy when it does.

PFI is the data controller of your Personal Data. PFI will appoint a Data Protection Officer and a representative in the European Union in compliance with the General Data Protection Regulation. When this occurs, we will update this Privacy Policy to reflect such appointments PFI, its Data Protection Officer, or its representative may be contacted in any manner set forth below in the “Contact Information” Section of this Privacy Policy.

3. Children Under the Age of 16

Our Websites are not intended for children under the age of 16 and children under the age of 16 are not permitted to use our Websites. We will remove any information about a child under the age of 16 if we become aware of it.

Our Websites are not intended for children under 16 years of age. No one under age 16 may provide any information to or on the Websites. We do not knowingly collect Personal Data from children under 16. If you are under 16, do not use or provide any information on our Websites or on or through any of its features, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us through the Contact Information below.

4. Information We Collect About You and How We Collect It

We collect different types of information about you, including information that may directly identify you, information that is about you but individually does not personally identify you, and information that we combine with our other users. This includes information that we collect directly from you or through automated collection technologies.

Generally

We collect several types of information from and about users of our Websites, specifically information (“Personal Data”):

  • by which you may be personally identified, such as name, postal address(es), e-mail address, telephone number, and/or credit card number (solely for processing when you make a donation);
  • that is about you but individually does not identify you, such as traffic data, location data, logs, referring/exit pages, date and time of your visit to our Websites, error information, clickstream data, and other communication data and the resources that you access and use on the Websites; and/or
  • about your internet connection, the equipment you use to access our Websites and usage details.

We collect this information:

  • directly from you when you provide it to us;
  • automatically as you navigate through the Websites. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies; and
  • From third parties, for example, our business partners who help us on our mission.

Information You Provide to Us

The information we collect on or through our Websites are:

  • information that you provide by filling in forms on our Websites. This includes information provided at the time of registering to use our Websites, joining us in prayer on our Websites, or requesting further information about our organization and our mission. We may also ask you for information when you report a problem with our Websites;
  • records and copies of your correspondence (including email addresses), if you contact us;
  • your responses to surveys that we might ask you to complete;
  • details of donations you make through our Websites. You may be required to provide financial information before making a donation through our Websites. When you make a donation with us, our payment processor stores your credit card information and we may only store a “token” that identifies you with our payment processor in order to process recurring donations.

The Personal Data we collect from you is required to make a one-time or recurring donation to PFI, for PFI to process your donation(s), for our staff to join you in prayer (when you ask us to), and to provide you with more information about our mission. If you refuse to provide such Personal Data or withdraw your consent to our processing of Personal Data, then in some cases we may not be able to process your donation(s) or provide you with the information you request.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Websites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, specifically:

  • details of your visits to our Websites, specifically traffic data, location data, logs, referring/exit pages, date and time of your visit to our Websites, error information, clickstream data, and other communication data and the resources that you access and use on the Websites; and
  • Information about your computer and internet connection, specifically your IP address, operating system, and browser type.

The information we collect automatically may include Personal Data, or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve our Websites and to deliver a better and more personalized service by enabling us to:

  • estimate our audience size and usage patterns;
  • store information about your preferences, allowing us to customize our Websites according to your individual interests;
  • speed up your searches; and
  • recognize you when you return to our Websites.

Details about the automated data collection technologies and the specific cookies that we use can be found in our Cookie Policy.

5. Lawful Basis for Processing Your Personal Data

We have a lawful basis for our processing of your Personal Data, including processing for our legitimate interests (when balanced against your rights and freedoms), to fulfill our obligations to you under a contract with you, and required by law, and with your consent.

If you are in the European Union, the processing of your Personal Data is lawful only if it is permitted under the applicable data protection laws. We have a lawful basis for each of our processing activities (except when an exception applies as described below):

  • Consent. By using our Websites, you consent to our collection, use, and sharing of your Personal Data as described in this privacy policy. If you do not consent to this privacy policy, please do not use the Websites;
  • Legitimate Interests. We will process your Personal Data as necessary for our legitimate interests. Our legitimate interests are balanced against your rights and freedoms and we do not process your Personal Data if your rights and freedoms outweigh our legitimate interests. Our legitimate interests are to: facilitate communication between PFI and you; detect and correct bugs and to improve our Websites; safeguard our IT infrastructure and intellectual property; detect and prevent fraud and other crime; promote and market our mission; and check your credit and perform risk assessments;
  • To Fulfill Our Obligations to You under our Contract. When you make a one-time or recurring donation to PFI, we form a contract for you to donate to our mission and for us to use your donation towards our mission. We process your Personal Data in order to fulfill our obligations to you pursuant to this contract with you.
  • As Required by Law. We may also process your Personal Data when we are required or permitted to by law; to comply with government inspection, audits, and other valid requests from government or other public authorities; to respond to legal process such as subpoenas; or as necessary for us to protect our interests or otherwise pursue our legal rights and remedies (for instance, when necessary to prevent or detect fraud, attacks against our network, or other criminal and tortious activities), defend litigation, and manage complaints or claims.

6. Special Categories of Information

We generally do not request you provide and do not process any special categories of Personal Data.

PFI does not ask you to provide, and we do not knowingly collect, any special categories of Personal Data from you, including personal data that reveals your racial or ethnic origin, political opinions, religious, philosophical beliefs, or trade unions membership, or the processing of data concerning your health or data concerning your sex life or sexual orientation or history of criminal convictions.

7. Automated Decisions Making

We generally do not use your Personal Data with any automated decision making processes

PFI does not use your Personal Data with any automated decision making process which may produce a legal effect concerning you or similarly significantly affect you, including profiling.

8. How We Use Your Information

We use your Personal Data for various purposes described below, including to:

  • provide our Websites to you;
  • provide you with information you request from us;
  • enforce our rights arising from contracts;
  • notify you about changes; and
  • provide you with notices about your account

We use information that we collect about you or that you provide to us, including any Personal Data:

  • to present our Websites and their contents to you;
  • to provide you with information that you request from us;
  • to process your one-time or recurring donation(s);
  • to fulfill any other purpose for which you provide it;
  • to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for processing your donation;
  • to notify you about changes to our Websites or any products or services we offer or provide though them;
  • in any other way we may describe when you provide the information; and
  • for any other purpose with your consent.

With your consent, we may also use your information to send you our newsletter or to contact you about our mission and our activities that may be of interest to you. If you wish to consent to this use, please check the relevant box located on the form on which we collect your data. If you wish to change your choice, you may do so at any time by logging into the Websites and adjusting our user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request at info@pfi.org. You may also unsubscribe from any emails you receive from us by clicking the unsubscribe link. For more information, see Choices About How We Use and Disclose Your Information.

9. Disclosure of Your Information

We do not share, sell, or otherwise disclose your Personal Data for purposes other than those outlined in this Privacy Policy. We disclose your Personal Data to a few third parties, including:

  • our subsidiaries and our affiliates;
  • our third-party service providers that we use to support our business;
  • to a company we merge, acquire, or that buys us, or in the event of change in structure of our company of any form;
  • to comply with our legal obligations;
  • to enforce our rights; and
  • with your consent.

We do not share, sell, or otherwise disclose your Personal Data for purposes other than those outlined in this Privacy Policy. However, we may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose Personal Data that we collect or you provide as described in this privacy policy:

  • to our subsidiaries and affiliates;
  • to contractors, service providers, and other third parties we use to support our business. These entities provide IT and infrastructure support services and payment processing services. Our payment processor’s privacy policies may be found at https://www.authorize.net/about-us/privacy/;
  • to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Prison Fellowship International’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Prison Fellowship International about our Websites’ users is among the assets transferred;
  • to fulfill the purpose for which you provide it. For example, if you make a donation to sponsor a child, we may provide that child with certain information regarding you;
  • for any other purpose disclosed by us when you provide the information; and
  • with your consent.

We may also disclose your Personal Data:

  • to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
  • to enforce or apply our Terms of Use and other agreements, including for the purposes of processing your donation; and
  • if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Prison Fellowship International, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

10. Choices About How We Use and Disclose Your Information

We offer you choices on how you can opt out of our use of tracking technology, disclosure of your Personal Data for third-parties to advertise to you, our advertising to you, and other targeted advertising.

We do not control the collection and use of your information collected by third parties described above in Disclosure of Your Information. When possible, these organizations are under contractual obligations to use this data only for providing the services to us and to maintain this information strictly confidential. These third parties may, however, aggregate the information they collect with information from their other customers for their own purposes.

In addition, we strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with control over your Personal Data:

  • Updates from PFI. We will only use your contact information to provide you with updates about our mission with your express consent. If you wish to consent to such use, you can check the relevant box located on the form on which we collect your Personal Data or otherwise seek such consent. If you wish to change your choice, you may do so at any time by logging into the Websites and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to info@pfi.org. If we have sent you an email about our mission, you may click the unsubscribe link to be omitted from future email distributions. This opt out does not apply to information provided to PFI as a result of a donation or a prayer request.

11. Your Rights Regarding Your Information and Accessing and Correcting Your Information

You may have certain rights under applicable data protection laws, including the right to access and update your Personal Data, restrict how it is used, transfer certain Personal Data to another controller, withdraw your consent at any time, and the right to have us erase certain Personal Data about you. You also have the right to complain to a supervisory authority about our processing of your Personal Data.

Applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.

  • Access and Update. You can review and change your Personal Data by logging into the Websites and visiting your “Account” page. You may also notify us through the contact information below of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
  • Restrictions. You have the right to restrict our processing of your Personal Data under certain circumstances. In particular, you can request we restrict our use of it if you contest its accuracy, if the processing of your Personal Data is determined to be unlawful, or if we no longer need your Personal Data for processing, but we have retained it as permitted by law.
  • Portability. To the extent the Personal Data you provide PFI is processed based on your consent, you have the right to request that we provide you a copy of, or access to, all or part of such Personal Data in structured, commonly used and machine-readable format. You also have the right to request that we transmit this Personal Data to another controller, when technically feasible.
  • Withdrawal of Consent. To the extent that our processing of your Personal Data is based on your consent, you may withdraw your consent at any time by closing your account. If you registered for an account after May 23, 2018, you can close your account at any time by logging into the Websites and visiting your “Account” page. If you registered before this date, please contact us through the Contact Information below and we would be happy to assist you. Withdrawing your consent will not, however, affect the lawfulness of the processing based on your consent before its withdrawal, and will not affect the lawfulness of our continued processing that is based on any other lawful basis for processing your Personal Data.
  • Right to be Forgotten. You have the right to request that we delete all of your Personal Data. We cannot delete your Personal Data except by also deleting your user account, and we will only delete your account when we no longer have a lawful basis for processing your Personal Data or after a final determination that your Personal Data was unlawfully processed. We may not accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. In all other cases, we will retain your Personal Data as set forth in this policy. In addition, we cannot completely delete your Personal Data as some data may rest in previous backups. These will be retained for the periods set forth in our disaster recovery policies.
  • Complaints. You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy.
  • How You May Exercise Your Rights. You may exercise any of the above rights as described above or by contacting us through our Contact Information described below. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee subject to a maximum set by applicable law.

12. Do Not Track Signals

We may use automated data collection technologies to track you across websites. We currently do not honor do-not-track signals that may be sent by some browsers.

We also may use automated data collection technologies to collect information about your online activities over time and across third-party websites or other online services. Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals and we do not modify what information we collect or how we use that information based upon whether such signal is broadcast or received.

13. Data Security

Information transmitted over the Internet is not completely secure, but we do our best to protect your Personal Data. You can help protect your Personal Data and other information by keeping your password to our Websites confidential.

We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure.

The safety and security of your information also depends on you. Where you have registered and chosen a password for access to certain parts of our Websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our Websites. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Websites.

14. Consent to Processing of Personal Data in the United States

We may process your Personal Data outside of your home country, including to the United States. We only do this when we are legally permitted to do so and when we have appropriate safeguards in place to protect your Personal Data.

If you are a resident of the European Economic Area (“EEA”), in order to provide our Websites, products, and services to you, we may send and store your Personal Data outside of the EEA, including to the United States. Accordingly, your Personal Data may be transferred outside the country where you reside or are located, including to countries that may not or do not provide an adequate level of protection for your Personal Data.

Your Personal Data is transferred by PFI to another country only if it is required or permitted under applicable data protection law and provided that there are appropriate safeguards in place to protect your Personal Data. By using our Websites, you represent that you have read and understood the above and hereby consent to the storage and processing of Personal Data that you provide directly to us on our Websites. To ensure your Personal Data is treated in accordance with this Privacy Policy, PFI uses Data Protection Agreements between PFI and all other recipients of your data where applicable and that may include the Standard Contractual Clauses adopted by the European Commission (the “Standard Contractual Clauses”). The European Commission has determined that the transfer of Personal Data pursuant to the Standard Contractual Clauses provides for an adequate level of protection of your Personal Data. Under these Standard Contractual Clauses, you have the same rights as if your data was not transferred to such third party. You may request a copy of the Data Protection Agreement by contacting us through the Contact Information below.

Data Retention Periods

We retain your Personal Data for as long as you keep your account open (if you have one) and for at least forty-eight (48) months after your close your account or your last donation. In some instances, we may keep it after you close your account, for example we may keep it:

  • on our backup and disaster recovery systems;
  • for as long as necessary to protect our legal interests; and
  • and to comply with other legal requirements.

PFI will retain your Personal Data for the entire time that you keep your account open (if you have one). After you close your account or make a donation, we may retain your Personal Data:

  • for at least forty-eight (48) months after your last donation or after you close your account;
  • for as long as necessary to comply with any legal requirement;
  • on our backup and disaster recovery systems in accordance with our backup and disaster recovery policies and procedures;
  • for as long as necessary to protect our legal interests or otherwise pursue our legal rights and remedies; and
  • for data that has been aggregated or otherwise rendered anonymous in such a manner that you are no longer identifiable, indefinitely.

15. Changes to Our Privacy Policy

We will post any changes to our Privacy Policy on our Websites. If we make material changes to our Privacy Policy, we may notify you of such changes through your contact information and invite you to review (and accept, if necessary) the changes.

We may change this Privacy Policy at any time. It is our policy to post any changes we make to our Privacy Policy on this page with a notice that the Privacy Policy has been updated on the Websites’ home page. If we make material changes to how we treat our users’ Personal Data, we will notify you by email to the email address specified in your account and/or through a notice on the Websites’ home page. The date this Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Websites and this Privacy Policy to check for any changes.

16. Contact Information

You may contact our Data Protection Officer through the contact information below. If you wish to contact us, you must contact both us and our representative through the contact information below or through the “Contact Us” page on our Websites.

If you have any questions, concerns, complaints or suggestions regarding our Privacy Policy, have any requests related to your Personal Data pursuant to applicable laws, or otherwise need to contact us, you must contact both us and our representative in the European Union at the contact information below or through the “Contact” page on our Websites.

To Contact PFI (Controller)
Prison Fellowship International
P.O. Box 17434
Washington, DC 20041
USA
info@pfi.org
(703) 481-0000

To Contact Our Representative
[Representative Name]
[Street Address]
[Street Address 2]
[City, State Zip]
[Country]
[Phone]
[Email Address]

To Contact Our Data Protection Officer
[Data Protection Officer’s Name]
[Street Address]
[Street Address 2]
[City, State Zip]
[Country]
[Phone]
[Email Address]

Share This