This Policy applies to collection of information, including information collected on our website. By submitting your information to us or any of our staff, you consent to the terms and conditions of the policy and to our processing personal information for the purposes stated below.
In this Policy, “personal information” means information that is recorded in any form, both fact and opinion and that can be used to distinguish, identify or contact a specific individual. “Donor” refers to any individual or organization that contributes funds, securities or property to NUL. For purposes of this Policy, “Employee” describes both paid and volunteer workers for NUL. Here are the types of donor information that we collect and maintain:
- Contact information: name, organization/church, complete address, phone number, email address; and
- Payment information: credit card number and expiration date, and billing information.
NUL and its employees are responsible for all Donor Information in our possession. NUL shall establish, maintain, and revise practices and procedures to ensure compliance with this Policy. All employees, agents, affiliates, volunteers and contractors of NUL are individually required to safeguard Donor Information.
Donors may notify NUL of a privacy-related issue or grievance by contacting the Chief Development Officer. We will provide information about our privacy procedures and investigate the complaint. If a problem is discovered during the review, we will take all appropriate steps to revamp our policies and procedures if necessary.
Use and Disclosure of Personal Information
NUL collects, uses and discloses personal information only for certain purposes that are identified to a Donor. We may use it to establish and manage our relationship with a Donor, as well as providing requested information. Personal information can also help us understand a Donor and identify preferences and expectations. The main uses will involve raising money to reach our campaign goals and to process gifts and return appropriate receipts.
NUL holds special events to create publicity for our campaign, thank supporters, and raise funds. At some of these events, a NUL employee may obtain personal information of a Donor. If so, Donors will be advised of this fact and the information related to the event will be disposed of properly when it is no longer needed.
We collect Donor Information for internal use only, and just to the extent required for our purposes. We obtain relevant personal information about Donors lawfully and fairly.
Sharing or Selling of Personal Information
NUL will not sell, trade or rent the information and contents of Donor files to others. NUL will not share Donor e-mail address to third parties.
NUL only uses and discloses personal information with Donor permission. Donor permission can be in writing or implied, either verbally and/or electronically. A Donor may withdraw permission to collect, use, and disclose personal information at any time by giving NUL reasonable notice, subject to legal or contractual obligations. A Donor may opt out of sharing of any information, including name and address, by contacting NUL via email firstname.lastname@example.org or telephone (212) 558-5300. When a Donor has communicated to NUL a desire to opt out of the disclosure of his or her information, NUL will not include the Donor’s data to another organization or third party. External auditors, regulatory agency personnel, attorneys and persons operating pursuant to legal process who may be conducting audits, reviews, or other investigations, may require access to all hard copy and/or electronic Donor Information files and records in order to conduct their work. Access shall be granted for these limited purposes, subject to confidentiality agreements, to the extent possible, and with no permission allowed for further disclosure of these confidential records.
Donors who wish to avoid any public recognition may inform NUL when making a pledge or gift. The option to remain anonymous shall be made available to Donors by NUL and its appropriate employees. This request for anonymity shall be honored by NUL until the Donor informs us otherwise.
Custody and Care of Personal Information
The personal information in our possession shall be kept accurate and up-to-date. Donors may always correct their personal information if they believe that our records are not correct. If a Donor feels that any of our information about them is inaccurate or incomplete, the Donor has the right to ask us to change it or delete it. If a Donor’s personal information is wrong in any way, NUL will make the required changes.
NUL operates under the assumption that any Donor or Donor prospect has the right to review his or her record maintained by our organization. Donors may request in writing to see personal information about them that is in the possession of NUL. Donors also have the right to know how the information is obtained and used. We will respond to Donor requests within a reasonable time, within 30 days, by either providing copies of the documents or access to the information. NUL will generally respond at no charge to the Donor, but depending on the nature of the request and the amount of information requested, we reserve the right to charge a reasonable amount. In some situations, NUL may not be able to provide access to all the personal information held on a Donor. Exceptions will be limited and specific as permitted or required by law, and the reasons for non-disclosure shall be communicated to the requesting party.
NUL will keep Donors’ personal information only as long as it is necessary to satisfy the purposes for which it was obtained, or as legally required. Access to Donor file materials containing personal information is restricted to NUL employees and its affiliates which need it to do their jobs.
NUL has established appropriate technical, physical and organizational security procedures to protect Donors’ personal information against loss, theft, unauthorized use, disclosure, or modification. These procedures will be monitored and reviewed at least annually and when needed to ensure their continued effectiveness. The safeguards employed by NUL include, but may not be limited to, the use of limited access storage areas, locked files, and the use of encryption, secure servers, and computer workstation passwords. All stored information and transactions are protected by SSL encryption using a SHA-256 signing algorithm with RSA encryption.