The purpose of this policy is to be more transparent about the personal data we collect on our website, why we collect this data, who we may share this data with, and what rights you have over the use and storage of your personal data. We believe this level of transparency is important for all involved in Affirmation’s efforts to support the LGBTQ+ Mormon community.
Who We Are
Affirmation Gay and Lesbian Mormons; doing business as Affirmation: LGBT Mormons, Families & Friends; is a Utah nonprofit seeking to support LGBTQ+ Mormons, their family members, and friends. For more details about the work of Affirmation, please see our vision and values. The full address of our principal place of business: 912 E 32nd Street, Minneapolis, MN 55407. Our email address is email@example.com. Our website address is affirmation.org.
What Personal Data We Collect and Why We Collect It
Information collected by any contact form on our website collects the explicit information provided by you when using that form, such as name, email, phone number address, etc. Additional information including user agent, user IP address is also recorded when submitting any form on our website. Additional information that may be collected includes the date of submission, data parameters included in the URL of the page where the form was accessed, and the referring URL. This information allows users to communicate with us, and for us to deliver content and responses relevant to our users. This information is usually sent via encrypted email to email accounts we manage. All form submissions are stored on our website for up to 90 days unless otherwise requested by the user.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded Content from Other Websites
Who We Share Your Data With
Unless otherwise noted as a service used for a specific purpose within this policy, we do not share your data with any other party for any reason. We do not sell, exchange, or otherwise distribute data.
We may also share information as required by applicable law, regulation, or government request; for the investigation of potential violations of our policies; to respond to potential fraud, security, or technical issues; to respond to user requests; or to protect our rights, our property, our safety, or the safety of our users and the public. This may include sharing information with other entities as necessary for fraud protection and spam/malware prevention.
Constituent Relationship Management (CRM)
How Long We Retain Your Data
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. Information submitted via contact or payment forms is kept for up to 90 days after the submission of the form. All cookies are either deleted upon the closing of your browser or logging out of your account. User-level and event-level analytics data is deleted every 14 months. Mailing list data is kept perpetually until a customer cancels their services or a subscriber otherwise unsubscribes from a mailing list. Data in our constituent relationship management system is kept perpetually unless otherwise requested by the constituent. Should such a request be made, transactional information in our constituent relationship management system will be kept, but anonymized, to ensure proper reporting organization activities.
What Rights You Have Over Your Data
If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time. In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information or request portability of your personal information. These requests may be made by emailing firstname.lastname@example.org.
You have the right to opt-out of any non-transactional emails we send you at any time. You made do so by clicking the “unsubscribe” link in the footer of these emails.
You have the right to withdraw your consent from us processing your personal data at any time. Withdrawal of consent does not delegitimize any processing of your personal data conducted prior to the withdrawal of your consent, as long as you provided consent prior to such processing.
You have the right to complain to an appropriate authority about our collection and use of your personal data.
How We Protect Your Data
All data transmitted through our website is SSL encrypted over secure HTTPS. All data that we store on our servers or on third-party service providers named in this policy is secured strong passwords that are regularly updated to safeguard the data stored by those services. We use services with records of providing secure processing and storage of data. Even with the best safeguards, it is not possible to guarantee there will never be a breach of personal data.
What Data Breach Procedures We Have in Place
Upon discovery of any data breach, we will immediately update all passwords associated with the breach. We will inform affected users of the breach. Should a data breach occur, we will abide by any requirements of any applicable law.
What Automated Decision Making and/or Profiling We Do with User Data
Personal data collected may be used to distribute information based on location, organizational activity, or submitted demographic information. We do this so that constituents receive information and resources that are relevant to them.
This policy may be updated from time to time. If you are concerned about how we protect your privacy or use your personal data, we recommend you review it often. We will notify you about changes to this policy on our website. If we make significant changes, we will notify you through email or other communication. This policy was last updated on May 24, 2018.