WHO WE ARE
When we refer to “we” (or “our” or “us”), that means St. Luke's United Methodist Church. We are located at 100 W. 86th Street, Indianapolis, Indiana 46260
At St. Luke's, we are an open community of Christians helping people find and give hope through Jesus Christ. We are a Methodist church within the United Methodist Conference. For more information, visit the About Us section of our Website.
When you use our Services, you’re trusting us with your information. We understand this is a big responsibility and work hard to protect your information and put you in control.
This notice applies to Church Online and any other websites we own or operate (collectively, our “Website”) and all products and services we provide, including our online and mobile giving, payments, engagement services, products, and applications, and any other apps or services we may offer. For the purpose of this notice, we’ll just call them our “Services.”
When we say “Personal Data” or “personal information”: we mean identifiable information about you, including like your name, email, address, telephone number, bank account details, payment information, or other online identifiers. If you can’t be identified (for example, when Personal Data has been aggregated and anonymized) then this notice doesn’t apply. Check out our User Agreement for more information on how we treat your other data.
OUR PRINCIPLES OF DATA PROTECTION
Trust: Trust is very important to us and we know it’s important to you. When you entrust us with Personal Data, we understand this is a big responsibility and being good data stewards is of paramount importance to us.
Transparency: We are open, honest and transparent in how we treat your Personal Data.
Security: We believe that faith-based organizations not-for-profits, and all organizations deserve access to solutions that champion leading approaches to security. We’re committed to protecting your Personal Data and have appropriate technical and organizational measures in place designed to keep your data safe and secure.
HOW WE COLLECT YOUR DATA
When you visit our Website or applications, or use our other Services, we collect Personal Data. The ways we collect it can be broadly categorized into the following:
Information you provide to us directly: When you visit or use some parts of our Website, applications and/or other Services, we may receive information from you, for example, when you register for an account, make a payment, or provide information to us in any other way through your use of the Services). For example, we ask for your contact information when you sign up for an account, respond to a job application or an email offer, participate in community forums, join us on social media, take part in training and events, contact us with questions or request support, and you may provide us with payment details when you set up an account for purposes of making or receiving payments. If you don’t want to provide us with Personal Data, you don’t have to, but it might mean you can’t use some parts of our Website, applications, or other Services.
Information we collect automatically: We collect some information about you automatically when you visit our Website, applications, or use our other Services, like your IP address and device type. We also collect information when you navigate through our Website, applications, or other Services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our Website, applications and other Services so that we can continue to provide the best experience possible (e.g., by personalizing the content you see).
Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our Cookie Notice.
Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect Personal Data about you from other sources, such as individuals or organizations who use our Services, publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the Personal Data we already hold about you, in order to better inform, personalize and improve our services, and to validate the Personal Data you provide.
HOW WE USE YOUR DATA
First and foremost, we use your Personal Data to operate our Website and applications and provide you with any other Services you’ve requested, and to manage our relationship with you. We also use your Personal Data for other purposes, which may include the following:
To communicate with you. This may include:
- providing you with information you’ve requested from us (like training or education materials) or information we are required to send to you;
- operational communications, like changes to our Website, applications, or other Services, security updates, or assistance with using our Website, applications, or other Services;
- marketing communications (for example, about a product or service we think you might be interested in based on your marketing preferences); and
- asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
To support you: This may include assisting with the resolution of technical support issues or other issues relating to the Website, applications, or other Services, whether by email, in-app support or otherwise.
To enhance our Services and develop new ones: For example, by tracking and monitoring your use of Website, applications, and other Services so we can keep improving, or by carrying out technical analysis of our Website, applications, and other Services so that we can optimize your user experience and provide you with more efficient tools.
To market to you: In addition to sending you marketing communications, we may also use your Personal Data to display targeted advertising to you online – through our own Website, applications, and other Services or through third party websites and their platforms.
To analyze, aggregate and report: We may use the Personal Data we collect about you and other users of our Website, applications, and Services (whether obtained directly or from third parties) to produce aggregated and anonymized analytics and reports, which we may share publicly or with third parties.
HOW WE SHARE YOUR DATA
There will be times when we need to share your Personal Data with third parties. We will only disclose your Personal Data to:
- third party service providers and partners who assist and enable us to use the Personal Data to, for example, support delivery of, or provide functionality on, our Website, applications, or our Services, or to market or promote our Services to you;
- regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure;
- an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business; and
- others where we have your consent.
INTERNATIONAL DATA TRANSFERS
When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to the United States, where our data hosting provider’s servers are located. These countries may have laws different to what you’re used to. Rest assured, where we disclose Personal Data to a third party in another country, we put safeguards in place to ensure your Personal Data remains protected.
For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your Personal Data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like New Zealand), or to a third party where we have approved transfer mechanisms in place to protect your Personal Data – for example, by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties). For further information, please contact us using the details set out in the Contact us section below.
Our Services may contain interactive functionality that allows you to engage with other users on the services, post comments to forums, to make prayer requests, to upload photographs and other content (which we refer to as “User Materials“), participate in surveys, and otherwise to interact with our Services and with other users. If you use any interactive functionality on our Services that request or permit you to provide us with Personal Data (including, for example, any services that allow you to post User Materials on any of our Services), we collect the Personal Data that you provide to us in the course of using these interactive features.
St. Luke's partners with payment gateways to process credit card payments and those gateways maintain their own privacy policies. Please consult those policies for details on how your Personal Data will be handled by those partners.
Security is a priority for us when it comes to your Personal Data. We’re committed to protecting your Personal Data and have appropriate technical and organizational measures in place to make sure that happens.
St. Luke's is committed to data security. St. Luke's uses a variety of technologies and procedures to help protect Personal Data from unauthorized access, use or disclosure. For example, St. Luke's stores the data in computer servers with limited access that are located in controlled facilities secured by the latest in surveillance and security technology. St. Luke's processes payments through Pushpay who transmits sensitive information (such as a credit card numbers), Pushpay protects it through the use of encryption, such as the Secure Socket Layer (SSL) protocol. Pushpay is a level 1 certified PCI-DSS compliant provider. PCI Data Security Standards are endorsed by Visa, MasterCard, American Express and all other leading card brands.
We will retain your Personal Data for a period of time consistent with the original purpose of collection, including to pursue our legitimate business interests, comply with our legal, tax or accounting requirements, resolve disputes and enforce applicable agreements.
It’s your Personal Data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, click on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you, or send your request to email@example.com
You also have rights to:
- know what Personal Data we hold about you, and be able to check to make sure it’s correct and up to date;
- request a copy of your Personal Data, or ask us to restrict processing your Personal Data or delete it; and
- object to our continued processing of your Personal Data.
You can exercise these rights at any time by sending an email to firstname.lastname@example.org or by contacting us using the contact details provided under “How to contact us” below.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Our Website, applications, and other Services are intended for a general audience and not directed to children under 13 years of age. We do not intend to collect personal information as defined by the U.S. Children’s Privacy Protection Act (“COPPA“) (which we refer to as “children’s personal data”) in a manner that is not permitted by COPPA, or by applicable data protection laws. If you are a parent or guardian and believe we have collected children’s personal data in a manner not permitted by COPPA, please contact us by sending a letter to the email address listed under “How to contact us” (Attention: Legal) and we will remove such data to the extent required by COPPA or by applicable data protection laws.
Parents may want to consider commercially available parental control protections to limit what minors can access online and/or monitor their minor children’s online activities. Examples include: www.netnanny.com, www.webwatcher.com and www.sentrypc.com. We do not endorse these or other services and are not responsible for them.
By using any of our Website, applications or other Services, you represent that you are at least the age of majority in your state or province of residence.
CHOICES YOU HAVE
You can always opt not to disclose information. However, if you elect to do so, we will likely be limited in responding to your inquiry or providing services to you.
You can opt-out of receiving marketing messages from us by unsubscribing through the unsubscribe or opt-out link in an email, or by sending an email to email@example.com. We will comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages.
In addition to the rights above, depending on the circumstances you also have the right to:
- request portability of your Personal Data, or delete it; and
- if we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.
HOW TO CONTACT US
We’re always happy to hear from you. If you’re curious about what Personal Data we hold about you or you have a question or feedback for us on this notice, our Website, applications, or other Services, please reach out and get in touch.
As a technology company, we prefer to communicate with you by email – this ensures that you’re put in contact with the right person, in the right location, and in accordance with any regulatory time frames.
Our email is firstname.lastname@example.org our mailing address is St. Luke's United Methodist Church, 100 W. 86th Street, Indianapolis, Indiana 46260 or you can reach us by phone at +1(317) 846-3404.
effective date 1/1/2019