Privacy Policy

This policy has been updated on, and is valid as of, July 1st, 2021

Kindness To One Another, Inc. (“K21A.org") respects your privacy and preferences. This privacy policy (the “Privacy Policy”) sets forth the terms under which you share your personal data with K21A.org, how K21A.org collects and uses your data, and your rights with respect to understanding and modifying how it will be collected and used.

Generally: This Privacy Policy applies to the personal data provided to K21A.org when you make a donation, register for an event, sign up for a newsletter, purchase a product, or otherwise provide us with information via the K21A.org Website located at www.k21a.org or any other domain names owned or controlled by K21A.org (the “Website”). It also applies to personal data you may provide to K21A.org via telephone, email, regular mail, social media, texting, mobile applications, at a special event, in response to a solicitation or face-to-face.

Minors: It is K21A.org policy not to solicit knowingly any personally identifiable information from children under the age of 13. Children under 13 are not authorized to make a donation or purchase, sign up for an event or program, or otherwise provide any personally identifiable information without consent from a parent or legal guardian.

K21A.org may request from you, or you may volunteer to provide, your contact information, including your name, mailing address, phone number(s), social media handles and email address(es). We hold and process supporters’ personal data for a number of reasons:

• To keep a record of donations made and actions taken by our supporters and our communications with them
• To send our supporters marketing information about our projects, fundraising activities and appeals where we have their consent or are otherwise permitted to do so
• To fulfill contractual obligations entered into with supporters
• To support volunteers, such as during build or fundraising events
• To support community based fundraising and campaigning
• To ensure we do not send unwanted information to supporters or members of the public who have informed us they do not wish to be contacted
• To manage supporters’ accounts and provide customer service
• To offer sweepstakes, contests, giveaways or other promotions
• To enforce the Website terms of service
• To perform other functions as described at the time K21A.org collects information.

If you make a donation or a purchase with K21A.org, or otherwise provide us your information, K21A.org may contact you from time to time about opportunities to make additional donations or purchases or to provide you information about upcoming programs.

We may also analyze your personal information to create a record of your interests and preferences. This allows us to ensure communications are relevant and timely, to contact you in the most appropriate and relevant way and in general to provide you with an improved user experience. It also helps us to understand the background of our supporters so that we can make appropriate requests for support, enabling us to raise funds and help beneficiaries sooner and more cost-effectively.

K21A.org may also share data from its U.S. and Canadian resident supporters with select third-party sponsors and service providers based on our assessment that the products or services may be of interest to these supporters or that the sponsor or provider can help K21A.org identify what services or appeals may be of interest to our supporters.  We may also provide our U.S. and Canadian resident supporters with information about services from third parties.   If you do not wish your data to be used in this way, you may follow the instructions for modifying your consent (see below, “How to control what we send you or update your personal information”).

K21A.org will contact you for marketing purposes—for example, to keep you up to date on our work, or let you know how you can support that work—only where we have your consent or we are otherwise allowed to do so because of your prior engagement with K21A.org, as explained further below (see “Our Reliance on Your Prior Support”).

We will make it easy for you to tell us if you would like to receive marketing communications from us and hear more about our work and the ways in which you would like to receive this information. We will not send you marketing material if you tell us that you do not wish to receive it. Instructions for how to do so are below (see “How to control what we send you or update your personal information”).

Duration: 

If you are a U.S. or Canadian resident, your ongoing consent is presumed unless you inform us that you wish to be removed from our contact list. 

If you are not a U.S. or Canadian resident, K21A.org will presume your consent to last for 24 months, unless you withhold consent during this period.  After 24 months, in order for us to continue to update you, Habitat for Humanity will seek your refreshed consent. You can update or withdraw your consent at any time.  (See below, “How to control what we send you or update your personal information”). K21A.org will presume a longer period of consent in several exceptions:

• Where you have committed to making a regular (for example, monthly) donation.  In this situation, and unless you withdraw your consent, we will treat consent as lasting until you cancel your donation, at which point your consent will expire 24 months after the last donation. This period allows K21A.org to keep you up to date with the impact of your contributions, and to ask whether alternative support would be of interest.
• Where you have notified us that you will be leaving a legacy to K21A.org.

Our Reliance on Your Prior Support: You may also receive marketing information from K21A.og if you have previously made a similar donation to, or have previously purchased similar goods and services from, K21A.org,  However, we will not rely solely on the fact that you once supported us as the basis for our continued marketing to you if you have opted out of receiving emails, newsletters, or other marketing materials in your communications to K21A.org.

K21A.org may obtain your personal data in the following circumstances: 

a. When you give it to K21A.org

We will obtain your personal data directly when you make a donation, sign up for one of our events, purchase products from the K21A.org on-line retail store, or when you communicate with us directly in some other way.

b. When you give it to K21A.org indirectly

We will obtain your personal data when you communicate to your employer or to a retail partner of K21A.org during your point of purchase that you affirmatively designate K21A.org to receive a personal contribution from you.

Sometimes your personal data is collected by an organization working on K21A.org's behalf (for example, a professional fundraising agency). In such cases, the agency is acting on our behalf, and we are the “data controller” responsible for the security and proper processing of your data, just as if you had given it to K21A.org directly.

c. When you access K21A.org sponsored social media

We might also obtain your personal data through your use of social media such as Facebook, WhatsApp, Twitter or LinkedIn, depending on your settings or the privacy policies of these social media and messaging services. To change your settings on these services, please refer to their privacy notices, which will tell you how to do this. 

https://www.facebook.com/policy.php
https://twitter.com/en/privacy
https://www.whatsapp.com/legal/#privacy-policy
https://www.linkedin.com/legal/privacy-policy

d. When the information is publicly available

We might also obtain personal data about individuals who may be interested in giving major gifts to charities or organizations like K21A.org. In these cases, we may seek to find out more about these individuals’ interests and motivations for giving through publicly available information. The information sources may include newspaper or other media coverage, open postings on social media sites such as LinkedIn, and services that aggregate data on charitable giving. If you are a resident of the European Economic Area and your country has adopted the provisions of the GDPR, K21A.org will not retain publicly available data relating to you without your consent, which we will seek at the earliest practical opportunity. 

e. When we use cookies

Cookies are a useful way for us to understand how supporters use K21A.org's web site. When you visit our web site, we will use cookies to collect data from your computer or other device, such as a smart phone or tablet. Cookies are created by your web browser when you visit our website. Every time you return to our website, your browser will send the cookie file back to the website’s server. They improve your experience of using our website by, for example, preserving your preference settings so that you are shown information likely to be most relevant to you, and measuring your use of the website so that we may continuously improve it. Cookies can also be used to show you relevant K21A.org content on social media services. For more information on our use of cookies and how you can control your cookie preferences, see below at K21A.org Cookie Policy.

The K21A.org website may contain hyperlinks to websites owned and operated by other organizations, including private sector partners, other NGOs and charities. These third-party websites have their own privacy policies, including policies on the use of cookies, which would apply to the use of personal information you submit or which is collected by cookies while visiting those websites. K21A.org cannot accept responsibility for the privacy practices of such third-party websites, and we recommend therefore that you familiarize yourself with their policies.

K21A.org will only collect personal data about you that is relevant to the type of transaction or project you have engaged in with us.

For example, we may receive and retain personal information about you when you contact K21A.org to make a donation, purchase an item at K21A.org online store, or sign up to any of K21A.org activities or online content (such as newsletters or message boards); or when you telephone, email, or write to us, or engage with us via social media channels. In each of these cases, the information we collect is relevant to the type of transaction you are entering into. Data such as your name email or postal address, telephone or mobile number will be necessary both to execute these transactions as well as to enable us contact you for further engagement. Bank account or credit card details will be necessary to process any donations. Age and travel restrictions will be relevant if you are signing up for an international build.

Credit card and billing information:  In addition to your contact information, when you make a donation or purchase, K21A.org asks for your billing address and credit card or other financial services information. K21A.org uses a third-party banking agent to process your payments via a secured socket layer connection (TLS 1.2 using SHA 256 encryption) to a secured server that verifies your credit card/bank information. They return a unique tracking number only, which cannot be decrypted to obtain the payment card information, and K21A.org never retains your complete credit card number. Only employees who need access to your personal information to perform a specific job are granted access to that information, and K21A.org and our banking agent will not share your credit card/bank information with any other third party.

Sensitive Personal Data: We do not collect your “sensitive personal data” (e.g., health or dietary information) unless there is a clear reason for doing so—such as your participation in a sponsored physical event and then only to the extent such data is required to ensure that we provide appropriate facilities or support to enable you to participate in the event.

Should you support K21A.org in a substantial way, we may provide an account manager to help tailor your relationship to us and the information you receive from us to suit your interests. If this is the case, we may collect demographic data where relevant to your relationship with K21A.org. If you provide us with information about your health or your family, this may also be recorded so we can communicate with you in a considerate and appropriate manner.

All sensitive personal data is stored on a password-protected system to which only a limited number of relevant staff have access. It is deleted when no longer needed by us, is never shared with third parties, and is available to you at any point should you wish to see it.

K21A.org will use your personal information for the following purposes:

a. For administrative reasons, including:

• “service administration”, which means that K21A.org may contact you for reasons related to administering any donations you have made, the completion of commercial or other transactions you have entered into with us, or the activity or online content you have signed up for;
• to confirm receipt of donations (unless you have asked us not to do this), and to say thank you and provide details of how your donation might be used;
• in relation to correspondence you have entered into with us whether by letter, email, text, social media, message board or any other means, and to contact you about any content you provide;
• for internal record keeping so as to keep a record of your relationship with us;
• to complete sales transactions you have entered into with us, for example at the K21A.org website store;
• to implement any instructions you give us with regard to withdrawing consent to send marketing information;
• to use IP addresses to identify the location of users, to block disruptive use and to establish the number of visits from different countries.

b. For marketing and fundraising

Sections II and III above describe what data may be used for marketing and fundraising purposes and under what circumstances.

c. Analysis

To analyze and improve the activities and content offered by the K21A.org website to provide you with the most user-friendly navigation experience. We may also use and disclose personal information in aggregate (so that no individuals are identified) for marketing and strategic development purposes.

If you reside in the U.S. or Canada, and unless you instruct us otherwise, K21A.org may share your personal data with organizations with which K21A.org partners, as well as other companies whose products and services may be of interest to you. In these cases, we may also provide you with information about services from third parties, unless you inform us that you do not want to receive this information.

K21A.org suppliers: We may need to share your information with service providers who help deliver our projects and fundraising activities. These “data processors” will only act under our instruction and are subject to contractual obligations containing strict data protection clauses. We do not allow these organizations to use your data for their own purposes or disclose it to other third parties without our consent, and we will take all reasonable care to ensure that they keep your data secure.

Facebook and other Social Media Sites: We may also use your email address and phone number to match to your Facebook or other social media account in order to show you K21A.org content while you use those services. We only do this where you have consented to receiving marketing emails, either by opting in (where you reside in the European Economic Area) or by not opting out (where you reside in the United States and Canada). In addition, we may also use your email address and phone number to link to Facebook or other social media sites in order to identify other users of these sites whom we believe would be interested in K21A.org.

There are two ways to prevent this use of your data. You can either update your consent preferences directly with us at K21A.org (see below, “How to control what we send you or update your personal information”) or via the social media sites:

Facebook: https://www.facebook.com/help/568137493302217
LinkedIn: https://www.linkedin.com/help/linkedin/answer/62931
Twitter: https://business.twitter.com/en/help/troubleshooting/how-twitter-ads-work.html

Updating your preferences with K21A.org will not guarantee that you never see K21A.org content on social media, since the social media site may select you based on other criteria.

Where legally required: We will also comply with legal requests where disclosure is required or permitted by law (for example to government bodies for tax purposes or law enforcement agencies for the prevention and detection of crime, subject to such bodies providing us with a relevant request in writing).

We will hold your personal information on our contact lists only for as long as you continue to provide your consent. If you are a U.S. or Canadian resident, your ongoing consent is presumed unless you inform us that you wish to be removed from our contact list. If you are not a U.S. or Canadian resident, your consent will be presumed to expire after 24 months, unless renewed consent is provided by you. Beyond that, we will hold your information only for as long as necessary to comply with our legal and regulatory obligations—such as, for example, to provide documentation on funding sources in connection with a review or audit of our compliance with U.S.C. Sec. 501(c)(3).

If you request that we stop sending you marketing materials, we will keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us. 

Legacy income is vital to the running of the charity. We may keep data you provide to us indefinitely, to carry out legacy administration and communicate effectively with the families of people leaving us legacies. This also enables us to identify and analyze the source of legacy income we receive.

The accuracy of your information is important to us. We want to ensure that we are able to communicate with you in ways that you are happy with, and to provide you with information that is of interest.

If you wish to change how we communicate with you, or update the information we hold, then please contact us:

• To amend your contact preferences for any type of communication, email us info@KindnessToOneAnother.org

Additionally, you can opt out of marketing emails at any time by clicking the unsubscribe link in any marketing email from K21A.org.

Timing of implementation.   In responding to requests to not receive marketing information, we will take all reasonable steps to remove you from all K21A.org marketing lists.  If you are a resident of the European Economic Area and your country has adopted the provisions of the GDPR, we are committed to meeting the following service levels:

• Email: 48 hours from receipt of email
• SMS: 48 hours from receipt of SMS
• Mail: six to eight weeks from receipt of ‘do not mail’ request. This period is longer than for other channels due to the production times for mailing campaigns.

If you have already been selected for inclusion in a K21A.org marketing campaign at the time you requested to not receive such information, we may be unable to remove you from that campaign within these time periods.    

If you are a resident of the European Economic Area and your country has adopted the provisions of the GDPR, you have the right to request a copy of the personal information we hold about you, to have any inaccuracies corrected, and to have any personal information deleted from our systems (a “Subject Access Request” or “SAR”). In line with standard guidelines for these requests, we will require you to prove your identity with two pieces of approved identification. We will respond to such requests within 30 days of receipt.

Please address SARs, or questions or complaints about this Privacy Policy, to the Data Privacy Manager @ info@KindnessToOneAnother.org

We ensure that there are appropriate technical controls in place to protect your personal details. For example, our online forms that ask for personal information are stored on networks that are password-protected and routinely monitored. Laptops are not used to store sensitive personal information unless they are both password protected or encrypted. All sensitive personal data is stored on a secure database, to which only a limited number of relevant personnel have access. It is deleted when no longer needed by us and is never shared with third parties, except as expressly set forth in Sections IV and V. 

Within K21A.org, we undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors. We use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them, and in our legal agreements, we clearly set out our requirements regarding how they manage the personal data to which they have access. We have a robust partner-monitoring framework to ensure these contractual obligations are met.

This Privacy Policy may be updated from time to time, so you may wish to check it each time you submit personal information to K21A.org. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to use the K21A.org website to submit personal information to K21A.org. If material changes are made to the Privacy Policy, we will notify you by placing a prominent notice on the website.

How and why we use cookies: Cookies are used to enable us to improve our services by, for example:

• remembering if you are logged in so you can move around the website without having to log in again on each page (for example if you are in checkout);
• measuring how many people are using each page of the website and for how long so that we can try to improve the quality of our website;
• enabling you to view content shared on social media or sharing sites, such as YouTube or Twitter.

If you reside in the United States or Canada, cookies may also be used for “re-targeting” in advertising campaigns so that third-party vendors can display advertising to you about K21A.org or other related entities as you use the internet.

How to manage and delete cookies. If you wish to restrict or block the cookies set by the K21A.org website, you can do this through your computer or device’s browser settings. The Help function within your browser should tell you how. 

Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your computer as well as more general information about cookies.

Please be aware that restricting cookies may affect the functionality of the K21A.org website. 

If you visit our website as an anonymous visitor (e.g. you switch off cookies), K21A.org may still collect certain information from your browser, such as the IP address (which uniquely identifies a computer or other internet device).