This policy has been updated on, and is valid as of, July 1st, 2021
Minors: It is K21A.org policy not to solicit knowingly any personally identifiable information from children under the age of 13. Children under 13 are not authorized to make a donation or purchase, sign up for an event or program, or otherwise provide any personally identifiable information without consent from a parent or legal guardian.
K21A.org may request from you, or you may volunteer to provide, your contact information, including your name, mailing address, phone number(s), social media handles and email address(es). We hold and process supporters’ personal data for a number of reasons:
If you make a donation or a purchase with K21A.org, or otherwise provide us your information, K21A.org may contact you from time to time about opportunities to make additional donations or purchases or to provide you information about upcoming programs.
We may also analyze your personal information to create a record of your interests and preferences. This allows us to ensure communications are relevant and timely, to contact you in the most appropriate and relevant way and in general to provide you with an improved user experience. It also helps us to understand the background of our supporters so that we can make appropriate requests for support, enabling us to raise funds and help beneficiaries sooner and more cost-effectively.
K21A.org may also share data from its U.S. and Canadian resident supporters with select third-party sponsors and service providers based on our assessment that the products or services may be of interest to these supporters or that the sponsor or provider can help K21A.org identify what services or appeals may be of interest to our supporters. We may also provide our U.S. and Canadian resident supporters with information about services from third parties. If you do not wish your data to be used in this way, you may follow the instructions for modifying your consent (see below, “How to control what we send you or update your personal information”).
K21A.org will contact you for marketing purposes—for example, to keep you up to date on our work, or let you know how you can support that work—only where we have your consent or we are otherwise allowed to do so because of your prior engagement with K21A.org, as explained further below (see “Our Reliance on Your Prior Support”).
We will make it easy for you to tell us if you would like to receive marketing communications from us and hear more about our work and the ways in which you would like to receive this information. We will not send you marketing material if you tell us that you do not wish to receive it. Instructions for how to do so are below (see “How to control what we send you or update your personal information”).
If you are a U.S. or Canadian resident, your ongoing consent is presumed unless you inform us that you wish to be removed from our contact list.
If you are not a U.S. or Canadian resident, K21A.org will presume your consent to last for 24 months, unless you withhold consent during this period. After 24 months, in order for us to continue to update you, Habitat for Humanity will seek your refreshed consent. You can update or withdraw your consent at any time. (See below, “How to control what we send you or update your personal information”). K21A.org will presume a longer period of consent in several exceptions:
Our Reliance on Your Prior Support: You may also receive marketing information from K21A.og if you have previously made a similar donation to, or have previously purchased similar goods and services from, K21A.org, However, we will not rely solely on the fact that you once supported us as the basis for our continued marketing to you if you have opted out of receiving emails, newsletters, or other marketing materials in your communications to K21A.org.
K21A.org may obtain your personal data in the following circumstances:
a. When you give it to K21A.org
We will obtain your personal data directly when you make a donation, sign up for one of our events, purchase products from the K21A.org on-line retail store, or when you communicate with us directly in some other way.
b. When you give it to K21A.org indirectly
We will obtain your personal data when you communicate to your employer or to a retail partner of K21A.org during your point of purchase that you affirmatively designate K21A.org to receive a personal contribution from you.
Sometimes your personal data is collected by an organization working on K21A.org's behalf (for example, a professional fundraising agency). In such cases, the agency is acting on our behalf, and we are the “data controller” responsible for the security and proper processing of your data, just as if you had given it to K21A.org directly.
c. When you access K21A.org sponsored social media
We might also obtain your personal data through your use of social media such as Facebook, WhatsApp, Twitter or LinkedIn, depending on your settings or the privacy policies of these social media and messaging services. To change your settings on these services, please refer to their privacy notices, which will tell you how to do this.
d. When the information is publicly available
We might also obtain personal data about individuals who may be interested in giving major gifts to charities or organizations like K21A.org. In these cases, we may seek to find out more about these individuals’ interests and motivations for giving through publicly available information. The information sources may include newspaper or other media coverage, open postings on social media sites such as LinkedIn, and services that aggregate data on charitable giving. If you are a resident of the European Economic Area and your country has adopted the provisions of the GDPR, K21A.org will not retain publicly available data relating to you without your consent, which we will seek at the earliest practical opportunity.
K21A.org will only collect personal data about you that is relevant to the type of transaction or project you have engaged in with us.
For example, we may receive and retain personal information about you when you contact K21A.org to make a donation, purchase an item at K21A.org online store, or sign up to any of K21A.org activities or online content (such as newsletters or message boards); or when you telephone, email, or write to us, or engage with us via social media channels. In each of these cases, the information we collect is relevant to the type of transaction you are entering into. Data such as your name email or postal address, telephone or mobile number will be necessary both to execute these transactions as well as to enable us contact you for further engagement. Bank account or credit card details will be necessary to process any donations. Age and travel restrictions will be relevant if you are signing up for an international build.
Credit card and billing information: In addition to your contact information, when you make a donation or purchase, K21A.org asks for your billing address and credit card or other financial services information. K21A.org uses a third-party banking agent to process your payments via a secured socket layer connection (TLS 1.2 using SHA 256 encryption) to a secured server that verifies your credit card/bank information. They return a unique tracking number only, which cannot be decrypted to obtain the payment card information, and K21A.org never retains your complete credit card number. Only employees who need access to your personal information to perform a specific job are granted access to that information, and K21A.org and our banking agent will not share your credit card/bank information with any other third party.
Sensitive Personal Data: We do not collect your “sensitive personal data” (e.g., health or dietary information) unless there is a clear reason for doing so—such as your participation in a sponsored physical event and then only to the extent such data is required to ensure that we provide appropriate facilities or support to enable you to participate in the event.
Should you support K21A.org in a substantial way, we may provide an account manager to help tailor your relationship to us and the information you receive from us to suit your interests. If this is the case, we may collect demographic data where relevant to your relationship with K21A.org. If you provide us with information about your health or your family, this may also be recorded so we can communicate with you in a considerate and appropriate manner.
All sensitive personal data is stored on a password-protected system to which only a limited number of relevant staff have access. It is deleted when no longer needed by us, is never shared with third parties, and is available to you at any point should you wish to see it.
K21A.org will use your personal information for the following purposes:
a. For administrative reasons, including:
b. For marketing and fundraising
Sections II and III above describe what data may be used for marketing and fundraising purposes and under what circumstances.
To analyze and improve the activities and content offered by the K21A.org website to provide you with the most user-friendly navigation experience. We may also use and disclose personal information in aggregate (so that no individuals are identified) for marketing and strategic development purposes.
If you reside in the U.S. or Canada, and unless you instruct us otherwise, K21A.org may share your personal data with organizations with which K21A.org partners, as well as other companies whose products and services may be of interest to you. In these cases, we may also provide you with information about services from third parties, unless you inform us that you do not want to receive this information.
K21A.org suppliers: We may need to share your information with service providers who help deliver our projects and fundraising activities. These “data processors” will only act under our instruction and are subject to contractual obligations containing strict data protection clauses. We do not allow these organizations to use your data for their own purposes or disclose it to other third parties without our consent, and we will take all reasonable care to ensure that they keep your data secure.
Facebook and other Social Media Sites: We may also use your email address and phone number to match to your Facebook or other social media account in order to show you K21A.org content while you use those services. We only do this where you have consented to receiving marketing emails, either by opting in (where you reside in the European Economic Area) or by not opting out (where you reside in the United States and Canada). In addition, we may also use your email address and phone number to link to Facebook or other social media sites in order to identify other users of these sites whom we believe would be interested in K21A.org.
There are two ways to prevent this use of your data. You can either update your consent preferences directly with us at K21A.org (see below, “How to control what we send you or update your personal information”) or via the social media sites:
Updating your preferences with K21A.org will not guarantee that you never see K21A.org content on social media, since the social media site may select you based on other criteria.
Where legally required: We will also comply with legal requests where disclosure is required or permitted by law (for example to government bodies for tax purposes or law enforcement agencies for the prevention and detection of crime, subject to such bodies providing us with a relevant request in writing).
We will hold your personal information on our contact lists only for as long as you continue to provide your consent. If you are a U.S. or Canadian resident, your ongoing consent is presumed unless you inform us that you wish to be removed from our contact list. If you are not a U.S. or Canadian resident, your consent will be presumed to expire after 24 months, unless renewed consent is provided by you. Beyond that, we will hold your information only for as long as necessary to comply with our legal and regulatory obligations—such as, for example, to provide documentation on funding sources in connection with a review or audit of our compliance with U.S.C. Sec. 501(c)(3).
If you request that we stop sending you marketing materials, we will keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us.
Legacy income is vital to the running of the charity. We may keep data you provide to us indefinitely, to carry out legacy administration and communicate effectively with the families of people leaving us legacies. This also enables us to identify and analyze the source of legacy income we receive.
The accuracy of your information is important to us. We want to ensure that we are able to communicate with you in ways that you are happy with, and to provide you with information that is of interest.
If you wish to change how we communicate with you, or update the information we hold, then please contact us:
Additionally, you can opt out of marketing emails at any time by clicking the unsubscribe link in any marketing email from K21A.org.
Timing of implementation. In responding to requests to not receive marketing information, we will take all reasonable steps to remove you from all K21A.org marketing lists. If you are a resident of the European Economic Area and your country has adopted the provisions of the GDPR, we are committed to meeting the following service levels:
If you have already been selected for inclusion in a K21A.org marketing campaign at the time you requested to not receive such information, we may be unable to remove you from that campaign within these time periods.
If you are a resident of the European Economic Area and your country has adopted the provisions of the GDPR, you have the right to request a copy of the personal information we hold about you, to have any inaccuracies corrected, and to have any personal information deleted from our systems (a “Subject Access Request” or “SAR”). In line with standard guidelines for these requests, we will require you to prove your identity with two pieces of approved identification. We will respond to such requests within 30 days of receipt.
We ensure that there are appropriate technical controls in place to protect your personal details. For example, our online forms that ask for personal information are stored on networks that are password-protected and routinely monitored. Laptops are not used to store sensitive personal information unless they are both password protected or encrypted. All sensitive personal data is stored on a secure database, to which only a limited number of relevant personnel have access. It is deleted when no longer needed by us and is never shared with third parties, except as expressly set forth in Sections IV and V.
Within K21A.org, we undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors. We use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them, and in our legal agreements, we clearly set out our requirements regarding how they manage the personal data to which they have access. We have a robust partner-monitoring framework to ensure these contractual obligations are met.
If you reside in the United States or Canada, cookies may also be used for “re-targeting” in advertising campaigns so that third-party vendors can display advertising to you about K21A.org or other related entities as you use the internet.
How to manage and delete cookies. If you wish to restrict or block the cookies set by the K21A.org website, you can do this through your computer or device’s browser settings. The Help function within your browser should tell you how.
Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your computer as well as more general information about cookies.
Please be aware that restricting cookies may affect the functionality of the K21A.org website.
If you visit our website as an anonymous visitor (e.g. you switch off cookies), K21A.org may still collect certain information from your browser, such as the IP address (which uniquely identifies a computer or other internet device).