Privacy Policy
Effective Date: May, 2018
Acceptance of Terms
This website is one of a family of websites, apps, and other resources (Systems) operated by Seed Company that are governed by this Privacy Policy. This Privacy Policy discloses the privacy practices of seedcompany.com (“Seed Company,” “we,” “us,” “our”) and applies solely to any information or data collected by us on seedcompany.com (the or this “Website”). Where we use the terms “we” “us” or “our,” we refer to Seed Company (our organization).
We are committed to protecting and appropriately handling private and personal information and take your privacy very seriously. We are publishing this Privacy Policy to let you know how we collect, process, use and share your personal information.
The definition of “personal information” will differ depending upon applicable law. In Europe it will include all information that directly or indirectly relates to you, and includes “personal data” as defined by the General Data Protection Regulation (GDPR). Where GDPR or other EU privacy laws apply to you, this Privacy Statement details how you can exercise your rights.
We may, from time-to-time, update this Privacy Policy, so we encourage you to review it periodically. We will notify you (by email or prominent notice on this website) about changes in the way we treat your personal information and how those changes are likely to impact you.
By visiting this website, you agree to the terms of this Privacy Policy and our accompanying Terms of Service. If you do not agree to this Privacy Policy or the Terms of Use (collectively, this “Agreement”), please do not use this website.
Using Our Systems
Please read our Terms of Use to find out more about the requirements for using our Systems. Please note that individual applications are governed by terms of use customized for that specific application.
How We Use Your Personal Information
We will generally only collect and use your personal information when it is needed to process donations or to comply with our legal obligations. We set out below a table where we describe each of the ways in which we use your Personal Information, the types of Personal Information that we use and the legal basis that applies to that use. Where the legal basis is “legitimate interest” we also set out some further details.
How we use your Personal Information | The types of Personal Information involved | Legal Basis | Legitimate Interest |
|---|---|---|---|
To allow you to register and attend an event and to follow up with you after the event | Identity data, Contact details, marketing & communication data, travel data | Contract | n/a |
For electronic marketing/prayer communication | Identity data; contact details (email, sms etc); marketing & communication data | Consent or Legitimate Interest where it follows something you have donated | When you engage with us (for example, financially), the law permits Seed Company to send you relevant email marketing |
For physical communication and non-marketing/prayer electronic communication | Identity data; contact details (telephone number, mailing address, etc); marketing & communication data | Legitimate Interests | To keep you informed of our ministry; To send you ministry information and resources which we believe you will be interested in |
To allow you to login and to access our Systems | Identity data; authentication data | Contract and Legitimate Interests | To ensure that your accounts on our Systems are kept safe and private |
To apply as a staff member or participate as a volunteer | Identity data; contact details; application data | Contract | n/a |
For advocacy and fundraising | Identity data; Financial data; financial transaction data; contact details; contact details; marketing & communication data | Legitimate Interest | To provide opportunities for you to partner with us through financial giving, communication or prayer |
To process donations | Identity data; Financial data; financial transaction data; contact details; and tax status | Contract and Legitimate interests | To securely receive your donation toward our charitable aims |
For statutory reporting | Identity data; contact details; tax status | Legal Obligations and Legitimate Interests | We may have obligations to report to the authorities in other countries |
To improve our tools and improve your experience of our Systems, to maintain an audit trail of access to data, troubleshooting, data analysis, and system maintenance | Identity data; Historical transaction data; contact details; system data; audit logs; and location data; marketing & communication data; demographics | Legitimate Interests | To manage, protect, and improve our Systems; to ensure that our services run effectively and to track who is accessing your data |
To respond to complaints and requests | Identity data; contact details; historical transaction data; application data | Legal obligation and Legitimate Interests | To ensure that your concerns are addressed |
We will generally only collect and use your personal information when it is needed to process donations or to comply with our legal obligations. We set out below a table where we describe each of the ways in which we use your Personal Information, the types of Personal Information that we use and the legal basis that applies to that use. Where the legal basis is “legitimate interest” we also set out some further details.
How We Collect Personal Information
We obtain personal information about you through:
- Direct Interactions – when you enquire about our activities, engage in an activity with us, make a donation, register through one of our sites or at an event, or otherwise give us your personal information. If you meet with us for discipleship or spiritual advice, we may take confidential notes for spiritual guidance and support. If you prefer that we do not take notes, please let us know. The information you disclose is entirely at your discretion.
- Cookies and other digital technologies – when you interact with our Systems we may use cookies and other digital technologies to track activities.
- Third parties [or other publicly available sources] – we may from time to time obtain personal information about you from third parties [and public sources] (e.g. US Census Data). We will only collect personal information from third parties if they have obtained that information in a legal and proper way.
- Referral of Information by individuals – Your name and contact details may have been passed to us by someone you know, who indicated that you might be interested in hearing about our ministry, according to the chart in section 2.
Types of Personal Information That We Collect
We collect the following types of personal information:
- Application Data – employment history, qualifications and references (if applicable).
- Authentication Data – usernames and password used in our Systems.
- Contact Details – email address, postal address, and telephone number.
- Demographics – information that allows us to better understand who you are and the Bible Translation projects in which you are most interested.
- Financial Data – bank account and payment bank details.
- Financial Transaction Data – details about donations you have made.
- Historical Transaction Data – communication history, your past donations, applications and interactions with us.
- Identity Data – name, date of birth, gender, marital status.
- Location Data – physical location, including IP address, and lat/long coordinates and country of origin (where applicable).
- Marketing & Communication Data – preference in receiving marketing or communication from Seed Company.
- System Data – information about how you use our Systems.
- Tax Status – information for statutory reporting.
- Travel Data – including travel details, delegate information, dietary requirements, and accommodation preferences.
How/When We Disclose Personal Information
- To other parts of our Organization;
- To public or regulatory authorities;
- To third party service providers, including: – Cloud service providers for the hosting of apps and sites; – Direct and email marketing service providers (eg. MailChimp); and – Companies that assist us in processing your donations.
We take steps to safeguard your information and we have contractual provisions requiring all third party service providers to respect the security of your personal data and to treat it in accordance with our data protection policies and all applicable laws. We will not allow third party service providers to use your personal information for their own purposes and they will only be allowed to process your personal information in accordance with our instructions.
Your Rights
The following rights under the GDPR are available to you if you are located in the European Economic Area (EEA). If you wish to exercise any of these rights, please email us at dataprivacy@tsco.org. We will respond to your request within 30 days of accepting it. Before accepting your request we may need to ask for some identity documentation from you, to make sure we don’t inadvertently provide your personal information to someone else.
Editing and updating personal information
If you find that your personal information needs to be edited or updated, you can change your personal information directly on the site. Our Systems offer different options for you to access, change, and modify the information you previously provided, such as your donor or customer record (for registered users only), email address, postal address, or to stop a duplicate email. If one of our Systems does not give you the option to edit personal information yourself or you wish to update the personal information we otherwise hold about you, you can ask us to update it by contacting us at dataprivacy@tsco.org. Please make sure to provide us with all the information we need to be able to address your request, including both the old and new information.
Accessing personal information
You can request details of your personal information we hold. We will confirm whether we are processing your personal information and provide additional details including what kind of information we have about you, where we collected it, how we use it (including the legal basis for our processing), how long we expect to keep it, details of any automated decision making or profiling and the safeguards regarding data transfers to non-EEA countries, subject to the limitations set out in applicable laws and regulations. If you ask us, we will provide you with a copy of your personal information. We may charge you a fee to cover our administrative costs or if the requests are manifestly unfounded or excessive.
Deletion of personal information
At your request, we will delete your personal information if any of the following conditions are met:
- It is no longer necessary for Seed Company to retain your personal information,
- You withdraw consent which formed the basis of your personal information processing,
- You have successfully objected to the processing of your personal information,
- Your personal information was processed unlawfully, or
- We are required to delete your personal information to comply with our legal obligations.
We will review requests on a case by case basis and we might not be able to comply with your request if we need to process your personal information:
- For exercising the right of freedom of expression and information,
- To comply with our legal obligations,
- To establish, exercise or defend a legal claim, or
- To perform a task in the public interest.
If this is the case, we will notify you of the reasons why your request was rejected
Restriction of processing of personal information
- You dispute the accuracy of your personal information,
- Your personal information was processed unlawfully and you request a limitation on processing, rather than a deletion of your personal information,
- We no longer need to process your personal information, but you need your personal information in connection with a legal claim, or
- You object to the processing of your personal information based on our legitimate interests pending verification as to whether we have an overriding legitimate ground for such processing.
Objecting to certain types of processing including automated decision making
Where we process your personal information based upon our legitimate interests, you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms. Where we process your personal information based upon our legitimate interests and where decisions are made by automated processing which has a legal or other significant effect on you, you may also object to such automated decision making.
Portability of personal information
You can request us to send you your personal information in a structured, commonly used, machine-readable format so that it can easily be transferred and used by a third party if:
- You provided us with the personal information,
- The processing of your personal information is based on your consent or required for the performance of a contract, or
- The processing is carried out by automated means.
Withdrawing consent
We primarily rely on legitimate business interests to process your data, but to the extent we use consent to process your data, you have the right to withdraw any consent you may have given us at any time. We will comply with your request promptly. If you withdraw your consent, we might not be able to provide some of our products and services to you. At any point, you have the right to object to processing of your personal information for direct marketing purposes and we will promptly comply with your request.
Filing a complaint with a data protection authority
We will try to resolve any problems that you have but you are always able to contact your local data protection authority for assistance or to make a complaint.
International Transfer of Your Personal Information
We are an international organisation and we might need to transfer your personal information to other countries. If you are in the European Economic Area (EEA), please be aware that we may need to transfer your data to countries outside the EEA to process it. We will only transfer your personal information outside the EEA with adequate safeguards in place and in full compliance with applicable laws. For example, we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection. We have established standard contractual clauses with our service providers to ensure they protect your information and to enforce legal transfers of data internationally.
Security
We have put in place appropriate security measures to protect your personal information from being accidentally lost, misused or accessed in an unauthorised way, altered or disclosed. These include technical, administrative and physical security measures to ensure that any information we collect is stored and processed securely. For example, for Systems that require personal or sensitive data to be collected or displayed, a Secured Socket Layer (SSL) connection is required, to ensure that the data is encrypted as it is transferred to the browser. All credit card payments are processed using PCI compliant technology, to ensure that your credit card number is securely passed to the merchant/service provider. We do not store your credit card details. We have procedures to deal with any suspected personal data breach and we will promptly notify you and any applicable regulator of a breach in accordance with our legal obligations. We cannot guarantee that the security measures we implement in connection with the operation of the site will absolutely prevent others from accessing or acquiring any information that you provide while using the site. You can help us protect your personal information by properly protecting your password and remembering to sign out of your account and close your browser window when you finish visiting our site, especially if you are on a shared or public computer.
Cookies
Our Systems may use cookies to keep track of web site activities, save your password or deliver content specific to your interests. A cookie is a small data file that certain websites write to your hard drive when you visit them. A cookie file can contain information such as a user ID that the site uses to track the pages you’ve visited. The only personal information a cookie can contain is information you supply yourself. Most website browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience certain interactive features of the site or access all of the services provided through the site.
How Long We Keep Your Personal Information
We keep your information as long as it is needed to achieve our purposes listed above, as well as for the amount of time necessary to meet any legal, tax, or reporting requirements. We do not keep your personal information for longer than necessary and up to 7 years after your last interaction with us (e.g. making a donation or using one of our Systems). We may keep your data for longer than 7 years if we cannot delete it for legal or technical reasons. We may also keep it for statistical purposes. However, if we do, we will ensure that your privacy continues to be protected and only use it for these purposes.
Third Parties
This website may contain links to Systems that are run by third-parties such as other organizations, content providers, or advertisers. Once you’ve clicked on a link or button activator for an outside website, you will leave the site and be taken to sites that we do not control, and our privacy policy no longer applies on those sites. You must read the privacy policy of the third-party website concerning how personal information will be used. We also provide content created by third parties on some of our Systems. We are not responsible for the privacy practices or the content of such content providers or third party sites.
Children
We do not collect personal information from children under the age of 13 beyond what is necessary for them to participate in our online or other activities. If we discover that we have accidentally collected personal information from a child below the age of 13, we will delete it from our records as soon as reasonably possible.
If a child under the age of 16 attempts to register with one of our Systems, purchase products or materials, or participate in an activity requiring the submittal of personally identifiable information, a parent or guardian must give permission and consent for that child to provide information and register. The only personal information we collect from a child is information that is necessary for the child to participate in activities, such as an address for making a purchase. Parents have the right to request at any time that the information collected about their child is removed from our Systems.
Your California Privacy Rights
Under California’s “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g. requests made in 2018 will receive information regarding 2017 sharing activities). Please be aware that not all information sharing is covered by the “Shine the Light” requirements.
Contact
If you have any questions about this policy or the way we use your personal information, you may contact us at dataprivacy@tsco.org.
