Overview
This privacy statement explains how and why Mercy Kids Africa (hereinafter “MKA”) collects, stores, uses and shares personal data when you visit our websites or donate our causes. Reading it will help you understand your privacy rights and choices including:
- What information MKA collects.
- Lawful basis for collecting information.
- How MKA uses the information.
- How MKA communicates with data subjects.
- With whom MKA may share personal data.
- What choices are available to data subjects.
- What types of security procedures are in place to protect against the loss, misuse, or alteration of personal data under MKA control.
- How data subjects can correct, access, or limit their personal data under MKA control.
- Under GDPR, a data subject is an identified or identifiable natural person; personal data is any information relating to a data subject.
Individuals with questions or concerns regarding this statement may email info@mercykidsafrica.org.
1. Information Collection
MKA collects personal data at several different points on our websites as well as from other sources.
Online Donations
Users must provide contact information (such as name, email, and address) and financial information (such as credit card number, expiration date) to make an online donation. Online gifts to MKA will be processed by Stripe Payments, Ltd. (hereinafter “Stripe”) and PayPal Inc and will be deposited in the bank account of MKA located in the USA. MKA will allocate the funds to the location (country or region), program, or project where they are most urgently needed. Donors who wish to donate to a specific MKA location, program, or project may email Info@mercykidsafrica.org.
Donors may email MKA at Info@mercykidsafrica.org with questions or concerns about a gift.
Cookies
A cookie is a piece of data stored on a user’s computer tied to information about use of a website. We use both session ID cookies and persistent cookies. A session ID cookie is a temporary file that remains on users’ computers during a site visit but expires when users close their browsers. A persistent cookie is a small text file stored on a user’s hard drive for an extended period of time. By allowing a persistent cookie for our site, a user will not have to re-type a username more than once, thereby saving time while on our sites. Persistent cookies enable us to track and target the interests of our users to enhance the experience on our site. See the “Profile” section. Persistent cookies can be removed by following internet browser help file directions.
Users can set their browsers not to accept cookies, and the above website explains how to remove cookies. However, if users refuse cookies, some of our website features may not function properly.
Log Files
Like most standard website servers, we use log files. This may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use.
Clear Gifs (Web Beacons/Web Bugs)
We employ a software technology called clear gifs (a.k.a. Web Beacons/Web Bugs), that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users. The main difference between the two is that clear gifs reside on the website and are triggered by a user’s visit, while cookies reside on the visitor’s computer.
Clear Gifs can “work with” existing cookies on a computer if they are both from the same website or organization. That means, for example, that if a person visited “www.companyX.com”, which uses an advertising company’s clear gif, the website (or advertising company) would match the clear gif’s identifier and the advertising company’s cookie ID number, to show the past online behavior for that computer. This collected information would then be given to the advertising company (or website). This website does not use other organizations’ clear gifs.
We also use clear gifs in our HTML-based emails to let us know which emails have been opened by the recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. Users who have signed up for emails and would like to opt-out of them may do so through the Opt-out section.
Direct Contact
We collect information from direct contact with data subjects at MKA events, responses to direct mail, telephone calls from persons wanting information, legal assistance, or to make donations, and other voluntary sources.
Sensitive Personal Information
We unavoidably collect some sensitive data about certain persons, and other sensitive information may be inferred about persons who participate in or support our work. We do not disclose such information outside MKA.
2. Information Use
We will not sell or otherwise share donor or other personal data with non-MKA affiliated/contract organizations, nor will we send donor mailings on behalf of other organizations. We will not authorize the use of personal data by any outside third party for any form of fundraising or solicitation.
We have a legitimate interest in using cookies, log files, and clear gifs to enhance the user experience while on our websites. Cookies allow us to track traffic patterns, speed up searches, and make it easier for users to find things related to previous visits. We also have a legitimate interest in using donor information to contact donors about their gifts. With data subject consent, we will use their information to keep them updated on the work of MKA and to seek support. We do not use IP addresses to identify users who have not registered or otherwise provided their contact information.
Information Requests
We use personal data related to requests for information, services, or newsletters to contact individuals about the events, information, or services about which they have inquired.
Donor Information
We use personal data collected in connection with donations for billing purposes, to process donations, or to contact the donor if we have trouble processing a donation. Credit card information is deleted after a transaction is complete unless a donor has agreed to recurring gifts.
Online Profile
We may store information that we collect through cookies, log files, and clear gifs to create an online profile of our website users. A profile is stored information that we keep on individual users that details their viewing preferences. Consequently, collected information is tied to the user’s personal data to provide offers and improve the content of the site for the user. This profile is used to tailor a user’s visit to our website and to direct pertinent information to them. A user’s online profile may be shared in aggregate form only.
3. Communications with Data Subjects
Special Offers and Updates
We may send all new website registered users a welcoming email to verify password and username. Established users will occasionally receive information on products, services, urgent issues, and our newsletter. Out of respect for privacy, users may opt to stop receiving these types of communications at any time. Please see the Choice/Opt-out Section.
Newsletter/Marketing Communications
Our newsletters and marketing communications include updates on our latest projects, campaigns, and giving opportunities.
If a person wishes to subscribe to our newsletter or other information sources, we ask for contact information, such as name, address, or email address. Subscribers may opt out of these communications at any time. Please see the Choice/Opt-out Section.
Service Announcements
It may become necessary to send out a strictly service-related announcement. For instance, if our service is temporarily suspended for maintenance, we might send registered users an email. Generally, registered users may not opt out of these communications, although they can deactivate their account.
Customer Service
We communicate with data subjects on a regular basis to provide requested services. In regard to issues relating to their account, we reply via email or phone in accordance with the person’s wishes.
4. Sharing
Transfer to Third Parties
We do not transfer personal data to third parties absent the data subject’s express consent or a strict legal obligation other than as mentioned in this section. Though we make every effort to preserve data subject privacy, we may need to disclose personal data if we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order, or legal process.
Aggregate Information (not personal data)
We may share aggregated demographic information with others. This is not linked to any personal data.
Third-Party Intermediaries
We may use third-party intermediaries, such as, but not limited to, a letter shop to customize mailings, a shipping company to ship orders, a credit card processing company to process gifts or bill data subjects for goods and services, and a cloud-based system such as Salesforce for customer relationship management. We will make sure that such intermediaries are bound by contractual agreements and do not retain, share, store, or process personal data for any secondary purposes.
Service Providers
We may partner with other third parties to provide specific services. When the individual signs up for these particular services, we may share names or other contact information that is necessary for the third party to provide these services. These third parties are not allowed to process this personal data except for the purpose of providing these services.
Business Transitions
In the event MKA goes through a business transition, such as a merger or being acquired by another organization, data subjects’ personal data will, in most instances, be part of the assets transferred.
5. Data Subject Choices
Choice/Opt-out
Our data subjects are given the opportunity to opt in to receiving our newsletters or other information from MKA. Individuals who no longer wish to receive our newsletter and informational communications may opt out of receiving these communications by contacting info@mercykidsafrica.org.
Links
This website contains links to other sites. Please be aware that MKA is not responsible for the privacy practices of such other sites. We encourage our website users to be aware when they leave our site and to read the privacy statements of every website that collects personal data. MercyKidsAfrica.org is the only website to which this privacy statement applies.
Surveys
From time to time, our site may request information from users via surveys. Participation in these surveys is completely voluntary, and the user, therefore, has a choice whether to disclose the requested information. Survey information generally will be used for purposes of monitoring or improving the use and satisfaction of this site.
Chat Rooms, Message Boards, and Public Forums
Please keep in mind that whenever users voluntarily disclose personal data online – for example on message boards, through email, or in chat areas – that information can be collected and used by others. In short, by posting personal data online that is publicly accessible, users may receive unsolicited messages from other parties in return.
6. Security
MKA takes every precaution to protect our data subjects’ information. When data subjects submit sensitive information via the website, we take great effort to ensure their information is protected both online and offline. When our registration/donor form asks for sensitive information (such as a credit card number), that information is encrypted and is protected with the best encryption software we are aware of in the industry – SSL.
While we use SSL encryption to protect sensitive information online, we also aggressively protect personal data offline. We restrict access to personal data on a need-to-know basis to employees, who are subject to discipline or termination for violating confidentiality, and to contractors or agents who are subject to confidentiality agreements. Finally, the servers that store personal data are in a secure environment.
Supplementation of Information
In order for this website to meet user expectations, it may be necessary for us to supplement the information we receive with information from third-party sources.
ID Verification
We may use software to verify a website user’s address to avoid session hijacking, hacking attempts, or other attacks.
Enhancement of Marketing Profile
We may purchase third-party marketing data and add it to our existing constituent database to better target our advertising and provide pertinent information in which we think our donors would be interested. We will use this information to enhance or overlay the “profile” of individuals. This aggregate marketing data is therefore tied to the individual’s personal data. (See also the “Online Profile” section.)
7. Control of Personal data
MKA will retain personal data for as long as a person maintains a relationship with MKA or as long as necessary to fulfill the purposes for which it was collected. If data subjects request that their data be deleted, there may be residual data in back-up files that will not be removed.
Correcting/Updating/Deleting/Deactivating Personal data
If data subjects’ personal data changes (such as zip code, phone, email or postal address), or if they no longer desire our services, they should email info@mercykidsafrica.org to update or delete/deactivate their personal data.
Registered individuals may update their profile within the donations site using the “Edit Profile” functionality or email info@mercykidsafrica.org.
Right to Know What Personal Data MKA Holds
Data subjects have a right to know what personal data MKA has about them and to receive it in a format that can be transferred to another service. Upon written request, MKA will respond within 60 days to inform a data subject about what personal data MKA possesses, as well as its source (where this is available), whether any personal data is being processed, give a description of the personal data and the reasons it is being processed, or to provide the data in a portable format. MKA may require additional information to satisfy it that the person requesting the information is the individual to whom the data relates or additional information to enable it to locate the data. The information will ordinarily be provided free of charge, but MKA may request payment under some circumstances, such as repeated requests. If MKA requests additional information or payment, the 60-day period for a response does not begin until MKA receives it.
Right to Prevent Direct Marketing or Profiling
Individuals have the right to give written notice to prevent direct marketing. Upon receiving a written notice, MKA will delete personal data from its marketing list except to the extent data is necessary to ensure that the data subject’s preferences are respected in the future. If a marketing campaign is already underway when notice is received, there may be a delay between the time of the notice and the time contacts end.
Right to Restrict Use
Individuals have a right to restrict the use of their data if it is inaccurate or it was obtained unlawfully. Data subjects also have a right to provide instructions on what is to be done with their data upon their death. Individuals may make a written request to restrict or direct the use of their information.
Complaints
In the event a person believes their information is being used inappropriately, they may lodge a complaint with the supervisory authority in their country.
Contact Information
To provide a notice, request a change of address, or request information about personal data, an individual may email info@mercykidsafrica.org or mail a letter to:
Mercy Kids Africa
P.O. Box 296
Broomall, PA 19008
Notification of Privacy Policy Changes
If we change our privacy policy, we will post those changes to this privacy statement, the home page, and/or other places we deem appropriate so our data subjects are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. This policy was most recently updated on September 13, 2020.