Last Updated: May 2018
There are many ways you can interact with InterVarsity Christian Fellowship/USA — attend a chapter meeting or event, use our website to search for and download information, pray for ministry or donate, or subscribe to other services, like newsletters. When you share information with us, we use it to serve you — to send you the right information or products, to send receipts, or to invite you into something we think you might be interested in. InterVarsity will not share or your information with anyone for marketing purposes, nor will we send you anything on behalf of other organizations.
We are committed to protecting your personal information and being transparent about what information we hold about you, whether you are a visitor to our websites, a subscriber to our publications, a purchaser of our resources, a financial supporter, a volunteer or participant in one of our programs or events, or a prayer supporter.
We may, from time-to-time, update this Privacy Statement, so we encourage you to review it periodically. We will notify you (by email or prominent notice on this site) about changes in the way we treat your personal information and how those changes are likely to impact you. Where we use the terms “we,” “us,” or “our,” herein, we refer to InterVarsity Christian Fellowship/USA and affiliated ministries.
1. Using This Site
2. How we use your personal information
We will generally only collect and use your personal information when it is necessary to achieve our legitimate interests of fostering spiritual growth, which includes providing guidance, events, church meetings, and Digital Tools. We may also use your personal information when it is needed to provide you with goods or services, or to process donations or to comply with our legal obligations.
We will not share, sell, or exchange your information for third party fundraising or marketing purposes and we will not send mailings on behalf of other organizations. The only exceptions we will make will be: 1) when you have given InterVarsity specific permission to do so, 2) to parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential, 3) when its release is appropriate to comply with the law, enforce our site policies, or protect our or others' rights, property or safety.
The below table describes the ways in which we use your personal information, the types of personal information that we use, and the legal basis that applies to that use. Where the legal basis is “legitimate interest” we also set out some further details.
How we use your Personal Information
The types of Personal Information involved
To allow you to register and attend an event and to follow up with you after the event
Identity data; contact details; marketing/communication data; travel information; requests and preferences
For electronic marketing communication
Identity data; contact details (email, SMS, etc); marketing/communication data
Consent or Legitimate Interest where it follows something you have bought, given or attended
When you engage with us (for example, financially), the law permits our Organization to send you relevant email marketing
For physical communication and non-marketing electronic communication
Identity data; contact details; marketing/communication data
To keep you informed of our ministry; To send you ministry information and resources which we believe you will be interested in
For contact management
Identity data; contact details; marketing/communication data; requests and preferences; demographics
To manage participation in our ministry and contact management across the ministry
To improve your experience of our Digital Tools
Identity data; contact details; system data; Historical transaction data; requests and preferences; demographics
To improve the operations of our Digital Tools and to show information that is more interesting to you
To allow you to login and to access our Digital Tools
Identity data and security credentials
Contract and Legitimate Interests
To ensure that your accounts on our Digital Tools are kept safe and private
To apply for, or participate in, short or long-term mission opportunities with us; to apply or participate as a volunteer
Identity data; contact details; application data
For spiritual guidance and support
Identity data; contact details; Information about your beliefs & circumstances; requests and preferences
To provide spiritual guidance and support; to allow us to pray for you; to provide you with resources and activities that will help you grow spiritually
To provide forums and digital communities
Identity data; contact details; Your posts in discussion threads
To provide a place for you to discuss spiritual and mission based topics
For fund development
Identity data; Financial data; financial transaction data; contact details; contact details; information about your beliefs & circumstances; requests and preferences
To provide opportunities for you to partner with us through financial giving, communication or prayer
To process donations
Identity data; Financial data; financial transaction data; contact details; and tax status
Contract and Legitimate interests
To securely receive your donation toward our charitable aims
For statutory reporting
Identity data; contact details; tax status
Legal Obligations and Legitimate Interests
We may have obligations to report to the authorities in other countries
To deliver goods and services
Financial data; financial transaction data; contact details
To allow us to improve our tools; to maintain an audit trail of access to data; troubleshooting; data analysis; system maintenance
Historical transaction data; system data; audit logs; and location data
To manage and protect our Digital Tools; to ensure that our services run effectively and to track who is accessing your data
To respond to complaints and requests
Identity data; contact details; historical transaction data; application data
Legal obligation and Legitimate Interests
To ensure that your concerns are addressed
3. How we collect personal information
We collect information to provide better services — including sending receipts for donations, sending requested prayer updates, or providing answers to your questions related to our ministry.
We obtain personal information about you via:
- direct interactions: when you enquire about our activities, engage in an activity with us, make a donation, register through one of our sites or at an event, or otherwise give us your personal information.
- third parties [or other publicly available sources]: we may from time to time obtain personal information about you from third parties [and public sources] (e.g., USPS Change of Address Service). We will only collect personal information from third parties if they have obtained that information in a legal and proper way.
- referral of information by individuals. Your name and contact details may have been passed to us by someone you know, who indicated that you might be interested in hearing about our ministry.
4. Types of personal information that we collect
We collect the following types of personal information:
- application data including employment history, qualifications and references, if applicable;
- contact details including email address, postal address, email, telephone number and instant messaging details;
- demographics including information that allows us to better understand who you are and the services in which you are most interested;
- financial data including bank account and payment bank details;
- financial transaction data including details about payments and donations from you and details of products and services you have purchased from us and activities you have participated in;
- historical transaction data including communication history, your past donations, purchases, applications and interactions with us;
- identity data including name, date of birth, gender, ethnicity, marital status;
- information about beliefs and circumstances including religious information; information you disclose about your personal circumstances;
- location data that is information about your physical location, including IP address, and latitude/longitude coordinates, and country of origin (where applicable);
- marketing and communication data including your preferences in receiving marketing from us and communication preferences;
- requests and preferences including communication preferences, your interests and prayer requests;
- security credentials including username and password;
- system data including IP addresses and information about how you use our Digital Tools;
- tax status; and
- travel information including your event travel details, delegate information, dietary requirements, and room preferences.
5. How/when we disclose personal information
Generally, we will not disclose or share your personal information (including your email address) with anyone outside our organization without your permission. However, we may share your information within our organization and with certain third parties, including:
- corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control);
- public, governmental, administrative, legal or regulatory authorities, including in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws; and
- service providers, including cloud service providers for the hosting of apps and sites, direct and email marketing service providers (e.g., MailChimp), companies that assist us in processing your donations securely, and other independent contractors that provide services to support our ministry.
We take steps to safeguard your information and we require all third-party service providers to respect the security of your personal data and to treat it in accordance with our data protection policies and all applicable laws. We will not allow third party service providers to use your personal information for their own purposes and they will only be allowed to process your personal information in accordance with our instructions.
6. Your Rights
The following rights under the GDPR are available to you if you are located in the European Economic Area (“EEA”). If you wish to exercise any of these rights, please email email@example.com. We will respond to your request within 30 days of accepting it. Before accepting your request, we may need to ask for some identity documentation from you, to make sure we don’t inadvertently provide your personal information to someone else.
a. Editing and updating personal information
If you are a registered user with an account and find that your personal information needs to be edited or updated, you can change your personal information directly on the site. In the case of simple email address change to a newsletter you receive, you can follow the instructions at the end of the email message. If one of our Digital Tools does not give you the option to edit personal information yourself or you wish to update the personal information we otherwise hold about you, you can ask us to update it by contacting us at firstname.lastname@example.org. Please make sure to provide us with all the information we need to be able to address your request, including both the old and new information.
b. Accessing personal information
You can request details of your personal information we hold. We will confirm whether we are processing your personal information and provide additional details including what kind of information we have about you, where we collected it, how we use it (including the legal basis for our processing), how long we expect to keep it, details of any automated decision making or profiling and the safeguards regarding data transfers to non-EEA countries, subject to the limitations set out in applicable laws and regulations.
If you ask us, we will provide you with a copy of your personal information free of charge. We may charge you a fee to cover our administrative costs if you request multiple copies of the same information or if the requests are manifestly unfounded or excessive.
c. Deletion of personal information
At your request, we will delete your personal information if:
- it’s no longer necessary to retain your personal information;
- you withdraw the consent which formed the basis of your personal information processing;
- you have successfully objected to the processing of your personal information (see below);
- your personal information was processed unlawfully; or
- we are required to delete your personal information to comply with our legal obligations.
We will review requests on a case by case basis and we might not be able to comply with your request if we need to process your personal information:
- for exercising the right of freedom of expression and information;
- to comply with our legal obligations;
- to establish, exercise or defend a legal claim; or
- to perform a task in the public interest.
If this is the case, we will notify you of the reasons why your request was rejected.
d. Restriction of processing of personal information
You have the right to request us to limit the processing of your personal information if:
- you dispute the accuracy of your personal information;
- your personal information was processed unlawfully and you request a limitation on processing, rather than a deletion of your personal information;
- we no longer need to process your personal information, but you need your personal information in connection with a legal claim; or
- you object to the processing of your personal information based on our legitimate interests pending verification as to whether we have an overriding legitimate ground for such processing.
To the extent needed, we may still keep some of your data to ensure we comply with your request to limit processing, or for other legal purposes.
e. Objecting to certain types of processing including automated decision making
Where we process your personal information based upon our legitimate interests, you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms.
Where we process your personal information based upon our legitimate interests and where decisions are made by automated processing which has a legal or other significant effect on you, you may also object to such automated decision making.
f. Portability of personal information
You can request us to send you your personal information in a structured, commonly used, machine-readable format so that it can easily be transferred and used by a third party if:
- you provided us with the personal information;
- the processing of your personal information is based on your consent or required for the performance of a contract; or
- the processing is carried out by automated means.
g. Withdrawing consent
We primarily rely on legitimate business interests to process your data, but to the extent we use consent to process your data, you have the right to withdraw any consent you may have given us at any time. We will comply with your request promptly.
If you withdraw your consent, we might not be able to provide some of our products and services to you. At any point, you have the right to object to processing of your personal information for direct marketing purposes and we will promptly comply with your request.
h. Filing a complaint with a data protection authority
We will try to resolve any problems that you have but you are always able to contact your local data protection authority for assistance or to make a complaint.
7. International transfer of your personal information
In certain circumstances, we might need to transfer your personal information to other countries. If you are in the EEA, please be aware that we may need to transfer your data to countries outside the EEA to process it. We will only transfer your personal information outside the EEA with adequate safeguards in place and in full compliance with applicable laws. For example, we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection. We require our service providers to protect your information and to treat it in accordance with our data protection policies and all applicable laws.
We have put in place appropriate security measures to protect your personal information from being accidentally lost, misused or accessed in an unauthorized way, altered or disclosed.
For example, for Digital Tools that require personal or sensitive data to be collected or displayed, a Secured Socket Layer (SSL) connection is required, to ensure that the data is encrypted as it is transferred to the browser. All credit card payments are processed using PCI compliant technology, to ensure that your credit card number is securely passed to the merchant/service provider. We do not store your credit card details.
We have procedures to deal with any suspected personal data breach and we will promptly notify you and any applicable regulator of a breach in accordance with our legal obligations.
We cannot guarantee that the security measures we implement in connection with the operation of the site will absolutely prevent others from accessing or acquiring any information that you provide while using the site. You can help us protect your personal information by properly protecting your password and remembering to sign out of your account and close your browser window when you finish visiting our site, especially if you are on a shared or public computer.
9. Cookies and information collected by technology
Like many other Web sites, all InterVarsity websites makes use of log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, Internet Service Provider (ISP), date/time stamp, referring/exit pages, and number of clicks to analyze trends, administer the site, understand user’s movement around the site, and gather demographic information.
10. How long we keep your personal information
- We will hold your personal information on our systems for as long as is needed to fulfil the function for which we hold the data or as long as is required by law for the relevant activity. For example, U.S. Tax law requires us to keep a record of donations. If you are an EU/EEA resident, we will not keep your data longer than 7 years after your last interaction with us (e.g. making a donation, registering for an event, or using one of our Digital Tools) unless we cannot delete it for legal or technical reasons or we keep it for statistical purposes. In either case, we will ensure that your privacy continues to be protected and only use your personal data for the aforementioned purposes.
- If you request that we stop sending you marketing or fundraising information, we will keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us.
- Where your information is no longer required we will ensure that it is disposed of in a secure manner.
- Information will only be kept as long as is necessary for the purposes for which you provided it or we obtained it and will be minimized to ensure we only keep what is necessary.
11. Third party sites and information
Our website contains links to other websites belonging to third parties and we sometimes choose to participate in social networking websites including, but not limited to, YouTube, Facebook, Twitter, Pinterest and Instagram.
12. Special rules for children
We do not collect personal information from children under the age of 13 beyond what is necessary for them to participate in our online or other activities, such as registering for a conference or downloading materials. If we discover that we have accidentally collected personal information from a child below the age of 13, we will delete it from our records as soon as reasonably possible.
If a child under the age of 16 attempts to register with one of our Digital Tools, purchase products or materials, or participate in an activity requiring the submittal of personally identifiable information, a parent or guardian must give permission and consent for that child to provide information and register. The only personal information we collect from a child is information that is necessary for the child to participate in activities, such as an address for making a purchase. Parents have the right to request at any time that the information collected about their child is removed from our database.
13. Your California privacy rights
Under California's “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately preceding calendar year (e.g. requests made in 2018 will receive information regarding 2017 sharing activities). Please be aware that not all information sharing is covered by the “Shine the Light” requirements.
You can change the information about your record and contact preferences (like mailing or emailing) at https://pim.intervarsity.org/
Or, contact us directly using one of the methods below.
InterVarsity Donation Services:
Call toll free: 866-734-4823
Email us at email@example.com
Send mail to: InterVarsity, PO Box 7895, Madison, WI 53707-7895.
To change your InterVarsity Store billing or shipping address, call the InterVarsity Store at 866-265-4823 or email us using this form: https://intervarsity.org/contact/intervarsity-store. We will respond promptly to your request.
If you are unhappy with our work or something that we have done or failed to do or if you have any questions about this policy or the way we use your personal information, we want to know about it. We also welcome your views on what we do well. Your comments enable us as an organization to learn and continuously improve our services. You can email us at firstname.lastname@example.org