Privacy Policy

CONSENT TO PRIVACY POLICY

By accessing this website or providing personal information to GRACE COMMUNION INTERNATIONAL, a California nonprofit religious corporation or any of its respective affiliates (collectively, “GCI”) by any means, you agree to the terms of this Privacy Policy.

PURPOSE

GCI respects your privacy, and is committed to protecting your personal information from unauthorized use or disclosure.

This Privacy Policy describes how your personal information may be collected when you visit our website, access our services, enroll through our online application, or otherwise interact with GCI. It describes how your personal information is used, disclosed to other parties, and the steps GCI takes to protect it from unauthorized use or disclosure. Specific services might use or require different personal information practices than are described in this Privacy Policy.

PERSONAL INFORMATION

GCI defines “personal information” to mean information that we directly associate with or use to identify you. Personal information may include your name, address, phone number, email address, fax number, IP address, age, date of birth, gender, occupation, marital status, number of children, spouse’s name and occupation, parents’ names, occupations, financial information, and contact information, criminal history, or information pertaining to a mailing list, contact requests made, membership, church affiliation, or online registration. Our definition does not include “aggregate personal information,” which is information that we collect about a group or category of persons or services, or “de-identified information,” which is information from which we or our agents have removed any information that can be used to specifically identify a person. This Privacy Policy does not restrict or limit our collection or use of aggregate personal information or de-identified information.

COLLECTION OF PERSONAL INFORMATION

GCI may collect your personal information through one or more of the following methods:

  • Personal Information You Provide. GCI may collect personal information when you provide personal information to our supporters or volunteers, register as a user of our website or to attend our camps, retreats, and events, sign up for our newsletter, donate to us, register to be a volunteer, contact us about a request to make contact, or email, call, or otherwise communicate with us. No personal information is gathered about you when you visit our web site, unless you voluntarily provide information to us (through an information request or contacting us). For example, if you contact us regarding our churches, we may request that you provide personal information that will enable us to respond to your inquiry.  If you do not provide such information, we may not be able to respond to your inquiry, or the information we provide may be limited.
  • Automatically Collected Personal Information. When you register for our camps, retreats, or events, transactional information such as the date of your registration, camp, retreat, or event registration and your financial and user information may be collected automatically. We treat all such automatically collected information as personal information if we combine it with or link it to other information that may identify you.
  • Other Information. We may obtain information about you from third parties, such as demographic marketing information, address verification, complaints, grievances, or mailing list information and combine it with other personal information pertaining to you.
  • Cookies, Web Beacons, and Similar Technologies. We may use cookies, web beacons, and similar technologies to manage our website and email messages, and we may collect information about your activities online at our website. We may link this information with other personal information about you. By continuing to visit our web site, you agree to the placement of cookies on your device. If you choose not to accept our cookies, we cannot guarantee that you will have access to the full experience of our web site.
  • Third Parties. GCI is not a part of a third party tracking network and does not allow third parties to collect personally identifiable information about consumer’s online activities through our website. This Privacy Policy does not apply to, and we are not responsible for, the practices of third parties that collect your personal information. We encourage you to check the privacy policies of such third parties to learn about their practices with respect to the collection, use, disclosure, and protection of your personal information.

OUR USE OF PERSONAL INFORMATION

GCI may use your personal information for a variety of purposes, including:

  • Keeping you up to date about our church services;
  • Letting you know about upcoming events, including camps and festivals;
  • Sending out Bible studies and other literature designed to help people grow in the Christian faith;
  • Keeping financial records for donors and sending receipts;
  • Managing volunteers and staff;
  • Providing requested ministerial support, including biblical counseling and hospital visits;
  • Planning meetings and events;
  • Responding to your comments, requests, and questions;
  • Processing and completing your membership or event registration request, including the delivery of your personal information to the relevant location(s) and processing your payment for the registration;
  • Attempting to contact you regarding web site issues;
  • Sending you technical notices, updates, security alerts, and support and administrative messages;
  • Verifying your identity;
  • Keeping a record of our interactions with you if you deal with our representatives over the telephone or online;
  • Conducting statistical and demographic analysis;
  • Keeping in touch with you;
  • Preventing, investigating, or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of personal information, our website or data systems, or to meet legal obligations;
  • Protecting and defending GCI and its affiliates against legal actions or claims;
  • Satisfying contractual obligations;
  • Evaluating your membership or event registration request;
  • Cooperating with law enforcement or other government agencies for purposes of national security, public safety, or matters of public importance when we believe that disclosure of information is necessary or appropriate to protect the public interest or as otherwise required by law;
  • Conducting market research, surveys, and similar inquiries to help us understand trends and congregant needs;
  • Evaluating and improving your membership or event experience, online experience, or existing services, or to create new events;
  • Monitoring and analyzing trends, usage, and activities; and
  • Performing any other purpose disclosed elsewhere in this Privacy Policy.

When it is possible to do so, we may link personal information (such as your name or e-mail address) with non-personal information (such as the unique identifier associated with your computer or mobile device). We may also link personal information with other generally or publicly available information to help us identify your preferences or interests. The information we collect may also be merged with information available from other sources such as (1) companies that match e-mail addresses with postal addresses and other information; and (2) our affiliates.

Our affiliated religious institutions may also send you information. GCI does not control the sending process or the content of the communications sent to you by such institutions. Please refer to the privacy policy of each respective institution for more information.

DISCLOSURE OF PERSONAL INFORMATION

GCI may share your personal information internally among its affiliates. GCI does not sell or rent your personal information to third parties in the ordinary course of its activities. Notwithstanding the foregoing, upon the occurrence of certain organizational transactions, your personal information may be disclosed or transferred as described under the caption “Certain Organizational Transfers” below. Our practices with respect to the disclosure of personal information are described below or as otherwise stated in this Privacy Policy.

  • With Your Consent. We may disclose your personal information to third parties with your consent. You may give your consent in several ways, such as through a written agreement that you sign or acknowledge; an online method, such as a “click-through” agreement or registration page; an oral statement, such as by way of an interactive voice response or orally authorized consent during a phone call; or through the terms and conditions under which we provide you with membership or event requests. Sometimes, your consent may be implicit. For example, if you complete an application request with a credit card, you implicitly consent to the disclosure of your name and credit card number to the credit card processor to authorize the transaction.
  • Service Providers. We may disclose your personal information to third parties who complete transactions or perform services on our behalf or for your benefit. Information provided to such parties for payment authorization (including PayPal and credit card information processors) or verification purposes may be retained by them in a database that is used to provide similar services to others. We may also utilize the services of third parties to verify customer data, such as mailing addresses or to supplement other information we have collected. We may also contract with third parties to host a website, retain customer data, conduct market research, or send you information regarding our activities, or those of other companies with whom we conduct activities.
  • Legal Process. We may disclose your personal information to legal or government regulatory authorities in response to their requests for such information or to assist in investigations of theft, fraud, or abuse. We may also disclose your personal information to third parties in connection with claims, disputes, or litigation, or if we determine its disclosure is necessary in an emergency. This may include the disclosure of IP addresses, mobile device identifiers, or other information collected by us, with or without notice to you.
  • Certain Organizational Transfers. Your personal information may be disclosed as part of an actual or proposed organizational transaction, such as a merger or dissolution of GCI, and could be transferred to a third party as one of the organizational assets in such a transaction. It may also be disclosed in the event of insolvency, bankruptcy, or receivership.

PAYMENT INFORMATION

We may also ask you for financial information for payment purposes, including your name; billing address; credit, debit, bank card or PayPal account information; or any other information that we, in our sole discretion, deem appropriate (“Payment Information”). We will not store your Payment Information on our database, unless you have provided your consent for the storage of such Payment Information for recurring donations.  Once you provide us with your Payment Information, we will forward the information to our third party payment processor, who will only use your Payment Information to process your payment of the ordered products.

INFORMATION PERTAINING TO CHILDREN

GCI is the only operator of its website, and its contact information is listed in the “How to Contact Us” section below. GCI does not knowingly or intentionally collect personal information from children under the age of 13, and has taken steps to avoid doing so through its website. Accordingly, GCI does not enable children to make their personal information publicly available, knowingly or intentionally use their information in any manner, or knowingly or intentionally disclose their information to anyone. If a child under the age of 13 has or may have provided personal information to GCI, a parent or guardian may inform us of that fact by contacting us using one of the methods listed in the “How to Contact Us” section below, and we will then review our records and delete any such information from our database. If you are under the age of 13, do not provide us with any personal information either directly or indirectly (e.g., by posting personal information on our website). Any personal information that we receive from a person whom we believe is under the age of 13 will be deleted.

Users under the age of 18 must have the consent of their parent(s) or adult guardian(s) to complete GCI’s online membership or event registration. Such users’ parent(s) or adult guardian(s) must complete the “Parent/Guardian Signature” in order to complete GCI’s online application process.

ACCESS TO AND RETENTION OF PERSONAL INFORMATION

GCI does not maintain all of your personal information in a form that you can access or update, and some items may not be changed. Accordingly, we will determine and may limit what may be accessed and how, subject to applicable law, and we may keep a record of changes (including deletions) and disclose them for compliance or other lawful purposes. We keep your personal information for only as long as necessary for the fulfillment of the purposes for which it is collected (but in no event less than eight (8) years), and we reserve the right to retain it to the full extent not prohibited by law. Upon our confirmation of your identity, you may request confirmation that your membership or event registration is being processed, review your personal information that is readily accessible free of charge (provided that such request is not excessive or unfounded), or request that it be updated or corrected or its use limited by contacting our GCI Member Service Center using one of the methods listed under the “How to Contact Us” section below.

SECURITY OF PERSONAL INFORMATION

GCI uses various physical, electronic, and procedural measures to protect your personal information from unauthorized disclosure or misuse. Only authorized employees of GCI have access to our databases where your personal information is stored. We employ Secure Sockets Layer (SSL) and HTTP Secure (HTTPS) technology and other security measures to encrypt and securely transfer sensitive personal information you input during transmission. However, because no data security systems are completely secure, we do not warrant that any personal information that you provide to us will be secure or safe from unauthorized access. If you provide any personal information to us, you do so at your own risk. We also use certain third party services for storage and processing of personal information, including Dropbox and Gmail. You may contact our privacy officer at legal.office@gci.org for more information or to file a complaint.

LINKS TO OTHER WEBSITES

GCI’s website may contain links to websites operated by third parties. We may, from time to time, at our sole discretion, add or remove links to other websites. These links are provided solely as a convenience to you, and access to any such websites is at your own risk. Your dealings, communications with, or participation in activities with such websites (other than GCI) and any terms, conditions, warranties, or representations associated with such dealings are solely between you and such third parties. When you visit their websites, they may collect information about your visit and use it to provide advertisements to you. This Privacy Policy does not apply to, and we are not responsible for, the practices of third parties that collect your personal information. Each of these linked websites may maintain its own policies about the collection, use, and protection of your personal information. We encourage you to check the privacy policies of such third parties to learn about their practices.

CHANGES TO THIS POLICY

GCI will modify this Privacy Policy if our practices change. We will notify you of such changes by posting a modified version of this Privacy Policy on our website and indicating the date it was last modified. We encourage you to visit our website periodically to view the latest version of this Privacy Policy.

OPT-OUT CHOICES

GCI’s website does not respond to “do not track” signals or similar mechanisms. GCI may send you email messages, direct mail offers, or other communications regarding events or news unless you specifically ask us not to do so when you enroll as a member or register for an event, access our website, or change your preferences by updating any accounts you may have with us. At any time, you may elect to discontinue receiving messages from GCI by submitting an opt-out request to our GCI Member Service Center (see “How to Contact Us” below) or by following the instructions in the form of the communication you received, as described below.

  • Emails: To opt out of receiving email messages, use the  unsubscribe link at the bottom of this email.
  • Printed Materials: To opt out of receiving printed marketing materials at your postal address, such as letters, flyers, or postcards, contact us at member.services@gci.org
  • Voice Messages and Texting: To opt out of receiving voice messages by telephone or text messages, you may follow the instructions stated in the pre-recorded voice message or contact us at member.services@gci.org

APPLICABLE LAW

Our web site was created by and is controlled, operated, and administered by GCI, which is a California non-profit religious corporation, or its agents from offices within the United States of America utilizing servers located in the United States of America. We make no representation that materials at our web site are appropriate or available for transmission to or from, or use in, locations outside of the jurisdiction stated above, and accessing our web site from any jurisdiction where our web site’s contents are illegal is prohibited. You may not use our web site or export the materials in violation of import or export laws and regulations. If you access our web site from a location outside of the United States, Canada, and the European Union, you are responsible for compliance with all local laws.  Please note that the personal data you provide to us will be transferred to the United States. Whenever you submit any personal data to us, you consent to this transfer.

This Privacy Policy is in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada and the European Union’s General Data Protection Regulation (“GDPR”).

Additionally, the applicable laws of our affiliated academic institutions may differ from the applicable laws of the United States. We do not express any opinion as to your rights, privileges, and duties under such applicable laws, and we advise you to consult your own attorney on such matters.

CALIFORNIA PRIVACY RIGHTS

Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act and Shine the Light law. We therefore will not distribute your personal information to outside parties without your consent. This consent may be explicit or implicit. Please note that the California Shine the Light law does not cover all information sharing. Our disclosure only includes information covered by the law.

EUROPEAN UNION PRIVACY RIGHTS

The GDPR provides for certain rights to European Union citizens. Among these is the “right to be forgotten.” Upon receiving your request, we will delete your personal information from our databases to the full extent required by the GDPR and subject to the conditions therein. If we have sent your application to any requested educational institution, we will notify such educational institution(s) of the request for erasure.

Upon the conditions set out in the GDPR, including receiving a reasonable request or objection from you, GCI will restrict the processing of your personal information.

By submitting a membership or event registration through our web site, you provide your informed consent to the transfer of your personal information to our servers in the United States. The transfer is necessary for GCI to process your membership or event registration.

GCI processes personal information as both a Processor and as a Controller, as defined in the GDPR. GCI will be the Controller for user data as outlined above in the “Collection of Personal Information” section. GCI will be the Processor in accordance with the GDPR as outlined in the “Our Use of Personal Information” section above. All personal information collected will be hosted in secure hosting facilities in accordance with the highest security regulations.

In the event of a data breach, we will notify the relevant supervisory authority within seventy-two (72) hours.

We have taken all other steps required to comply with the GDPR.

HOW TO CONTACT US

Please contact us by mail, email, or telephone, if you have any questions, comments, or concerns about this Privacy Policy or privacy-related comments or questions:

  • Email: legal.office@gci.org
  • Mailing Address: Grace Communion International 3120 Whitehall Park Drive, Charlotte, NC 28273
  • Phone:  980-495-3982