Logo

Privacy Policy

Last updated 6/1/2023

Thank you for choosing to be part of our community at the Fellowship of Catholic University Students (“FOCUS,” “we,” “us,” or “our”), a 501(c)(3) nonprofit organization.  We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice (this “Notice”) or our practices with regard to your personal information, please contact us as described below. The purpose of this Notice is to explain what information we collect, how we use it, and what rights you have in relation to it. If there are any terms in this Notice that you do not agree with, please discontinue use of our Services (defined below) immediately.

Please read this Notice carefully, as it will help you understand what we do with the information that we store and process.

This Notice applies to how we collect and process your personal information when you interact with us, including by visiting any of the FOCUS family of websites including but not limited to www.focus.org or when you interact with us by making a financial contribution, at events, with our staff, partners, or through our programs.
 

TABLE OF CONTENTS

  1. WHAT PERSONAL INFORMATION DO WE PROCESS?
  2. HOW DO WE USE YOUR INFORMATION?
  3. WILL YOUR INFORMATION BE SHARED WITH ANYONE?
  4. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
  5. HOW LONG DO WE KEEP YOUR INFORMATION?
  6. HOW DO WE KEEP YOUR INFORMATION SAFE?
  7. WHAT ARE YOUR PRIVACY RIGHTS?
  8. HOW CAN YOU EXERCISE YOUR DATA SUBJECT RIGHTS?
  9. DO WE MAKE UPDATES TO THIS NOTICE?
  10. HOW CAN YOU CONTACT US?

List of Processors / Service Providers

1.     WHAT PERSONAL INFORMATION DO WE PROCESS?

In this Notice, when we say “Services,” we are referring to any services we engage in as an organization, including providing web and/or mobile applications, live events and programming, and evangelical outreach and mission development.

We collect personal information that you voluntarily provide to us when you register for our Services, express an interest in obtaining information about us or our products and services, when you participate in activities we sponsor or administer, through personal interaction with one of our representatives, or otherwise when you contact us or make a financial contribution to our mission.

The personal information that we collect depends on the context of your interactions with us, and it may be collected (a) from you directly, meaning you direct the provision of it to us (b) from automatic means (meaning it is collected automatically when you visit our Websites), or (c) from other sources such as public databases, marketing partners, and other outside sources. Outside sources might include your family members, parishioners, missionaries, or other publicly available databases in some situations. The personal information includes the following:

  • Personal Information About You.
    • Identifying information: Names, phone numbers, email addresses, street or mailing addresses, usernames, contact or authentication data, and contact preferences.
    • From our donors, we may receive giving information, including types and amounts of donations, job titles, intent data (or user behavior data), donation history, property ownership, social media profiles, social media URLs and custom profiles.
    • From our members and alumni, we also gather program participation information. Additionally, we collect testimonials and images of you when you provide them to us.
    • From job or volunteer applicants and employees, we may receive job application data and related information such as job history. To the extent that we conduct background checks now or in the future, we may obtain criminal history.
    • Sensitive Data: As a religious organization, we may also hold “Sensitive Data” or Special Categories of personal information, which may include data or inferences about religious beliefs. We may process this data with your consent which you provide when you interact with us in the context of a specific event or service.
    • Payment Data. All payment data is collected and stored by a third-party payment processor who is a service provider to us. We may change payment processors in the future.   A list of our subprocessors is below. We utilize secure transaction methods or third-party processors when collecting payment information over the internet.
  • Cookies information. Like many organizations, we also collect information through cookies and similar technologies.  Such information may include information regarding your device, such as your IP address, your operating system and your browser activity, location of the device accessing the website, traffic data (such as the pages you visited on our website, the time spent on the website, number of downloads from the website) and interactions with social media platforms (such as sharing of elements from the website to social media accounts). This information may be collected through the use of cookies and analytics.
  • Log and Usage Data. Log and usage data is service-related, diagnostic, usage and performance information our servers automatically collect when you access or use our Website and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings and information about your activity in the Website (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take such as which features you use), device event information, and hardware settings.
  • Location Data. We collect location data such as information about your device’s location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Website. For example, we may collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. Note however, if you choose to opt out, you may not be able to use certain aspects of the Services. /None of this data is specific to within a 1-mile radius.

2.     HOW DO WE USE YOUR INFORMATION?

In Short: We process your information to further achieve our charitable and evangelical purposes, including to process donations and maintain compliance with our legal obligations, and to otherwise further our mission.

In legal terms, we are generally the “data controller” under European and United Kingdom data protection laws (including the General Data Protection Regulation 2016/279 (“GDPR”) and the Data Protection Act 2018 (“DPA”)) since we determine the means and/or purposes of the data processing we perform. However, when we partner with certain campus ministries we may be considered the data “processor” with respect to certain data.

We use the information we collect or receive as set forth below.  With the exception of marketing purposes or except where we state we will obtain specific consent (i.e. for publicity involving actual testimonials) you must consent to our processing in each of the following ways for us to be able to provide services to you.  Each of our data processing activities has a lawful basis as understood by the GDPR and the UK DPA.

  • To further our mission. We interact with our networks of students, alumni, mission partners, benefactors and chaplains worldwide to advance our purpose of raising a generation of missionary disciples.
  • Solicit and receive feedback. We may use your information to request feedback and to contact you about your use of our services.
  • To enable user-to-user communications. We may use your information in order to enable user-to-user communications using our web and/or mobile applications.
  • To manage user accounts. We may use your information for the purposes of managing our account and keeping it in working order.
  • To send administrative information to you. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
  • To enforce contracts, to comply with legal and regulatory requirements or in connection with our contract.
  • To publicize our services based on authentic testimonials. We post testimonials on our Website and in other materials that may contain personal information. Prior to posting a testimonial, we will obtain your consent to use your name and the content of the testimonial.
  • To respond to government or court legal requests and prevent harm. If we receive a government order, subpoena or other legal request, we may need to process the data we hold to determine how to respond.
  • To send you marketing and promotional communications. We may use the personal information you send to us for our marketing purposes. For example, when expressing an interest in obtaining information about us or our Website, subscribing to marketing or otherwise contacting us, we will collect personal information from you.
  • Deliver targeted advertising to you. We may use your information to develop and display personalized content and advertising (and work with third parties who do so) tailored to your interests and/or location and to measure its effectiveness.
  • To protect our virtual community and our online services. We may use your information as part of our efforts to keep our site and application safe and secure (for example, to prevent online harassment, and to for fraud monitoring and prevention).
  • For safety and physical security, in the case of certain information like CCTV recordings, to prevent or detect crime, and to help create a safer environment for our staff, parishioners and visitors.
  • For statistical analysis and research. We may use your information for other organizational purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Website, products, marketing and your experience.

We may use and store personal information in aggregated and anonymized form so that it is not associated with individual end users and does not include personal information.  We may process or share your data that we hold based on the following legal bases: legitimate organizational interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.

3.     WILL YOUR INFORMATION BE SHARED WITH ANYONE?

In Short: We only share information with your consent, to provide you with services, to fulfill organizational obligations, or to comply with laws or protect your rights. 

If we have processed your data based on your consent and you wish to revoke your consent, please contact us at privacy@focus.org.

More specifically, we may need to process your data or share your personal information in the following situations:

  • Transactions and Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, restructuring of the organization, financing, or acquisition of all or a portion of the organization to another.
  • Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Website, which will enable them to collect data on our behalf about how you interact with our Website over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content, pages or features, and better understand online activity. Unless described in this Notice, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes. We have contracts in place with our data processors, which are designed to help safeguard your personal information. This means that they must follow our instructions with respect to your information, and they will also not share your personal information with any organization apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct.
  • Affiliated Organizations. We may share your information with certain affiliated organizations, in which case we will require those affiliated organizations to honor this privacy notice. Affiliated organizations include other organizations that we control or that are under common control with us, whether through ownership of securities, by contract, or otherwise, as well as certain nonprofit membership corporations with specific religious purposes substantially similar to our own, in which at least 20% of the members are in common.
  • Organizational Partners. We may share your information with our organizational partners, such as parishes, dioceses, and other mission-aligned groups to carry out our programs.
  • Other Users. When you share personal information (for example, by posting comments, contributions or other content to the Website) or otherwise interact with public areas of the Website, such personal information may be viewed by all users and may be publicly made available outside the Website in perpetuity. Similarly, other users will be able to view descriptions of your activity, communicate with you within our Website, and view your profile. By using our services (such as our site, mobile application, or participating in our events), you understand that your information is not confidential and can be viewed by any user at any time.

4.     IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short: We may transfer, store, and process your information in countries other than your own.

Our servers are located in the United States. If you are accessing our Website from outside the United States, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information.

If you are a resident in the European Economic Area (EEA) or United Kingdom (UK), then these countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country. We will however take all necessary measures to protect your personal information in accordance with this privacy notice and applicable law.  We have implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.

5.     HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

When we have no ongoing legitimate organizational need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6.     HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Website is at your own risk. You should only access the Website within a secure environment.

7.     WHAT ARE YOUR PRIVACY RIGHTS?

In Short: In some regions, such as the European Economic Area (EEA), United Kingdom (UK), and Colorado you have rights that allow you greater access to and control over your personal information.

In some regions (like the EEA, UK, and Colorado), you have certain rights under applicable data protection laws. These may include the right (i) to request information about how your data is processed and obtain a copy of your personal information, including the categories of third parties with whom your data is shared (ii) to request correction and/or deletion; (iii) to restrict the processing of your personal information; and (iv) if applicable, to a copy. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

If you are a resident in the EEA or the UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority.

Account Information

If you would at any time like to review or change the information in your account or terminate and delete your account, you can contact us using the contact information you provided when you registered for your account (if an online service) or otherwise engaged with us.

Upon your request to terminate your account, if permitted by our retention policy we will deactivate or delete your account and personally identifiable information from our active databases provided we have no organizational need to retain that data for any purpose. We may retain some information in our records to comply with contracts and/or to protect us in the event of claims, to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with applicable legal requirements. We will maintain that information as long as is designated under our document retention policies as they are updated from time to time.

Your Colorado Rights

You may have certain data rights under the Colorado Privacy Act, including to request information about the collection of your personal information, to access your personal information in a portable format, and to correct or delete your personal information. If you wish to do any of these things, please visit focus.org/privacy or email us at privacy@focus.org.  Additionally, you may have the right to opt out of the processing of your personal information for any purpose to the extent such data is considered “Sensitive Personal Information” by relevant law.  You may also have the right to appeal the denial of any of these rights by following instructions that will be provided to you if we deny a data request. Depending on your data choices, certain services may be limited or unavailable; however, FOCUS will not discriminate against you for exercising these rights.

No Sale or Sharing of Personal Information. In the twelve months prior to the effective date of this Disclosure, FOCUS has not sold or shared any personal information of consumers, as those terms are defined under the Colorado Privacy Act.

Sensitive Personal Information Disclosure. The categories of data that FOCUS collects and discloses for an organizational purpose include “sensitive personal information” as defined under the Colorado Privacy Rights Act. FOCUS only uses sensitive personal information for its internal purposes, to carry out our programs, and to the extent that such information is inherent in the nature of our work.

Data Retention: We keep your personal information to enable your continued use of our services, for as long as that data fulfills an organizational need.

Right to make a request or opt out: You can make a request described in this section or unsubscribe from our marketing list at any time. You will then be removed from the marketing list. To otherwise opt-out, you may contact us at privacy@focus.org.

Verifying Consumer Requests. To ensure the security of your personal information, we will generally ask you to verify your request using the contact information you have already provided. For more information about exercising your data rights, including how an authorized agent, please contact us at privacy@focus.org.

8.     HOW CAN YOU EXERCISE YOUR DATA SUBJECT RIGHTS?

In Short: Contact FOCUS with your request at privacy@focus.org.   

Based on the applicable laws of your state or country, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances.

FOCUS does not sell personal information or share it for targeted advertising by other parties.  To the extent that we share information with our service providers, you may be able to opt out of the sharing of that information.

To request to review, correct, or delete your personal information, or ask questions or comments about this Notice either send an email to privacy@focus.org or mail the request to:

Privacy Team
FOCUS
P.O Box 17408
Denver, CO 80217

9.     DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we update this Notice from time to time. 

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

10.  HOW CAN YOU CONTACT US?

If you have any questions or concerns about this Privacy Notice or about how FOCUS collects, uses, or shares your personal information, please contact us at privacy@focus.org.

 

List of Processors / Service Providers

Company Type of Processing Locations of data
Amazon Web Services Server hosting United States
Blackbaud Merchant Services Credit card processing United States
iATS Payments ACH processing United States
Blackbaud Constituent management United States
CVENT Event registration United States
Microsoft Communication United States
Smartsheet Record processing United States
Qualtrics Survey responses United States
HubSpot Marketing communication United States
Box File storage United States
SEEK

© Copyright 2024 FOCUS, ALL RIGHTS RESERVED