Data privacy is a complex subject and we want to communicate as clearly as we can without making all the details confusing and sounding like unnecessary legal jargon. You can read all the details below, of course, but here is the essence:

We store and use data about you to operate the ministry and to communicate with you in a personalized way. Nevertheless, this data is your data and you control it. You can ask for copies of it, and you can have it erased, corrected, or frozen. You can ask us to stop keeping records except for records of your donations and details required to support an audit. If you have questions, you can address our Data Privacy Officer.

And now, the details:

Potter’s House Association [PHA] retains information about donors for several purposes:

1. In order to provide services to you as a donor – like statements of giving and receipts.
2. In order to tailor our communications with you to make them personalized – Dear Sarah instead of Dear Donor, for example.
3. To coordinate ministry activities in your area – key staff may be in your area next month and we’d love to invite you to join with other donors for dinner.
4. To provide updates on sponsored children if you are a child sponsor – To mail you a letter from your sponsored child or to tell you if they leave the program.
5. To provide updates on projects which may be of specific interest to you or donors like you. – The expansion of our ministry in Chiquimula and other areas of the country.
6. To administer the details of projects in which you may be involved – A summer SERVE team coming to work with the Treasures.
7. To support audits of our financial statements and processes – A basic tool to provide transparent accounting and fraud detection.

We do not store your credit card information. This may be surprising as many of our donors give by credit card. In compliance with the credit card industry’s standard called PCI, we receive your information and store it only long enough to transmit into the credit card processor’s system, generally a matter of seconds or less. None of our staff have access to this information UNLESS you give it to them over the phone in order to assist you with donation processing. Our training requires that when this happens, our staff destroy any written or electronic copies of the information you provide.

LIMITATION OF ACCESS: We limit staff access to any records of your information on a need-to-know basis. For instance, someone in our Donor Relations group can see your giving history, but the Logistics Coordinator for a SERVE project cannot see this information.

YOUR CONTROL OF YOUR INFORMATION: You have control of your personal information that is kept in our systems. In general, we will respond to your requests for changes to your information within 30 days, typically much faster. Here are some controls you have:

1. The right to know what information we have about you. You have the right to know what data we store about you and how we use it.
2. The right to rectification You have the right to correct data that may be incorrect.
3. The right to erasure Your have the right to having all of your records erased.
4. The right to restrict processing You have the right to “lock” records about you so that no changes can be mad.
5. The right to data portability You have a right to receive a copy of all of your donor records in electronic machine-readable form.
6. The right to object You have the right to object to your use of your data for certain activities, including research, direct marketing, profiling, etc.
7. The right not to be subject to automated decision-making including profiling Our donors have the right to request human intervention in decision-making that might otherwise be done by computers. This does not apply to Potter’s House because we do not use computer decision-making for any purpose.

OPT-IN VERSUS OPT-OUT: This is the newest portion of our data privacy practice. We no longer presume that when you contact us, you give us the right to store information about you. The next time you log-in to your on-line account with Potter’s House, we will ask you specifically about opting in or out. Note that if you opt-out, we will be unable to send you statements of giving or annual updates. We believe that this is an important service we provide. If you opt out, one of our staff members will be in touch with you to verify that you intended this choice.

EVEN IF YOU OPT OUT we will keep a record of your giving. We need this as a reasonable record of the source of our funds that supports audits of our activities.

REPORT OF DATA BREACH: We make reasonable efforts to protect all data in our systems. We use secure servers; we have intrusion detection; we require our staff to change their passwords regularly; and so on. Nevertheless, in the event of a breach of our data systems, we will take the following steps:

1. We will do a complete investigation of how the breach occurred and what data may have been accessed.
2. We will inform affected donors as soon as the investigation is complete, or within 30 days, whichever comes first.

USE OF COOKIES: We make use of “cookies” (small chunks of data about your interaction with our web site) only for the purpose of making interactive pages on our web site consistent from page to page. Cookies to share the user experience between our main site and our donor site (operated by Frontera Business Services). We do not make use of cookies for tracking your visits to any other web sites nor any other non-PHA activity. The cookies we use may be stored in your browser until you close it. It is possible that your visit to our web site could be detected by other web sites, but we do not include any personal information about you in these cookies.

DATA PRIVACY OFFICER: We have a Data Privacy Officer whom you may contact info@pottershouse.org.gt if you have questions or concerns about any of this information.