Privacy Policy

Policy last updated on Monday, August 5, 2024

I. Introduction

It is important to us at the St. Kizito Foundation that users understand how we handle their personal information collected on our website. Personal information (i.e., "personally identifiable information" (PII)) refers to any information traceable to you as a person. Our privacy policy aims to provide a simple and straightforward overview of how we collect, use, protect, or otherwise handle your personal information on our website.

When you visit our website, https://www.stkizitofoundation.org/, contact us directly, or fill out a contact form, we process your personal information, specifically your first and last name, email address, and phone number.

II. Personal Information

How do I contact you about my personal information?

  • Organization Name: St. Kizito Foundation
  • Address: 25187 Chase Drive, North Olmsted, Ohio 44070

You also have the right to demand that we correct or delete any of your personal information. You can submit a request to the address listed above at any time.

What personal information do you store?

When you fill out a contact form on our website or contact us directly, we will ask you to provide information. Depending on the inquiry, this can include:

  • Your first and last name
  • Your email address
  • Your phone number
  • Your message

This information is stored securely on our server (see "How do we protect the personal information collected?" below). 

The St. Kizito Foundation uses Stripe to securely process online payments. The most common example is when visitors RSVP to fundraising events by purchasing tickets online. Customers utilize Stripe's dedicated "Checkout" platform to pay online, which is completely separate from the St. Kizito Foundation's website. The St. Kizito Foundation does not collect nor store sensitive payment information on our server. The only information stored on our server related to online payments is:

  • Payment status (e.g., "Paid")
  • Payment date and time
  • Transaction ID (a random string of letters, numbers, and symbols)
  • Payment amount
  • Item and quantity (e.g., five event tickets)

The St. Kizito Foundation encourages users to familiarize themselves with Stripe's security practices on their website:

Do you share personal information with third parties?

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties unless we provide you with advance notice. However, this does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe it is appropriate to comply with the law, enforce our site policies, or protect our or others' rights, property, or safety. However, we may provide non-personally identifiable visitor information to other parties for marketing, advertising, or other uses.

What is the purpose of processing your personal data?

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties unless we provide you with advance notice. However, this does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe it is appropriate to comply with the law, enforce our site policies, or protect our or others' rights, property, or safety. However, we may provide non-personally identifiable visitor information to other parties for marketing, advertising, or other uses.

How do we protect the personal information collected?

The St. Kizito Foundation maintains a high level of security on our website. Our website is secure with an SSL certificate; all data is stored on secure servers. However, it is essential to remember that no method of data transmission over the internet or method of electronic storage is absolutely 100% secure. As such, the St. Kizito Foundation cannot guarantee the absolute security of visitor information.

Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

III. Cookies

Today, most websites use cookies to improve user experience and understand how consumers interact with their products, services, and sales and marketing channels. In plain terms, a cookie is a small text file downloaded to your computer when you open a website. It resides in your browser or on your device. Cookies enable the website to "remember" things about you.

The St. Kizito Foundation uses cookies to enhance the user experience and collect statistics. As of this writing, it uses Google Analytics to understand how our users utilize its website. Google Analytics uses cookies to collect anonymous information about our website's traffic and what our users do. This information includes pages visited, events (e.g., scrolls, clicks, file downloads), and how a user first arrived on our site (e.g., from a search engine).

When users visit our website for the first time, a cookie banner appears giving the option to accept or deny cookies. If a user declines cookies, a single cookie will be stored on their device to remember their choice. The St. Kizito Foundation leverages Google's Consent Mode to modify its analytics and tracking practices automatically based on the preferences of each user.

We encourage users to read Google Analytics' privacy policy here: https://policies.google.com/privacy?hl=en-US.

How can I delete cookies?

Popular web browsers each have their unique methods of deleting cookies:

If you use a different web browser, check its knowledge base or support page for instructions on how to clear your cookies.

IV. Regulations

California Online Privacy Protection Act (CalOPPA)

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. However, given the internet's global reach, CalOPPA stretches well beyond California's borders to all companies in the United States (and, in reality, the world) that operate websites that collect personal information from California consumers.

According to CalOPPA, we agree to the following:

  • Users can visit our site anonymously.
  • Users can easily access our privacy policy in our website's page footer.
  • Our privacy policy link includes the word "Privacy."
  • We will notify users of any privacy policy changes on our policy page.
  • Users can change their personal information by emailing us.

Children Online Privacy Protection Act (COPPA)

The Children's Online Privacy Protection Act (COPPA) puts parents in control when collecting personal information from children under 13. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not specifically market to children under 13.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in developing data protection laws around the globe. Understanding the Fair Information Practice Principles and their implementation is critical to complying with privacy laws protecting personal information.

To comply with Fair Information Practices, we will notify users via email and in-site notification should a data breach occur.

We also agree with the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires that individuals have enforceable rights against data users and have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.