In this Notice, we, The Church of Jesus Christ of Latter-day Saints, a Utah Corporation sole (“CHC”), provide you with information about how we collect and process your personal data in conjunction with the JustServe.org website or Internet applications (referred to as “sites”).
1. What personal data do we and organizations using our sites collect?
When you use the JustServe.org sites, we may collect and process personal data that (a) you actively submit to us, and (b) we record. We may process your personal data with or without automatic means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of your personal data.
Third party organizations using our sites may also collect your personal information directly from you when you volunteer with them.
a. Actively submitted data. You submit personal data to us when you register for an account on our sites. This includes details such as name, email address, postal code, and so on. You also may submit personal data to us when you upload or share through our sites, or otherwise use our services. This may include profile information and any other personal data that you choose to upload.
The provision of personal information is necessary to facilitate some of the features of our sites. If you do not provide your personal information, you will not be able to avail yourself of some of the functionality of the sites, including registering for an account and volunteering for service projects through our sites. In each case you will know what personal data you provide to us because you actively and voluntarily submit the data.
b. Data we obtain from third parties and passively submitted data. When local law permits, you may submit personal data about someone other than yourself (in other words, a third party) in your submissions or through other features on the sites. When providing personal data about anyone other than yourself, you must first obtain the other person’s informed consent if his or her consent is legally required.
If you or someone else has provided us with your personal information and you would like to request that it be removed or that we do not contact you further, please follow the unsubscribe or opt-out procedures provided on the specific site, newsletter, email notification, or the like, or please contact us at DataPrivacyOfficer@ChurchofJesusChrist.org.
When you visit any of our sites, our servers (using log files or filtering systems) may collect information that your web browser sends any time you visit a website. This information may include but is not limited to your Internet Protocol address (IP address), browser type, operating system, language preference, any referring web page you were visiting before you came to our site, the date and time of each visitor request, information you search for on our resources, and other information collected by cookies or similar technologies.
We may also collect certain statistical and other analytical information on an aggregate basis relating to all visitors to our sites. This is non-personal information that cannot be used to identify or contact you, such as demographic information regarding browser types, mobile device equipment, mobile network, and other anonymous statistical information involving the use of our sites. We collect this information to help us monitor traffic and enhance your experience with our sites.
c. Data collected by other organizations. Organizations using our sites may also collect your personal information when you volunteer with them, including your name, date(s) of service, duration of service, and type of service. They may share this information with us so that we can create a Record of Service for you. With your permission, sponsoring organizations may also take visual or audio images of you while you are volunteering and submit them to us as a Success Story that is posted on our sites or that we may use in other media or formats to promote JustServe.
3. For what purposes do we process personal data?
We process personal data to provide our services and to fulfill our sites’ mission of providing a place where organizations with volunteer needs can link with volunteers looking to serve in the community. We may use personal data to (a) register you as a user on the sites, (b) provide services to you through the sites, (c) contact you, (d) fulfill requests you make, (e) seek your voluntary feedback, (f) customize features or content on our tools or services, or (g) allow organizations you choose to volunteer with to contact you to help fulfill our sites’ mission or to seek your voluntary feedback. In this context, the legal basis for our processing of your personal data is carrying out of our legitimate interest.
We may also use your data to comply with applicable laws and exercise legal rights as the basis for our data processing.
We may also use your personal data for internal purposes, including auditing, data analysis, system troubleshooting, and research. In these cases, we base our processing on legitimate interests in fulfilling our sites’ mission.
4. With whom do we share personal data?
We regard your personal information as confidential and will not disclose it to any third party, except in the following circumstances (or in other instances where we specifically inform you and obtain your prior consent):
a. Organizations. When you choose to register for a project with an organization, or when you volunteer with an organization, we may provide them with your personal information, including your name, so that they contact you about the project and coordinate your service.
b. Third-party providers. We may provide personal data to third parties for their processing in performing functions on our behalf as data processors (for example, maintenance, security, data analysis, hosting, measurement services, data-driven social media messaging, surveys, and so on). In such instances, in accordance with this Notice and applicable laws, the providers will be contractually required to protect personal data from additional processing (including for marketing purposes) and from transfer.
c. Legal requirements. We may access and disclose your personal data, posts, online chats, content, or other submissions to any site if we have a good-faith belief that doing so is required by a subpoena, by a judicial or administrative order, or is otherwise required by law. Additionally, we may disclose your personal information and other information: as required by law or to exercise or defend legal rights; to take precautions against liability; to protect the rights, property, or safety of the resource of any individual or of the general public; to maintain and protect the security and integrity of our services or infrastructure; to protect ourselves and our services from fraudulent, abusive, or unlawful uses; to investigate and defend ourselves against third-party claims or allegations; or to assist government law enforcement agencies.
5. Where do we store personal data?
We may store your personal data in data centers in the United States, in cloud storage solutions, or on the premises of CHC. To ensure the adequacy of protection of data that we transfer to other jurisdictions, we have concluded data transfer and processing agreements between CHC and its service providers, which agreements include Standard Contractual Clauses approved by the European Commission in compliance with European Union law as applicable (which you may be entitled to review if you contact us as suggested at the end of this Notice).
6. How do we secure personal data?
We use technical and organizational measures to protect the personal data we receive against loss, misuse, and unauthorized alteration and to protect its confidentiality. We regularly review our security procedures and consider appropriate new security technology and methods. We also use current encryption technology to encrypt the transmission of data on our log-in pages. However, because we cannot guarantee the complete security of these encryption technologies, please use caution when submitting personal data online.
When you have chosen (or we have given you) a password which enables you to access certain parts of our Site, you are responsible for keeping the password confidential. We ask you not to share your password with anyone.
7. How long do we retain personal data?
We retain collected personal data, including information collected via our sites and other submissions, for a reasonable period of time to fulfill the processing purposes mentioned above. We then archive it for time periods required or necessitated by law or legal considerations. When archiving is no longer required, we delete personal data from our records. In general, we (or our service providers on our behalf) will hold data for a period of seven years after you cease to interact with us, unless we are obligated to hold it for a longer period under law or applicable regulations.
8. How can you access and correct your personal data?
We endeavor to maintain the accuracy of personal data and rely on you to ensure your personal data is complete and accurate. You may request access to your personal data and verify, correct, rectify (including update), or block it through your profile.
You may contact us to exercise additional statutory rights such as data portability, objection in accordance with applicable laws, restriction of processing, and erasure of your personal data. You also have the right to lodge a complaint with a supervisory authority.
If you experience problems with modifying or updating your personal data, you can contact us as suggested at the end of this Notice.
9. Third-party links.
We are not responsible for the privacy practices or content of any third-party websites, including those of organizations who use our sites. For your own protection, you should review the policies of other sites to ensure they meet your personal privacy expectations.
10. Children’s privacy.
We do not knowingly collect personal information from children under the age of 16 on this site. If you think that we have collected personal information from a child under the age of 16, please contact us immediately at DataPrivacyOfficer@ChurchofJesusChrist.org.
11. Effective date and amendments.
This Notice is effective November 4, 2020 and may be amended from time to time.
12. Contact us.
We have a global chief data protection officer who can answer questions about data privacy or security issues. Inquiries concerning this Notice or the security of personal data that we process may be sent through email, fax, or mail:
Address: Data Privacy Office
50 E. North Temple Street
Salt Lake City, UT 84150-0005