Last modified: September 8, 2020
This Policy describes how Faith Fitness collects, uses, discloses and otherwise processes information, including personal information, from and about users of Faith Fitness Sites. This Policy does not apply to information provided to Faith Fitness offline.
Please note that, for users located in the European Economic Area (“EEA“) or California, section 8, entitled “Jurisdiction-specific information,” provides additional information regarding our privacy practices with respect to your personal information and supplements the other terms of this Policy. In the event of any inconsistency between the statements made in rest of this Policy and the terms under section 8, the terms under section 8, to the extent applicable, will take precedent.
The data controller of this website is: Faith Fitness LLC. If you have any questions about this Policy or our privacy practices, please contact us at email@example.com.
This Policy is divided up into the following sections:
2……… Use and disclosure
4……… Third parties
5……… Security and retention
6……… Children’s online privacy
7……… Changes to this Policy
8……… Jurisdiction-specific information
8.1 Supplemental information for users located in the EEA
8.1.1 Legal basis for processing personal information
8.1.2 Your rights under EU Data Protection Law
8.2 Supplemental privacy notice for California residents
8.2.1 Supplemental information about collection, use, and disclosure
8.2.2 Consumer rights under California law
9……… Contact Information
Faith Fitness may collect and use certain information when you voluntarily submit it, automatically when you access or use a Faith Fitness Site, and from other sources, such as third parties (e.g. service providers or other organizations with whom we collaborate on certain activities or events) or publicly available sources. To the extent that any such information identifies or is reasonably capable of being associated with an individual person, it will be considered “personal information” for purposes of this Policy.
We do not collect any sensitive information, such as information about your race, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic or biometric data, or information about criminal convictions or offenses (“sensitive information”).
Faith Fitness may also collect deidentified or aggregated information. Such information may be derived from personal information, but it is not considered personal information since it does not directly or indirectly reveal your identity.
Information collected directly from you. The information we collect directly from you on Faith Fitness Sites varies depending on the particular activities carried out, but may include:
- identity information, such as your name and title (“identity information”);
- contact information, such as your email address, phone number, and postal address (“contact information”);
- profile information, such as your username and password (“profile information”); and/or
- marketing and communications information, including your preferences in receiving marketing and other communications from Faith Fitness (“marketing and communications information”).
We may collect this information from you when you fill in online forms on Faith Fitness Sites, such as when you request information or materials from us, including when you subscribe to our publications or register for events, when you otherwise correspond with us through a Faith Fitness Site, or for other purposes indicated on a Faith Fitness Site. We may also collect this information from you when you register for an account.
Information collected automatically. As you navigate through and interact with a Faith Fitness Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, which may include:
- technical information, such as your IP address, browser type and version, information about your operating system, and information about the device you use to access a Faith Fitness Site, such as device identification number and device type (“technical information”); and/or
- usage information, such as “clickstream” information and other information about how you use a Faith Fitness Site (“usage information”).
Please see section 3 (Choices) below for information about how to manage your cookie preferences.
Use and disclosure
We may use and disclose personal information to:
- process and respond to your inquiries and requests;
- register you for events or other activities;
- send you publications;
- enter into or perform a contract or agreement we may have with you;
- administer and protect our business and the Faith Fitness Sites, including to operate, maintain and provide the features and functionality of the Faith Fitness Sites, including for data analysis, system maintenance, and market research;
- conduct research and analysis;
- assess and improve the effectiveness of the Faith Fitness Sites and our services, publications, events, marketing, and client relationships;
- comply with any court order, law, or legal process, including to respond to any government or regulatory request, to prevent, detect, mitigate and investigate fraud, security breaches or other potentially prohibited or illegal activities, and to otherwise protect the Faith Fitness Sites and our employees, users or operations;
- evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Faith Fitness’ assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Faith Fitness about our Faith Fitness Site users is among the assets transferred;
- for other reasons with your consent; and
- for advertising, marketing, and public relations purposes. You may receive marketing communications from us, for example, if you have requested information or materials from us, registered for or attended a Faith Fitness hosted or sponsored event or program, or subscribed to receive publications or other communications from us. Please see below for examples of parties with whom we may share your personal information and section 3 (Choices) to learn more about your choices with respect to receiving marketing communications from us.
We may disclose the personal information we collect or you provide as described in this Policy:
- for internal purposes, such as for internal administration and to provide you with certain services and offerings;
- to our service providers, advisors, and other third parties we use to support our business, including those that provide mailing or email services, fraud prevention, web hosting, or analytic services;
- with other third-party organizations we may collaborate with on various activities or events, such as with other firms or businesses for co-sponsored events or programs;
- to any competent law enforcement body, regulator, government agency, court or other third party where we believe disclosure is necessary to comply with any court order, law, or legal process, including to respond to any government or regulatory request, and/or where we believe it necessary to protect the rights, property, or safety of Faith Fitness, our clients, or others; or
- to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Faith Fitness’ assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Faith Fitness about Faith Fitness Site users is among the assets transferred.
We may also use and share personal information to fulfill any purpose for which you provide it and/or with your consent, and we may use and share non-personal information without restriction.
You can ask us to stop sending you marketing messages and other email publications by following the opt-out or unsubscribe links on any such communication sent to you or by contacting us at firstname.lastname@example.org. Please note that, if you opt out of receiving such messages or publications, we may still send you emails about other services or offerings you have requested or received from us.
Finally, although most modern browsers include a “Do Not Track” feature, like many other websites, Faith Fitness Sites do not currently respond to such Do Not Track signals at this time.
The Faith Fitness Sites may contain links to websites not operated by Faith Fitness. Certain third-party service providers may also provide services on the Faith Fitness Sites. This Policy does not apply to such third-party sites, services, or to information collected by any third party, including through any content that may link to or be accessible from the Faith Fitness Sites. Faith Fitness is not responsible for the privacy practices or the content of such third parties. For privacy information relating to these other third parties, please consult their privacy policies as appropriate.
In certain circumstances, an event, program, or similar activity accessed through a Faith Fitness Site may be hosted or sponsored with another firm or organization. Should you choose to register electronically for any of these events or submit your information to these third parties, Faith Fitness will have no control over the third party’s use of this information, and this Policy will not apply.
Security and retention
We use reasonable security measures designed to protect personal information collected through the Faith Fitness Sites. Unfortunately, the transmission of information via the internet is not completely secure. As such, we cannot guarantee the security of your personal information transmitted to Faith Fitness Sites.
We will only retain your personal information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period if there are valid legal grounds for doing so, for example, in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider many factors, including the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances we will anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Children’s online privacy
Faith Fitness Sites are not intended for children under 13 years of age. No one under age 13 may provide any information to or on a Faith Fitness Site. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on any Faith Fitness Site or on or through any of its features, use any of the interactive or public comment features of any Faith Fitness Site, if any, or provide any information about yourself. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at email@example.com.
Changes to this Policy
We may update this Policy from time to time, so you should review this page periodically. When we change this Policy in a material way, we will update the “Last modified” date at the top of this Policy. Changes to this Policy are effective when they are posted on this page.
Supplemental information for users located in the EEA
The following terms apply to the extent we process personal information of data subjects in the EEA or data that is otherwise subject to the EU General Data Protection Regulation (2016/679) (“GDPR”) and laws and regulations implementing or supplementing the GDPR (“EU Data Protection Law”). The following terms explain how we collect and process data subjects’ personal information as a data controller. We process such personal information in accordance with EU Data Protection Law, to the extent applicable.
Legal basis for processing personal information
The table below provides more information about the legal bases that Faith Fitness relies on to process the personal information of data subjects located in the EEA.
|Where it is necessary to perform a contract we are about to enter into or have entered into with you||For example, to register you for events or other activities; and to enter into or perform any other contract or agreement we may have with you|
|Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests||For example, to send you publications, such as newsletters and other materials; to ensure compliance with and to update you about our policies and terms; to process and respond to your inquiries and requests; to administer and protect our business and the Faith Fitness Sites, including to operate, maintain and provide the features and functionality of the Faith Fitness Sites, including for data analysis, system maintenance, and market research; to conduct research and analysis; to assess and improve the effectiveness of the Faith Fitness Sites and our services, publications, events, marketing, and client relationships; to manage our alumni portal and network; to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Faith Fitness’ assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Faith Fitness about our Faith Fitness Site users is among the assets transferred; for advertising, marketing, and public relations purposes; and for any other legitimate purpose communicated to you at the time of collection of your personal information|
|Where we need to comply with a legal obligation||For example, to comply with any court order, law, or legal process, including to respond to any government or regulatory request, to prevent, detect, mitigate and investigate fraud, security breaches or other potentially prohibited or illegal activities, and to otherwise protect the Faith Fitness Sites and our employees, users or operations|
|Where you provide your consent||For example, to process and respond to your inquiries and requests; to the extent applicable laws in certain jurisdictions require your consent for advertising, marketing and public relations purposes; and where you otherwise provide us with your valid consent|
Note that we may process your personal information for more than one legal basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal basis we rely on to process your personal information.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent where required or permitted by law.
Your rights under EU Data Protection Law
Under certain circumstances, you may have certain rights under EU Data Protection Law in relation to your personal information, including to:
- Request access to your personal information, which enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you, which enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal information, which enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal information where we are relying on our legitimate interests (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts your fundamental rights and freedoms. You also have the right to object if we process your personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal information, which enables you to ask us to suspend the processing of your personal information in the following scenarios: (i) if you want us to establish the data’s accuracy; (ii) where our use of the data is unlawful but you do not want us to erase it; (iii) where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal information to you or to a third party. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal information. If you withdraw your consent, we may not be able to provide certain services or offerings to you.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month; however, it may take us longer than a month if your request is particularly complex or you have made a number of requests, in which case we will notify you and keep you updated.
We hope that we can resolve any query or concern you raise about our use of your information. EU Data Protection Law also gives you the right to lodge a complaint with a supervisory authority, in particular in the EEA state where you normally live or where any alleged infringement of data protection laws occurred.
Supplemental privacy notice for California residents
This section 8.2 supplements the information contained in sections 1 through 7 of the Policy and applies solely to users who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018, as amended (Cal. Civ. Code §§ 1798.100 to 1798.199), and any related regulations issued by the California Attorney General (“CCPA”), and any terms defined in the CCPA will have the same meaning when used in this section 8.2.
The CCPA requires that we describe our collection and disclosure of consumers’ personal information by reference to certain statutorily enumerated categories set forth in the statute. Please see Appendix A for more information about these categories.
Supplemental information about collection, use, and disclosure
In the past 12 months, we have collected, used, and disclosed the following categories of personal information:
|Category of personal information||Category by source||Business or commercial purpose(s) for collection||Categories of third parties with whom we share|
|Identifiers||Directly from you; third-party organizations we collaborate with on certain events and activities||Security detection/fraud, illegal activity protection; performing services (e.g. managing our relationship, marketing and advertising, communications, personalization); internal research||Service providers; third-party organizations we collaborate with on certain events and activities|
|Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))||Directly from you; third-party organizations we collaborate with on certain events and activities||Security detection/fraud, illegal activity protection; performing services (e.g. managing our relationship, marketing and advertising, communications, personalization); internal research||Service providers; third-party organizations we collaborate with on certain events and activities|
|Commercial information||Directly from you; third-party organizations we collaborate with on certain events and activities; service providers||Performing services (e.g. managing our relationship, marketing and advertising, communications); internal research||Service providers; third-party organizations we collaborate with on certain events and activities|
|Internet or other similar network activity||Directly or indirectly from you; service providers||Security detection/fraud, illegal activity protection; performing services (e.g. managing our relationship, marketing and advertising, personalization); internal research and analytics||Service providers|
Faith Fitness will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
In the preceding 12 months, Faith Fitness has not sold personal information of consumers.
Consumer rights under California law
Under certain circumstances, you may have certain rights under California law in relation to your personal information, including:
- Access request rights. Under the CCPA, you may have the right to request that Faith Fitness disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you: (i) the categories of personal information we collected about you; (ii) the categories of sources for the personal information we collected about you; (iii) our business or commercial purpose for collecting or selling that personal information (where applicable); (iv) the categories of third parties with whom we share that personal information; (v) the specific pieces of personal information we collected about you; and (vi) if we sold or disclosed your personal information for a business purpose, two separate lists disclosing: (a) sales, identifying the personal information categories that each category of recipient purchased; and (b) disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- Deletion request rights. Under the CCPA, you may have the right to request that Faith Fitness delete personal information that we have collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies, in which case we will notify you and identify that exception.
- Non-discrimination. We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA we will not: (i) deny you goods or services; (ii) charge you different prices or rates for goods or services; (iii) provide you a different level or quality of goods or services; or (iv) suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
- Opt-out of sale request rights. The CCPA provides a right to opt-out of the sale of personal information, as that term is defined in the statute. However, we do not sell California consumer personal information for monetary or other valuable consideration. For clarity, we also do not sell the personal information of consumers we know are less than 16 years of age.
- California’s “Shine the Light” law. Under California’s “Shine the Light” law (Civil Code Section § 1798.83), Faith Fitness Site users that are California residents may request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes; however, we do not disclose personal information to third parties for their direct marketing purposes.
To exercise the access and deletion rights described above, please submit a verifiable consumer request to us by emailing us at firstname.lastname@example.org.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must: (i) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (which may be up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Questions, comments and requests regarding this Policy and our privacy practices are welcomed and should be addressed to email@example.com.
CCPA PERSONAL INFORMATION CATEGORIES
|Identifiers||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.|
|Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.Some personal information included in this category may overlap with other categories.|
|Commercial information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.|
|Internet or other similar network activity||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.|