Your privacy is important to The Church of the Nazarene Inc. This Privacy Policy covers what we collect and how we use, disclose, transfer, and store your information.

Identity of The Church of the Nazarene Inc.

If there are any questions regarding this Privacy Policy, you may contact us using the information below.

Pastor Roland Hearn - rol@newstartrivercity.com

What information do we collect?

Most of our services do not require any form of registration, allowing you to visit our website without telling us who you are. However, some services may require you to provide us with personal data. In these situations, if you choose to withhold any personal data requested by us, it may not be possible for you to gain access to certain parts of the website and/or for us to respond to your query.

We may collect data about your use of our website and services ("usage data"). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. The source of the usage data is our cookies tracking system.

We may process information that you submit for publication on our website or through our services ("publication data").

We may process information contained in or relating to any communication that you send to us ("correspondence data"). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms.

What do we use your information for?

Usage data may be processed for the purposes of analyzing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.

Publication data may be processed for the purposes of enabling such publication and administering our website and services. The legal basis for this processing is consent.

The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.

We may process any of your personal data identified in this policy where necessary for the establishment, exercise, or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights, and the legal rights of others.

In addition to the specific purposes for which we may process your personal data, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Financial transactions relating to our website and services are handled by our payment services providers. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments, and dealing with complaints and queries relating to such payments and refunds.

Legal basis

EU General Data Protection Regulation (GDPR)

The processing of your data is either based on your consent, or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract.

If the processing is based on your consent, you may at any time withdraw your consent by contacting us using the contact information given above.

In order to enter into a contract or subscription regarding The Church of the Nazarene Inc., you must provide us with the required personal data. If you do not to provide us with all the required information, it will not be possible to deliver the requested service.

Children’s Online Privacy Protection Act Compliance / GDPR child data protection rights

The Church of the Nazarene Inc. is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our website, products and services are all directed at people who are at least 13 years old or older.

How do we protect your information?

The Church of the Nazarene Inc. implements the following technical, physical, and organizational measures to maintain the safety of your personal data against all unlawful forms of processing, including but not limited to: accidental or unlawful destruction or loss of data; alteration of data; unauthorized use of data; unauthorized modification, disclosure, or access of data.

Integrity

All data transits are encrypted to align with best practices for protecting confidentiality and data integrity.

Confidentiality

All personnel are subject to full confidentiality. Whenever personal data is accessed by authorized personnel, the access is only possible over an encrypted connection. Any device being used to access personal data is login-protected by Active Directory (AD), Microsoft-based identity and access management service, and has The Church of the Nazarene Inc.’s corporate antivirus solution installed. If any personal data is temporarily stored on a device, the storage unit on the device must also be strongly encrypted.

Transparency

The Church of the Nazarene Inc. will at all times keep you informed about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured, and used.

Isolation

All access to personal data is blocked by default, using a “zero privileges” policy. Access to personal data is restricted to individually-authorized personnel. The Church of the Nazarene Inc. issues authorizations and maintains a log of granted authorizations. Authorized personnel are granted a minimum access on a need-to-have basis through our AD.

How we use cookies

We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website and services, we will ask you to consent to our use of cookies when you first visit our website.

Do we disclose any information to outside parties?

The Church of the Nazarene Inc. does not sell, trade, or otherwise transfer to outside parties any personally identifiable information.

This does not include trusted third parties or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to- know basis and will be contractually obligated to keep your information confidential.

We may also release your information when we believe it is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.

Legally required disclosure

The Church of the Nazarene Inc. will not disclose customer data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from The Church of the Nazarene Inc., The Church of the Nazarene Inc. strives to limit the disclosure. The Church of the Nazarene Inc. will only release specific data mandated by the relevant legal demand.

If compelled to disclose your data, The Church of the Nazarene Inc. will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.

Third party links

Occasionally, at our discretion, we may include links to third-party products or services on our website. These third party websites have separate independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these websites.

Personal data location

All data is stored in privately-operated databases and file repositories.

Databases are backed up to enable restoration to any point in time within a retention period. Backups are stored on file storage at the same geographical location as the database.

Installation of software

No installation of software is required to use the Service. The login-protected Nazarene account is accessible through a standard web browser, automatically using an encrypted https connection for all communications between your browser and The Church of the Nazarene Inc. server to protect any data from being intercepted during network transfers.

Access, data portability, migration, and transfer back assistance

You may at any time obtain confirmation from The Church of the Nazarene Inc. as to whether or not personal data concerning you is being processed.

Request for rectification, restriction, or erasure of personal data

Rectification

You may at any time obtain without undue delay rectification of inaccurate personal data concerning you.

Restriction of processing personal data

You may at any time request The Church of the Nazarene Inc. restrict the processing of personal data when one of the following applies:

• If you contest the accuracy of the personal data, for a period enabling The Church of the Nazarene Inc. to verify the accuracy of the personal data;

• If the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or

• If The Church of the Nazarene Inc. no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise, or defense of legal claims.

Erasure

You may without undue delay request the erasure of personal data concerning you, and The Church of the Nazarene Inc. shall erase the personal data without undue delay when one of the following applies:

• If the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;

• If you withdraw your consent on which the processing is based, and where there is no other legal ground for the processing;

• If you object to the processing in case the processing is for direct marketing purposes;

• If the personal data has been unlawfully processed; or

• If the personal data has to be erased for compliance with a legal obligation in the EU or any other national law.

Data retention

Data retention for compliance with legal requirements

You cannot require The Church of the Nazarene Inc. to change any of the default retention periods, except for the reasons for erasure, but may suggest changes for compliance with specific sector laws and regulations.

Cooperation

The Church of the Nazarene Inc. will cooperate with you in order to ensure compliance with applicable data protection provisions, e.g. to enable you to effectively guarantee the exercise of data subjects’ rights (right of access, rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.

Your consent

By using our website, you consent to this Privacy Policy.

Changes to our Privacy Policy

Changes to this Privacy Policy will be posted on this page, and/or the Privacy Policy modification date update below.

This Privacy Policy was last modified on January 15, 2020