We have created this statement to demonstrate our firm commitment to your privacy. We do not collect personally identifying information about you when you visit our site, unless you choose to provide such information to us. Providing such information is strictly voluntary. This policy is your guide to how we will handle information we learn about you from your visit to our website. Except as might be required by law, we do not sell or share any personal information such as first and last name, mailing address or email address we receive with any outside parties.
Online Profile Updates, Donations, Events, and Emails
At Liberty Hill Foundation, safety and confidentiality are core values.
When you make a gift to Liberty Hill Foundation through links on our website, by mail, over the phone with our representatives, at an event, or in person, you can be confident that your personal information, including email addresses and phone numbers, will remain private. We will only share your personal information if you have given us specific permission to do so, except as might be required by law. We will not sell, trade or share your contact details with outside organizations or individuals.
Similarly, we will not send you charitable solicitations on the behalf of outside entities. If any donations are processed by means of a third-party service provider for initiatives benefiting Liberty Hill Foundation, we will only engage with providers that affirm not to share your contact information with other nonprofit organizations, marketers, or other third parties. To the extent that any donations are stored by means of a third-party service provider, we will only authorize the provider to use or access your information for purposes necessary to process the donation and manage your donor record. We may also verify your personal information with third parties in the course of processing a gift, event registration or other related donor activity.
You cannot remove yourself from our database, but you can restrict certain types of communication. You may voluntarily remove your name and/or contact information from our internal marketing and communication lists (i.e., "opt out") by unsubscribing from any email or by contacting us in writing at email@example.com. Likewise, you may ask Liberty Hill to remove your photograph or quotes attributed to you from our marketing materials. You may choose to have gifts listed in public as "anonymous" by contacting us in writing at firstname.lastname@example.org. You must request removal if you do not want your name to potentially appear in public as a supporter. Please note that Liberty Hill reserves the right to contact you after you have removed yourself from marketing and communications lists, or regarding such anonymous gifts.
Your digital contact information is protected by industry standard security measures. Specifically, Every Action, our online payment processor, is secured with TSL 1.2 encryption (previously known as SSL) for HTTP data transfers. Contribution web forms transmit user entered cardholder data via TLS 1.2 to a merchant gateway for processing. Every Action stores as little sensitive data as is practical, such as tokenized credit cards locked to gateways rather than actual credit card numbers.
The standard algorithm is SHA256withRSA. Direct Connect, our credit card processor, is in compliance to protect and secure credit cards and credit card transactions through all of their processes. Liberty Hill has Direct Connect's PCI compliance report on file and available by request. Liberty Hill does not store any personal contact or credit card information in physical form. Any pledges made using physical donation solicitations are destroyed within 30 days of gift processing. Donor information stored on Liberty Hill issued computers for routine business practices, or stored on our network servers for archival purposes is also protected by a third-party technology service against a variety of threats, with strict antivirus, anti-malware, password validation, local and cloud backup, and disaster recovery protocols. The network is also PCI compliant, protected by Webroot Real Time Threat Protection, and scanned for threats in real time to ensure data integrity. Windows updates and security patches are tested and installed as recommended by IT best practices.