PRIVACY POLICY

Who We Are

Messiah Lutheran Church (“Messiah,” “we,” “us,” or “our”) is a non-profit, Lutheran church located in Lakeville, Minnesota. Our website serves many purposes including (1) communicating our values, mission, culture, and community involvement; (2) communicating details related to events and opportunities at Messiah; (3) providing electronic methods for contacting us, planning in-person visits, and joining mailing lists; and (4) securely receiving online donations and registrations.

We provide this Privacy Policy to let you know our policies and procedures regarding the collection, use, and disclosure of information through www.messiahonline.org (the “website”), and any other websites, features, applications, widgets, or online services that are owned or controlled by us and that post a link to this Privacy Policy (together with the website), as well as any information we collect outside of our website. It also describes the choices available to you regarding the use of, your access to, and how to update and correct your personal information. Note that we combine the information we collect from you from the website, through our website generally, or offline.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact us at info@messiahonline.org.

By accessing or using our website, you consent to the information collection, disclosure, and use practices described in this Privacy Policy. Please note that certain features or services referenced in this Privacy Policy may not be offered on our website at all times. Please also review our Terms of Service, which governs your use of our website, and which is accessible at https://messiahonline.org/terms-of-use-2/.

We’ve provided short summaries in this Privacy Policy to help you understand what information we collect, how we use it, and what choices you have. While these summaries help explain some of the concepts in a simple and clear way, we encourage you to read the entire Privacy Policy to understand our data practices.

1. INFORMATION COLLECTION

Users of our website may be visitors, members, volunteers, or donors.

Information You Provide to Us

When you use our website, you may provide us with information about you. This may include your name and contact information, financial information to make or receive payment for services or donations obtained through our website. When you visit our website, we may also collect information related to your use of our website and aggregate this with information about other users. This helps us improve your experience. You may also provide us with information about your contacts or friends if, for example, you’d like to add those contacts to Realm Connect.

• Personal Information: In the course of using our website, we may require or otherwise collect information that identifies you as a specific individual and can be used to contact or identify you (“Personal Information”). Examples of Personal Information include your name, email address, home address, billing address, and phone number.
• Payment Information: If you use our website to make or receive payments, we will also collect certain payment information, such as credit card, PayPal or other financial account information, and billing address.
• Identity Verification: We may collect Personal Information, such as your date of birth to validate your identity or as may be required by law.
• General Audience Service: Our website is general audience and intended for users 18 and older. We do not knowingly collect Personal Information from anyone younger than age 18. If we become aware that a child younger than 18 has provided us with Personal Information, we will use commercially reasonable efforts to delete such information from our files. If you are the parent or legal guardian of a child younger than age 18 and believe that we have collected Personal Information from your child, please contact us at info@messiahonline.org.
• Non-Identifying Information/Usernames: We also may collect other information, such as zip codes, demographic data, information regarding your use of our website, and general project-related data (“Non-Identifying Information”). We may aggregate information collected from our registered and non-registered users (“Messiah Users”). We consider usernames to be Non-Identifying Information. Usernames are made public through our website and are viewable by other Messiah Users.

In some cases, we may render Personal Information (generally, email address) into a form of Non-Identifying Information referred to in this Privacy Policy as “Hashed Information.” This is typically accomplished using a mathematical process (commonly known as a hash function) to convert information into a code. The code does not identify you directly, but it may be used to connect your activity and interests.

• Combination of Personal and Non-Identifying Information: Certain Non-Identifying Information would be considered a part of your Personal Information if it were combined with other identifiers in a way that enables you to be identified (for example, combining information with your name). But the same pieces of information are considered Non-Identifying Information when they are taken alone or combined only with other non-identifying information (for example, your viewing preferences). We may combine your Personal Information with Non-Identifying Information, but we will treat the combined information as Personal Information.
• Collection of the Third Party Personal Information: We collect the following personal information from you about your contacts or friends first, last name and email address when you provide it to us for the purpose of adding your contacts to a chat room.

Information Received from Third Parties

Third parties may also give us information about you. If we combine that information with information about you collected through our website, we will still treat that combined information as set forth in this Privacy Policy.

We may also receive information about you from third parties. For example, we may supplement the information we collect with outside records or third parties may provide information in connection with our activities or at your request (such as if you choose to sign in with a third-party service). If we combine the information we receive from others with information we collect through our website, we will treat the combined information as described in this Privacy Policy.

Here is a list of the third parties we may receive information from, along with links to their Privacy Policies:

• SoundCloud: https://soundcloud.com/pages/privacy
• ACS Technologies’ Realm: https://www.acstechnologies.com/company/privacy-policy
• Google: https://policies.google.com/privacy
• Facebook: https://www.facebook.com/full_data_use_policy
• RightNow Media: https://www.rightnowmedia.org/privacypolicy
• Vimeo: https://vimeo.com/privacy

Information Collected from Users Automatically

Like other online companies, we receive technical information when you use our Services. We use these technologies to analyze how people use our website, to improve how our website functions, to save your log-in information for future sessions, and to serve you better.

We and our third party service providers, including analytics and third party content providers, may automatically collect certain information from you whenever you access or interact with our website. This information may include, among other information, the browser and operating system you are using, the URL or advertisement that referred you to our website, the search terms you entered into a search engine that led you to our website, areas within our website that you visited, and other information commonly shared when browsers communicate with websites. We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, to improve marketing, analytics, and site functionality.

The information we collect also includes the Internet Protocol (“IP”) address or other unique device identifier (“Device Identifier”) for any device (computer, mobile phone, tablet, etc.) used to access our website. A Device Identifier is a number that is automatically assigned or connected to the device you use to access our website, and our servers identify your device by its Device Identifier. Some mobile service providers may also provide us or our third party service providers with information regarding the physical location of the device used to access our website.

Messiah and its partners use cookies or similar techniques to analyze trends, administer the website, track users’ movement around the website, and to gather demographic information about our user base as a whole. The technology used to collect information automatically from Messiah Users may include the following:

• Cookies: Like many websites, we and our marketing partners, affiliates, analytics, and service providers use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use both persistent cookies that remain on your computer or similar device (such as to save your registration ID and login password for future logins to our website and to track your compliance with the Messiah Terms of Service) and session ID cookies, which expire at the end of your browser session (for example, to enable certain features of our website, to better understand how Messiah Users interact with our website, and to monitor aggregate usage by Messiah Users and web traffic routing on our website). You can control the use of cookies at the individual browser level, but if you choose to disable cookies it may limit your use of certain features or functionality of our website.
• Web Beacons: We and our marketing partners, affiliates, analytics, and service providers may also employ software technology known as “web beacons” and/or “tracking tags” to help us keep track of what content on our Service is effective and to serve relevant advertising to you. Web beacons are small graphics with a unique identifier that may be invisible to you, and which are used to track the online activity of Internet users. Web beacons are embedded in the web pages you review or email messages you receive. Web beacons or similar technologies may be used for a number of purposes including, without limitation, to count visitors to our Service, to monitor how Messiah Users navigate our website, to count how many emails that were sent were actually opened, or to count how many particular articles or links were actually viewed.
• Embedded Scripts: We and our marketing partners, affiliates, analytics, and service providers may also employ software technology known as an Embedded Script. An Embedded Script is programming code that is designed to collect information about your interactions with our website, such as the links you click on. The code is temporarily downloaded onto your computer or other device and is deactivated or deleted when you disconnect from our website.

In addition, we and our marketing partners, affiliates, analytics, and service providers may use a variety of other technologies (such as tags) that collect similar information for security and fraud detection purposes and we may use third parties to perform these services on our behalf.

HOW WE RESPOND TO DO NOT TRACK SIGNALS

Messiah does not respond to Do-Not-Track signals.

Please note that your browser setting may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. There is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, Messiah does not alter its practices when it receives a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Feedback

We collect feedback from Messiah Users about their experience with other Messiah Users of our website. Please note that any feedback you provide via our website or feedback provided about you is publicly viewable via our website. On very rare occasions, we may remove feedback pursuant to the relevant provisions of our Terms of Service, including the Terms of Use.

2. USE AND RETENTION OF INFORMATION

We use information collected through our website to provide and improve our website, process your requests, prevent fraud, provide you with information that may interest you, comply with the law, and as otherwise permitted with your consent.

WE USE INFORMATION WE COLLECT:

• To provide and improve our website, complete your transactions, and address your inquiries, process your registration, verify the information you provide is valid, and for compliance and internal business purposes;
• To contact you with communications and our bulletins. If you decide at any time that you no longer wish to receive such communications from us, please follow the instructions in the section below;
• To tailor content we display to you and offers we may present to you, both on our website and elsewhere online;
• To administer and develop our relationship with you and, if applicable, the corporation or other legal entity you represent;
• To enforce and comply with the law, including to conduct an investigation, to protect the property and rights of Messiah or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical, or legally actionable activity. We may also use Device Identifiers to identify Messiah Users; and
• For the purposes disclosed at the time you provide your information, with your consent, and as further described in this Privacy Policy.

UNLESS YOU REQUEST THAT WE DELETE CERTAIN INFORMATION, WE RETAIN THE INFORMATION WE COLLECT FOR AT LEAST 5 YEARS AND MAY RETAIN THE INFORMATION FOR AS LONG AS NEEDED FOR OUR BUSINESS AND LEGAL PURPOSES.

3. INFORMATION SHARING AND DISCLOSURE

We may share information about you that you provide our website, for legal and investigative purposes, or if we are part of a merger or acquisition. We may also share non-identifying information with third parties. You have choices as to whether we share your personal information with third parties.

We may share aggregated Non-Identifying Information and we may otherwise disclose Non-Identifying Information (including, without limitation, Hashed Information) to third parties. We do not share your Personal Information with third parties for those third parties’ marketing purposes unless we first provide you with the opportunity to opt-in to or to opt-out of such sharing. We may also share the information we have collected about you, including Personal Information, as disclosed at the time you provide your information, with your consent, as otherwise described in this Privacy Policy, or in the following circumstances:

• What Happens If You Agree to Receive Information from Third Parties or Request That We Share Your Information: You may be presented with an opportunity to receive information from one or more third parties. If you agree at that time to have your Personal Information shared, your Personal Information will be disclosed to that third party (or parties) and will be subject to the privacy policy and practices of that third party. We are not responsible for the privacy policy and practices of third parties, and, if you later decide that you no longer want to receive communications from a third party, you will need to contact that third party directly. You also may request, sometimes through your use of an SNS or similar interactive feature or third party application, that we share information about you with a third party and we will typically do so under those circumstances.
• Legal and Investigative Purposes: Messiah will share information with government agencies as required by law in response to lawful requests by public authorities, including to meet national security or law enforcement requirements and, including without limitation, in connection with reporting earnings. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), at the request of governmental authorities or other third parties conducting an investigation, to protect the property and rights of Messiah or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical, or legally actionable activity. We may also use Device Identifiers to identify Messiah Users, and may do so in cooperation with third parties at our discretion.
• Internal and Business Transfers: Messiah may share information, including Personal Information, primarily for internal operational purposes. We will not sell, transfer, or otherwise share your Personal Information.
• Sweepstakes, Contests, and Promotions: We may offer sweepstakes, contests, and other promotions (any, a “Promotion”) that may require registration. By participating in a Promotion, you are agreeing to the official rules that govern that Promotion, which may contain specific requirements of you, including, except where prohibited by law, allowing the sponsor(s) of the Promotion to use your name, voice, likeness, or other indicia of persons in advertising or marketing associated with the Promotion. If you choose to enter a Promotion, your Personal Information may be disclosed to third parties or the public in connection with the administration of such Promotion, including, without limitation, in connection with winner selection, prize fulfillment, and as required by law or permitted by the Promotion’s official rules, such as on a winner’s list.

4. SECURITY

We take a number of steps to protect your data, but no security is guaranteed.

Messiah takes commercially reasonable steps to help protect and secure the information it collects and stores about Messiah Users. All access to the Site is encrypted using industry-standard transport layer security technology (TLS). When you enter sensitive information, we encrypt the transmission of that information using secure socket layer technology (SSL). We also use HTTPS strict transport security to add an additional layer of protection for our Messiah Users. But remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. Thus, while we strive to protect your personal data, we cannot ensure and do not warrant the security of any information you transmit to us.

5. INTERNATIONAL TRANSFER OF PERSONAL INFORMATION

Because we are a United States church, we process and store your information in the United States.

Messiah is a United States Church. If you are located outside the United States and choose to provide information to us, Messiah transfers Personal Information to the United States for processing. The U.S. may not have the same data protection laws as the country in which you initially provided the information. When we transfer your information to the U.S., we will protect it as described in this Privacy Policy. By visiting our website or providing us with any information, you fully understand and unambiguously consent to this transfer, processing, and storage of your information in the United States.

Messiah protects personally identifiable information from residents of the European Union, other European Economic Area countries, and Switzerland in accordance with applicable law (including, as applicable, reliance upon your consent and EU-approved standard contract clauses).

6. LINKS TO OTHER SITES

Our website contains links to other websites. If you choose to click on a third party link, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization, or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data, or solicit Personal Information from you. We encourage you to read the privacy policies or statements of the other websites you visit.

7. PHISHING

Phishing websites imitate legitimate websites in order to obtain personal or financial information. Identity theft and the practice currently known as “phishing” are of great concern to Messiah. For more information about phishing, visit the website of the Federal Trade Commission at http://www.consumer.ftc.gov/articles/0003-phishing. In addition, if you believe you have received an email or had a similar interaction with a third party pretending to be Messiah, please report it at info@messiahonline.org.

8. CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS

We allow you to choose whether we share your personal information with third parties for their own marketing purposes.

Pursuant to California Civil Code Section 1798.83, California residents who provide us with personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us, one time per calendar year, information about the customer information we shared, if any, with other businesses for their own direct marketing uses. Alternatively, the law provides that a company may comply, as Messiah does, by disclosing in its privacy policy that it provides consumers choice (opt-in or opt-out) regarding sharing Personal Information with third parties for those third parties’ direct marketing purposes, and information on how to exercise that choice. As stated above in this Privacy Policy, Messiah provides you choice prior to sharing your personal information with third parties for their direct marketing purposes. If you do not opt-in or if you choose to opt-out at the time Messiah offers that choice, Messiah does not share your information with that identified third party for its direct marketing purposes.

If you are a California resident and you have questions about our practices with respect to sharing information with third parties for their direct marketing purposes and your ability to exercise     choice,     please     send     your     request      to      the      following      email address: info@messiahonline.org or write to us at the following mailing address:

Messiah Lutheran Church
16725 Highview Ave.
Lakeville, MN 55044

You must put the statement “Your California Privacy Rights” in the subject field of your email or include it in your writing if you choose to write to us at the designated mailing address. You must include your name, street address, city, state, and ZIP code. We will respond to you at your mailing address or, at our option, your email address. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.

9. CHANGES TO THIS POLICY

We may change this Privacy Policy. If we make material changes, we will provide notice.

We may update this Privacy Policy at any time and any changes will be effective upon posting. In the event that there are material changes to the way we treat your Personal Information, we will display a notice through our websites prior to the change becoming effective. We may also notify you by email, in our discretion. However, we will use your Personal Information in a manner consistent with the Privacy Policy in effect at the time you submitted the information, unless you consent to the new or revised policy.

10. CONTACTING US

If you have any questions about this Privacy Policy, please contact us at:

Email: info@messiahonline.org

Telephone Number: 952-431-5959

Mailing Address:

Messiah Lutheran Church
16725 Highview Ave.
Lakeville, MN 55044