Privacy Statement (US)

This privacy statement was last changed on May 9, 2024, last checked on May 9, 2024, and applies to citizens and legal permanent residents of the United States.

In this privacy statement, we explain what we do with the data we obtain about you via https://nonprofitwa.org. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose and categories of data

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

2. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

3. How we respond to Do Not Track signals & Global Privacy Control

Our website does not respond to and does not support the Do Not Track (DNT) header request field.

4. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Opt-out preferences webpage. 

We have concluded a data processing agreement with Google.

5. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

6. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

7. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

8. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below. You have the following rights:

8.1 You have the following rights with respect to your personal data

  1. You may submit a request for access to the data we process about you.
  2. You may object to the processing.
  3. You may request an overview, in a commonly used format, of the data we process about you.
  4. You may request correction or deletion of the data if it is incorrect or not or no longer relevant, or to ask to restrict the processing of the data.

8.2 Supplements

This section, which supplements the rest of this Privacy Statement, applies to citizens and legal permanent residents of California (CPRA)

9. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

10. Contact details

Nonprofit Association of Washington
1265 S Main Street #206
Seattle, WA 98144
United States
Website: https://nonprofitwa.org
Email: info@nonprofitwa.org

Phone number: (855) 299-2922

Annex

EWWW Image Optimizer

By default, the EWWW Image Optimizer does not store any personal data nor share it with anyone.

If you accept user-submitted images and use the API or Easy IO, those images may be transmitted to third-party servers in foreign countries. If Backup Originals is enabled, images are stored for 30 days. Otherwise, no images are stored on the API for longer than 30 minutes. Suggested API Text: User-submitted images may be transmitted to image compression servers in the United States and stored there for up to 30 days. Suggested Easy IO Text: User-submitted images that are displayed on this site will be transmitted and stored on a global network of third-party servers (a CDN).

WooCommerce

This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:
  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of cart contents while you’re browsing our site.

Note: you may want to further detail your cookie policy, and link to that section from here.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders. We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses. We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.

We share information with third parties who help us provide our orders and store services to you; for example —

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the PayPal Privacy Policy for more details.

LearnDash LMS

This sample language includes the basics around what personal data your LMS may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your site will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy. We collect information about you during the course purchase process (PayPal, Stripe, and/or 2Checkout), as well as information relating to your course progression and quiz performance.

What we collect and store

When you purchase from us, we’ll ask you to provide email address. We’ll use this information for purposes, such as, to: –Send you information about your account and order –Create your account for our LMS If you register a free account then we will store your email address. We store information about you for as long as your account exists. We store course progress, including completion status, quiz scores, assignments and/or essay submissions (if applicable). We will also store comments on courses, lessons, topics, assignments, and essays if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Group Leaders can access: –Order information such as your enrolled courses, course progress and username / email address. Any additional information added in your WordPress User Profile can also be visible to the administrator(s).

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics/reporting tools, marketing services (such as email services like MailChimp), payment gateways, gamification programs, and third party embeds. We share information with third parties who help us provide our orders and store services to you; for example – [insert third party platforms and short description of their purpose]

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal below as an example, but you should remove any of these if they are not in use on your site. We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the PayPal Privacy Policy for more details.

Complianz | The Privacy Suite for WordPress

This website uses the Privacy Suite for WordPress by Complianz to collect and record Browser and Device-based Consent. For this functionality, your IP address is anonymized and stored in our database. This service does not process any personally identifiable information and does not share any data with the service provider. For more information, see the Complianz Privacy Statement.

Hustle

Which modules collect personal data?

If you use Hustle to create and embed any Pop-up, Embed, Slide-in, or Social share module, you may need to mention it here to properly distinguish it from other plugins.

What personal data do we collect and why?

By default, Hustle captures the IP Address for each conversion and for each view only if the “tracking” functionality is enabled. Other personal data such as your name and email address may also be captured, depending on the form fields.

Note: In this section you should include any personal data you collected and which form captures personal data to give users more relevant information. You should also include an explanation of why this data is needed. The explanation must note either the legal basis for your data collection and retention of the active consent the user has given.

Suggested text: When visitors or users submit a form or view a module, we capture the IP Address for analyisis purposes. We also capture the email address and might capture other personal data included in the form fields.

How long we retain your data

By default Hustle retains all form submissions and tracking data forever. You can delete the stored data in Hustle » Settings » Privacy Settings, and under each module’s settings.

Suggested text: When visitors or users submit a form or view a module we retain the data for 30 days.

Where we send your data

Suggested text: All collected data might be shown publicly and we send it to our workers or contractors to perform necessary actions based on the form submission.

Third Parties

If your forms use either built-in or external third-party services, in this section you should mention any third parties and its privacy policy.

By default Hustle Pro optionally use these third-party integrations:

  • ActiveCampaign. Enabled when you activate and setup ActiveCampaign on Email Collection settings.
  • Aweber. Enabled when you activate and setup Aweber on Email Collection settings.
  • Campaign Monitor. Enabled when you activate and setup Campaign Monitor on Email Collection settings.
  • Constant Contact. Enabled when you activate and setup Constant Contact on Email Collection settings.
  • ConvertKit. Enabled when you activate and setup ConvertKit on Email Collection settings.
  • e-Newsletter. Enabled when you activate and setup e-Newsletter on Email Collection settings.
  • GetResponse. Enabled when you activate and setup GetResponse on Email Collection settings.
  • HubSpot. Enabled when you activate and setup HubSpot on Email Collection settings.
  • iContact. Enabled when you activate and setup iContact on Email Collection settings.
  • Keap. Enabled when you activate and setup Keap on Email Collection settings.
  • Mad Mimi. Enabled when you activate and setup Mad Mimi on Email Collection settings.
  • Mailchimp. Enabled when you activate and setup Mailchimp on Email Collection settings.
  • MailerLite. Enabled when you activate and setup MailerLite on Email Collection settings.
  • Mautic. Enabled when you activate and setup Mautic on Email Collection settings.
  • reCAPTCHA. Enabled when you activate and setup reCAPTCHA on non-Social sharing modules.
  • Pinterest. Enabled when you activate and setup Pinterest in Social Share Module.
  • SendGrid. Enabled when you activated and setup SendGrid on Email Collection settings.
  • Brevo. Enabled when you activated and setup Brevo on Email Collection settings.
  • Sendy. Enabled when you activated and setup Sendy on Email Collection settings.
  • Zapier. Enabled when you activated and setup Zapier on Email Collection settings.
Suggested text: We use ActiveCampaign to manage our subscriber lists. Their privacy policy can be found here : https://www.activecampaign.com/privacy-policy/. We use Aweber to manage our subscriber lists. Their privacy policy can be found here : https://www.aweber.com/privacy.htm. We use Campaign Monitor to manage our subscriber lists. Their privacy policy can be found here : https://www.campaignmonitor.com/policies/#privacy-policy. We use Constant Contact to manage our subscriber lists. Their privacy policy can be found here : https://www.endurance.com/privacy. We use ConvertKit to manage our subscriber lists. Their privacy policy can be found here : https://convertkit.com/privacy/. We use GetResponse to manage our subscriber lists. Their privacy policy can be found here : https://www.getresponse.com/legal/privacy.html?lang=en. We use HubSpot to manage our subscriber lists. Their privacy policy can be found here : https://legal.hubspot.com/legal-stuff. We use iContact to manage our subscriber lists. Their privacy policy can be found here : https://www.icontact.com/legal/privacy. We use Keap to manage our subscriber lists. Their privacy policy can be found here : https://keap.com/legal/privacy-policy. We use Mad Mimi to manage our subscriber lists. Their privacy policy can be found here : https://madmimi.com/legal/terms. We use Mailchimp to manage our subscriber lists. Their privacy policy can be found here : https://mailchimp.com/legal/privacy/. We use MailerLite to manage our subscriber lists. Their privacy policy can be found here : https://www.mailerlite.com/privacy-policy. We use Mautic to manage our subscriber lists. Their privacy policy can be found here : https://www.mautic.org/privacy-policy/. We use SendGrid to manage our subscriber lists. Their privacy policy can be found here : https://sendgrid.com/policies/privacy/. We use Brevo to manage our subscriber lists. Their privacy policy can be found here : https://www.brevo.com/legal/privacypolicy/. We use Sendy to manage our subscriber lists. Their privacy policy can be found here : https://sendy.co/privacy-policy. We use e-Newsletter to manage our subscriber. You can learn more about it here https://wpmudev.com/project/e-newsletter/. We use Pinterest to share media. Their privacy policy can be found here : https://policy.pinterest.com/privacy-policy/. We use reCAPTCHA to protect your website from fraud and abuse. Their privacy policy can be found here : https://policies.google.com/privacy. We use Zapier to manage our integration data. Their privacy policy can be found here : https://zapier.com/privacy/.

Cookies

By default Hustle uses cookies to count how many times each module is visualized. Cookies might be used to handle other features such as display settings, used when a module should not be displayed for a certain time, whether the user commented before, whether the user has subscribed, among others, if their related settings are enabled.

Event Tickets

Hello,

This information serves as a guide on what sections need to be modified due to usage of Event Tickets and its Add-ons.

You should include the information below in the correct sections of you privacy policy.

Disclaimer: This information is only for guidance and not to be considered as legal advice.

What personal data we collect and why we collect it

Event, Attendee, and Ticket Purchaser Information

Through the usage of Event Tickets, Event Tickets Plus, and Community Tickets, information may be collected and stored within your website’s database.

Suggested text:

If you create, submit, import, save, or publish event ticket information, as well as obtain RSVPs or purchase tickets to events, such information is retained in the local database:
  1. Attendees information (RSVPs and Tickets): name and email address
  2. Ticket information (RSVPs and Tickets): name, email address, and ticket number/SKU (via check-in page)
  3. Ticket purchaser information: name and email address
  4. Ticket purchaser billing address, which is collected through the use of WooCommerce, Easy Digital Downloads, or PayPal
Please note: The website owner can collect nearly any Attendee Information requested from ticket buyers by creating a custom registration form.

API Keys

Event Tickets suite offers the use of third-party API keys. The primary functions are to enhance the features we’ve built in, some of which use Google Maps and PayPal. These API keys are not supplied by Modern Tribe.

Suggested text:

We make use of certain API keys, in order to provide specific features. These API keys may include the following third party services: Google Maps and PayPal.

How Long You Retain this Data

All information (data) is retained in the local database indefinitely, unless otherwise deleted.

Certain data may be exported or removed upon users request via the existing Exporter or Eraser. Please note, however, that several “edge cases” exist in which we are unable to perfect the gathering and export of all data for your end users. We suggest running a search in your local database, as well as within the WordPress Dashboard, in order to identify all data collected and stored for your specific user requests.

Where We Send Your Data

Modern Tribe does not send any user data outside of your website by default.

If you have extended our plugin(s) to send data to a third-party service such as Eventbrite, Google Maps, or PayPal, user information may be passed to these external services. These services may be located abroad.

The Events Calendar

Hello,

This information serves as a guide on what sections need to be modified due to usage of The Events Calendar and its Add-ons.

You should include the information below in the correct sections of you privacy policy.

Disclaimer: This information is only for guidance and not to be considered as legal advice.

What personal data we collect and why we collect it

Event, Venue, and Organizer Information

Through the usage of The Events Calendar, Events Calendar PRO, The Events Calendar Filter Bar, Eventbrite Tickets, and Community Events plugins, as well as our Event Aggregator Import service (contained within The Events Calendar plugin), information may be collected and stored within your website’s database.

Suggested text:

If you create, submit, import, save, or publish Event, Venue, or Organizer information, such information is retained in the local database:
  1. Venue information: name, address, city, country, state, postal code, phone, website, geographical coordinates (latitude and longitude)
  2. Organizer information: name, phone, website, email
  3. Event information: website, cost, description, date, time, image

Importing Events, Venues, and Organizers:

  1. All data present within a CSV or ICS file and external URLs (for events, venues, organizers, and tickets)
  2. Import origin data (URL from where events are being imported—such as Eventbrite, MeetUp, other compatible URL sources, and more, which can include similar or same data as listed above)
  3. Eventbrite Ticket information: name, description, cost, type, quantity
Please note that to create new events through the Community Events submission form, a user must hold a website account on this domain. This information is retained in the local database. It is also possible to create events anonymously, if the site owner has this option enabled. When purchasing Eventbrite Tickets, attendee, purchaser, and order information are stored and managed by Eventbrite.

API Keys

The Events Calendar suite offers the use of third-party API keys. The primary functions are to enhance the features we’ve built in, some of which use Google Maps, PayPal, Eventbrite, and Meetup. These API keys are not supplied by The Events Calendar.

Suggested text:

We make use of certain APIs, in order to provide specific features. These APIs may include the following third party services: Google Maps (API key), Meetup (OAuth token), PayPal (email, Client ID, Client Secret), Eventbrite (API key, auth URL, Client Secret), and Zoom (email, Client ID, Client Secret).

How Long You Retain this Data

All information (data) is retained in the local database indefinitely, unless otherwise deleted.

Certain data may be exported or removed upon users’ requests via the existing Exporter or Eraser. Please note, however, that several “edge cases” exist in which we are unable to perfect the gathering and export of all data for your end users. We suggest running a search in your local database, as well as within the WordPress Dashboard, in order to identify all data collected and stored for your specific user requests.

Where We Send Your Data

The Events Calendar does not send any user data outside of your website by default.

If you have extended our plugin(s) to send data to a third-party service such as Eventbrite, Google Maps, or PayPal, user information may be passed to these external services. These services may be located abroad.