Effective as of: April 15, 2022
I. INFORMATION COLLECTION AND USE
Each time you visit the Sites, we collect information about you based on your consent.
A. Personally Identifiable Information
We collect personally identifiable information about you when you visit the Sites. During your interactions with the Sites, when you register with the Sites or make a donation or agree to volunteer, we collect the following types of information:
- your name;
- date of birth;
- postal address;
- email address;
- telephone number;
- credit card information (for online donations);
- your personal connection to type 1 diabetes (T1D);
- your preferences for receiving additional information such as newsletters;
- IP Address;
- internet service provider;
- operating system;
- device type;
- screen size
- location (country, region, state, city);
- language preference;
- webpages visited;
- time spent on the websites;
- clicks; and
- referring websites.
We use this information, upon the following legal bases, to:
- present our Websites and their contents to you;
- validate Site users based on our legitimate interest in sharing information about JDRF and soliciting support;
- facilitate participation in various JDRF services such as fundraising and community forums as offered through the Sites based on our legitimate interest in further the mission of JDRF;
- process any donations that you make through the Sites based on your consent;
- contact you regarding the Sites, our services, or your account based on consent/legitimate interest in promoting the fundraising and research goals of JDRF;
- retain any emails you send us and any response we make in order to handle any follow-up questions you may have, and to measure how effectively we address your concerns based on our legitimate interest in communicating with you regarding inquiry;
- help us enhance and optimize users’ overall Site experience, based on our legitimate interest in providing you with better and more targeted content that you find useful, we also collect information during your Site visits, such as pages most frequently accessed by you, time spent on a page or area of the Sites, mouse movements, non-sensitive text entered, the number of visits to the Sites by you, types of browser used by you, cookie preferences or search terms entered by you. We can tell the type of computer and web service that you are using, as well as its location, and the date, time, and pages that you visit. Examples of information may include your Internet access provider, your computer’s Internet protocol (IP) address, your browser and operating system, the date and time of your visit, and data based on your use of the Sites. JDRF collects and uses this information in order to, among other things, provide you with or assist in the provision of information through the Sites and to maintain the performance of the Sites;
- use in any other way we may describe when you provide the information;
- use for any purpose with your consent.
You may also submit information that personally identifies you or someone you know, including any medical condition or connection to T1D, when you post to any public forum that is offered through the Sites, such as through the online forum (https://forum.jdrf.org), web logs, bulletin boards, or other forums which permit users to interact online. Any information you transmit online in such forums will be made public and JDRF cannot control nor is it responsible for the use any third party may make of such information. You should understand that any information that you submit on any public forum through the Sites is not and cannot be treated as confidential by us. Your participation on these forums and public post boards is voluntary, and you consent to full public disclosure of any personally identifiable information that you submit through such forums. JDRF processes personal information provided in discussion forums based on its legitimate interest in promoting awareness of Type 1 diabetes.
Record Retention and Data Minimization
JDRF retains such personally identifiable information only for as long as is necessary depending on the reason for your submission (which could extend beyond the transaction that you are performing on the Sites), and collects no more personally identifiable information than is reasonably necessary to provide you with the services for which the information is collected.
Disclosure to Third Parties
B. Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Websites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Websites, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Websites.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
The information we collect automatically is only statistical data and does not include personal information. It helps us to improve our Websites and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns;
- Store information about your preferences, allowing us to customize our Websites according to your individual interests;
- Speed up your searches; and
- Recognize you when you return to our Websites.
The technologies we use for this automatic data collection may include:
Web Beacons. Pages of our Websites and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit JDRF, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We make reasonable efforts to protect personally identifiable information received from users of our Sites from unauthorized use of disclosure. We do not allow unauthorized access via the Internet to the portion of our server that contains personally identifiable information. We use standard security protocols and mechanisms to exchange the transmission of sensitive data such as credit card information. When you enter sensitive personal information such as your date of birth and credit card information on our Sites, we encrypt it using secure socket layer (SSL) technology.
B. Additional Safeguards
JDRF maintains reasonable physical, electronic and procedural safeguards such as intrusion prevention, intrusion detection, firewalls, disaster recovery anti-virus, anti-malware, cybersecurity awareness training, penetration testing, vulnerability scans, and mobile device management to protect the confidentiality and security of any personally identifiable information that you disclose to us. We limit access to your personally identifiable information within JDRF and JDRF’s affiliates to those employees who need to know such personally identifiable information to provide information, services and/or products to you. However, due to the nature of the Internet and computer systems, no transmission of data over the Internet is guaranteed to be completely secure, regardless of our best intentions. As such, JDRF cannot ensure or warrant the security of any personally identifiable information you transmit to us.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
III. EXTERNAL LINKS OR REFERENCES
IV. CHILDREN’S DATA/CHILDREN’S ONLINE PRIVACY PROTECTION ACT (COPPA)
V. COMMUNICATIONS FROM JDRF
We send all new members a series of three (3) welcome emails. From time to time, we will also send email notification, mail or call you to provide you with information concerning updates or enhancements to our services, account issues, or service-related announcements. Generally, you may not opt-out of these communications. If you do not wish to receive them, you have the option to deactivate your on-line account.
VI. DISCLOSURE OF INFORMATION
A. Disclosure to Agents, Contractors, or Service Providers of JDRF
B. Disclosures to Other Charitable Organizations
C. Disclosures Required by Law
From time to time, JDRF may be required to provide personally identifiable information or non-personally identifiable information in response to a valid court order, subpoena, government investigation, or as otherwise required by law, or if we reasonably believe that you have committed unlawful acts or acts that may endanger the health or safety of another user or the general public. JDRF also reserves the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful. We may release such information when we believe that its release is reasonably necessary to protect the rights, property, and safety of others and ourselves.
D. Opting In Through Other Venues
Please be advised that if you provide consent and allow JDRF to disclose your personally identifiable information through one JDRF venue (such as the Sites), you will be deemed to have “opted in” through all JDRF venues.
E. Business Transitions
VII. UPDATING INFORMATION
You have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws and, in particular, if you are located in the European Economic Area (EEA), these rights may include:
- To access your Personal Data held by JDRF (right to access);
- To correct inaccurate, out of date or incomplete Personal Data (right to rectification);
- To erase your Personal Data, to the extent permitted by applicable data protection laws (right to be forgotten);
- To restrict our processing of your Personal Data, to the extent permitted by law (right to restriction of processing);
- To transfer your Personal Data to another controller, to the extent possible (right to data portability);
- To object to any processing of your Personal Data carried out on the basis of our legitimate interests, for the purposes of direct marketing and any automated decision-making (right to object);
- To the extent our processing your Personal Data is based on your consent, you have the right to withdraw your consent at any time; and
- To communicate any concerns about our processing of your Personal Data with data protection authorities located in the EEA.
B. Consent to Receive Notices Via the Sites
By consenting to our use of your personally identifiable information to the Sites, you are agreeing that JDRF may deliver all privacy and related notices to you in the manners described in this Section.
IX. CONTACT INFORMATION
200 Vesey Street, 28th Floor
New York, NY 10281
Telephone: 1-800-533-CURE (2873)
X. LIMITATION OF LIABILITY
Effective as of: February 3, 2022
INFORMATION COLLECTION AND USE
Child Personally Identifiable Information
JDRF is a non-profit organization dedicated to finding a cure for diabetes and its complications through the support of research. We only collect as much information about a child as is reasonably necessary for a child to participate in an activity, and we do not condition his or her participation on the disclosure of more personal information than is reasonably necessary. Kids Walk is an online program designed to teach students about diabetes and to raise funds for type 1 diabetes research. You, for yourself or your child under the age of 13 for which you are a parent/legal guardian, may be prompted to provide for some or all of the following types of information (referred to as “child personally identifiable information”) in order to register, access various content or features, or otherwise participate in Kids Walk:
- Contact information, such as name or e-mail address User name and password;
- Geolocation information;
- Other information, such as school, city, state, and zip code;
- Communications preferences;
- Search queries;
- Comments and other information posted through interactive online features;
- Correspondence you send to us.
We use child personally identifiable information collected through the Site to validate Site users and facilitate participation in the Kids Walk program all for the sole benefit of the participating schools and such schools’ students. We do not share, sell, rent, or transfer child personally identifiable information to any third parties except the child’s respective school where necessary to facilitate the child’s involvement in Kids Walk. JDRF does not condition a child’s participation in Kids Walk on the child disclosing more personal information than is reasonably necessary to participate in such activity.
We may disclose children’s personal information:
- third parties we use to support the internal operations of our Websites and who are bound by contractual or other obligations to use the information only for such purpose and to keep the information confidential.
- If we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of JDRF or others, including to:
- protect the safety of a child;
- protect the safety and security of the Website; or
- enable us to take precautions against liability.
- To law enforcement agencies or for an investigation related to public safety.
Correcting/Updating/Deleting/Deactivating Child Personal Information
A user 13 or over or the adult parent or guardian of a user under 13 may review, request corrections, ask that we delete, or refuse further collection or use of the personally identifiable information JDRF collects from such user or the child or children for which such user is the legal guardian. Such user may do this by contacting JDRF at:
200 Vesey Street, 28th Floor
New York, NY 10281
Telephone: 1-800-533-CURE (2873)
Consent to Receive Notices Via the Site