How Your Data is Used
WHAT IS THIS POLICY ABOUT?
WHAT INFORMATION DO WE COLLECT?
We collect general data on how the website is being used using a third-party service, Google Analytics; this is anonymous and is collected using cookies.
A cookie is a text file sent from our website as soon as you visit the site. It is stored on your computer’s hard drive and helps us identify your computer (not you) and collect information in an aggregated, anonymous way.
Cookies may be used to collect information about your visit to our website, for example, traffic data (volume of people using the site), location data, dates/times of visits to the site, and pages visited.
Most browsers allow you to turn off cookies. To do this, look at the ‘help’ menu on your browser. Switching off cookies may restrict your use of the website and/or delay or affect the way in which it operates.
Cookies from Google are used to distinguish users, including the number of unique visits, remember the number and time of unique visits, and remember traffic source information.
This information is processed in such a way that it does not identify anyone. The purpose of this data is so we can get an idea of how the site is working and how we might improve it.
Visitors to our website are generally in control of any personal data shared with us. We don’t collect personal information when someone visits www.makerstudioarts.com or our other one-off event websites. We do, however, gather basic anonymous information, as stated above, to find out things such as the number of visitors to the various parts of the site or general behavior patterns such as in what order a user looked through the site. This information does not identify anyone and is used so we can get an idea of how the site is working and how we might improve it.
SUBSCRIPTIONS AND CONTACT FORMS
Our website allows you to choose to connect with the Maker Institute by submitting questions or subscribe to the Maker Institute for updates and information.
If, as a site visitor, you choose to send an email question or comment to us, the information we will collect from the website will contain your screen name and email address and the information you choose to include in your message. We ask that you do not provide sensitive information to us when using the Maker Institute website. If you choose to provide sensitive information to us when sending general messages via the website, the act of doing so will constitute your explicit consent to that information being collected and processed in any response we subsequently make to you.
You may choose to subscribe to the Maker Institute in order to receive updates, prayer requests, or other information. The personal data we will collect if you choose this option may include name, address, email address, country, and church name. You will be able to unsubscribe or change your preferences if you wish each time you are contacted.
If you make a donation to the Maker Institute through the website, we will collect your giver information, for example, name, address, telephone number, email address, and the type of donor you choose (giving as a guest or creating an account with us / returning donor). To process your donation, we will also collect your account details and information on tax to optimize gaining tax relief on the donations made.
We will retain personal data collected via our websites for as long as it is necessary, e.g., for as long as we have a relationship with you as an individual or you exercise your right to have your details removed.
If you subscribe to the Maker Institute or choose to connect with us via the website links, we will also collect personal information such as:
Your preferences on the way you receive information;
A record of any consent you provide; and
If you email us any information you choose to include in your message.
We have a data retention policy to implement this and have set parameters for keeping personal data in line with the purpose for which it was collected. As we consider reasonable parameters for holding information, we take account of our legal obligations, including accounting and tax guidelines.
For example, we will retain records of donations for six years to meet tax and accounting requirements, but we will only hold details of personal accommodation and dietary requirements for the purpose of planning and running an event. This information will be deleted within six months of the event occurring.
HOW DO WE COLLECT INFORMATION FROM YOU?
The Maker Institute collects information each time a person deals with our organization. For example, if you request information, sign up for an event, complete a survey, provide a comment, make a donation, or register with us to receive newsletters/updates. You may do this electronically, or you may complete a form at a conference or exhibition.
Personal data is also provided in relation to specific events when someone chooses to receive details or book on as an attendee.
HOW WE USE YOUR INFORMATION
We may use your information to:
Send you information or communications which you have requested, and that may be of interest to you. These may include information about how the Maker Institute is growing, stories from our church families around the world, updates on key initiatives, events, or specific campaigns.
Let you know about other activities or updates from our partnerships.
Process a donation that you have made.
Seek your views or feedback on events or aspects of Maker Institute activities.
Notify you of changes to events, Maker Institute policies, or processes.
Maker Institute DONORS
We collect personal data from our donors for the legitimate purpose of processing the generous giving that enables the Maker Institute to facilitate initiatives with our students and across the breadth of our mission.
The personal data collected includes:
Contact details (name, home address, telephone number, email)
Financial details – bank account/ credit card and references for processing tax in relation to donations
We use donors’ personal information to:
Process donations made and provide receipts for tax relief.
Seek donations and track financial support, which will enable more church planting and the global growth and reach of the gospel
Keep donors informed of the growth, successes, and needs of the Maker Institute
Our retention periods for personal information are aligned with the legal, regulatory and fiscal time frames for the donor’s country of tax liability.
We collect personal data when a person gets in touch with us with a question, complaint, comment, or feedback (such as name, contact details, and contents of the communication). In these cases, the individual is in control of the personal data shared with us, and we will only use the data for the purpose of responding to the communication.
WHO DO WE SHARE INFORMATION WITH?
We will never sell your data to another party or share your data with third parties for marketing purposes.
We use third-party providers to work on our behalf supporting activities such as sending out mailings, organizing events, and processing payments or donations.
When we use third-party service providers, we disclose only the personal information that is necessary to deliver the service. We have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
In circumstances where we share your information with a third-party providing a service to you and where they may be acting as a data controller, we advise that you review their privacy policies.
An example of this would be a hotel being used for a Maker Institute event; the relevant third-party will use your details to provide you with information to carry out their obligations in relation to any contracts you have entered into with them (for example, a reservation for your accommodation and to provide you with what you require during your stay).
We have strategic partnerships with whom we collaborate to build God’s kingdom and extend the reach of the gospel. Where we are working on projects with a partner and are linking up with parts of the Maker Institute family to do so, contact details and information on related member pastors/churches may be shared with our partners.
We may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. We may do so when: (1) permitted or required by law; or (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or (3) investigating fraud that has already taken place. The information is not provided to these companies for marketing purposes.
We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do not make and do not allow Google to make any attempt to find out the identities of those visiting our website.
We utilize Google’s services to receive and send emails and to store and access data (the G Suite). Details around Google’s compliance to GDPR can be found here. These security precautions are combined with internal policies to ensure data is protected (e.g., the implementation of 2FA, password policies, etc.).
We use a third-party service, JotForm, to provide us with customizable forms. Any information you enter onto a Maker Institute form is stored on the JotForm website before being emailed to a Maker Institute email address, which uses a third-party service, G Suite by Google. The forms we use may be a booking form for an event, a survey, questionnaire, or quiz. If we want to collect personally identifiable information through our web forms, we will be up-front. We will make it clear when we collect personal information and will explain what we intend to do with it. JotForm’s data security approach is described here.
Email and E-newsletter/ updates
We use a third-party provider, MailChimp, to deliver regular updates and communications about events or new specific initiatives. We gather statistics around email opening and clicks, using industry-standard technologies to help us monitor and improve our e-newsletter. All recipients will be given a simple option to unsubscribe, found at the bottom of all our emails.
Maker Institute Global Partnerships
The Maker Institute is a US organization with global partners who, by contractual agreement, represent the work of the Maker Institute in their respective regions and jurisdictions. To the extent it is necessary to share information with these partners to provide the services request, we will provide that information to the appropriate organization to provide those services.
We operate on Facebook, Twitter, Instagram, and LinkedIn. If you send us a private or direct message via social media, the message will be stored according to their standard terms. It will not be shared with any other organizations.
People who call us
When you call the Maker Institute, we may collect personal information. We use this information to help us answer your query and to improve our efficiency and effectiveness.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with our office policy. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
We use Eventbrite, a platform that facilitates organizing events from invitations to registration and accommodation. Events can be customized and delegates’ registration and payment details captured. Their security approach is described here.
Other software platforms used to facilitate payments for events; include Square and Paypal; their approach to privacy and security for account holders and customers is described on their respective sites.
Customer Relationship Management
We use a CRM and marketing platform called Salesforce.org, which has been designed to be used by not-for-profit organizations. The system enables us to capture our Maker Institute family, donors, and supporters’ contact details and communication history.
HOW AND WHERE WE STORE YOUR INFORMATION
We are committed to holding your personal data securely; your information may be stored digitally (held on servers or computers) or, in some areas, hard copy (paper-based).
The security controls we have in place, which combine both technical and physical measures to protect any personal data you provide, include:
Access to systems for Maker Institute teams is through secure, encrypted logins and network/access level controls to ensure that data is accessible only to relevant team members.
Sensitive information is held in password-protected files.
Third parties must use secure servers.
Encrypted sending and receiving of personal data.
Locked cabinets in locked offices where personal data is stored in hard copy.
Clear desk policies for personal data in hard copy format.
Screen locks and password-protected PCs and laptops.
We are committed to ensuring that personal data is held in compliance with European data protection regulations. We take all reasonable steps to ensure that your data is stored and processed securely. We use cloud-based systems to process data that are based in the USA and where data may be stored in other countries. By submitting your personal data, you agree to this transfer, storing, and processing of your information.
The General Data Protection Regulation (GDPR) was put into place by the European Union in May 2018. This gives EU citizens more control, choices, and rights over how their data is used and puts forth guidelines for the collection and processing of data for businesses. The third-party vendors that the Maker Institute uses are in compliance with this law. If you would like to request that your information be updated, corrected, or deleted, please contact us at firstname.lastname@example.org.
In line with data privacy regulations in the European Union (EU), we want to let you know:
What information we may collect about you;
What we use your personal information for;
How we store your personal information;
Who (if anyone) we pass your information on to and for what purpose;
How you can raise any concerns about the accuracy, processing, or use of your personal information.
EU CITIZEN RIGHTS WITH PERSONAL DATA
Unless subject to an exemption under the GDPR, EU citizens have specific rights in relation to personal data:
Access – you have the right to receive confirmation that your data is being processed and to have access to it. You can make a Subject Access Request if you wish to get a copy of your personal data.
Accuracy – Personal data can be rectified if it is inaccurate, incomplete, or out of date.
Erasure – you may request for your personal data to be erased if it is no longer necessary for the Maker Institute to retain your information, if you withdraw your consent, if there is no overriding legitimate interest to continue processing it, or your data has been processed unlawfully.
You may request a restriction is placed on further processing where there is a dispute in relation to the accuracy or processing of your personal data.
You have the right to data portability in some circumstances. This enables you to move, copy or transfer your data from one IT environment to another securely and without affecting its usability.
You have the right to object to processing based on legitimate interests or direct marketing.
You have the right to object to your personal data being used for automated decision-making and profiling, i.e., where decisions are being made solely by automated means and without any human involvement.
YOUR CHOICES AND TELLING US WHEN THINGS CHANGE
You can change your preferences about what you receive from us at any time. This can be done by using the update preferences option in the communications you receive from us or by emailing email@example.com.
UPDATING YOUR DETAILS
We do appreciate it if you keep your details up to date. You can do so by logging into your account and updating your profile.
TELLING US TO STOP PROCESSING
You have the right to ask us to erase your personal data, restrict our processing, or object to our processing of your personal data, so long as the lawful purpose for processing is not for a statutory reason. You can do so at any time by writing to us at firstname.lastname@example.org.
ACCESS TO PERSONAL INFORMATION
We aim to be as open as possible in terms of giving you access to your personal information.
Individuals who are EU citizens can find out if we hold any personal information by making a ‘subject access request’ under the data protection regulations. If we do hold information about you, we will:
Give you a description of it.
Tell you why we are using it.
Tell you who has access to it.
Provide you with a copy of it in an accessible form.
To make a subject access request to the Maker Institute for any personal information we may hold, you need to put the request in writing to email@example.com.
All articles and posts on the Maker Institute website are copyrighted. For permission to reprint or crosspost articles from the Maker Institute blog, contact firstname.lastname@example.org. When reprinting content, please attribute the content to the appropriate author. The reprint should also include the following note with the link to the original post: The following content was originally published on the Maker Institute website, linked here:
QUESTIONS OR CONCERNS
The Maker Institute strives to meet a high standard when collecting, storing, and using personal information. For this reason, we take any concerns or complaints we receive about this very seriously.
If you have any queries about your personal data and how we are processing it, we are happy to provide additional information or explanation.
We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures.
Please send any queries, suggestions, or complaints to email@example.com.
Alternatively, you can write to:
Data Protection – The Maker Institute
14 N 19th Street
Richmond, VA 23223
DISCLOSURE OF PERSONAL INFORMATION
We will never disclose personal data without consent, except where required by law.
16 OR UNDER
We are concerned about protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ you must get your parent/guardian’s permission before providing us with personal information.
LINKS TO OTHER WEBSITES
HOW TO CONTACT US
Data Protection – The Maker Institute
14 N 19th Street
Richmond, VA 23223
Terms and Conditions
You agree that your use of the Web site is subject to these Terms and Conditions. These Terms and Conditions may be modified at any time and from time to time; the date of the most recent changes or revisions will appear on this page. Continued access to the Web site by you will constitute your acceptance of any changes or revisions to the Agreement. If you do not agree with the Terms and Conditions, please do not use this website.
The materials contained on the website are provided by the Maker Institute as a service to you for your use on an “as is, as available” basis. You acknowledge that you are using the website at your own risk. The Maker Institute assumes no responsibility for errors or omissions in these materials. The Maker Institute makes no commitment to update the information contained herein. The Maker Institute makes no, and expressly disclaims any and all, representations or warranties, expressed or implied, regarding the web site, including without limitation the accuracy, completeness, or reliability of text, graphics, links, products and services, and other items accessed from or via the Web site, or that the Web site will be uninterrupted, error-free, or free of viruses or other harmful components. No advice or information given by the Maker Institute or any other party on the website shall create any warranty or liability.
The Maker Institute of Studio Art + Theology does not engage in unlawful discrimination or harassment because of race, color, ancestry, religion, age, sex, national origin, pregnancy or childbirth, disability, or military veteran status in its educational programs and activities. However, Maker Institute maintains its Christian mission. Accordingly, it reserves its right to discriminate based on religion to the extent that applicable law respects its right to act in furtherance of its religious objectives. Moreover, we discriminate based on the applicant’s willingness to operate and agree to our Articles and Confessions of Faith.