Introduction

Hackers for Christ Ministries, Inc. ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website hackersforchrist.org (the "Site") or use our services.

As a Christian ministry providing free cybersecurity services to churches, we take data protection seriously—both as a legal obligation and as an act of faithful stewardship.

By using our Site, you consent to the data practices described in this policy.

Information We Collect

Personal Information You Provide

We collect information you voluntarily provide when you:

• Request Services (Churches): Name, email, phone, church name, website, congregation size, role, service needs
• Apply as a Volunteer: Name, email, phone, experience level, time commitment, skills, certifications, motivation
• Inquire About Partnership/Donations: Name/organization, contact information, title, partnership type, giving preferences, estimated gift amount
• Apply for Leadership Positions: Name, email, phone, LinkedIn profile, background, motivation, availability

Automatically Collected Information

• Analytics Data: We use Plausible Analytics (privacy-friendly, GDPR-compliant) and Google Analytics to collect usage data including pages visited, referral sources, and general location. Plausible collects anonymous data with no cookies and no personal tracking. Google Analytics uses cookies to track user behavior and provide insights on site usage. Consent requirements for Google Analytics depend on your geographic location (see Cookies & Tracking section).
• Geolocation Data: We use your IP address to determine your country/region to provide appropriate cookie consent options (GDPR compliance for EU visitors). We do NOT store precise location data.
• Security Data: Cloudflare Turnstile collects minimal data to verify you're human (not a bot) when submitting forms. This is privacy-preserving and does not track you.
• Technical Data: IP address (temporarily, for security and geolocation), browser type, device type, operating system

Information We Do NOT Collect

• Credit card or payment information (we don't process payments directly)
• Social Security Numbers or Tax IDs
• Passwords (we have no login system)
• Precise geolocation data
• Behavioral tracking or advertising profiles

How We Use Your Information

We use the information we collect to:

• Provide Services: Respond to church requests, schedule security assessments, coordinate volunteers
• Process Applications: Review volunteer and leadership applications, conduct background checks (with consent)
• Facilitate Donations: Connect with donors/sponsors, send secure payment links, provide donation receipts
• Communicate: Send service updates, training information, prayer requests, ministry updates (you can opt out anytime)
• Improve Our Ministry: Analyze usage patterns (anonymously) to improve our website and services
• Comply with Legal Obligations: Maintain records for nonprofit compliance, tax reporting, and legal requirements

How We Share Your Information

We do NOT sell, rent, or trade your personal information. We share information only in these limited circumstances:

Service Providers

• Google Sheets: Stores form submissions for internal tracking (secured with access controls)
• Gmail: Sends email notifications to our team
• Background Check Vendors: For volunteers only, with explicit consent
• Payment Processors: If you donate, we use secure third-party processors (we never see your payment details)

Legal Requirements

We may disclose information if required by law, subpoena, or legal process, or to:

• Comply with IRS nonprofit reporting requirements
• Protect our rights or property
• Investigate fraud or security issues
• Respond to government or law enforcement requests

Volunteers & Assessments

When we match volunteers with churches for security assessments, we share only the minimum necessary information (e.g., volunteer first name and expertise) with the church. All volunteers sign confidentiality agreements.

Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted to/from our site uses TLS/SSL encryption
• Access Controls: Only authorized personnel can access personal data
• Data Minimization: We collect only what we need and delete it when no longer necessary
• 90-Day Data Purge: Assessment findings and sensitive church data are securely deleted after 90 days (unless the church requests otherwise)
• Secure Infrastructure: Our systems are protected by firewalls, intrusion detection, and regular security audits

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

Data Retention

• Contact Inquiries: Retained for 2 years or until request is fulfilled, whichever is longer
• Volunteer Applications: Retained for duration of service + 3 years for liability/compliance
• Donor Information: Retained for 7 years (IRS requirement for tax-exempt organizations)
• Assessment Data: Church security findings deleted after 90 days (unless church requests otherwise)
• Analytics: Anonymous data retained indefinitely for trend analysis

Your Privacy Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Opt-Out: Unsubscribe from marketing emails (service-related emails may still be sent)
• Portability: Request your data in a portable format
• Object: Object to certain data processing (we'll honor reasonable requests)

To exercise these rights, contact us at [email protected]

Cookies & Tracking

We use cookies to improve your experience and understand how our site is used. We implement geolocation-based consent to comply with privacy laws in your region.

Cookie Consent Model

• EU/EEA Visitors (GDPR): Google Analytics is disabled by default. You must explicitly accept cookies to enable tracking (opt-in model).
• Non-EU Visitors: Google Analytics is enabled by default. You can opt-out at any time (opt-out model).
• Geolocation: We detect your region using your IP address to determine the appropriate consent model. Your region preference is stored locally.

Analytics Tools

• Plausible Analytics: No cookies. Collects anonymous usage data without identifying you. Always enabled for all visitors.
• Google Analytics: Uses cookies to track user behavior, page views, and site interactions. Consent requirement depends on your location. You can change your preference by clicking "Cookie Settings" in our footer or by installing the Google Analytics Opt-out Browser Add-on.
• Cloudflare Turnstile: May use temporary browser storage for bot detection. No long-term tracking.
• Session Cookies: May be used for form functionality (deleted when you close your browser)

For information on how Google uses data, please visit Google's Privacy Policy. Our geolocation-based consent system complies with GDPR (EU) and US privacy laws.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected data from a minor, please contact us immediately at [email protected].

International Users

Hackers for Christ is based in Idaho, USA. If you access our Site from outside the United States, your information may be transferred to, stored, and processed in the U.S. By using our Site, you consent to this transfer.

GDPR Compliance (EU Users): We respect GDPR rights. If you're in the EU, you have additional rights under GDPR including the right to lodge a complaint with a supervisory authority.

Third-Party Links

Our Site may contain links to third-party websites (e.g., social media, partner organizations). We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the Site after changes constitutes acceptance of the updated policy.

For significant changes, we may notify users via email or a prominent notice on our Site.