us-Sunnah

Privacy Policy

How we collect, use, and protect your information

Effective Date: January 1, 2025 | Last Updated: January 16, 2025

1. Introduction

us-Sunnah Foundation, a registered 501(c)(3) nonprofit organization (EIN: [Your EIN]), is committed to protecting your privacy and maintaining the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.ussunnah.org or make a donation to our organization.

By using our website or making a donation, you consent to the practices described in this Privacy Policy. If you do not agree with these practices, please do not use our website or services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide when you:

  • Make a donation: Name, email address, billing address, and payment information
  • Create an account: Email address and authentication credentials
  • Subscribe to communications: Email address and communication preferences
  • Contact us: Name, email address, and message content
  • Participate in our referral program: Name and referral information

2.2 Payment Information

All payment transactions are processed through Stripe, our PCI-DSS compliant payment processor. We do not store, process, or have access to your complete credit card numbers, CVV codes, or banking information. Stripe's security practices and privacy policy can be found at stripe.com/privacy.

We retain only the last four digits of your card number (for identification purposes), card type, and transaction records as required for tax receipt generation and accounting purposes.

2.3 Automatically Collected Information

When you visit our website, we automatically collect certain information through cookies and similar technologies:

  • Device information (browser type, operating system, device type)
  • IP address (used for security and fraud prevention)
  • Pages visited, time spent, and navigation patterns
  • Referring website or source
  • Geographic location (country/region level)

2.4 Analytics and Tracking

We use the following analytics services to understand how visitors use our website:

  • Google Analytics 4: Website traffic and user behavior analysis
  • Meta (Facebook) Pixel: Conversion tracking for advertising campaigns
  • TikTok Pixel: Conversion tracking for advertising campaigns

These services may collect information about your online activities over time and across different websites. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Donation Processing

  • Process and confirm your donations
  • Generate and deliver tax receipts
  • Manage recurring donation subscriptions
  • Prevent fraud and unauthorized transactions

3.2 Communication

  • Send transaction confirmations and receipts
  • Provide updates about our programs and impact (with your consent)
  • Respond to your inquiries and support requests
  • Send important notices about your account or our policies

3.3 Website Improvement

  • Analyze website usage to improve user experience
  • Debug and fix technical issues
  • Develop new features and services

3.4 Legal Compliance

  • Comply with tax reporting requirements
  • Respond to legal requests and prevent illegal activities
  • Enforce our terms of service

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following limited circumstances:

4.1 Service Providers

We share information with trusted service providers who assist us in operating our organization:

  • Stripe: Payment processing
  • Supabase: Database and authentication services
  • Vercel: Website hosting
  • ElasticEmail: Email delivery services

These providers are contractually obligated to protect your information and use it only for the services they provide to us.

4.2 Legal Requirements

We may disclose your information when required by law, such as:

  • In response to a valid subpoena, court order, or government request
  • To protect our rights, property, or safety
  • To investigate potential violations of our terms of service
  • To prevent fraud or other illegal activities

4.3 Aggregate Information

We may share aggregated, anonymized information (such as total number of donors or donation statistics) for reporting purposes. This information cannot be used to identify any individual.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • SSL/TLS encryption for all data transmission
  • Secure, encrypted database storage
  • Regular security assessments and updates
  • Limited access to personal information on a need-to-know basis
  • PCI-DSS compliant payment processing through Stripe

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify you of any breach affecting your personal information as required by law.

6. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this policy:

  • Donation records: 7 years (as required for tax and accounting purposes)
  • Account information: Until you request deletion
  • Communication preferences: Until you unsubscribe
  • Contact messages: 3 years
  • Analytics data: 26 months (Google Analytics default)

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Portability

You can access your donation history and account information through your donor portal at any time.

7.2 Correction

You can update your account information through your donor portal or by contacting us.

7.3 Deletion

You may request deletion of your personal information. Note that we may need to retain certain information for legal, tax, or accounting purposes. Donation records required for tax compliance cannot be deleted.

7.4 Marketing Communications

You can opt out of marketing communications at any time by clicking the unsubscribe link in any email or updating your preferences in your account. Note that you will still receive transactional emails (receipts, account notifications).

7.5 Cookies

Most web browsers allow you to control cookies through their settings. Note that disabling cookies may affect website functionality.

8. Children's Privacy

Our website is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@ussunnah.org.

9. International Data Transfers

Our website is hosted in the United States. If you are accessing our website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

10. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA). As a nonprofit organization, we are generally exempt from CCPA requirements, but we voluntarily extend similar rights to all our donors regardless of location.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on our website and updating the "Last Updated" date. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

us-Sunnah Foundation
Email: privacy@ussunnah.org
Website: www.ussunnah.org/contact

We will respond to your request within 30 days.