PRIVACY POLICY AND DATA PROTECTION FOR HILLSONG ONLINE CAMPUS
INTRODUCTION
This privacy policy outlines the basis on which all personal information will be collected, managed and used, by Hillsong Foundation LLC (“Foundation”) and Hillsong Church Limited as trustee for Hillsong Church Australia (“Hillsong Aust”) (jointly and severally “Hillsong Online”) whose details are set out below, whether provided through the website, or acquired directly by any other means, and will be dealt with in accordance with the Law.
The website on which Hillsong Online Policy is hosted, hillsong.com, is managed by Hillsong International Limited having its registered office at 1-5 Solent Circuit, Baulkham Hills, NSW Australia as trustee for Hillsong International (“Hillsong International”).
By registering with Hillsong Online you consent to personal information being collected, stored and used globally including in the EEA and Australia and stored in the USA.
You must also agree to the terms and conditions of use, which govern Hillsong Online’s and Hillsong International’s relationship with you.
INTERPRETATION
Whenever “We”, “Our” or “Us” is used in this Policy it is referring to your relationship with and an obligation or right, in both Hillsong International and Hillsong Online.
“Data Controller” is the entity that determines the purpose for which personal data is collected and processed.
“Data Processor” is the entity processing personal data on behalf of the Data Controller
“Personal Data” is any information about a living individual, which allows them to be identified, such as a name, email or photograph and can identify them alone or in conjunction with other information.
DATA PROTECTION LAW
This policy explains how Hillsong International, Hillsong Online and the website comply with data protection laws and regulations in their respective countries, including, privacy laws in the United States of America, the Australian law, Privacy Act 1988 (Cth), and the EU General Data Protection Regulation (GDPR), the EU Privacy & Electronic Communications Regulations 2003 (“the PECR”) relating to electronic communications (jointly and severally, “the Law”).
Although Hillsong International is based in Australia in making this website available to Hillsong Online it has agreed to comply with the Law.
Hillsong International has agreed with Hillsong Online that:
a. Hillsong Aust will manage content on that part of the website dedicated to Hillsong Online, where Hillsong Online’s Privacy Policy is posted;
b. all personally identifiable information relating in any way to persons resident in the EEA acquired from or relating to such persons accessing the website for any purpose including, without limitation making a donation and registering with the online campus, will be governed by and dealt with in accordance with this Policy and the Law;
c. such information will only be provided to parties, other than Hillsong Online , who assist us, provide services requested by such persons, or with their prior consent.
Your personal information will be kept strictly confidential.
Hillsong Online will adhere to the Principles of Data Protection as detailed in GDPR, your information will be:
a. processed lawfully, fairly and in a transparent manner;
b. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
c. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d. accurate and, where necessary, kept up to date;
e. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
f. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage using appropriate technical or organisational measures.
DATA CONTROLLERS and DATA PROCESSORS
Although Hillsong Aust and Foundation are separate organisations, they work together and may need to share personal data so that each can carry out their responsibilities.
Hillsong Aust is the Data Controller of personal data you provide on Hillsong.com. Where required, this personal data is shared with Foundation and Hillsong Aust may either process such data on behalf of Foundation, or as a joint Controller use for its own purposes.
Where Hillsong Aust and Foundation are joint Controllers, both are responsible for how your data is processed.
EEA REPRESENTATIVE
As Hillsong Online is based outside the EEA, the EEA representative for Hillsong Online will assist Hillsong Online with the collection, storage, use and transfer of information for residents within the EEA and compliance with all applicable data protection laws in the EEA.
REGISTRATION
If you subscribe to Hillsong Online and continue to use and provide personal information on this site, you are agreeing to the policy, with respect to collection, storage and use of your personal information.
SCOPE OF THE POLICY
By providing Personal Data, and accepting the Terms and Conditions, you have agreed to allow Hillsong Online to process your personal data for the uses contemplated and to allow us to contact you by mail, email, telephone or SMS text message in connection with our charitable purposes:
a. on the basis of the consents you have given; or
b. for Hillsong Online’s legitimate interests, in accordance with current data protection regulations.
If at a later date you do not wish to receive further communications from Hillsong International and/or Hillsong Online, OR you wish to change the way you receive any communication, you may notify Hillsong International or Hillsong Online and your request will be dealt with in accordance with this Policy.
Your personal information will be kept strictly confidential.
If you disagree with any part of this policy please do not provide personal information to Hillsong International, or Hillsong Online and do not use the website.
HOW PERSONAL INFORMATION IS COLLECTED
When you register with Hillsong Online we will collect general personal information about you, such as your name, address and contact details.
Hillsong may also collect this and other types of personal information, for example when you:
We do not hold any debit or credit card details for donations/payments made via the website. All card payments are handled by service providers who encrypt card information sent from this website.
TYPES OF INFORMATION COLLECTED
Personal Information
The types of personal information collected by us may include:
Sensitive/Special Category Personal Information
Hillsong Online may collect and store sensitive personal information (Special Category Information under GDPR) such as:
HOW WE USE YOUR INFORMATION
Your personal information will be dealt with in accordance with the Law. It is never sold, nor given away. It is only shared with others where you have given consent or where it is permitted or required either contractually or legally.
We will not use your personal information for any other purpose without first seeking your consent, unless authorised or required by law.
Generally, uses of your personal information based on our legitimate charitable interests and on your consent may include:
LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION
Hillsong International and Hillsong Online will only process your personal information where we have a legal basis to do so. The legal basis will depend on the reason or reasons we collected and need to use your information. In almost all cases the legal basis will be:
If processing of your data is subject to any other laws then the basis of processing your data may be different to that set out above and may in those circumstances be based on your consent in all cases.
CONSENT TO CONTACT
Hillsong International and Hillsong Online will seek your consent prior to contacting you by email or text, to invite you to Hillsong Online programming or services, or to inform you of other Hillsong International events or activities.
Unsubscribe/Decline Contact
You will have the opportunity to decline to accept communications at any time and discontinue receiving such communication by clicking the “Unsubscribe” link in each email or text message sent to you or manage your preferences by clicking the link in the email.
The ways you can unsubscribe or change your preferences are:
DATA STORAGE AND WHO SEES YOUR INFORMATION
Information you provide electronically, including through this website will be held on servers and computers in Australia, the EEA and the USA.
Subject to compliance with our data management policies and procedures and in compliance with the above Data Protection Principles information may be accessed, used and stored:
a. On computers and servers based in the EEA, USA and Australia; and
b. By a limited number of staff or key volunteers under a duty of confidentiality who are involved in development, maintenance and operation of the website hillsong.com, or the services provided through them, or who act for us for the uses set out in this policy, or other purposes approved by you. Those parties may also process information, fulfil and deliver orders, process credit card payments and provide support services to us.
Third party service providers may process information, fulfil and deliver orders, process donations, credit card payments and provide support services on our behalf. Where such details are shared agreements in place restrict the use of your information to the purpose for which it is provided and ensure it is stored securely and in accordance with applicable data protection and privacy laws. One of Hillsong Online’s and Hillsong International’s main providers is The Rocket Science Group in the USA d/b/a MailChimp, which provides us with email communication services, which company is certified under the EU-US Privacy Shield Framework approved by the European Commission.
We do not sell or pass any of your personal information to any other organisations and/or individuals without your express consent, unless required by law.
Financial Records and Card Details:
All financial payments and records are held in accordance with The Payment Card Industry Data Security Standard (“PCI DSS”).
All credit/debit card donations made online or by phone, are made securely through third party service providers and payment gateways, which comply with PCI DSS. Unredacted card details are not recorded and stored on our systems.
We do not store unredacted financial details (credit or debit card numbers) obtained through online transactions nor do we pass any information to third parties, except where we are legally required to do so, to assist fraud reduction, or to provide a service requested and minimise credit risks.
HOW LONG WE RETAIN YOUR INFORMATION
We will only keep your personal information for as long as it is required and in accordance with the Law and other legal requirements.
If you have indicated that you no longer wish to hear from us, we will keep the minimum information necessary to ensure that no future contact is made.
Where we hold Sensitive Category Personal Information, unless we have evidence of your regular contact with us or we are required by law to retain, the sensitive information will be deleted after a period of two (2) years.
COOKIES
We use various technologies to collect information when you access or use Hillsong.com, including placing a piece of data commonly referred to as a “cookie” on your device. Cookies are small data files that are stored on your hard drive or in your device memory when you visit a website or view a message. By using Hillsong.com, you permit us to collect and use your information from activity on devices you use in accordance with this Privacy Policy. For more information and to learn how to block or delete cookies used on MyHillsong.com and Hillsong.com, please see our Cookie Policy.
YOUR RIGHTS
Personal Information
Where you have provided your consent to us processing your personal data, you may withdraw this consent at any time. In addition, the Law gives you the right, under certain circumstances:
To exercise any of these rights please contact [email protected] or contact the relevant Data Protection Officer (contact details set out below).
Please tell Hillsong Online as soon as any of your contact details change so that records can be kept up to date.
We will take reasonable steps to correct any of your information, which is inaccurate, incomplete or out of date.
A request to access, amend or delete your personal information may be refused in certain circumstances. If refused, you will be provided with a reason for the decision and, in the case of amendment, will note with your personal information that its accuracy is disputed.
SECURITY
Reasonable steps will be taken to keep secure any personal information which is held.
Personal information, held electronically, is stored in secure servers or secure files.
The Internet is not a secure method of transmitting information. Accordingly, no responsibility is accepted for the security of information you send to or receive from us over the Internet or for any unauthorised access or use of that information.
Security measures are taken to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage.
Where we have given you, or where you have chosen security codes (username, password, memorable word or PIN), which enable you to use our online services, you are responsible for keeping these details secure and confidential.
DOWNLOADS
Any documents or files made available to download are provided at users’ own risk.
REPORTING CONCERNS
Please contact either Hillsong International or Hillsong Online if you wish to raise a concern about handling of your personal information through this website or directly to Hillsong online if it involves information provided by other means.
You also have the right to lodge a complaint with the Data Protection Authority Office (see contact details below) about how your data is managed.
CHANGES TO THIS POLICY
Hillsong Online and Hillsong International may amend this Privacy Policy from time to time to ensure compliance with changes or amendments to the Law. Any amended version will be available on the website. We suggest that you visit the website regularly to keep up to date with any changes.
CONTACT DETAILS
If you would like any further information, or have any queries, problems or complaints relating to the Privacy Policy or our information handling practices in general, please contact the appropriate person/s below:
1. Relating in any way to use of Personal Information provided or obtained through this Website.
Hillsong International Ltd as trustee for Hillsong International
Att: Privacy Officer
1-5 Solent Circuit, Baulkham Hills NSW 2153,
Australia
Ph.: +61 2 8853 5353
Email: [email protected]
2. Relating in any way to Personal Information you have directly provided to any staff and/or volunteer at Hillsong Online , you should directly contact:
Hillsong Church Limited OR Hillsong Foundation LLC
C/- 1-5 Solent Circuit, Baulkham Hills NSW 2153,
Australia
Ph.: +61 2 8853 5353
Email: [email protected]
3. The Governing Authority for Data Protection/Privacy Compliance
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
[email protected]
Enquiries Line 1300 363 992.
4. Information Commissioners Office (UK)
https://ico.org.uk/concerns/
Helpline: 0303 123 1113
5. Hillsong London Resources Limited
Att: Data Protection Office
425 New Kings Road, Fulham, London SW6 4RN.
PO Box 29971, London, SW6 2WX.
Ph.: +44 (0) 20 7384 9200,
Email: [email protected]