Privacy Policy for schneider-for-congress.com
1. Introduction
At schneider-for-congress.com, we are firmly committed to safeguarding the privacy and personal data of our users, supporters, and visitors. We recognize the importance of preserving your trust and ensuring lawful and transparent handling of your personal information. This Privacy Policy describes how we collect, use, disclose, and store your personal data, in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
2. Scope of this Policy and Role of Data Controller
This Privacy Policy applies to any personal data collected through schneider-for-congress.com, operated and maintained by the Schneider for Congress campaign. For the purposes of data protection laws, the campaign and its authorized agents are considered the “data controller” with respect to the personal data processed via this website.
If you have questions about how your data is managed, or wish to exercise your rights, you can contact us at:
Email: [email protected]
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
This includes information such as your browser type and version, IP address, time zone setting, device identifiers, date/time stamps, referring and exit URLs, website navigation paths, pages visited, and session duration.
b. Account Data
If you create an account, submit a form, or engage with our services, we may collect your full name, mailing address, phone number, and email address.
c. Profile Data
Profile data includes information you provide to customize your experience, such as event participation, interest in campaign issues, donation history, and user behavior on the website.
d. Communication Data
We retain records of communications sent or received through our contact forms, email threads, support requests, or interactions with campaign representatives.
e. Technical Data
This includes data about your device (e.g., type, hardware model, operating system, browser settings, network information) and configuration data used to optimize your browsing experience.
f. Transaction Data
When applicable, we may collect payment-related information (excluding full credit card numbers), billing address, and other data related to donations, order fulfillment, or merchandise delivery, as processed through secure third-party providers.
g. Preference Data
We may store your preferences regarding communication (e.g., opt-in to newsletters or SMS alerts), consent status, preferred topics, and feedback responses to better personalize services.
4. Legal Bases for Processing Personal Data
We process your personal data under one or more of the following legal bases, as applicable:
– Consent: Where you have given explicit permission for a specific purpose, such as email updates or optional cookies.
– Contractual Necessity: Where processing is necessary for the performance of a contract, including processing donations or providing a requested service.
– Legal Obligation: Where processing is required for compliance with applicable laws and regulations.
– Legitimate Interests: Where processing supports outreach efforts, improves website functionality, ensures cybersecurity, or advances campaign goals, provided your interests and fundamental rights do not override those purposes.
5. Your Rights under GDPR and CCPA
Subject to verification of your identity, you have the following rights with respect to the personal data we hold about you:
– Access: Request a copy of the data we hold about you.
– Rectification: Request correction of inaccurate or incomplete data.
– Erasure: Request deletion of your data, subject to lawful retention requirements.
– Restriction: Request that we limit the processing of your data under certain conditions.
– Data Portability: Receive a structured, commonly used, and machine-readable form of your data and, where feasible, transmit it to another controller.
– Objection: Where applicable, object to processing based on legitimate interest or direct marketing.
To exercise these rights, please contact [email protected].
6. Security Measures
We implement industry-standard administrative, technical, and physical safeguards to protect personal data from unauthorized access, disclosure, loss, and misuse. These measures include but are not limited to:
– Data encryption in transit and at rest
– Secure socket layer (SSL) protocols
– Role-based access controls and authentication mechanisms
– Regular data backups with secure storage
– Ongoing staff privacy and security training
– Incident monitoring and breach response protocols
While no system can guarantee absolute security, we take reasonable steps to maintain the confidentiality and integrity of your personal data.
7. International Data Transfers
Where your personal data is transferred outside the jurisdiction of original collection (e.g., to servers or service providers based outside the United States or the European Economic Area), such transfers are conducted in accordance with applicable laws. We rely on approved Standard Contractual Clauses or other lawful mechanisms to ensure adequate protections are in place under GDPR and equivalent protections under CCPA, where applicable.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or to meet legal requirements. Retention periods vary based on data category, including:
– Usage and Technical Data: Retained for up to 12 months for analytics and performance optimization.
– Account and Communication Data: Retained for as long as you maintain an active relationship with the campaign or up to 24 months post-termination or final contact.
– Transaction Data: Retained for up to 7 years to comply with financial regulations.
– Preference and Profile Data: Retained for 3 years from the date of last interaction or until consent is withdrawn.
9. Cookie Policy
Our website uses cookies and similar technologies to deliver a functional and optimized browsing experience. These may include:
– Essential Cookies: Necessary for core website features and stability (e.g., session management, form submissions).
– Functional Cookies: Used to remember user preferences and enhance usability.
– Analytics Cookies: Collect non-identifiable data to assess website performance and usage patterns.
– Performance Cookies: Support error diagnostics, load testing, and content optimization.
Cookies may be set by us or by authorized third-party services operating on our behalf.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, you are given the option to manage your cookie preferences upon your first visit to our site via a consent banner. You may update or withdraw consent at any time by modifying your browser settings or accessing the cookie settings feature on schneider-for-congress.com. Declining optional cookies may impact site experience but will not prevent access to core functionalities.
Under CCPA, California residents further have the right to opt out of the sale or sharing of personal information. While we do not sell your personal data in the conventional sense, you may exercise CCPA-aligned rights by contacting [email protected].
11. Special Protections for Children
schneider-for-congress.com is not directed toward children under the age of 13. We do not knowingly collect or process personal information from individuals under 13 years of age without verified parental consent. If we become aware that a child’s personal data has been collected in violation of this policy, it will be promptly deleted from our systems.
12. Policy Modifications
We reserve the right to update or amend this Privacy Policy at our discretion to reflect changes in data practices, legal obligations, or operational requirements. Any material modifications will be clearly communicated to users via on-site notices or email, where appropriate. Continued use of the website constitutes acknowledgment and acceptance of the current policy.
13. Contact Us
If you have any questions, concerns, or requests concerning this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
We take privacy seriously and are committed to resolving concerns and honoring all data subject rights in accordance with applicable law.
We strive to ensure full compliance with the GDPR, CCPA, and other relevant data protection laws. Please do not hesitate to reach out using the contact information above regarding any privacy-related inquiry.