This privacy notice will advise you about our guidelines concerning the use of your personal information, including the reasonable efforts we make to protect your personal information in accordance with these guidelines, and about what choices you have concerning our use of such information. Please read this notice carefully.
We keep your private information private by
- Not selling your information. You have entrusted Wishing Tree with your personal information, and we're committed to using it wisely. Wishing Tree will not sell, share or otherwise transfer your personal information to anyone without your consent.
Please refer to this policy regularly. Wishing Tree may need to change this policy from time to time to address new issues and reflect changes on our websites or within physical locations. We will post material changes on our websites or otherwise notify you and update the “Last Date Updated” field in the “Revision History” at the bottom of this page so that you will always know our policies regarding what information we gather, how we might use that information and whether we will disclose that information to anyone.
This policy applies to the personal information that you provide to Wishing Tree, either through our websites and mobile applications or in person at a physical location. This policy does not apply to your use of unaffiliated sites to which our websites link.
Collection of Personally Identifiable Information
Wishing Tree collects personally identifiable information (PII) from you when you voluntarily submit such information to us. The collection of PII may occur in person or on a website or mobile application operated, provided or otherwise controlled by Wishing Tree. This information may include your name, home address, email address, telephone number, date of birth, demographic information, sex-offender status, membership status, emergency contact information and other information that we may need to collect in connection with certain events, including but not limited to:
- registration for, or participation in, events, classes, camps and other activities or programs offered by Wishing Tree;
- participation in Wishing Tree Membership
- registration for surveys, forums, content submissions, chats, bulletin boards, discussion groups, requests for suggestions or other services or activities offered on our website;
- answering your inquiries about our websites, organization, membership or other services or activities; and
- registration as a member of Wishing Tree.
Collection of Photographs
Wishing Tree may also collect your photograph, by capturing your image at a physical location or scanning your personal identification card, for the purpose of identifying you as a member, volunteer or program participant. Your photograph will not be used for any commercial purpose without your authorization, and shall not be retained longer than three years from your last interaction with Wishing Tree.
Use and Disclosure of PII
If you do provide us with PII, Wishing Tree may contact you based on the information you provide to communicate with you about Wishing Tree activities that may be of interest to you and your family.
Wishing Tree will use its best efforts to never disclose any PII about you to any third-party for purposes unrelated to Wishing Tree without having received your permission except as provided for herein or otherwise as permitted or required under applicable law.
We do not rent or sell PII, including information provided about children, to third-parties. Wishing Tree may share PII with trusted service providers, such as payment processors, technology partners or other providers that need access to your information to provide operational or other support services while you are a Wishing Tree member or program participant. In certain circumstances, we may also share information with select similar nonprofit organizations that may offer activities of interest to you.
We may also provide PII to regulatory authorities and law enforcement officials in accordance with applicable law or when we otherwise believe in good faith that the provision of such information is required or permitted by law, such as in connection with the investigation or assertion of legal defenses or for compliance matters.
Collection of Payment Transaction Information
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
Collection of Non-Personally Identifiable Information
We collect non-personally identifiable information without limitation, through the use of the following types of methodology:
- “Cookie” technology: A cookie is an element of data that a website can send to your browser, which may then store it on your system to help enhance your experience in using our sites and to provide us with technical information about your usage.
- IP address tracking: An IP address is a number that is assigned to your computer when you are on the Internet. When you request pages from our Sites, our servers log your IP address.
- Web beacons: A web beacon, or “clear gif,” is a small graphic image on a webpage or web-based document that a website can use to determine information about a user.
Non-personally identifiable information might include the browser you use, the type of computer you use, technical information about your means of connection to our websites (such as the operating systems and the Internet service providers utilized) and other similar information. Our systems may also automatically gather information about the areas you visit and search terms you utilize on our websites and about the links you may select from within the sites to other areas of the World Wide Web or elsewhere online.
Although an industry-standard do-not-track (DNT) protocol has not yet been established, Wishing Tree’s information collection and disclosure practices and the choices it offers to consumers will continue to operate as described in this Policy.
Use of Non-Personally Identifiable Information
We use non-personally identifiable information for our purposes related to running Wishing Tree and their programs, and, in particular, to administering websites, and, in the aggregate, to determine what technologies are being used. We may also share aggregate, non-personally identifiable information with third-parties.
Collection of Sensitive Information
Where necessary, Wishing Tree may collect certain sensitive information from you, including
- payment card or bank account information to process fees or donations; and
- health information in connection with various fitness programs, programs in which we are responsible for supervising children, health screenings or other health service events that we may provide from time to time.
Access to sensitive information is restricted to those individuals who have a legitimate need for access. We will not use or disclose your information to third-parties unless such disclosure is necessary to accomplish the purpose for which the information is collected.
Privacy of Children
We are mindful that young people need special safeguards and privacy protection. We realize that they may not understand or be able to meaningfully consent to the provisions of our policy or be able to make thoughtful decisions about the choices that are made available to our adult users. We strongly urge all parents or legal guardians to participate in their children’s exploration of the Internet and any online services and to teach their children about protecting their personal information while online.
To provide the services we offer, we sometimes need to collect certain information about children in both online and offline contexts. If we ask for PII from children under 13 in connection with our online services, where required we will comply with the Children’s Online Privacy Protection Act (COPPA), including taking additional steps to protect the privacy of such information, including
- obtaining verifiable consent from the parent or legal guardian of the child before collecting or using the child’s PII;
- notifying parents about what PII is being requested and how that PII will be used and/or shared, such as through this policy;
- limiting the online collection of PII from children to no more than is reasonably necessary to accomplish the purpose of the collection;
- giving parents a description of and access to the PII we have collected from their children;
- offering them the opportunity to request that such PII be changed or deleted;
- offering them an opportunity to prevent any further use or collection of information about their children; and
- maintaining reasonable procedures to ensure the confidentiality, security and integrity of the personal information collected.
We may also need to collect certain information about children and minors in an offline context, such as when
- a parent or legal guardian of a minor signs up for a membership including the child at our location, or for a program or camp we offer at another location; and
- minors visit our facilities without a membership, where we may collect information about them to be able to contact their parent or legal guardian to notify them of an injury or other issues involving the minor.
Links to Other Sites
Users may find other content on our websites that link to the sites and services of other third-parties. We do not control the content or links appearing on these sites. Third-party sites or services, including their content and links, may be constantly changing and may have their own privacy policies and customer service policies. We encourage you to review the privacy policies of any third-party sites or services before providing any of them with your personal information.
If you opt-in to receive information from us, you can change your mind later. If at any time you would like to stop receiving such information or opt out of a feature, you may change your options by contacting firstname.lastname@example.org. You should be aware, however, that it is not always possible to completely remove or modify information in our databases and servers, although we will make reasonable efforts to do so upon your request, and we are unable to have your information removed from the records of any third-party who has been provided with your information in accordance with this policy.
Personal Data Access and Accuracy
You may contact Wishing Tree with inquiries or complaints regarding the use of information about you. We will use reasonable efforts to grant reasonable requests to access data about the requester. We will also make reasonable requests to correct any incorrect or misleading data about the requester.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
Age of Consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
Wishing Tree takes appropriate administrative, technical and physical measures to safeguard against unauthorized processing of personal information, and against the accidental loss of, or damage to, personal data. We maintain appropriate physical, electronic and procedural safeguards to protect your personal information collected via the website. Access to information is restricted to employees who need to know information in the course of providing operations or services. However, Wishing Tree cannot provide an absolute guarantee of the security of any of our websites or any other site on the Internet.
Updating your Personal Information
You can update your personal information by emailing us at email@example.com. Please do not send Social Security numbers or other sensitive information to us via unencrypted email.
Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org.