Penpals United places the highest priority on online privacy.
You are in total control of your information and what users can see.
We never share your information.
You can report unwanted behavior and/or privacy concerns to our Privacy Team by clicking the “Flag User” button.
Penpals United, a nonprofit entity organized and existing under the laws of the State of Missouri (“PPU”) operates a social networking and diabetes information Web site (or “Web site”) located at https://www.penpalsunited.organd any other PPU-branded services provided to you by PPU (the PPU Web site and other PPU-branded services are together referred to as the “Web site”). The Web site is an online service that connects our members together socially. PPU members can profile their lives online, view each other’s profiles, and connect with others around their shared connection to type one diabetes. PPU members can make unlimited friends and connections and then use those connections to connect personally. PPU members can change their profile information at any time and can control how other members and the service communicates with them.
Minors—as defined by the laws of your jurisdiction—are prohibited from using this site without explicit and valid parental or guardian consent. We do not knowingly collect information from any minor without explicit and valid parental or guardian consent. Explicit parental or guardian consent means consent given via the email permission mechanism. Valid parental or guardian consent means that the consent received comes from the minor’s actual parent or guardian. Penpals United may rely upon receipt of consent from the email mechanism as valid parental or guardian consent.
You should also be aware that when Personally Identifiable Information is voluntarily disclosed (i.e. your name, email address, etc.) in the discussion forums or other public areas on this site, that information, along with any information disclosed in your communication, can be collected and used by third parties and may result in unsolicited messages from third parties. Such activities are beyond our control and this Policy does not apply to such information. Any submissions to chat rooms or other public areas on this site are accepted with the understanding that they are accessible to all third parties. If you do not want your comments to be viewed by third parties, you are advised not to make any submissions. Ultimately, you are solely responsible for maintaining the secrecy of your password and/or account information. Please be careful and responsible whenever you’re online.
TYPES OF INFORMATION COLLECTED
As described in the TERMS AND CONDITIONS OF USE, you may use the Web site as a “Visitor” (which means you are just browsing the Web site) or a “Registered Member” (which means you have registered as a member of the Web site). In order to register as a member of the Web site, you must complete the online registration form and create a password and unique user name. During registration you are also required to give personally identifiable information including your first name, last name, E-mail address, and date of birth. We use this information to authenticate users and to send notifications to those users relating to the Web site. Some of your registration information also becomes part of your Personal Profile.
Personal Profile Information
If you are a Registered Member, you have the option to provide profile information about yourself, such as your personal interests, gender, age, education, occupation, language, region, and health information related to diabetes which refer to as your “Personal Profile.” We encourage you to submit relevant information so we can provide you a more personalized experience on our site. We are not responsible for the personally identifiable information you choose to submit in your Personal Profile. When you update information, we usually keep a copy of the prior version for our records.
If you are a Registered Member, you have the option to add one or more pictures to your Personal Profile. Your Main Profile Picture (if you provide one) is always viewable by Registered Members.
Promotions, Contests or Surveys
From time-to-time you may be offered the opportunity to participate in a promotion, contest or survey on the Web site (we will refer to all of these activities as “Promotions”). If you participate in a Promotion, we (or a third party identified by PPU), may request additional information from you—including personally identifiable information.
Invitations and Other Communications to Non-Members
We may offer you a referral service to tell a friend (on the Web site, “Friends” are also referred to as “Connections”) about our site. If you choose to use our referral service, we will ask you for your friend’s name and E-mail address. We will automatically send your friend an initial E-mail inviting him or her to visit the Web site. PPU will store your friend’s name and E-mail address so that your friend may be added to your “friend’s list”, and also to send reminders of the invitations. PPU will not sell the E-mail addresses you provide for referrals or use that information to send any other communication besides invitations and invitation reminders. Recipients of invitations from PPU will be able to contact us at email@example.com to request that we remove this information from our database.
Information from Other Sources
We may obtain search term and search result information from some searches conducted through the Web search features; search results and links, including paid listings (such as sponsored links from Google™).
Web site Traffic Information
Cookies and Pixel Tags
A cookie is a small piece of information that a Web site can send to your browser and may then be stored on your computer’s hard drive. It acts as an anonymous tag that identifies your computer, but not you personally. A pixel tag, also known as a clear GIF or web beacon, is an invisible tag placed on certain pages of the Web site but not on your computer. When you access these pages, pixel tags generate a generic notice of that visit. They usually work in conjunction with cookies, registering when a particular computer visits a particular page. If you turn off cookies the pixel tag will simply detect an anonymous Web site visit and certain features of the Web site may not be available.
USE, SHARING, AND DISCLOSURE OF INFORMATION
Personal Information Always Shown
Registered Member information is displayed to people in order to facilitate user interaction in the PPU Web site community. The following personal information is always viewable by Registered Members: your display name and Main Profile Picture. To facilitate searching and finding friends and acquaintances on the service (discussed in more detail below), the Web site automatically recommends friends to you based on region and interests. The Website also allows users to search for other members using their display name, but only if and to the extent that you provide such information. The following sections describe additional information that may be viewable by others.
Viewing Personal Profile and Other Information
Registered Members may restrict access to their personally identifiable information, except their display name, through PPU’s “Privacy Settings” by specifying who can view your personally identifiable information: (a) only you; (b) only your friends; or (c) Everyone.
Searching Personal Profiles
The Web site includes features that allow Registered Members to search for your profile based on your display name. If your Profile matches the search criteria it will be listed in the search results.
We use third parties to provide certain administrative and service-related services on our site. These third parties may have access to all of your personal information. These third parties are prohibited from using your personally identifiable information for any other purpose.
Providing Personalized Services to You
We use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. We also use this information, which does not alone identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. If you would like to opt-out of these emails, you can do so in the “Your Account Settings” area of your Personal Profile.
We set a persistent cookie to store your passwords, so you don’t have to enter it more than once. Persistent cookies also enable us to track and target the interests of our users to enhance the experience on our site.
To improve the offerings and selection at the Web site, we may occasionally acquire subsidiaries or particular business units may be bought by or merged with another entity, entities, or individuals. In such transactions, customer information generally is one of the transferred assets but remains subject to the promises made in any preexisting privacy notice(s) (unless, of course, the individual consents otherwise). Also, in the event that PPU or substantially all of PPU’s or the Web site’s assets are acquired, all personally identifiable information will of course be one of the transferred assets. PPU reserves the right to transfer personally identifiable information to a successor in interest that acquires rights to that information as a result of the sale of PPU or substantially all of its or the Web site’s assets to that successor in interest.
Law Enforcement; Protection of PPU and Others
With Your Consent
Other than as set out above, you will receive notice when information about you might go to third parties, and you will have an opportunity to elect whether or not to share the information.
COMMUNICATIONS FROM THE WEB SITE
Other than Service-Related Announcements and Customer Service communications (each described below), you may elect to receive only specific types of notifications, by checking one or more of the options available in “Email Notifications.”
We will send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we might send you an E-mail. Generally, you may not opt-out of these communications, which are not promotional in nature.
Based upon the personally identifiable information you provide us, we will send you a welcoming E-mail to verify your username and password. We will also communicate with you in response to your inquiries, to provide the services you request, and to manage your account. We will communicate with you by E-mail, in accordance with your wishes. Generally, you may not opt-out of these communications, which are not administrative in nature.
Links to Other Sites
This Web site contains links to other sites that are not owned or controlled by PPU. Please be aware that PPU is not responsible for the privacy practices of such other sites.
We encourage you to be aware when you leave the Web site and to read the privacy statements of each and every Web site that collects personally identifiable information.
This privacy statement applies only to information collected by this Web site.
Chat Rooms, Journals and Blogs, Message Boards, Classifieds and Public Forums
Please be aware that whenever you voluntarily post public information to your chat rooms, journals, blogs, message boards, classifieds or any other public forums, that information can be accessed by the public and can in turn be used by those people to send you unsolicited communications. We are not responsible for the personally identifiable information you choose to submit in these forums.
The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of member information at any time. You have the option to securely access the Web site at https://www.penpalsunited.org.
If you have any questions about security on the Web site, you can send an E-mail to us at firstname.lastname@example.org.
USER CHOICES WITH REGARD TO ACCESS OF INFORMATION
You may correct, update or delete your Profile information, and update your registration information (by logging into your account and accessing the “My Account” option (available when logged in and viewing your Home Page).
If you do not want to receive E-mail or other mail from us (other than required service-related announcements described above), then please adjust your account setting regarding E-mail contact preferences (please see the “Your Account Settings” area of your Personal Profile). You cannot waive the applicability of the Terms and Conditions of Use and other legal notices, such as this Privacy Notice, and if you elect not to receive those notices, they will still govern your use of the Web site, and it is your responsibility to review them for changes.
All Web browsers have the ability to accept cookies, reject cookies, or to prompt the user before accepting them. The Help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. However, affecting the acceptance of cookies means that you may not be able to use such important features as accelerated ordering unless you leave them turned on.
Notice to California Residents
Under California Law, California residents have the right to request in writing from businesses with whom they have an established business relationship, (1) a list of the categories of information, such as name, address, E-mail address, and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes, and (2) the names and addresses of all such third parties. To request the above information, please write to us with a reference to California Disclosure Information at: email@example.com.
Notice to EU Residents
You should be aware that when Personally Identifiable Information is voluntarily disclosed (i.e. your name, email address, etc.) in the discussion forums or other public areas on this site, that information, along with any information disclosed in your communication, can be collected and used by third parties and may result in unsolicited messages from third parties. Such activities are beyond our control and this Policy does not apply to such information. Any submissions to chat rooms or other public areas on this site are accepted with the understanding that they are accessible to all third parties. If you do not want your comments to be viewed by third parties, you are advised not to make any submissions. Ultimately, you are solely responsible for maintaining the secrecy of your password and/or account information. Please be careful and responsible whenever you’re online.
- What data do we collect?
- What personal data do we share with third parties and who are they?
- Why do we share data outside of the EU?
- How do we keep your personal data secure?
- Your rights
- About us
- Data we collect
As a data controller we collect a variety of data in order to deliver our services. We use a service called WordPress to ensure that we collect and manage your personal data transparently, fairly and securely. Whenever we collect Personal Information from you we are open and transparent about its use, and you can access the following precise information from us:
- data we have collected from you
- the basis on which we are holding it (e.g. because you gave us consent)
- what we will do with it
- how long we will hold it for
- where it is stored
- who it might be shared with
- your rights in relation to the data, and
- information on how you can access and manage this data.
We have provided further detail below about the specific types of data we collect and our reasons for doing so.
1.1. What data do we ask you to provide to us, and why?
When you open an account with us, we may collect the following personal data: first and last name, e-mail, region, gender, age, language, personal interests, and health information related to diabetes.
- We use this data to: match your profile with other members’ profiles and promote community features within the Web site.
- We collect this data using the lawful basis: Legitimate Interest.
When we distribute surveys, we use the following data: name, e-mail.
- We use this data to: To distribute surveys to you from time-to-time.
- To capture pre, mid, post program feedback.
- We collect this data using the lawful basis: Legitimate Interest.
- Which third parties do we share data with?
When necessary to run our programs, we share personal data with Penpals United agents, employees, representatives, board members, and volunteers outside of the EU.
There are certain situations in which we may share access to your personal data without your explicit consent; for example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request, rule or regulation.
- Why do we share data outside of the EU?
We may transfer personal data to a country outside of the European Economic Area (EEA), for example to one of non-EEA personnel in the United States to maintain the functioning of Penpals United’s website. If this is the case we will ensure that the transfer is legal and your data is secure by following the EU’s guidelines.
- How do we keep your personal data secure?
We keep your data secure in a number of ways, including:
- by following internal policies of best practice and training for staff
- by using Secure Socket Layer (SSL) technology when information is submitted to us online
In the unlikely event of a breach of our security we will inform the relevant regulatory body within 72 hours and, if your personal data was involved in the breach, we shall also inform you.
- Your rights
Your personal data is yours and you have rights over it, including but not limited to:
- the right to be informed about the collection and use of your personal data
- the right of access to your personal data and any supplementary information
- the right to have any errors in your personal data rectified
- the right to have your personal data erased
- the right to block or suppressing the processing of your personal data
- the right to move, copy or transfer your personal data from one IT environment to another
- the right to object to processing of your personal data in certain circumstances, and
- rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).
To manage your data you can contact us via e-mail with any requests that you may have.
While we do not hold personal data any longer than we need to, the duration will depend on your relationship with us.
- About us
We are Penpals United and our address is 40 Shady Valley Drive, Chesterfield, MO 63017, USA. You can contact us at firstname.lastname@example.org. Penpals United has appointed an internal data protection officer for you to contact if you have any questions or concerns about our personal data policies or practices. Penpals United’s data protection officer’s name and contact information are as follows:
40 Shady Valley Drive
Chesterfield, MO 63017