NCHH is committed to protecting the privacy of our customers. To enhance your experience on our website and to gather some information about the kind of customers using the NCHH site, we occasionally ask for information about you.
Is My Donation Secure?
Yes, we use industry-standard SSL technology to keep your information secure.
We partner with Stripe, the industry’s established payment processor trusted by some of the world’s largest companies. Your sensitive financial information never touches our servers. We send all data directly to Stripe’s PCI-compliant servers through SSL.
Internal Cyber Security Measures
When I share my email address or other information with NCHH, how is it protected internally?
NCHH develops technology strategies, including cybersecurity risk mitigation, based on three principles to ensure solutions are appropriate for an organization of its size and needs:
- Network security: Protecting data of the organization, its donors, and the people it serves;
- Value: Evaluating cost and benefit to the organization; and
- Staff convenience: Balancing network security while allowing staff to be able to complete their job duties in a timely fashion in as few steps as possible.
NCHH maintains an ongoing cycle of identifying vulnerabilities, assessing threats, and initiating strategies to manage its cybersecurity risks. It retains a professional technology consulting firm to ensure that competent IT personnel are available to its management team to run IT operations effectively rather than draining its internal organizational resources.
All critical operational services are cloud-based. Security strategies are based on the rules governing the OSI layers and strive to empower the staff to work remotely while remaining secure. The organization’s email and cloud storage are hosted on Microsoft 365. Backup is cloud-based using the product’s retention policy. Multifactor authentication (MFA) is enabled on the platform. Spam filtering is in place for email threat protection. Self-service password reset is disabled to reduce the risk of compromise. Azure Active Directory provides another layer of protection with group policies (GPOs). Network documentation is maintained routinely.
What Personal Data We Collect and Why We Collect It
When visitors leave comments on the site, we collect the data shown in the comments form and the visitor’s IP address and browser user agent string to help with spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site, you may opt-in to save your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine whether your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me,” your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
An additional cookie will be saved in your browser if you edit or publish an article. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after one day.
Embedded Content from Other Websites
Articles on this site may include embedded content (e.g., videos, images, articles, et cetera). Embedded content from other websites behaves similarly as if the visitor has visited the other website.
Who We Share Your Data With
If you request a password reset, your IP address will be included in the reset email.
How Long We Retain Your Data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except that they cannot change their username). Website administrators can also see and edit that information.
Rights You Have Over Your Data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where We Send Your Data
Visitor comments may be checked through an automated spam detection service.
Examples Specific to the NCHH Site
Below, you’ll find descriptions of the instances when the website requests or requires information from you, what information NCHH collects, under which circumstances the information is collected, and how this will benefit you.
Email Alerts and Notifications
You have the opportunity to receive NCHH’s Healthy Housing Connections e-newsletter, email alerts, and notifications about new content on the website, and other important news and information. If you opt into this service, we’ll need to know your email address. As with all information we collect from you, we will never sell or give away this information to anyone without your prior consent.
We ask for your e-mail address when you submit a question. This allows us to contact you if we need clarifying information from you to answer your query. We may also request geographical information, such as your city, county, and/or state, in order to research laws or or codes in your area or refer you to services near you.
There are opportunities on the website for you to receive recommendations of content. All we need to know for this service is information about the topics for which you would like to receive recommendations.
When you fill out one of our online feedback forms, you have the option to let us know who you are. The more information you supply in conjunction with your feedback, the more useful that feedback is to us.
NCHH will not give away or sell any information it collects on our website. We do reserve the right to release information you’ve submitted when the law requires such release.
Cookies are small files stored on the hard drive of your computer. These files only identify your computer to our website. This enables the website to recognize you when you return to the site so that it can remember your preferences and personal settings.
Links to Other Sites
This site contains links to other sites. NCHH is not responsible for the privacy practices or the content of such websites.
This site has security measures in place to protect against the loss, misuse, and alteration of the information under our control. Detail is provided at the top of this page.
Our Use of Information
By providing information about yourself or your organization on our website, you are giving consent for NCHH to use this information internally. We reserve the right to change our policy. If our policy should change regarding the use of this information, it will be posted in this privacy statement.
Changes to Your Information
If at any time you need to make changes to the information you have supplied for your Healthy Housing Connections subscription, you may do so on the e-newsletter screen. Additionally, you may contact Christopher Bloom, Communications and Marketing Manager, at firstname.lastname@example.org or 410.992.0712.
Protecting Personal Information
NCHH collects basic name, e-mail, and address information for events and meetings. That data is stored in a database that is available only to NCHH employees internally.
NCHH will not sell or rent any of your personal information to third parties for their marketing purposes.
Latest page update: October 19, 2022.