Security Statement for U R My Sunshine Foundation
At U R My Sunshine Foundation, a 501(c)(3) nonprofit organization, we prioritize the security of your personal information and financial data. We are committed to maintaining the highest standards of data protection to ensure your trust and confidence when interacting with our website, galaofsunshine.org. This Security Statement outlines our practices for safeguarding your information, particularly in relation to payments processed via Stripe and ticketing managed through Tickera.
Our Commitment to Security
We implement industry-standard security measures to protect against unauthorized access, alteration, disclosure, or destruction of your data. This includes:
- Encryption: All data transmitted between your browser and our website is secured using Secure Sockets Layer (SSL) technology, ensuring end-to-end encryption.
- Access Controls: Access to sensitive data is restricted to authorized personnel only, with regular audits and monitoring to detect and respond to potential threats.
- Compliance: We adhere to relevant legal and regulatory requirements, including those applicable to nonprofits handling donations and personal information. We do not sell, rent, or lease your data to third parties.
Payment Security with Stripe
We partner with Stripe, a leading payment processor, to handle all financial transactions securely. Stripe is certified as a PCI DSS Level 1 Service Provider, the highest level of compliance for payment card security.
- Your payment information (such as credit card details) is not stored on our servers. Instead, it is tokenized and processed directly by Stripe, reducing the risk of data breaches.
- Stripe employs advanced fraud detection tools, encryption, and continuous monitoring to protect transactions.
- For more details on Stripe’s security practices, visit their documentation.
Ticketing Security with Tickera
Our event ticketing is powered by Tickera, a WordPress plugin designed for secure ticket management.
- Tickera collects necessary data (e.g., name, email, and payment details if applicable) to facilitate ticketing, but payment processing is handled through integrated services like Stripe.
- Security measures include compliance with PCI DSS standards for any payment-related functions, and data is protected using commercially acceptable methods, though no online system is 100% secure.
- Tickera does not store payment card details itself; these are managed by third-party processors. Usage data and cookies may be collected for service improvement, with options for users to manage preferences.
- For Tickera’s full privacy and security details, refer to their policy.
Data Protection Practices
- What We Collect: We may collect personal information such as your name, email address, and donation details to process transactions and communicate with you. This data is used solely for operational purposes, such as fulfilling donations or event registrations.
- Storage and Retention: Data is stored in secure, encrypted environments and retained only as long as necessary to fulfill the purposes for which it was collected, or as required by law.
- Third-Party Partners: We share limited data with trusted service providers (like Stripe and Tickera) for processing, but only under strict confidentiality agreements. These partners maintain their own robust security protocols.
- Incident Response: In the unlikely event of a security incident, we will notify affected individuals promptly and take immediate steps to mitigate risks.
Your Role in Security
We encourage you to use strong passwords, keep your software updated, and be cautious of phishing attempts. If you notice any suspicious activity related to our site, please contact us immediately.
Questions or Concerns
If you have questions about this Security Statement or our data practices, please reach out to us at support@urmysunshinefoundation.org. We review and update this statement periodically to reflect changes in our practices or legal requirements.