Welcome to Mission Secure. Your privacy is important to us. This Privacy Policy describes how Mission Secure (“we,” “us,” or “our”) collects, uses, shares, and protects your information when you visit our website (missionsecure.org) or engage with any of our services (the “Service”).

We are committed to protecting the personal data of the nonprofits, donors, volunteers, and partners we serve. This policy adheres to U.S. and applicable international data privacy regulations, including the General Data Protection Regulation (GDPR), where applicable.

---

1. Definitions

• Personal Data: Information that identifies you as an individual (e.g., name, email address).
  
• Usage Data: Technical data about your interaction with our site or emails (e.g., IP address, browser type).
  
• Cookies: Small data files placed on your device to help websites function properly and gather analytics.
  
• Data Controller: Mission Secure, which determines how and why data is collected and used.
  
• Data Processor: Any third party that processes data on behalf of Mission Secure.
  

---

2. Information We Collect

Personal Data

We collect Personal Data when you:

• Contact us
  
• Sign up for newsletters or programs
  
• Participate in a training or assessment
  
• Make a donation or payment through our website
  

This may include:

• Name, email address, organization, job title
  
• Billing information (processed securely via Stripe or Give Lively)
  
• Demographic or service-related data you voluntarily provide
  

Usage Data

Collected automatically via website or email interactions:

• IP address, browser type/version
  
• Pages visited and duration
  
• Clicks, email opens, and referral links
  

Cookies and Tracking

Cookies help improve your experience and our analytics. You may disable cookies via browser settings. However, some features may not work as intended without them.

---

3. How We Use Your Data

We use your data to:

• Deliver and manage our services
  
• Respond to inquiries or requests
  
• Administer cybersecurity assessments or training
  
• Send email communications (opt-out available)
  
• Monitor usage trends and improve our site
  
• Comply with legal or regulatory obligations
  

---

4. Data Retention

We retain Personal Data only as long as necessary for the purpose for which it was collected, including to comply with legal obligations, resolve disputes, or maintain financial records.

Usage data is retained for internal analysis unless a longer retention period is required by law.

---

5. Data Transfers

Your data may be transferred to—and maintained on—servers outside your state or country. We ensure any such transfer is done securely and in compliance with relevant data protection laws.

---

6. Data Disclosure

We may disclose Personal Data:

• To comply with legal obligations or court orders
  
• To protect the rights, property, or safety of Mission Secure or others
  
• In connection organizational transition (with notice)
  

---

7. Data Security

We employ industry-standard security measures, including:

• Secure Google Workspace environment
  
• Access restrictions and encryption
  
• Strong password and identity access management
  

However, no method of transmission over the internet is 100% secure. We strive to use commercially acceptable means to protect your data but cannot guarantee absolute security.

---

8. Your Rights Under GDPR (EEA Residents)

If you are in the European Economic Area, you have the right to:

• Access, correct, or delete your Personal Data
  
• Object to or restrict processing
  
• Withdraw consent at any time
  
• Request data portability
  

To exercise these rights, contact us at info@missionsecure.org. You also have the right to lodge a complaint with your local data protection authority.

---

9. Service Providers

We work with trusted third-party providers to deliver and improve our services. These providers may process your data only as necessary and are contractually bound to protect your information:

• Google Analytics – website analytics
  
• Google Workspace – secure internal operations and communications
  
• HubSpot – constituent relationship management
  
• Slack – team communication and collaboration
  
• WordPress – website content management
  
• Electric Embers – secure web and email hosting
  

Each provider maintains its own privacy policy.

---

10. Payments

If you make a donation or pay for a service through our website, your payment will be securely processed through one of our third-party processors:

• Stripe – for fee-for-service assessments or partner contributions
  
• Give Lively – for online fundraising and donations
  

We do not store or process any credit card information on our servers. All payment details are handled securely and directly by the payment processors.

Both Stripe and Give Lively comply with PCI-DSS standards for secure payment processing. Each provider maintains its own privacy policy.

---

11. Links to Other Sites

Our website may link to external websites. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to read their privacy policies before sharing any information.

---

12. Children’s Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect information from children. If we become aware of such data, we will delete it immediately.

---

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated effective date. If material changes are made, we will notify you via email or prominent notice.

---

14. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:
info@missionsecure.org