We collect, use and are responsible for certain personal information about you. When we do so we are subject to various laws in the United States, and we are responsible as “controller” of that personal information for the purposes of those laws.
It would be helpful to start by explaining some key terms used in this policy:
|We, us, our||Lester’s Feet Foundation|
|You, client||You and each member of your family about which information is disclosed to us.|
|Personal information||Any information relating to an identified or identifiable individual.|
We may collect and use the following personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you:
|Categories of Personal Information||Specific Types of Personal Information Collected|
|Identifiers||legal name, any aliases, home address, email, phone number.|
|Information that identifies, relates to, describes, or is capable of being associated with, a particular individual||signature, social security number, driver’s license number, physical characteristics or description, insurance policy number, education, employment, employment history, bank account number, business account numbers, loan numbers, or any other financial information, medical information, or health insurance information.|
|Commercial/Public information||e.g., records of real property, records of vehicle title and driving record, credit report information.|
|Inferences drawn from any of the information identified above||Used to create a profile about you or your family in order to determine qualification for assistance from us.|
This personal information is required to provide assistance to you. If you do not provide personal information we ask for, it may delay or prevent us from providing assistance to you.
We collect most of this personal information directly from you — in person, by telephone, text or email and/or via our website and apps. However, with your permission, we may also collect information:
Under data protection law, we can only use your personal information if we have a proper reason for doing so. Proper reasons include:
A legitimate interest is when we have a business reason to use your information, so long as this is not overridden by your own rights and interests.
The table below explains what we use (process) your personal information for, and our reasons for doing so:
|What we use your personal information for||Our reasons|
|To provide services to you||For the performance of our grant to you or to take steps at your request before approving aid to you.|
|To prevent and detect fraud against you or Lester’s Feet Foundation||For our legitimate interests, i.e. to minimize fraud that could be damaging for us and for you.|
|Conducting checks to identify our clients and verify their identity||To comply with our legal and regulatory obligations.|
|Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies||To comply with our legal and regulatory obligations.|
|Ensuring business policies are adhered to, e.g. policies covering security and internet use||For our legitimate interests, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you.|
|Operational reasons, such as improving efficiency, training and quality control||For our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service for you.|
|Ensuring the confidentiality of sensitive information||For our legitimate interests or those of a third party, i.e. to protect your personal identifying information and to comply with our legal and regulatory obligations.|
|Preventing unauthorized access and modifications to systems||For our legitimate interests, i.e. to prevent and detect criminal activity that could be damaging for us and for you, and to comply with our legal and regulatory obligations.|
|Credit reference checks via external credit reference agencies||For our legitimate interests, e.g. to ensure our recipients qualify for the aid they receive from us.|
We may use your personal information to send you updates (by email, text message, telephone or U.S. Mail) about our mission and services. We have a legitimate interest in your personal information for this purpose. This means we do not usually need your consent to send you communications; however, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal information with the utmost respect and never sell OR share it with other organizations for marketing purposes.
You have the right to opt out of receiving communications from us at any time by:
We may ask you to confirm or update your communications preferences if there are changes in the law, regulation, or the structure of our business.
Depending on the specifics of the assistance you receive from us, we may share your personal information with:
We only allow our service providers to handle your personal information if we are satisfied, they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers relating to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors and other legal and accounting professionals providing services to us.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We will NOT share your personal information with any other third party without your consent.
Information may be held at our offices and service providers, representatives and agents as described above (see above: “Who We Share Your Personal Information with”).
We will keep your personal information while we are providing services to you. Thereafter, we will keep your personal information for as long as is necessary:
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. When it is no longer necessary to retain your personal information, we will delete or anonymize it.
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you reside in California, you have the right under the California Consumer Privacy Act of 2018 (CCPA), as amended, to receive information:
|Disclosure of Personal Information We Collect About You||You have the right to know:|
• The categories of personal information we have collected about you;
• The categories of sources from which the personal information is collected;
• Our business or commercial purpose for collecting or selling personal information;
• The categories of third parties with whom we share personal information, if any; and
• The specific pieces of personal information we have collected about you.
|Personal Information Used for a Business Purpose||In connection with any personal information we may disclose to a third party for a business purpose, you have the right to know:|
• The categories of personal information about you that we shared and the categories of third parties to whom the personal information was shared; and
• The categories of personal information that we disclosed about you for a business purpose.
|Right to Deletion||Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:|
• Delete your personal information from our records; and
• Direct any service providers to delete your personal information from their records.
• Complete the transaction for which the personal information was collected, provide a service requested by you, or reasonably anticipated within the context of our ongoing relationship with you, or otherwise perform an agreement between you and us;
• Debug to identify and repair errors that impair existing intended functionality;
• Comply with the California Electronic Communications Privacy Act;
Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.
If you choose to contact directly by email/phone/in writing, you will need to provide us with:
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information or is someone authorized to act on such person’s behalf. Any personal information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.
You have the right to opt-out of the disclosure of your personal information. If you exercise your right to opt-out of the disclosure of your personal information, we will refrain from sharing your personal information, unless you subsequently provide express authorization for the sharing of your personal information. Keep in mind that opting-out may negatively affect the assistance and services that we provide to you.
This privacy notice was published on May 1, 2023
We may change this privacy notice from time to time. When we do, we will inform you via our website or other means of contact such as email if you are in our system.
|Our contact details:|
|PO Box 250 Dry Ridge, KY 41035|