Heart of Long Island Area Web Site Privacy Policy
In today’s age of data mining and hacks, privacy policies are crucial.
The Heart of Long Island Area Service Committee takes privacy and measured, careful oversight of your data very seriously indeed.
- If We Don’t Need It, We Won’t Take It.
There’s no such thing as “nice to have” in data access and retention. We will never ask for data “just in case we might need it in the future.” If we need it, and it’s not something that we already have, we specifically ask your permission to access any data.
If we don’t need it, we won’t ask for it, and we won’t take it.
- If We Don’t Need to Keep It, We Won’t Keep It.
It’s important to destroy/delete any of your data under our care, as soon as it’s no longer necessary.
In some cases, we may offer to retain data in order to make your experience and relationship with us more convenient. In these cases, we will specifically ask for your permission to allow us to retain your data.
- Your Data Always Belongs to You.
Your data is ALWAYS “your” data. If we need access to it, we never assume ownership of it.
You will always have the right to tell us what to do with any of your data we have in our care.
That said, it’s entirely possible that we may not be able to provide services without it, so be aware that removing your data may result in the services becoming unavailable.
Additionally, you are always allowed to ask us about your data under our care, and we should always be ready to provide you with a complete and accurate inventory of your data.
- We Take Care of Your Data.
Because we don’t own your data, we consider it our responsibility to guard and conceal your data. It will not be shared with any other party without your express, “opt-in” consent.
That said, there may be specific, one-time events, where legitimate law enforcement agencies may require us to divulge data without alerting you.
In these cases, we would insist that they follow procedure and process; providing us with the appropriate orders and warrants.
The best way to deal with these eventualities, of course, is to follow Rule #1 (If We Don’t Need It, We Don’t Take It), and #2 (If We Don’t Need to Keep It, We Won’t).
- It is Our Responsibility to Ensure That You Understand How We Are Accessing, Storing or Using Your Data.
All of our discussions on privacy and data handling/retention will be spelled out in clear, unambiguous, English. It is important that you understand exactly what data we need, what data we keep, why we need to use it or keep it, what we are doing with it, and where that data is, at any given time.
Clear communication is OUR responsibility. We must always be prepared to help you to understand how we use any data that you entrust us with.
If you have any questions, you are ALWAYS free to ask.
- This Web Site Uses Cookies
This Web site is a standard WordPress Web site, and uses standard cookies to track logins and visitor preferences.
Cookies are text files that a Web site sends to your browser. Your browser retains this text file, and correlates it to the Web site.
The next time that your browser loads the Web site, it sends the cookies that it has stored for that site back to the Web site.
Cookies are “timed.” They have a lifespan that is set by the Web site. If the cookie is older than its lifespan, it is deleted by the browser, and not sent to the Web site.
Here are the standard cookies used by this Web site:
| Cookie name | Data stored | When does it expire? | Description |
|---|---|---|---|
| wordpress_test_cookie | The text ‘WP Cookie check’ | A session cookie, deleted when you close your web browser. | WordPress sets this cookie when you load the login page. It is used to check whether your web browser is set to reject (or allow) cookies. |
| wordpress_xxxxx | Your login authentication details in an encrypted form | A session cookie, deleted when you close your web browser. | WordPress uses these cookies to store your authentication details, and these only apply to the administration console area of the site. |
| wordpress_sec_xxxxx wordpress_logged_in_xxxxx | Your login authentication details in an encrypted form | Two Weeks (14 Days) from the time they were set. They are refreshed upon each login. | WordPress uses these cookies to store your authentication details, and these only apply to the administration console area of the site. |
| wp-settings-xxxxx wp-settings-time-xxxxx | Text indicating your preferred settings | A bit less than one year from the time they’re set. | WordPress uses this cookie to customize your view of the administration interface, and other site functionality. |
| cookie_notice_accepted | The text “true” | 30 days | This is set by the “privacy bar” that is shown at the bottom of the screen, the first time that you visit this Web site. |
This Web site does not display third-party advertisements, and does not use Google Analytics.
We do use Google’s reCAPTCHA service to vet contact form submissions. This is a Google service, and their privacy policies can be found here. You will also see the reCAPTCHA badge on this page (lower right-hand corner). This flyout badge also appears on the Contact Form, and it will direct you to the Google privacy pages.
We also use Rob Myrick’s Google Language Translator Plugin. This uses Google Translate to provide realtime, in-place page translations of this site. This will also follow Google’s privacy policies (linked above).
If you do not log in, and don’t load the login page, then your browser should not be served any cookies from this Web site.
- This Web Site Does Not Track Your Emails.
When you reach us via our contact page, the Web site does not track your email. We may retain your email on a server other than this one, but follow the principles above, regarding the custody and ownership of the data; with the significant exception that we are likely to retain the email that you send us indefinitely, as it is an explicit record of direct communication with us, and may be retained for legal and service reasons.
That said, it is still your data, and we will not share the communication with third parties without your express opt-in consent, or if there is a valid, legal and ethical reason for doing so.
Also, we will never use your email address for any purpose that does not pertain to the reason that you sent us the email.
If you ever want to be removed from any email list, please contact us. You may also reply to the email’s “From” address. We will not send you emails from a “no reply” address.
- Web Server Logging
Like most sites, our hosting server collects data from visitors, and stores them in Web Server Logs. These are files that contain information about visitors to the site. They may include your Internet Protocol (IP) address, details about your browser (or app), the time that your visit occured, its duration, along with which pages of the site you visited, and for how long.
As a general policy, these are only used in an aggregate form for determining site usage statistics (like how many site visitors we get, and which pages are most popular). If we ever look at individual data, it is generally only retroactively, for forensics.
Even though the data is available, we won’t look at individual user data, unless we believe there may be a security or legal issue.
Web server logs are stored on the server, and are usually archived for a limited time, as they are of considerable size.