Privacy Policy

Last updated: 2025-10-28

Introduction

Japanese Women's Society Foundation ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit out website, https://jwsf.org, and interact with our services.

Information We Collect

Information You Provide Directly

Contact Form Submissions When you submit our contact form, we collect:

  • Name
  • Email address
  • Message content
  • Any other information you choose to provide

Event Registrations When you register for our events, we may collect:

  • Name
  • Email address
  • Phone number
  • Any other information relevant to event participation

Donations and Payments When you make a donation or payment, we collect:

  • Name
  • Email address
  • Donation amount and frequency
  • Payment information (processed securely through PayPal)

Information Collected Automatically

Website Usage Data Our hosting provider (Netlify) may automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent of pages
  • Referring website
  • Date and time of access

How We Use Your Information

We use the information we collect to:

  • Process donations and payments
  • Communicate with you about our programs, events, and activities
  • Respond to your inquiries and support requests
  • Register you for events and send event-related communications
  • Improve our website and services
  • Comply with legal obligations
  • Send newsletters and updates (with your consent)

How We Store and Protect Your Information

Data Storage We use Google Workspace as our data management platform. Specifically:

  • Contact form submissions are stored in a Google Sheet
  • Event registration information is stored in a Google Sheet
  • All data stored in Google Workspace is protected by Google's security infrastructure, including encryption in transit and at rest

Security Measures We implement appropriate technical and organization measures to protect your personal information, including:

  • Secure data transmission using SSL/TLS encryption
  • Access controls limiting who can view your information
  • Regular security assessments of our systems and practices

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Data Breach Notification In the event of a data breach that affects your personal information, we will notify you and any applicable authorities as required by law, typically within 72 hours of becoming aware of the breach.

Third-Party Services

We use the following third-party services that may collect and process your information:

Paypal

We use PayPal to process donations and payments. When you make a payment, PayPal collects and processes your payment information according to their own privacy policy. We do not store your full credit card or back account information on our servers.

PayPal Privacy Policy: https://www.paypal.com/privacy

Google Workspace (Google Sheets)

We use Google Workspace to store contact form submissions and event registrations. Google may process this data according to their privacy policy.

Google Privacy Policy: https://policies.google.com/privacy

Netlify

Our website is hosted on Netlify, which may collect certain technical information about visitors to our site.

Netlify Privacy Policy: https://www.netlify.com/privacy/

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposed outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Contact form submissions: 3 years from date of submission
  • Event registration data: 5 years after event completion
  • Donation records: 7 years; indefinitely for major gifts ($5,000+)

Your Rights

General Privacy Rights

You may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct any inaccurate information
  • Deletion: Request that we delete your personal information
  • Opt-out: Unsubscribe from marketing communications at any time
  • Portability: Request a copy of your data in a portable format

California Residents (CCPA/CPRA Rights)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: You can request information about the personal information we have collected about you in the past 12 months, including:

  • Categories of personal information collected
  • Categories of sources from which we collected personal information
  • Business or commercial purpose for collecting personal information
  • Categories of third parties with whom we share personal information
  • Specific pieces of personal information we have collected about you

Right to Delete: You can request that we delete personal information we have collected from you, subject to certain exceptions.

Right to Correct: You can request that we correct inaccurate personal information we maintain about you.

Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising purposes.

Right to Limit Use of Sensitive Personal Information: We do not use or disclose sensitive personal information for purposes other than those permitted by law.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

How to Exercise Your Rights: To exercise any of these rights, please contact us using the information provided at the end of this policy. We will respond to your request within 45 days.

Authorized Agent: You may designate an authorized agent to make requests on your behalf. We may require proof of authorization.

European Union Residents (GDPR Rights)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have specific rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing: We process your personal information based on the following legal grounds:

  • Consent: When you provide consent (e.g., submitting a contact form or making a donation)
  • Legitimate Interests: To operate our non-profit, improve our services, and communicate about our mission
  • Legal Obligations: To comply with applicable laws and regulations

Your GDPR Rights:

  • Right of Access: Obtain confirmation that we are processing your data and access to your personal data
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to our processing of your personal data
  • Right to Withdraw Consent: Withdraw consent at anytime (without affecting prior processing)
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

Data Transfers: When we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

To exercise any of these rights, please contact us using the information provided below.

Cookies and Tracking Technologies

Our website does not use cookies for tracking purposes. However, third-party services like PayPal and Netlify may use cookies. Please refer to their respective privacy policies for more information.

Children's Privacy

Our website is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete it promptly.

International Data Transfers

Your information may be transferred to and processed in the United State and other countries where our service providers operate . These countries may have data protection laws that differ from those in your country.

When we transfer personal data outside the European Economic Area (EEA) or United Kingdom, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

By using our services, you acknowledge and consent to such transfers.

Do Not Sell My Personal Information

We do not sell your personal information to third parties. We do not share your personal information for cross-context behavioral advertising. We have not sold personal information in the past 12 months.

For the purposes of this section, "sell" means the disclosure of personal information for monetary or other valuable consideration, as defined by applicable privacy laws.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Japanese Women's Society Foundation

PO Box 3233

Honolulu, HI 96801

privacy@jwsf.org

Privacy Rights Request

To exercise your privacy rights or submit a data subject request, please email us at privacy@jwsf.org with Privacy Request" in the subject line. Please include:

  • Your full name
  • Email address associated with your interaction with us
  • Description of your request
  • Proof of identify (we may request additional information to verify your identity before processing your request)

We will respond to verified requests within the timeframes required by applicable law (typically 30-45 days).