top of page

Privacy Policy

Your privacy is important to us. View our policies on how we keep your information safe. 

Privacy Policy

Last updated: September 23, 2025
Eight48 Ministries (“Eight48,” “we,” “our,” or “us”) is committed to protecting the privacy of everyone who interacts with our organization. This Privacy Policy explains how we collect, use, protect, and share your personal information across all Eight48 activities, whether you engage with us online, at events, through donations, or in our community programs.
By using our website, participating in our programs, or sharing your information with us, you agree to the terms of this Privacy Policy.
1. Information We Collect
We may collect the following categories of personal information:

  • Identity & Contact Information: name, mailing address, email address, phone number.

  • Donation & Payment Information: transaction details, billing information. (Processed securely by PCI DSS–compliant payment providers. We do not store credit card numbers or CVV codes.)

  • Participation Information: event registrations, volunteer applications, prayer requests, program sign-ups.

  • Communications: messages, feedback, or requests sent to Eight48.

  • Technical Data: IP addresses, device/browser details, site usage analytics, cookies.

  • Optional Information: demographic data, personal stories, or preferences you choose to share.

2. How We Use Your Information
We use your personal information to:

  • Provide and manage Eight48 programs, ministries, and events.

  • Process donations and provide tax receipts.

  • Respond to inquiries, prayer requests, or pastoral care needs.

  • Communicate about upcoming events, resources, and opportunities.

  • Manage volunteer engagement and community involvement.

  • Improve our website, services, and outreach efforts.

  • Comply with legal, regulatory, and financial obligations.

3. Your Responsibilities as a Cardholder

  • Eight48 does not store credit card information on our systems.

  • Cardholders are responsible for keeping their personal financial information secure.

  • We recommend monitoring your statements regularly and reporting unauthorized activity directly to your bank or card issuer.

4. Data Security
We protect your personal information through:

  • Encryption (HTTPS/SSL) for all website traffic.

  • Secure servers with firewalls, intrusion monitoring, and access controls.

  • Limited access to personal data by authorized staff only.

  • Regular reviews of our security practices in alignment with PCI DSS and data protection standards.

5. Data Sharing
We do not sell or trade your personal information. We may share data only:

  • With trusted third-party vendors who provide services on our behalf (e.g., payment processors, email platforms).

  • When required by law, regulation, or legal process.

  • To protect the safety, rights, or property of Eight48, our community, or others.

6. Data Retention

  • Personal data is retained only as long as necessary for ministry, operational, and legal purposes.

  • When no longer needed, data is securely deleted or destroyed.

7. Cookies & Online Tracking

  • Our website may use cookies or similar technologies to improve functionality and analyze site traffic.

  • You can disable cookies in your browser settings, but some site features may not work correctly.

8. Children’s Privacy

  • Eight48 does not knowingly collect or store personal information from children under 13 without parental consent.

  • If such information is discovered, it will be deleted promptly.

9. Your Rights
Depending on your location, you may have rights to:

  • Access the personal data we hold about you.

  • Request corrections or updates.

  • Request deletion of your personal data (subject to legal/financial recordkeeping requirements).

  • Opt out of receiving non-essential communications.

10. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in law, best practices, or Eight48’s operations. Updates will be posted on this page with a revised “Last Updated” date.
11. Contact Us
If you have questions about this Privacy Policy or how your information is handled, please contact us at privacy@eight48.org
 

Information Security & PCI Compliance Policy

At Eight48 Ministries, protecting the personal and financial information of our community, donors, and partners is one of our highest priorities. We adhere to the Payment Card Industry Data Security Standards (PCI DSS) and follow strict security practices to ensure all information shared with us remains safe, confidential, and used only for its intended purpose.
1. Data Protection & Encryption

  • All payment transactions are processed through PCI DSS–compliant payment gateways.

  • We do not store credit card numbers, expiration dates, or security codes (CVV2) on Eight48 servers.

  • All data transmitted between your browser and our systems is protected by TLS 1.2+ encryption (HTTPS/SSL).

  • Any stored personal information (e.g., donor contact details) is encrypted at rest and protected by access controls.

2. Cardholder Responsibility

  • While Eight48 Ministries takes every precaution to protect your data, it is the responsibility of the cardholder to ensure the security of their personal credit card information.

  • Cardholders should never share card details by email, phone, or any unsecured method.

  • We recommend that donors regularly monitor their statements and immediately report any unauthorized charges to their card issuer.

3. Access Controls & Authentication

  • Only authorized Eight48 staff and contractors with a business need-to-know may access donor or payment information.

  • Access is restricted using unique IDs, strong passwords, and multifactor authentication (MFA).

  • All system access is regularly reviewed and revoked immediately when no longer required.

4. Network & System Security

  • Firewalls and intrusion detection/prevention systems (IDS/IPS) protect our networks.

  • Regular security patching and system updates are applied promptly.

  • Anti-malware software and endpoint protection are deployed across all systems.

  • Vulnerability scans and penetration tests are performed regularly to ensure continued security.

5. Payment Card Security

  • We comply with all PCI DSS requirements, including:

    • Using only PCI-validated service providers for payment processing.

    • Protecting cardholder data during transmission and processing.

    • Never storing full magnetic stripe data, CVV2, or PIN data.

  • Cardholder data access is logged, monitored, and restricted to authorized personnel only.

6. Monitoring & Logging

  • All access to systems handling sensitive data is logged and monitored.

  • Logs are retained in accordance with PCI DSS and reviewed regularly.

  • Suspicious activity is flagged and investigated immediately.

7. Incident Response

  • Eight48 maintains a formal Incident Response Plan (IRP).

  • In the event of a suspected or confirmed security incident:

    • Systems are immediately contained and secured.

    • Affected individuals and relevant authorities are notified in compliance with applicable laws.

    • Root causes are investigated, and corrective actions are applied.

8. Data Retention & Disposal

  • Personal and payment data is retained only as long as necessary for business, legal, and compliance purposes.

  • When data is no longer required, it is securely deleted or destroyed using industry-standard methods.

9. Vendor & Third-Party Security

  • All vendors with access to payment or donor information must be PCI DSS–compliant.

  • Vendor security practices are reviewed and monitored on a regular basis.

10. Ongoing Compliance

  • Eight48 undergoes regular security reviews, self-assessments, and audits to ensure PCI DSS compliance.

  • Staff are trained on information security, data privacy, and PCI DSS requirements at least annually.

  • This policy is reviewed and updated annually or as required by changes in PCI DSS standards.

11. Contact Us
If you have questions about this policy or our information security practices, please contact us at privacy@eight48.org

Privacy Policy

A Legal Disclaimer

The explanations and information provided on this page are only general and high-level explanations and information on how to write your own document of a Privacy Policy. You should not rely on this article as legal advice or as recommendations regarding what you should actually do, because we cannot know in advance what are the specific privacy policies you wish to establish between your business and your customers and visitors. We recommend that you seek legal advice to help you understand and to assist you in the creation of your own Privacy Policy.

Privacy Policy - The Basics 

Having said that, a privacy policy is a statement that discloses some or all of the ways a website collects, uses, discloses, processes, and manages the data of its visitors and customers. It usually also includes a statement regarding the website’s commitment to protecting its visitors’ or customers’ privacy, and an explanation about the different mechanisms the website is implementing in order to protect privacy. 

 

Different jurisdictions have different legal obligations of what must be included in a Privacy Policy. You are responsible to make sure you are following the relevant legislation to your activities and location.

What to Include in the Privacy Policy

Generally speaking, a Privacy Policy often addresses these types of issues: the types of information the website is collecting and the manner in which it collects the data; an explanation about why is the website collecting these types of information; what are the website’s practices on sharing the information with third parties; ways in which your visitors an customers can exercise their rights according to the relevant privacy legislation; the specific practices regarding minors’ data collection; and much much more. 


To learn more about this, check out our article “Creating a Privacy Policy”.

bottom of page