Privacy Policy

Effective as of: April 15, 2022

JDRF VALUES THE PROTECTION OF INDIVIDUAL PRIVACY AND IS COMMITTED TO THE PRIVACY OF THOSE WHO VISIT AND USE OUR WEBSITES. THIS DOCUMENT SETS FORTH THE PRIVACY POLICY (“PRIVACY POLICY”) FOR JDRF (“WE”, “US” OR “OUR”) WEBSITES (COLLECTIVELY, “SITES”). FOR PURPOSES OF THIS PRIVACY POLICY ONLY, REFERENCES TO “JDRF”, “WE”, “US” AND “OUR” INCLUDE jdrf.org, walk.jdrf.org, ride.jdrf.org, team.jdrf.org, and your way.jdrf.org (the “Websites”). WHERE APPLICABLE, THIS PRIVACY POLICY INCLUDES THE CHILD PRIVACY POLICY ADDENDUM. THIS PRIVACY POLICY GOVERNS THE MANNER IN WHICH JDRF COLLECTS, USES, MAINTAINS, DISCLOSES AND SECURES INFORMATION COLLECTED FROM USERS OF THE SITES, INCLUDING, BUT NOT LIMITED TO EMAIL, TEXT, AND OTHER ELECTRONIC MESSAGES BETWEEN YOU AND THIS SITE.  IT DOES NOT APPLY TO INFORMATION COLLECTED BY US OFFLINE OR THROUGH ANY OTHER MEANS, INCLUDING ON ANY OTHER WEBSITE OPERATED BY ANY THIRD PARTY.   PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT.  IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, YOUR CHOICE IS NOT TO USE OUR WEBSITES.  BY ACCESSING OR USING THE WEBSITES, YOU AGREE TO THIS PRIVACY POLICY.   THIS POLICY MAY CHANGE FROM TIME TO TIME (SEE CHANGES TO OUR PRIVACY POLICY).   YOUR CONTINUED USE OF THESE WEBSITES AFTER WE MAKE CHANGES IS DEEMED TO BE ACCEPTANCE OF THOSE CHANGES, SO PLEASE CHECK THE POLICY PERIODICALLY FOR UPDATES.  EXCEPT FOR THE LIMITED SITUATIONS MENTIONED BELOW, JDRF DOES NOT SHARE OR SELL DONOR INFORMATION COLLECTED ONLINE.

I. INFORMATION COLLECTION AND USE

Each time you visit the Sites, we collect information about you based on your consent.

A.  Personally Identifiable Information

We collect personally identifiable information about you when you visit the Sites. During your interactions with the Sites, when you register with the Sites or make a donation or agree to volunteer, we collect the following types of information:

    • your name;
    • date of birth;
    • postal address;
    • email address;
    • telephone number;
    • credit card information (for online donations);
    • your personal connection to type 1 diabetes (T1D);
    • ethnicity
    • gender
    • your preferences for receiving additional information such as newsletters;
    • IP Address;
    • internet service provider;
    • browser;
    • operating system;
    • device type;
    • screen size
    • location (country, region, state, city);
    • language preference;
    • webpages visited;
    • time spent on the websites;
    • clicks; and
    • referring websites.

We use this information, upon the following legal bases, to:

    • present our Websites and their contents to you;
    • validate Site users based on our legitimate interest in sharing information about JDRF and soliciting support;
    • facilitate participation in various JDRF services such as fundraising and community forums as offered through the Sites based on our legitimate interest in further the mission of JDRF;
    • process any donations that you make through the Sites based on your consent;
    • contact you regarding the Sites, our services, or your account based on consent/legitimate interest in promoting the fundraising and research goals of JDRF;
    • retain any emails you send us and any response we make in order to handle any follow-up questions you may have, and to measure how effectively we address your concerns based on our legitimate interest in communicating with you regarding inquiry;
    • help us enhance and optimize users’ overall Site experience, based on our legitimate interest in providing you with better and more targeted content that you find useful, we also collect information during your Site visits, such as pages most frequently accessed by you, time spent on a page or area of the Sites, mouse movements, non-sensitive text entered, the number of visits to the Sites by you, types of browser used by you, cookie preferences or search terms entered by you. We can tell the type of computer and web service that you are using, as well as its location, and the date, time, and pages that you visit. Examples of information may include your Internet access provider, your computer’s Internet protocol (IP) address, your browser and operating system, the date and time of your visit, and data based on your use of the Sites. JDRF collects and uses this information in order to, among other things, provide you with or assist in the provision of information through the Sites and to maintain the performance of the Sites;
    • use in any other way we may describe when you provide the information;
    • use for any purpose with your consent. 

You may also submit information that personally identifies you or someone you know, including any medical condition or connection to T1D, when you post to any public forum that is offered through the Sites, such as through the online forum (https://forum.jdrf.org), web logs, bulletin boards, or other forums which permit users to interact online. Any information you transmit online in such forums will be made public and JDRF cannot control nor is it responsible for the use any third party may make of such information. You should understand that any information that you submit on any public forum through the Sites is not and cannot be treated as confidential by us. Your participation on these forums and public post boards is voluntary, and you consent to full public disclosure of any personally identifiable information that you submit through such forums.  JDRF processes personal information provided in discussion forums based on its legitimate interest in promoting awareness of Type 1 diabetes.

Record Retention and Data Minimization

JDRF retains such personally identifiable information only for as long as is necessary depending on the reason for your submission (which could extend beyond the transaction that you are performing on the Sites), and collects no more personally identifiable information than is reasonably necessary to provide you with the services for which the information is collected.

Disclosure to Third Parties

We do not share this personally identifiable information with any third parties except in the very limited circumstances as noted below, in the “Disclosure of Information” section VI, and in the “Child Privacy Policy Addendum” where applicable there.

B.  Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Websites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

    • Details of your visits to our Websites, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Websites.
    • Information about your computer and internet connection, including your IP address, operating system, and browser type.

The information we collect automatically is only statistical data and does not include personal information.   It helps us to improve our Websites and to deliver a better and more personalized service, including by enabling us to:

    • Estimate our audience size and usage patterns;
    • Store information about your preferences, allowing us to customize our Websites according to your individual interests;
    • Speed up your searches; and
    • Recognize you when you return to our Websites.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies). Like most standard website servers, JDRF uses cookies and to collect information about how you use the Sites. A cookie is a small, unique text file that a website can send to your computer hard drive when you visit a website. Cookies allow us to provide visitors to our Sites with certain conveniences, such as delivering unique content or providing easy log-on access.  We also use cookies to track the path of users through our Sites, and to keep track of where they came from (for example, if they arrive via a search engine). You can choose to set your web browser to turn off cookies, but if you do, you may lose certain features when navigating on the Sites. We do not link the information we store in cookies to any personally identifiable information you submit to us through the Sites.

Web Beacons. Pages of our Websites and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit JDRF, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

II. SECURITY

A.  Encryption
We make reasonable efforts to protect personally identifiable information received from users of our Sites from unauthorized use of disclosure. We do not allow unauthorized access via the Internet to the portion of our server that contains personally identifiable information.  We use standard security protocols and mechanisms to exchange the transmission of sensitive data such as credit card information. When you enter sensitive personal information such as your date of birth and credit card information on our Sites, we encrypt it using secure socket layer (SSL) technology.

B.  Additional Safeguards
JDRF maintains reasonable physical, electronic and procedural safeguards such as intrusion prevention, intrusion detection, firewalls, disaster recovery anti-virus, anti-malware, cybersecurity awareness training, penetration testing, vulnerability scans, and mobile device management to protect the confidentiality and security of any personally identifiable information that you disclose to us. We limit access to your personally identifiable information within JDRF and JDRF’s affiliates to those employees who need to know such personally identifiable information to provide information, services and/or products to you. However, due to the nature of the Internet and computer systems, no transmission of data over the Internet is guaranteed to be completely secure, regardless of our best intentions. As such, JDRF cannot ensure or warrant the security of any personally identifiable information you transmit to us.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

III. EXTERNAL LINKS OR REFERENCES

While JDRF does not display any third party advertising on the Sites, the Sites may contain links or references to other parties’ websites, including sponsors of JDRF or JDRF’s services. JDRF is not responsible for the privacy or other practices of any such outside websites, and JDRF expressly disclaims any and all liability related to such websites. We encourage our users to consider this before deciding to visit such outside websites and to read the applicable privacy policies and terms of use of each such website.

IV. CHILDREN’S DATA/CHILDREN’S ONLINE PRIVACY PROTECTION ACT (COPPA)

We are committed to comply with any applicable laws and/or requirements that are intended to afford protection to children, such as the United States Children’s Online Privacy Protection Act. Unless you are visiting a Site for which the Child Privacy Policy Addendum is attached and applicable, use of the Sites by anyone under the age of 13 is prohibited. For the Websites, children under the age of 13 are not allowed to visit or otherwise use them.

V. COMMUNICATIONS FROM JDRF

We send all new members a series of three (3) welcome emails. From time to time, we will also send email notification, mail or call you to provide you with information concerning updates or enhancements to our services, account issues, or service-related announcements. Generally, you may not opt-out of these communications. If you do not wish to receive them, you have the option to deactivate your on-line account.

VI. DISCLOSURE OF INFORMATION

A.  Disclosure to Agents, Contractors, or Service Providers of JDRF
JDRF may need to share your information with third parties in limited circumstances. For instance, and from time to time, we may share the information you provide to us, including personally identifiable information, with outside contractors, auditors, consultants, or others hired by us to assist in providing financial, operational or research activities on our behalf. We require these parties to use such personally identifiable information only for the specifically intended and authorized purpose, on behalf of JDRF, and consistent with this Privacy Policy.  Also, personal data is be shared with third parties, such as our sponsors or third party service providers, who use this de-identified information to study and understand Site user preferences and to provide better Services and content.

B.  Disclosures to Other Charitable Organizations
JDRF participates in a list exchange in which we share very limited personally identifiable donor information with select other non-profit charitable organizations. We do this in order to enhance our ability to get and retain additional donors, which ultimately strengthens our ability to provide you with more superior services. The only personally identifiable information about donors that we share on the list exchange with these other charitable organizations is limited to the donor’s name, mailing address, and the duration of the donation made to us (such as a yearly donation). We do not share any other donor personally identifiable information with the list exchange, including the amount of the donation. If you wish to opt-out of this sharing of limited personally identifiable information with the list exchange, you may do so by contacting us in writing or email, through the address shown in this Privacy Policy below.

C.  Disclosures Required by Law
From time to time, JDRF may be required to provide personally identifiable information or non-personally identifiable information in response to a valid court order, subpoena, government investigation, or as otherwise required by law, or if we reasonably believe that you have committed unlawful acts or acts that may endanger the health or safety of another user or the general public. JDRF also reserves the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful. We may release such information when we believe that its release is reasonably necessary to protect the rights, property, and safety of others and ourselves.

D.  Opting In Through Other Venues
Please be advised that if you provide consent and allow JDRF to disclose your personally identifiable information through one JDRF venue (such as the Sites), you will be deemed to have “opted in” through all JDRF venues.

E.  Business Transitions
In the event JDRF goes through a business transition, such as a merger, being acquired by another company, bankruptcy, or selling a portion of its assets, unless personally identifiable information is collected through a Site for which the Child Privacy Policy Addendum is applicable, users’ personally identifiable information may be part of the assets transferred.

F. Enforcement of Terms of Use or this Privacy Policy
We may also disclose your personal information to enforce or apply our Terms of Use or this Privacy Policy and any other agreements with you. 

VII. UPDATING INFORMATION

You may review, request corrections, or ask that we delete the personally identifiable information we collect from you. You may do this by contacting JDRF using the contact information provided at the end of this Privacy Policy.

You have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws and, in particular, if you are located in the European Economic Area (EEA), these rights may include:

  • To access your Personal Data held by JDRF (right to access);
  • To correct inaccurate, out of date or incomplete Personal Data (right to rectification);
  • To erase your Personal Data, to the extent permitted by applicable data protection laws (right to be forgotten);
  • To restrict our processing of your Personal Data, to the extent permitted by law (right to restriction of processing);
  • To transfer your Personal Data to another controller, to the extent possible (right to data portability);
  • To object to any processing of your Personal Data carried out on the basis of our legitimate interests, for the purposes of direct marketing and any automated decision-making (right to object);
  • To the extent our processing your Personal Data is based on your consent, you have the right to withdraw your consent at any time; and
  • To communicate any concerns about our processing of your Personal Data with data protection authorities located in the EEA.

VIII. GENERAL

A.  Privacy Policy Changes
Our Privacy Policy is intended to provide you with a safe and secure experience. We reserve the right to change, modify, add or remove portions of our Privacy Policy at any time without prior notice at our sole discretion. If we decide to change our Privacy Policy, we will post those changes on the Sites and other places we deem appropriate. We will use information in accordance with the Privacy Policy under which the information was collected. All Privacy Policy changes are effective immediately upon posting. The last date on which this Privacy Policy has been updated is noted above.

B.  Consent to Receive Notices Via the Sites
By consenting to our use of your personally identifiable information to the Sites, you are agreeing that JDRF may deliver all privacy and related notices to you in the manners described in this Section.

IX. CONTACT INFORMATION

Questions or comments regarding this Privacy Policy should be directed to JDRF using the following contact information:

JDRF
Attention: Privacy Policy
200 Vesey Street, 28th Floor
New York, NY 10281
Email: privacy@jdrf.org
Telephone: 1-800-533-CURE (2873)

X. LIMITATION OF LIABILITY

YOU UNDERSTAND AND AGREE THAT ANY DISPUTE OVER PRIVACY IS SUBJECT TO THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY (WHICH INCLUDES, WHERE APPLICABLE, THE CHILD PRIVACY POLICY ADDENDUM) AND JDRF’S TERMS OF USE (INCLUDING ANY INDEMNIFICATION AND LIMITATIONS ON DAMAGES CONTAINED THEREIN).

CHILD PRIVACY POLICY ADDENDUM

Effective as of: February 3, 2022

JDRF (“WE”, “US” OR “OUR”) PRIVACY POLICY, LINKED AT THE BOTTOM OF JDRF’S WEBPAGES, DESCRIBES HOW JDRF COLLECTS AND USES PERSONALLY IDENTIFIABLE AND OTHER USER INFORMATION. THIS DOCUMENT (“CHILD PRIVACY POLICY ADDENDUM”), WHICH IS A PART OF THE PRIVACY POLICY, SETS FORTH ADDITIONAL PRIVACY POLICY TERMS AND CONDITIONS APPLICABLE TO THE COLLECTION AND USE OF SUCH INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE. THIS CHILD PRIVACY POLICY ADDENDUM DOES NOT APPLY TO T1N, HOWEVER, AND FOR PURPOSES OF THE T1N WEBSITE, CHILDREN UNDER THE AGE OF 13 ARE NOT ALLOWED TO VISIT OR OTHERWISE USE THAT WEBSITE. 

INFORMATION COLLECTION AND USE

Child Personally Identifiable Information
JDRF is a non-profit organization dedicated to finding a cure for diabetes and its complications through the support of research. We only collect as much information about a child as is reasonably necessary for a child to participate in an activity, and we do not condition his or her participation on the disclosure of more personal information than is reasonably necessary. Kids Walk is an online program designed to teach students about diabetes and to raise funds for type 1 diabetes research. You, for yourself or your child under the age of 13 for which you are a parent/legal guardian, may be prompted to provide for some or all of the following types of information (referred to as “child personally identifiable information”) in order to register, access various content or features, or otherwise participate in Kids Walk:

  • Contact information, such as name or e-mail address User name and password;
  • Geolocation information;
  • Other information, such as school, city, state, and zip code;
  • Communications preferences;
  • Search queries;
  • Comments and other information posted through interactive online features;
  • Correspondence you send to us.

We use child personally identifiable information collected through the Site to validate Site users and facilitate participation in the Kids Walk program all for the sole benefit of the participating schools and such schools’ students. We do not share, sell, rent, or transfer child personally identifiable information to any third parties except the child’s respective school where necessary to facilitate the child’s involvement in Kids Walk. JDRF does not condition a child’s participation in Kids Walk on the child disclosing more personal information than is reasonably necessary to participate in such activity.

We may disclose children’s personal information:

  • third parties we use to support the internal operations of our Websites and who are bound by contractual or other obligations to use the information only for such purpose and to keep the information confidential.
  • If we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of JDRF or others, including to:
    • protect the safety of a child;
    • protect the safety and security of the Website; or
    • enable us to take precautions against liability.
  • To law enforcement agencies or for an investigation related to public safety.

Correcting/Updating/Deleting/Deactivating Child Personal Information
A user 13 or over or the adult parent or guardian of a user under 13 may review, request corrections, ask that we delete, or refuse further collection or use of the personally identifiable information JDRF collects from such user or the child or children for which such user is the legal guardian. Such user may do this by contacting JDRF at:

Postal Address:

JDRF
Attention: Privacy Policy
200 Vesey Street, 28th Floor
New York, NY 10281
Email: privacy@jdrf.org
Telephone: 1-800-533-CURE (2873)

Consent to Receive Notices Via the Site
By using the Sites or submitting personally identifiable information to the Sites (and, for parents or guardians of children under the age of 13, having consented to your child’s use of the Sites), you are agreeing that JDRF may deliver all privacy and opt out notices to you in the manners described in the Privacy Policy.