Privacy Notice and Data Protection Policy
Welcome to the official website of Girl Scouts Heart of New Jersey (“GSHNJ”), a 501(c)(3) non-profit organization headquartered in Westfield, New Jersey, and chartered by Girl Scouts of the USA, headquartered in New York, NY.
We are committed to protecting your privacy and handling your personal data responsibly and transparently. This Privacy Notice describes how GSHNJ collects, uses, and protects personal information in connection with our online properties, including but not limited to www.gshnj.org.
This Privacy Notice also explains your rights under the New Jersey Data Protection Act (“NJDPA”) and the Children’s Online Privacy Protection Act (“COPPA”), and how GSHNJ complies with these and other applicable privacy laws. This Privacy Notice applies solely to the activities and operations of GSHNJ and not to those of Girl Scouts of the USA or any other councils.
For the purposes of this Privacy Notice, and in accordance with the NJDPA, “Personal Data” means information that is linked or reasonably linkable to an identified or identifiable person and does not include de-identified data or publicly available information. By using the official website of GSHNJ, you consent to our collection, processing, and use of your Personal Data we receive when we act as a “controller” of data, which means that we determine the purpose and means of processing personal data.
Personal Data Collection
Girl Scouts Heart of New Jersey (“GSHNJ”) collects both personal and non-personal information through its online properties, including www.gshnj.org, for our legitimate interests, including, but not limited to support membership, program participation, related activities, general business purposes, and for the purposes for which you provided the information.
1. Information You Provide Voluntarily
We collect personally identifiable information only when it is voluntarily provided by visitors. This may include your name, mailing address, email address, phone number, and payment or billing information. Examples include when you:
- Make an online donation or purchase;
- Register for a Girl Scouts program or event;
- Submit a membership or volunteer application; or
- Apply for employment or communicate with us directly.
This information is used solely by GSHNJ, Girl Scouts of the USA, or entities involved in the operation of our Site for the purposes described in this Privacy Policy.
We do not sell the information you provide, and we share it only when:
- You authorize us to do so;
- It is necessary to process a transaction or provide a requested service (for example, to process a credit-card payment); or
- Disclosure is required by law or legal process.
GSHNJ has no control over or responsibility for the data collection or use practices of third-party processors who handle online transactions, and we encourage you to read the policies of each website that you or your child visit.
2. Information Collected Automatically
When you visit our Site, certain data may be collected automatically through cookies, web beacons, and similar technologies. These technologies allow us to:
- Recognize repeat visitors and remember preferences;
- Facilitate your ongoing access to and use of the Site;
- Track usage behavior and website performance; and
- Compile aggregate, non-personal statistics that help improve our content and user experience.
Cookies are small text files that assign a unique identifier to your device; they cannot damage your system or access files. Most browsers allow you to control or disable cookies if you prefer not to permit automatic data collection. GSHNJ uses cookie technology only to obtain non-personal information, such as aggregated site-traffic metrics, and does not use cookies to collect personally identifiable data unless you have voluntarily provided it.
Use and Sharing of Personal Data
GSHNJ processes the information it collects for purposes consistent with its mission and legitimate organizational activities, including to:
- Process and fulfill online transactions, donations, or membership registrations;
- Facilitate participation in Girl Scouts programs, promotions, and events;
- Communicate with members, parents, donors, and volunteers;
- Support fundraising, marketing, and outreach efforts;
- Maintain website functionality, security, and performance; and
- Comply with applicable laws, court orders, or regulatory requirements.
Personal data is used only for the purpose for which it was collected or for compatible purposes reasonably expected by the individual.
Use of Non-Personal, Aggregated, or Anonymized Data
We may use non-personal information – alone, in aggregated form, or as anonymized data that does not identify you – for any lawful purpose, including:
- Improving our website and online services;
- Analyzing visitor behavior and usage trends; and
- Developing programs and initiatives that better serve our community.
If we ever combine anonymized or aggregated data with personal information, we will treat the combined data as personal information and apply the same protections required by applicable law.
Disclosure of Personal Data
We may share personal data with the following categories of third parties:
- Affiliated Organizations:
Other Girl Scout Councils and Girl Scouts of the USA, for membership coordination, program administration, and related communications. - Service Providers and Vendors:
Trusted partners who provide services such as email distribution, data hosting, payment processing, program delivery, order fulfillment, shipping, marketing, technical support, and data security. - Advertising Vendors:
Select vendors may receive limited data (such as names, email addresses, transactional data, and non-sensitive demographic information) to support mission-aligned outreach and communications. We do not share information relating to race, ethnicity, religion, or sexual orientation. - Government and Legal Authorities:
When required to comply with legal obligations, subpoenas, or court orders, or to protect the legal rights of GSHNJ or others. - Other Third Parties at Your Direction:
When you request or authorize us to share your data for a specific purpose.
We do not sell Personal Data to third parties in exchange for or other valuable consideration.
Your Rights Under the New Jersey Data Protection Act
Residents of New Jersey have specific rights regarding their personal data under the New Jersey Data Protection Act (NJDPA). GSHNJ respects and upholds these rights, which include the ability to access, correct, delete, and control the use of your personal information.
1. Right to Confirm and Access
You have the right to confirm whether GSHNJ is processing your personal data and to access that data. Upon verified request, we will provide you with a summary of the categories and specific pieces of personal data we maintain about you, unless providing the data would reveal trade secrets or confidential information of GSHNJ.
2. Right to Correct
You have the right to request that we correct inaccuracies in your personal data, taking into account the nature of the information and the purposes for which it is processed. We may ask you to provide documentation supporting your correction request so we can verify the accuracy of the new information.
3. Right to Delete
You have the right to request the deletion of personal data that we have collected from or about you. Certain data may need to be retained as required by law or for legitimate organizational purposes, such as fulfilling transactions you have requested, maintaining financial or legal records, or ensuring system security.
4. Right to Obtain a Copy (Data Portability)
You have the right to obtain a copy of your personal data in a portable and, where technically feasible, readily usable format that allows you to transmit it to another entity without hindrance.
We will not, however, provide any data in a manner that would disclose GSHNJ’s trade secrets or proprietary information.
5. Right to Opt Out
You have the right to opt out of the processing of your personal data for the following purposes:
- Targeted advertising;
- The sale of personal data; or
- Profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
Because GSHNJ does not sell personal data for monetary or other valuable consideration, this right primarily applies to targeted advertising or automated profiling, if applicable. You may exercise your opt-out preferences through the Girl Scouts Privacy Portal or by contacting us directly (see below).
6. How to Exercise Your Rights
To exercise the rights above, please visit the Girl Scout Privacy Portal. You may designate an authorized agent to submit a request on your behalf, provided that we receive adequate proof of authorization.
7. Right to Appeal
If you are dissatisfied with our response to your request, you have the right to appeal. Appeal instructions will be provided in our response to your initial request. Please follow the instructions we provide in our communication to you regarding the status of your request. If your appeal is denied, you may contact the New Jersey Division of Consumer Affairs in the Department of Law and Public Safety to submit a complaint.
8. Non-Discrimination
You will not be discriminated against for exercising your rights under the NJDPA. This means we will not deny you services, charge you different prices, or provide a different level or quality of service solely because you exercised your data rights.
Our Security Safeguards
The safety and security of your online experience is of the utmost concern to us. We ensure the appropriate physical, electronic, and managerial procedures are in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online.
We retain your Personal Data for only as long as we need to achieve the purposes described in this Privacy Policy or any other notice provided at the time of collection, taking into account applicable statute of limitations and records retention requirements under applicable law. We may retain your Personal Data for a longer period in the event of a complaint or in reasonable anticipation of litigation.
Credit Card Safety
Protecting the safety of your credit card information is also important to us. For card transactions we process, we use Transport Layer Security (TLS) technology to protect the security of your credit card information as it is transmitted to us. TLS is an Internet encryption technology, and a method of scrambling data as it travels from your computer to our Web site servers. We also encrypt your credit card number when we store your order and whenever we transfer that information to participating merchants.
To make sure you are accessing our secure server before you submit sensitive information, check the document for your browser for indication of a TLS connection (most browsers utilize an unbroken or closed padlock). Verify that TLS is active before submitting sensitive information to our server. To double-check, verify that the TLS or Address line of your browser for our site begins with "https."
It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when finished using a shared computer.
If you are under 18, you need parent/guardian permission to use a credit card to make purchases online.
Steps We Take To Protect The Privacy Of Children
As the safety of children is of paramount importance to us, we are committed to complying with the Children's Online Privacy Act of 1998 (COPPA), which requires us to obtain the consent of the parent or guardian to collect Personal Data from children under the age of 13 and requires us to inform parents and legal guardians about our practices for the collection and use of that Personal Data, other than contact information required to obtain parental consent. We do not knowingly collect Personal Data from children under 13 without first obtaining consent from a parent or legal guardian. With parental consent, we may collect the name, address, email address, birthdate, account information, and user-generated content from children under the age of 13. We encourage children to use an alias (e.g., "Bookworm," "Skater," etc.), first name, nickname, initials, or another alternative to full names or screen names that correspond with an email address for any activities that will involve public posting. Once a parent authorizes collection, we will use the child's Personal Data to fulfill a requested transaction, facilitate participation in programs, keep records, undertake certain marketing activities (in accordance with applicable law and any required consents), and otherwise customize or enhance the website experience for children. Sites that offer parents the opportunity to allow their children to submit Personal Data include processes for obtaining verification from parents or guardians.
Parents can revoke their consent anytime and ask us to delete any information we collected from their children. If we learn that we collected Personal Data from a child under 13 without proper consent, we will delete that data ourselves. If you believe we collected Personal Data from a minor under the age of 13 without having proper consent, please notify us by contacting our offices by email at info@gshnj.org or by phone at 908-518-4400. In such cases, we will stop collecting, using, processing, or disclosing information from that child and delete the information we have already collected. To do this or to review Personal Data collected from children, we must verify the identity of the requesting parent. To respect the privacy of parents, information collected and used for the sole purpose of obtaining verifiable parental consent or providing notice is not maintained in retrievable form by our Sites if parental consent is not obtained after a reasonable time.
Links To Other Web Sites And Services
This site may be linked to other sites and services that are not maintained by Girl Scouts Heart of New Jersey. These web sites have their own privacy policies, which you should review prior to visiting them. We have no responsibility for linked web sites and provide these links solely for the convenience and information of our visitors.
Opt Out of Communications
If you no longer wish to receive communications from GSHNJ, you may adjust your settings in your MyGS account, under “My Profile.”
For email communications, you may also select the "unsubscribe" link at the bottom of the email to have us remove your email address from the email in question. Please note that if you have signed up for more than one email list or used more than one email address, you must submit a separate opt-out request for each one.
Opt Out of Text Messages
Your mobile information will not be obtained from and/or shared with third parties or affiliates for marketing or promotional purposes.
You can opt-out of receiving further GSHNJ messages via the Messaging Service by responding to any of our text messages with any of the following replies: STOP, END, CANCEL, UNSUBSCRIBE, or QUIT.
You can opt-in by following the steps below to subscribe to our text messages.
- Go to myGS.
- Log in with your email and password and ensure that you are looking at your account page by clicking the "My Account" button in the top right.
- Click on "My Profile" along the left and then scroll to the bottom.
- At the bottom of the My Profile section, you will see "Communication Opt Ins". Make sure there is a check mark in the box to the left of the SMS Opt In link.
How To Contact Us
If you have any questions about our Privacy Policy, you can contact us at:
Girl Scouts Heart of New Jersey
Attn: Marketing & Communications Department
201 E. Grove Street
Westfield, NJ 07090
marcomm@gshnj.org
