Last updated on March 1, 2022
This Privacy Notice (“Notice”) describes how Breastcancer.org (“we,” “us,” “our”) collects, uses, shares, and discloses the personal information you provide, and your choices regarding the use, access, and correction of your personal information when you:
a) Visit our websites, such as Breastcancer.org, community.breastcancer.org, and give.breastcancer.org (our “Sites”);
b) Access, use, subscribe, join, or engage in our online discussion forums or related services offered by us, or contribute and donate to us (collectively, the “Services”); or
c) Interact with us in any way, including registering for, attending, or otherwise partaking in our events, virtual meetups, or surveys (collectively, “Marketing Activities”).
Breastcancer.org, a non-profit organization, is a leading patient-focused resource for breast health and breast cancer education and support. Our mission is to engage and empower people with research, expert information, and a dynamic peer support community to help them make the best decisions for their lives.
Information We Collect
The information we collect depends on the context of your interactions with us and the choices you make, including your privacy settings, the products and features you use, your location, and applicable law. In some cases, we receive information directly from you, such as your name and email address when you create a profile. In other cases, we receive information through your use of our Services, such as information collected through cookies when you browse our Sites.
We collect the following information when you use our Sites and Services:
Contact information – We collect your contact information when you use our Services. For example, when you join our discussion forums, we collect your name and email address.
Account information – We collect information about you and your profile (e.g., username, user ID, password, and date of profile creation). Usernames should not disclose personal information. When posting messages to the discussion forums, usernames are public.
Identity information – If you choose to create a profile and self-report on your condition, we collect information about your identity (e.g., biological sex and date of birth).
Financial information – If you choose to contribute or donate to us, we collect your financial information to process your contributions (e.g., credit card information, donation amount, billing address).
Health information – If you choose to create a profile and self-report on your condition, we collect information related to your medical history, your diagnosis, and your treatments (e.g., family history, type of breast cancer diagnosis, treatments provided).
Marketing information – When you engage with our Marketing Activities, we collect information provided by you, including through form submissions, email communications, or phone calls to inquire about us and our Services. We also collect information you provide to us when you interact with us virtually or in person in the discussion forums or at events, offer quotes or testimonials, or contact one of our giving representatives by phone or email (e.g., the nature of your communication, of your communication, your contact preferences, and any information you choose to provide to us when completing any “free text” boxes in our forms).
Social media information – We use social media features, such as the Facebook “Share” button and other sharing widgets (“Social Media Features”), and these Social Media Features collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social Media Features are hosted by the third party. Your interactions with these Social Media Features are governed by the privacy policies of the third-party providing it. When you connect your social networking service with your Breastcancer.org profile, you authorize us to access certain information about you from the social media service to provide content and services, including to help us tailor our communications to you and to develop our Services.
Any information you voluntarily provide to us, such as when you provide responses to our surveys or report an issue with our Sites (e.g., contents of a message or attachments that you send to us).
We receive information about users from third parties that provide services or support our business operations, such as payment processors. We limit our use of your personal information to the purposes described in this Notice. Personal information we receive from third parties includes:
Contact information, such as name and email address.
Financial information, such as billing address and contribution amount.
Social Media information related to our Marketing Activities, such as URLs, profile pictures, and profile ID.
When you use or interact with the Sites and Services, we automatically collect or receive certain information about your device and usage of our Sites and Services. This information includes:
Usage information – We collect information about your usage and behavior on our Sites and Services. This information includes browser type and settings, usage details (e.g., timestamps, frequency, and use pattern), language preferences, and device event information (e.g., system activity and hardware settings, application version, and amount of time spent on our Sites), information about how you interact with our Services, Marketing Activities and Sites, (e.g., clicks, scrolls, mouseovers, internal links, pages viewed, searches, page response times, download errors, and date/time stamps associated with your usage), request information (e.g., speed, frequency), the site from which you linked to us (“referring page”), and the name of the website you choose to visit immediately after ours (“exit page”), and information about other websites you have recently visited and the web browser used.
Device information – We collect information about your device automatically when you use our Sites and Services. This information includes device characteristics, location, device type, mobile network, system configuration information, model, model number, push notification tokens, unique device identifiers, (e.g., your username and password), internet protocol (IP) addresses, browser type, Internet service provider (ISP), and operating system. "IP addresses" are the equivalent of internet "mailing addresses." They tell other computers on the Internet where to send the information you have requested, such as new web pages or images.
Anonymized Statistical information – We collect anonymized statistical information about devices used to access our Services, or other aggregated, de-identified information about how you use our Sites and Services to inform our Marketing Activities and content creation, such as improving our article recommendation generator.
How We Use Information
We use the information we collect in the following ways:
Operate and provide our Sites and Services – We use your information to operate and administer our Sites, and to provide, operate, monitor, and maintain our Services. For example, we use information collected from survey responses to conduct research and create content for our Sites.
Provide and improve necessary functionality – We use your information to provide you with the necessary functionality required during your use of our Sites and Services. We also analyze how you use our Sites and Services to improve functionality, quality, and user experience.
Communicate with you about our Services – We use your personal information to communicate with you about your access to and usage of our Services, which includes sending you updates, donation solicitations, and administrative messages (e.g., notification of changes to our terms and conditions and notices, invitations to join the Service, or requests to contribute to our discussion forums).
Transactional considerations – If you choose to conduct financial transactions using our Services, we use your information to complete transactions, and send you related information (e.g., purchase confirmations, receipts, and invoices).
Handle contact and support requests – If you contact us (e.g., donation or technical help), we use your information to fulfill your requests and communicate with you. We also use your personal information to respond to your comments, questions, and requests, and provide support via email, private messages, or phone.
Develop and improve our Marketing Activities and Services – We use your personal information (e.g., IP address) to review and analyze trends, usage, and interactions with our Services, Sites, and perform other Marketing Activities to personalize and improve our Marketing Activities and Services. We also use your information to provide content and/or features that match your interests and preferences or otherwise customize our Marketing Activities and your experience with our Services. To learn more about how we track and use your information, see our Cookie Notice.
Send marketing communications – We use your personal information, according to your preferences, to communicate with you via email, surveys, newsletters, promotions, or events that we think may be of interest to you and/or provide other news or information about Breastcancer.org and/or our select partners. Please see the “Your Privacy Choices and Rights” section below to learn how to manage your communication preferences.
Promote the security of our Sites and Services – We use your information to investigate and mitigate fraudulent transactions, unauthorized access to Services, and other malicious, deceptive, fraudulent, or illegal activity.
Legal, regulatory, safety and compliance purposes – We process your information to comply with applicable laws or regulations and to review compliance with our usage terms.
Other purposes – If we need to use your personal information for other purposes not described above, we will notify you in advance and ask for your consent.
The profile you create on our site will be publicly accessible unless otherwise indicated. You may change the privacy settings of your profile through your account settings.
We share your personal information with third parties as required by law and as needed to deliver our Sites and Services. We only share personal information on a need-to-know basis where appropriate safeguards and contractual arrangements are in place and as described below.
We work with third-party service providers that require access to your information to support our operations and delivery of Services. We use industry best practices to safeguard your personal information which includes: separation of identifiable information and user-reported content, encryption of data in transit and at rest, and industry best cloud security controls and standards. The third parties that we share your information with include:
Marketing partners for our Marketing Activities, such as developing, providing, and sending promotional and advertising materials that we think may be useful, relevant, valuable, or otherwise of interest to you. We may also publicly display comments and testimonials we receive from users. Self-reported health information is never shared with third parties in relation to our Marketing Activities.
Billing and payment providers to authorize, record, settle and clear transactions.
Cloud hosting providers to provide data storage and processing services.
Corporate and information technology services to facilitate business operations and user communications.
Identity verification providers to conduct credit card verifications.
Analytics companies to perform analysis on our Marketing Activities and Services.
These service providers are authorized to use your personal information only as necessary to provide Services to us. We may use and disclose aggregate information that does not identify or otherwise relate to an individual for any purpose unless we are prohibited from doing so under applicable law.
We disclose your personal information when disclosure is:
Reasonably necessary to comply with any applicable law or regulation;
Required by law to comply with a legal process, or government request;
Necessary to enforce our agreements and this Notice;
Necessary to protect the security or integrity of our Sites and Services;
Necessary to protect against harm to the rights, property, or safety of us, you, or the public as required or permitted by law;
Necessary to respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person; or
Otherwise as directed by you.
Where required or permitted by applicable law, we protect personal information by requesting protective orders or confidentiality agreements, redacting personal information from documents prior to production or disclosure, or other legally permissible means.
We may partner with third-party advertising networks, exchanges, and social media platforms (e.g., Google) to display advertising on our Sites or to manage and service advertising on other sites and we may share personal information with them for this purpose. Please see our Cookie Notice for more information about how you can turn off tracking technologies.
We share aggregated demographic information with our partners and sponsors. Partners can include providers of content and services, such as oncology partners and financial sponsors. The aggregate demographic information we share is not linked to any personal information that can identify an individual person.
For more information, please visit Advertisement and Sponsorship Standards.
We may share or transfer your information to any person or entity in connection with a change of ownership or control by or of us or any affiliated entity (in each case whether in whole or in part). Any information relating to you that we provide related to a change in ownership or control will be treated by the parties involved in accordance with the terms of this Notice. Your personal information may be part of the transferred assets. You may be notified thereafter of any such change in ownership or control through the email address you have provided to us.
How We Transfer and Store Information
We use data hosting service providers in the United States to store your information, and we use reasonable technical measures to secure your information. We may transfer, process, or store your personal information outside of your country of residence, which may have different data protection laws than the country in which you initially provided the information, to provide our Services. To the extent required by applicable law, whenever we transfer your information, we take the appropriate steps to protect your information.
How Long We Retain Information
We retain personal information for the minimum necessary period to fulfill our legal and contractual obligations, support business operations, develop Sites and Services, resolve disputes, enforce our rights, for legitimate business purposes outlined in this Notice, and as recommended by industry standards.
How We Protect Your Information
We use reasonable and appropriate administrative, technical, and physical safeguards to protect the information that we have about you from loss, theft, and unauthorized use, access, modification, or destruction. We also require third-party service providers acting on our behalf or with whom we share your information to maintain security measures in accordance with industry standards.
Although we have security safeguards in place, we cannot guarantee absolute security in all situations. If you have any questions about our security practices, please contact us as described in the “Contact Us” section. For your own security, please do not send any confidential personal information to us outside of our Services. It is also important that you maintain the security and control of your account credentials, and not share your password with anyone.
Third-Party Services, Applications, and Websites
Our Sites and Services may contain links to other websites not operated or controlled by us. Certain third-party services, applications, or websites used to navigate to and from our Sites and Services have separate user terms and privacy notices that are independent of this Notice.
Your Privacy Choices and Rights
You have certain choices and rights when it comes to how we collect and use your personal information. Below is a summary of those choices and rights, and how to exercise them.
Opt-out of marketing communications: You may opt-out of receiving any marketing communications from us in the following ways:
Email: Click the “Unsubscribe” link within each email or by contacting us as provided in our "Contact Us" section. If you opt out of receiving marketing messages, you will continue to receive transactional communications from us regarding our Services (e.g., account updates, donation receipts, and policy updates).
Direct mail: Contact us directly as provided in our "Contact Us" section to opt out of receiving direct mail from us.
Profile deletion: If you discontinue using our Services, we can delete certain information upon request. Please note some latency in deleting this information may occur if necessary to comply with our legal obligations, resolve disputes, manage security risks, or enforce our agreements.
Discussion forum posts: Our Sites and Services offer publicly accessible User-generated Content (e.g., discussion forum posts). You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our Sites or Services please contact us. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Managing cookies and other tracking technologies: Relevant browser-based cookie controls are described in our Cookie Notice. Our Services participate in the Network Advertising Initiative (“NAI”) and Digital Advertising Alliance (“DAA”) programs to opt-out of customized or targeted advertising online. If you sign up for either of these programs, you will not see targeted ads from us on other websites based on your browsing history or other online activities. To learn more about preference-based advertising, change your preferences or to opt-out visit:
NAI opt-out: https://optout.networkadvertising.org/?c=1
DAA opt-out: https://optout.aboutads.info/?c=2&lang=EN
Do Not Track Requests: Our Site does not currently take any action when it receives a Do Not Track request. Do Not Track is a privacy preference that you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For details, including how to turn on Do Not Track, visit www.donottrack.us.
Based on your jurisdiction, you may have certain privacy rights, such as:
Request access to certain personal information we maintain about you;
Request that we update, correct, amend, erase, or restrict processing of certain personal information;
Object to some forms of automated decision-making or profiling; and
Exercise your right to data portability.
If you wish to exercise any of the above rights, see the “Contact Us” section. You may also authorize an individual to submit a verifiable consumer request relating to your personal information. Making a verifiable consumer request does not require you to create a profile with us.
If you wish to use an authorized agent to submit a request to opt-out on your behalf, you must provide the authorized agent written permission signed by you, the consumer. We may deny a request from an authorized agent if the agent cannot provide us your signed permission demonstrating that the agent is authorized to act on your behalf.
We respond to requests within a reasonable amount of time, depending on your jurisdiction. Please note that your request may be limited in certain cases, for example if complying with your request would conflict with:
Federal, state, or local law;
Exercising or defending legal claims.
Minimum Age Requirements to Use Our Services
Our Sites and Services are not directed to children under 18. To use our Sites and Services, you must be old enough to consent to the processing of your personal information in your jurisdiction. We do not knowingly collect personal information from anyone under the age of 18. If you are under the age of 18, please do not provide personal information to us. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from anyone under the age of 18 without verification or parental consent, we take steps to remove such information.
Changes to Our Privacy Notice
We periodically review and update this Notice to describe new Services or changes to our practices. You can determine when this Notice was last revised by referring to the “Updated” date at the top of this Notice. We encourage you to review the Notice whenever you interact with us to stay informed about our privacy practices and the ways that you can help protect your privacy.
If we make significant changes to this Notice, we will notify you through a prominent notice on our Site or Services or via email address that you have provided us. If you do not agree with the privacy practices disclosed in the Notice, we recommend you stop using our Sites.
To submit questions about this Notice or to update or request changes to your personal information, please contact us at firstname.lastname@example.org or write to us:
Attn: Legal – Privacy Notice Inquiry
40 East Montgomery Ave, 4th Floor
Ardmore, PA 19003