DATA PRIVACY
DATENSCHUTZ

All personal contact information sent through our website is secure and only accessible by authorized BFA personnel. You may contact us for a full disclosure and/or requests to delete all personal data in accordance with the EU General Data Protection Regulations.

George Matthews
Data Protection Officer

dataprotection@bfacademy.de

The main BFA website (bfacademy.de or bfacademycom.wpengine.com), hereafter referred to as “BFA”, collects basic contact information for users in our system including name, title, telephone number, e-mail address, school contact, interests related to our services, event registrations, student application information, fee request information and staff inquires through CATS (catsone.com). We also collect basic information about the hardware used to access our websites and store it as a cookie including the IP address, screen dimensions and operating system of the terminal used.

BFA uses several online platforms, each for a specific purpose.

• Our main website at bfacademy.de (or bfacademycom.wpengine.com). Data is stored in a secure database. This is the primary location for all user information.
• We employ the use of a 3rd party email communication system, bloomerang.co, which also securely stores contact information and records how recipients interact with our emails. You may receive emails from this system if you have subscribed to one of our mailing lists and you can view the privacy policy at: https://bloomerang.co/privacy-policy/

BFA collects data for any or all of the following reasons:

• To communicate effectively with our constituency about our services, events and opportunities.
• To personalize your user experience and to allow us to deliver the type of content and product offerings in which you are most interested.
• To continue to grow a community of people with invested interest in the work of Christian schools here in Europe and around the world and to encourage fellowship, partnerships, personal commitment and prayer for this work.
• To quickly process data and event or student registrations with saved information.

We collect information in our online databases from current students, alumni, and those who initiate contact with us and are interested in our services. For this reason, we only delete data records at the personal request of an individual or when we determine that the individual is no longer interested in our services. Personal data associated with browsing our website collected through cookies is deleted on a rolling 12-month cycle.

A report can be requested but currently this may take up to 30 days to process because of limited resources. Please see the list at the top of this document for an idea of what data we may have on file.

An option to edit your personal data from the related system. Deleting all your personal data is possible with a request through our Contact Form.

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology. All financial transactions made outside of our website are processed through a gateway provider (e.g. wise.com or paypal.com) and are not stored or processed on our servers.

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Chrome – we know you’re not using Internet Explorer…right?) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies. If you disable cookies: Disabling cookies will turn off some of the features that make your site experience more efficient and some of our services may not function properly.

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.

Occasionally, at our discretion, we may link to third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not market to children under 13.

Should a data breach occur, we will notify the users via email within 2 business days.

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

To be in accordance with CANSPAM we agree to the following:

• NOT use false, or misleading subjects or email addresses
• Identify the message as an advertisement in some reasonable way
• Include the physical address of our business or site headquarters
• Monitor third party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly
• Allow users to unsubscribe by using the link at the bottom of emails or requesting this by email

If at any time you would like to unsubscribe from receiving future emails, you can email us at communications@bfacademy.de. Follow the instructions at the bottom of the email or simply send ‘remove’ in an email subject line and we will promptly remove you from ALL promotional correspondence.