Who we are
This website is operated by The National Shrine of Saint Frances Xavier Cabrini. Our website address is https://cabrininationalshrine.org. For privacy-specific concerns, you may contact us. If you are required to have a Data Protection Officer, their details should be listed here.
What personal data we collect and why we collect it
When visitors use our website, we collect various types of personal data:
- Data you provide directly through forms (such as event registration, prayer requests, contact forms, volunteer or donation forms), including name, email address, phone number, postal address, donation details, and your submitted message or preferences.
- Data you provide when subscribing to updates or newsletters.
- Transactional data for online donations, which may include amount, frequency, and billing details (note: sensitive payment information is handled by third-party payment processors—we do not store card numbers).
- Technical data automatically collected via cookies and similar technologies (see “Cookies” below), including IP address, browser type, pages visited, and usage activity.
- Data collected via analytics and advertising tools such as Google Analytics and Facebook Pixel, which track user activity in order to help us analyze and improve site performance and outreach efforts.
We collect this data in order to:
- Respond to inquiries, process donations, and provide requested services
- Improve our website and offerings
- Send communications you have opted in to receive
- Comply with legal obligations (for example, donation recordkeeping)
- Analyze website usage and measure marketing effectiveness
We do not collect or process special categories of data (such as health-related or sensitive personal data) unless explicitly provided by you for a specific purpose and with your clear consent.
Comments
At present, our website does not accept public comments. If we enable this feature in the future, data collected through comments would include the data shown in the comment form as well as the commenter’s IP address and browser user agent string to help spam detection.
Media
If users are able to upload media files to the website (e.g., with future features), please be aware that all uploaded files may be publicly accessible. Metadata embedded in uploaded images (such as location data) may also be viewable by others. At this time, ordinary visitors cannot upload images or other media to the site.
Contact forms
When you submit a contact form via our website, the data you enter—including your name, email address, and your message—is collected for the purpose of responding to your inquiry. We retain contact form submissions for up to [Insert Retention Period, e.g., 12 months] for customer service and administrative purposes. We do not use the information submitted through contact forms for marketing purposes unless you specifically opt in.
Cookies
Our site uses cookies for several purposes:
- To remember your preferences
- To facilitate donation transactions and secure areas of the website
- To enable analytics and marketing features (including Google Analytics and Facebook Pixel)
You can choose to disable cookies through your browser settings. Disabling certain cookies may affect website functionality.
Analytics
We use Google Analytics to collect anonymized site usage data, such as pages visited, geographic region, and referral sources, to better understand visitor trends and improve our website. You may opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on or adjusting your browser settings. For more information, please see the Google Privacy Policy.
We also use Facebook Pixel to analyze the effectiveness of our outreach and fundraising efforts on Facebook. Users can manage ad preferences and opt out of Facebook Pixel tracking via their Facebook account settings or by visiting http://www.aboutads.info/choices.
Who we share your data with
We do not sell, rent, or trade your personal information. We may share your data only with trusted third-party service providers as required for:
- Processing online donations (e.g., PayPal, Stripe, or other payment services)
- Email newsletter distribution (e.g., MailChimp, Constant Contact)
- Website analytics and marketing (Google Analytics, Facebook Pixel)
- Web hosting and IT security
Each third-party provider’s own privacy policy applies to their handling of your information (see PayPal Policies, Stripe Policies, Google, Facebook). We require service providers to safeguard your information consistent with applicable law.
We may also disclose personal data as required by law, legal process, or government request.
What rights you have over your data
Depending on your jurisdiction, you may have the right to:
- Access your personal data
- Rectify or update personal data
- Delete or restrict processing of your data
- Withdraw consent (where applicable)
- Receive a copy of your data (data portability)
- Object to use of your data for certain purposes
To exercise your rights, contact us at [Insert Contact Email]. We will respond within applicable legal timeframes.
Where your data is sent
We and our third-party processors may transfer, process, or store your data outside your country of residence, including countries outside the European Union (EU). When transferring personal data from the EU or UK, we will take steps to ensure adequate safeguards are in place (such as standard contractual clauses) and that your data is protected to the standards required by European law.
Contact information
For privacy questions or to exercise your rights, contact:
The National Shrine of Saint Frances Xavier Cabrini
- 2520 North Lakeview Avenue
Chicago, IL 60614 - Phone: 773-360-5115
- Fax: 773-432-7043
Additional information
Our site occasionally interacts with third-party platforms for donations, event management, or digital outreach. These platforms are carefully selected for compliance with privacy and security standards.
How we protect your data
We use reasonable administrative, physical, and technical safeguards—including secure connections (SSL), limited data access, strong authentication practices, and staff training—to protect your personal information. Online donations are processed through PCI-compliant third-party payment processors, and sensitive financial information is not stored by us.
What data breach procedures we have in place
We have procedures for promptly investigating and addressing actual or suspected data breaches. In the event of a breach, affected users will be notified as required by applicable law, and remedial action will be taken.
What third parties we receive data from
We do not regularly receive user data from third parties. If we begin to integrate additional data sources (e.g., for event registration), those sources and their data privacy terms will be disclosed here.
What automated decision making and/or profiling we do with user data
We do not engage in automated decision-making or profiling that would have legal or significant effects for users. Our use of analytics and remarketing tools is limited to aggregate analysis and outreach measurement, not to personalized credit, eligibility, or similar decisions.
Industry regulatory disclosure requirements
As a religious nonprofit organization in the United States, we follow all applicable federal and state data privacy requirements. If you require more details or documentation regarding regulatory compliance, please contact us at the information provided above.
This version aligns closely with your detailed, section-based requirements and includes content attuned to the Shrine’s operations (forms, donations, analytics, no comment/media uploads). If any section needs to be further customized (e.g., you have a defined Data Protection Officer, a special donor privacy clause, or specific policy dates/periods), let me know, and I’ll adjust with precision.