Skip to content

Privacy, Refund and Security Policies

Privacy Policy

The Lancaster County Community Foundation (LCCF) respects your privacy and recognizes the need for appropriate protection and management of any personally identifiable information you choose to provide us. LCCF has established this Online Privacy Policy so that you may better understand the purpose for which we collect and use personal information.

Personal information means any information that may be used to identify an individual including, but not limited to, a first and last name, physical address, email address or other contact information, gender, job title, or other similar information.

Generally, you may browse our website without providing personal information. We do not automatically collect personal information. We may log your IP address to help track which part of our website you visit and how much time you spend there. LCCF may collect personal information when you register for an account, use certain LCCF products or services, register to attend a seminar or participate in an online survey, product discussion, training or marketing program, or ask to be included in a mailing or email list.

Access to certain LCCF Web pages requires a login and a password, for which use may be governed by a written agreement between you and LCCF. Your personal information may be retained by LCCF to verify compliance with such agreement.

Notice

LCCF will not transfer your personal information to third parties without your consent, except under the following limited conditions: (a) we have your consent to share the information; (b) we need to share your information to provide the product or service you have requested or contractually agreed to; (c) we need to transmit the information to third parties who work on behalf of LCCF to provide a product or service to you. In this instance we will only provide those companies the information they need to deliver the product or service, and they are prohibited from using that information for any other purpose; or (d) as required by law or to enforce our Terms of Use.

Data Security

Your LCCF account information is password-protected for your privacy and security. LCCF safeguards the security of the data you provide us with physical, electronic, and managerial procedures. While we intend to take reasonable and appropriate steps to protect your personal information, we cannot prepare for every eventuality.

Information Accuracy

Should you need to update, correct, or request deletion of any of your personal information or of your LCCF account, notify us by sending an email to contact us.

Children and Privacy

The LCCF website is not structured, targeted, or intended to attract children under the age of 13. LCCF does not knowingly solicit personal information from children under the age of 13 or send them requests for personal information.

Other information

This website has links to other websites. We are not responsible for, nor do we have any control over, the privacy practice or the content of such other websites, and we encourage you to learn about the privacy policies of those entities.

General Terms

By using this website, you consent to the terms of our Online Privacy Policy. Should this policy substantially change we will make that information available by posting a notice on this site. If you have any comments of questions regarding our Online Privacy Policy, please contact us.

Refund Policy

Charitable donations made on LancFound.org or ExtraGive.org are irrevocable. If there are extenuating circumstances, please contact us, and we will review your individual case.

If the donation has already been disbursed to the charity(ies) you designated, you will need to contact the charity(ies) directly to request a refund. LCCF cannot guarantee that a charity will refund your donation as this decision is entirely at the discretion of the charity.

Security Policy

Transaction Security Information

It is of utmost importance to Lancaster County Community Foundation (LCCF) to provide the highest level of security for our donors. Security involves several different elements including: operational business practices and processes, physical access, software and hardware system architectures. To ensure the highest standard of availability and reliability, LCCF uses industry leading hosting providers for its Extraordinary Give day with data centers in Dallas-Fort Worth and Washington D.C.

Transaction Security

All communications are transmitted via Secure Sockets Layer (SSL). The SSL protocol is the industry standard method for creating an encrypted, secure connection between a web browser and a web server.

Digital certificates are used to encrypt data transfers to ensure security in all communications between a website and a web server.

Credit Card Information

In order to process online transactions, an end user must provide a credit card number. In compliance with Payment Card Industry (PCI) security standards, credit card numbers are only stored by the payment gateway. Neither LCCF nor our providers have access to users’ credit card numbers.

PCI Data Security Standards Compliance

LCCF’s hosting provider is certified as compliant with PCI Security Standards. We contractually obligate our provider to adhere to PCI DSS requirements. To become PCI compliant, an organization must meet several criteria, including:

  • Maintaining specific firewall and network hardware configuration;
  • Meeting industry standards for encrypting data transactions;
  • Limiting access to cardholder data;
  • Provide regular internal and external vulnerability scans of security systems and processes to ensure ongoing compliance.
  • LCCF’s hosting provider’s quarterly scans are provided by Trustwave Security
  • LCCF’s hosting provider’s PCI DSS Qualified Security Assessor (QSA) is Lighthouse Computer Services.

Physical Information Storage

LCCF’s hosting provider database servers are stored in a secure facility with 24-hour security. Only specific individuals with electronic and physical identification are allowed access to the facility, and no one other than identified provider IT personnel can gain right of entry for ongoing maintenance needs.