Privacy at Indiana Freedom Alliance
We are working to earn your trust every day by focusing on six key privacy principles:
Control: IFA will put you in control of your privacy with simple tools and plain choices.
Transparency: IFA will be transparent about how we collect and use your data.
Security: We will do our best to rotect the data entrusted to us by using strong security and encryption.
Strong legal protections: We will respect your local privacy laws and fight for legal protection of your privacy as a fundamental human right.
No content-based targeting: We will not use your messages, chat, files or other personal content to target ads to you.
Benefits to you: When we do collect data, we will use it to benefit you and to make your experiences better.
We respect the privacy of our visitors. We collect only such personal information as is needed to provide the Materials, information, Services, or assistance that you request.
Reasons we share personal data
We share your personal data with your consent or as necessary to complete any transaction or provide any product you have requested or authorized. For example, we share your content with third parties when you tell us to do so, such as when you send an email to a friend, share photos and documents on our cloud, or link accounts with another service. If you use an Indiana Freedom Alliance (herein, “IFA”) product provided by an organization you are affiliated with, such as an employer or school, or use an email address provided by such organization to access IFA products, we share certain data, such as interaction data and diagnostic data to enable your organization to manage the products. When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.
A client service is generally one subscribed to and used by an individual in his or her personal capacity.
In addition, we share personal data among IFA affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.
Law Enforcement Requests for Client Data
Finally, we will retain, access, transfer, disclose, and preserve personal data, including your content, or files in private folders on FileShare (https://www.fileshare.in-freedom-alliance.org/), when we have a good faith belief that doing so is necessary to do any of the following:
1. Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
2. Protect our clients (client includes but is not limited to members, visitors, and customers), for example, to prevent spam or attempts to defraud users of our products, or to help prevent the loss of life or serious injury of anyone.
3. Operate and maintain the security of our services and products, including to prevent or stop an attack on our computer systems or networks.
4. Protect the rights or property of IFA, including enforcing the terms governing the use of the services—however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of IFA, we will not inspect a client’s private content ourselves, but we may refer the matter to law enforcement.
IFA requires an official, signed document issued pursuant to local law and rules. Specifically, we require a subpoena or equivalent before disclosing non-content, and only disclose content to law enforcement in response to a warrant (or its local equivalent). Content is what our clients create, communicate, and store on or through our services, such as the words in an online messaging app exchanged between friends or business colleagues or the photographs and documents stored on FileShare or other cloud offerings. We require a warrant (or its local equivalent) before we will consider disclosing content to law enforcement. Non-content datainclude basic subscriber information, such as email address, name, state, country, ZIP code, and IP address at time of registration. Other non-content data may include IP connection history and credit card or other billing information. The IFA compliance office reviews government demands for client content/data to ensure the requests are valid, rejects those that are not valid, and only provides the data specified in the legal order. We require a valid legal demand, such as a subpoena or court order, before we will consider disclosing non-content data to law enforcement.
Abut Communications Assistance for Law enforcement Act (CALEA)
The U.S. law, Communications Assistance for Law Enforcement Act (CALEA), does not currently apply to many IFA services, including FileShare, because they are not considered telecommunications services. CALEA is a U.S. wiretapping law passed by Congress in 1994. The law requires telecommunications providers and equipment manufacturers to allow law enforcement agencies to intercept communications with a warrant. The law originally applied only to telephone conversations, but has since been expanded to cover VoIP and internet traffic.
About the Clarifying Lawful Overseas Use of Data Act or CLOUD Act (H.R. 4943)
The CLOUD Act amends the Stored Communications Act (SCA) of 1986 to make clear that law enforcement may compel U.S.-based service providers to disclose data that is in their “possession, custody, or control” regardless of where the data is located – whether it is stored in the United States or elsewhere. This law, however, does not change any of the legal and privacy protections that previously applied to law enforcement requests for data – and those protections continue to apply. IFA adheres to the same principles and client commitments related to government demands for user data.
Civil Litigation Demands for Client Data
IFA receives legal demands for client data from civil litigation parties around the world. IFA does not respond to private requests other than those received through a valid legal process. IFA adheres to the same principles for all civil proceeding legal requests as it does for government agency requests for user data, requiring nongovernmental civil litigants to follow the applicable laws, rules, and procedures for requesting customer data.
Except where prohibited by law, IFA will give prior notice to clients whose data is sought by a civil proceeding litigant. IFA sometimes receives civil proceeding legal demands that prohibit us from notifying our Client. In some cases, we request permission to notify our client or even challenge the nondisclosure order. In some cases, IFA has persuaded the requesting party that its interests in the underlying litigation will not be prejudiced by IFA providing notice.
If a nongovernmental party wants client data, it needs to follow applicable legal process–meaning, it must serve us with a valid subpoena or court order for content or subscriber information or other non-content data. For content requests, we require specific lawful consent of the account owner and for all requests we provide notice to the account owner unless prohibited by law from doing so. We require that any requests be targeted at specific accounts and identifiers. The IFA compliance office reviews civil proceeding legal requests for user data to ensure the requests are valid, rejects those that are not valid, and only provides the data specified in the legal order.
Third Party Links
Please note that some of our products include links to products of third parties whose privacy practices differ from those of IFA. If you provide personal data to any of those products, your data is governed by their privacy policies.
Information We Collect Automatically
If you visit our website to browse, read, or download information:
Your web browser automatically sends us (and we may retain) information such as the:
- Internet domain through which you access the Internet (e.g., yourServiceProvider.com if you use a commercial Internet service provider, or yourSchool.edu if you use an Internet account from your school);
- Internet Protocol address of the computer you are using;
- type of browser software and operating system you are using;
- date and time you access our site; and
- the Internet address of the site from which you linked directly to our site.
- If you request information, services, or assistance, we may disclose your personal information to those third parties that (in our judgment) are appropriate in order to fulfill your request. If, when you provide us with such information, you specify that you do not want us to disclose the information to third parties, we will honor your request. Note, however, that if you do not provide such information, it may be impossible for us to refer, respond to or fulfill your request.
- If your communication relates to a law enforcement matter, we may disclose the information to law enforcement agencies that we deem appropriate.
- The Americans with Disability Act
- The Cable Communications Policy Act of 1984
- Children’s Online Privacy Protection Act (COPPA)*
- Computer Fraud and Abuse Act
- Computer Security Act
- Consumer Credit Reporting Control Act
- California Online Privacy Protection Act
- Health Insurance Portability and Accountability Act (HIPAA)
- International Issues
We will use this information as aggregate data to help us maintain this site, e.g., to determine the number of visitors to different sections of our site, to ensure the site is working properly, and to help us make our site more accessible and useful.
We will not use this information to identify individuals, except for site security or law enforcement purposes.
We will not obtain personally-identifying information about you when you visit our site, unless you choose to provide such information.
Other Information We Collect
If you choose to identify yourself (or otherwise provide us with personal information) when you use our online forms:
How Long We Keep Information
We may keep information that will collect for an unlimited period of time.
Please note that electronic communication, particularly email, is not necessarily secure against interception. Please do not send sensitive data (e.g., Social Security, bank account, or credit card numbers) by email or web form.
We also use “web beacons” to help deliver cookies and gather usage and performance data. Our websites may include web beacons, cookies, or similar technologies from third-party service providers.
For site security purposes this Site may employ software programs to monitor network traffic. Anyone using this Site consents to the monitoring of their use by webmaster, system and security personnel.
Unauthorized use, tampering with or modification of this Site, the system—or its supporting hardware or software—may violate federal or other statutes and may subject the violator to criminal and civil penalties. In the event of unauthorized intrusion, all relevant information regarding possible violation of law may be provided to law enforcement officials.
There are several federal and state statutes that govern data privacy: