Above all, we make a difference.

Privacy Policy

Last updated: May 16, 2024

Susan G. Komen, a registered 501(c)(3) nonprofit, values your trust and is committed to protecting your privacy. This Privacy Policy is designed to communicate how we collect, use, and share your information. This Privacy Policy describes what information we collect about you, including when and how we collect it; how we use it; with whom we may share it; and what choices you have regarding our use of your information. In order to fully understand your rights, we encourage you to read this entire Privacy Policy as well as our Terms of Use.

This Privacy Policy applies to all information collected through (1) your interactions and communications with Komen, whether electronic, written or oral; (2) Komen websites or applications (“Apps”); and (3) third parties servicing Komen (collectively referred to as the “Services”). By accessing our Services or providing your information to Komen, you accept and agree to the practices described in this Privacy Policy.

For your convenience, you may review specific information about our data practices by clicking on any of the questions and statements below:

Personal Information We Receive

How We Use Personal Information

How We Share Personal Information

How We Protect Your Personal Information

Your Privacy Rights

Your Contact Preferences

Data Security

Retention

Other Notices and Disclosures

How to Contact Us

Updates to this Privacy Policy.

Personal Information We Receive

Komen collects information in support of our Mission to save lives by meeting the most critical needs of our communities and investing in breakthrough research to prevent and cure breast cancer. In general, the type of information we collect will depend on how you choose to interact with Komen and the Services we provide you. For instance, if you are a patient or caregiver contacting us for assistance, we will need different information to assist than if you are using our website to donate to Komen.

While you are engaging with Komen and utilizing our Services, Komen may collect information that identifies you as an individual or what is linked or linkable to you as an individual (“Personal Information”).

The categories of Personal Information that we may collect are outlined below:

  • Contact Information and Preferences. We may request contact information such as your name, mailing address, telephone number, e-mail address, and your preferences for how you would like to be contacted by Komen.  If you become a registered user on one or more Komen sites and/or apps, we will collect login and profile information and may also collect information about your areas of interest. We may also use third-party services to supplement or to ensure accuracy of contact information.
  • Demographic Information. We may request limited demographic information such as your gender, race or ethnicity, marital status, geographic location, and/or primary language. Depending on the Services or programs you choose to use, we may also request or collect race or ethnicity data with your consent as required.
  • Your Experience with Breast Cancer. We may receive information from you about your relationship to breast cancer or other cancers, which may include information such as whether you would like to be recognized as a survivor, your type of breast cancer or other cancers, date of diagnosis, stage, current treatment, your medical records, care providers and appointments, and medications. We may request more detailed information such as the health information provided above if you enroll in a research study or seek Services from Komen and/or its partners. In those cases where we may request or invite you to provide the foregoing information, we will do so with your consent or where there is a clear reason that we have communicated for doing so—such as where Komen is arranging your travel and accommodations for your participation in a sponsored event.
  • Financial Information. If you donate to Komen or make a retail purchase on a Komen Site, Komen uses a third-party payment service provider to collect and process payment information process your transaction. We may also collect the name of your employing company, if you would like for that company to make a matching donation. If you participate in direct services, we may collect income information to verify eligibility.
  • Inquiry Information. We collect information when you communicate with us, including when you contact Komen through our various online, phone, chat, or application channels for information or assistance. We may record your call or maintain a transcript of the communication for training and quality assurance purposes.
  • Device Information. We collect information about the computers, phones, and other devices used when interacting with our Services, including browser type, version, IP address (which may be used to infer general location at a city or county level), cookie ID, and other similar tracking technologies.
  • Activity and Usage Information. We collect information regarding your use of our Services, including your referrer URL (which is the URL for the website that you were viewing prior to visiting the website), how you were directed to the Services, which specific pages you accessed, how long you view each page, the time and date you access our Services, and anonymous traffic data.
  • Social Media Engagement. We receive information regarding your use of and engagement with Komen social media, including online public forums, discussion boards, or chat rooms. Please note that any information you post within public forums will become public and may be read, collected, and used by anyone, and is subject to our Terms of Use. If you elect to connect your social media account to a Komen account for fundraising purposes, certain Personal Information from your social media account will be shared with us. Your interactions with social media companies and the use of their features are governed by their privacy policies.
  • Employment or Volunteer Participation. If you seek employment with Komen or volunteer for Komen, we will collect information related to your role or application. For instance, we will collect employment history information if you submit a resume to Komen. If you are volunteering, we may ask about your experience in similar roles, your relationship to breast cancer or other cancers, and/or for any other background information needed for the specific role, such as background checks or licenses.
  • Other Sources. We may receive Personal Information from other sources, including third-party organizations we collaborate with to provide support services and information to patients and their caregivers. We may also receive Personal Information from other sources when we conduct fundraising campaigns, promotions, or events. In these instances, we may receive access to donor reports that include donor name, contact information, and donation amount. We also may receive your Personal Information if you respond to a cause-related marketing campaign or other promotion benefitting Komen that is conducted by a corporate partner

How We Use Personal Information

We use Personal Information for the following purposes:

  • Providing Services. We use Personal Information to provide our Services to you, including to provide you with the information, resources, and support services you request and to communicate special activities for caregivers, survivors, or those living with metastatic disease. For example, if you contact Komen to utilize Services provided by the Patient Care Center (e.g., Helpline, Screening & Diagnostics Program, Financial Assistance Program, and/or patient navigation), we may ask you for contact information, demographic information, and health information to connect you to services, education, financial assistance, and/or other resources relating to participating in research and clinical trials.
  • Fundraising. We use Personal Information to process donations and purchase transactions, including to verify identity and/or contact you for the purpose of raising money for Komen, to determine the effectiveness of fundraising campaigns and mission activities, and to send you a receipt and/or thank you for your donation.
  • Ensuring Quality. We use Personal Information to help ensure the quality of our Services, including to maintain your account, to help diagnose problems with our server, to administer our websites, to develop, evaluate, and improve our Services, to update and expand our business activities, and to provide other support services.
  • Personalization. We use Personal Information to help deliver Services that are better tailored to you, including to provide you with customized personalized services and content, to keep you informed about breast cancer-related news developments, to notify you of Komen services that may be of interest to you based on the information that you provide including clinical trials, support services, or research opportunities, and to invite you to upcoming Komen events in your area. If you choose to provide information regarding your relationship to breast cancer or other cancers, we may use this information to let you know about special activities for caregivers, survivors, those living with metastatic disease, or other targeted groups. For more information on how to control the communications and content you may receive, please review the Your Privacy Rights and the Your Contact Preferences sections below.
  • Data Analytics. We use Personal Information to conduct data analytics so that we can better understand the in­­­dividuals we serve, better communicate with you, improve our Services, and gain a greater understanding of breast cancer, breast cancer treatment and the related needs of patients and their caregivers and our constituents. This analysis can help us improve patient experiences, mission delivery, and support.
  • Research Participation. We use Personal Information to facilitate research participation, including inviting and managing your participation in research studies and processing grant applications.
  • Responding to Inquiries. We use Personal Information to respond to your inquiries, including to manage your preferences, facilitate technical support, respond to volunteer inquiries, respond to research study inquiries, and assist you if you contact Komen seeking breast cancer information or request support or Services from Komen and/or its partners.
  • Communicating with You. We may use Personal Information to communicate with you, including sending emails, newsletters, or additional content to market our Services; responding to your questions and comments; and to update you about changes to your account.
  • Security. We may use Personal Information to secure our Services, including verifying your identity and protect against malicious conduct, fraudulent activity, or unsafe experiences.
  • Other Business Purposes. We may use Personal Information for other business purposes, such as recruiting, hiring, conducting audits, fraud monitoring and prevention, and recordkeeping.
  • To Comply with Applicable Law. We may use Personal Information to comply with applicable law, including to respond to valid legal process, including, but not limited to, a search warrant, subpoena, or court order, and any other instance when we believe we are required to do so by law.

How We Share Personal Information

We may share the above categories of Personal Information with the following third parties to provide our Services:

  • Third Party Service Providers. We share Personal Information with third-parties that provide operational services on our behalf, such as website hosting, information technology and infrastructure, data analytics, email delivery, credit card processing, order fulfillment, auditing or other services, or that assist Komen in providing you with support and resources. These third parties may not use Personal Information for any other purposes.
  • Marketing, Advertising, and Analytics Partners. We may use third-party marketing, advertising, and analytics providers to provide statistics and analysis about how people are using our Services and to provide advertising and marketing for our Services, and to conduct charitable sales promotions, which may be considered targeted advertising. These third-party partners may receive information about your interactions with our Services through third-party cookies. For information about how to opt out of our use of third-party cookies that share data with these partners, see “Your Privacy Rights.” Where required by law, we will first obtain your consent before engaging in the marketing or advertising activities described.
  • Komen Partners. We may provide your information to organizations we work with to provide services, products, or programs, such as content providers, sponsors, service providers or other third parties to advance the goals of education, dissemination or information, and otherwise in fulfillment of our mission.
  • Referring Health Care Providers and Health Care Plans. If you were referred to Komen by your health care provider, we may also report back to your referring provider regarding your usage of Komen programs and services or to coordinate treatment-related services.
  • Volunteers. We may share limited Personal Information, such as contact information, with volunteers who are assisting Komen and who require the information as part of their duties. We will only share the information necessary to enable the volunteer to perform their duties.
  • Social Media. By connecting your Komen account with your social media account, you authorize us to share information with your social media account provider. For example, if you log-in to our website using your social media account, use a “like” button or use other social media features while visiting our website, those social media companies may collect information about you. You understand that your interactions with social media companies, the use of their features, and the use of the information we share will be governed by their privacy policies. Please note that any information you post within these public forums or social media pages may become public and may be read, collected, and used by anyone.
  • Nonprofit List Share. From time to time, Komen may also share donor names and mailing addresses with other nonprofit organizations on a limited basis. We do not share email addresses or health information in connection with this list exchange. You, as a donor may, at any time, request that Komen exclude your name from being shared with other nonprofit organizations. To ask that your name be excluded or to otherwise change how Komen contacts you, please email us at privacymanager@komen.org, use the contact options on our Contact Us page, or mail your request to: Susan G. Komen, 13770 Noel Road, Suite 801889, Dallas, TX 75380, Attn: Legal.
  • Memorial and Honor Giving. You may choose to honor someone whose life has been impacted by cancer by making a donation in their name. Once your gift is received and you have requested a notification be sent to the honoree or family, Komen will send a card to the honoree or family acknowledging your gift. The amount of money donated through memorial or honor donations is kept confidential, but the individual (or their immediate family in the case of a memorial donation) may be provided with the name and address of those individuals who have donated in honor of their loved one, whether in the card itself or at the request of the honoree or family. 
  • Other Uses or Disclosures of Personal Information. We may also use and disclose your Personal Information as we believe to be necessary or appropriate: (a) to comply with applicable law, which may include laws outside your country of residence, to respond to requests from public and government authorities, which may include authorities outside your country of residence, to cooperate with law enforcement, or for other legal reasons; (b) to enforce our Terms of Use; and (c) to protect our rights, privacy, safety or property, and/or that of you or others. In addition, Komen may use, disclose or transfer your information to a third-party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our organization (including in connection with any bankruptcy or similar proceedings).

How We Protect Your Information

  • Access Control. Access to data and services is limited to staff at a level that is commensurate with their assigned responsibilities.
  • Authentication. Authentication requires secure protocols, complex credentials with regular rotation, multi-factor authentication, and lockout of failed attempts. Access must be approved by management, evaluated on a consistent basis, and revoked once no longer required. Access is monitored by our Security Operations Center Team who correlate various elements to identify potential malicious activities.
  • Compliance. Komen has in place appropriate governance, risk management, and compliance practices and policies that align with industry standard information security and privacy frameworks including the Payment Card Industry’s Data Security Standards.
  • Dedicated Security Team. Komen is supported by a dedicated Information Security Team to manage its Security Operations Center, compliance, training, design, controls, and Incident Response.
  • Development. Komen’s application development team adheres to secure coding techniques from the Open Worldwide Application Security Project (OWASP). All code is peer reviewed and must undergo a series of automated and manual testing prior to being released.
  • Encryption. All data at rest is encrypted utilizing AES-256 encryption while data in transit utilizes TLS 1.2 over the Internet as well as between systems and services.
  • Networks. Networks are designed to reduce the attack surface and to segment between production and non-production systems.
  • Personnel. Komen’s Code of Conduct and applicable policies require all staff to maintain appropriate confidentiality of Komen information and receive ongoing privacy and security training.
  • Policies. Komen maintains appropriate policies, procedures, and standards relating to Information Security and Privacy. Staff must acknowledge documents and receive security specific training annually.
  • Vulnerability Management. Komen monitors for and remediates vulnerabilities of all endpoints and services within its environment. Findings are prioritized in alignment with industry practices and independent third parties are utilized to validate our methods and to advise on emerging threats.

Your Privacy Rights

Under some U.S. state laws, residents may have a right to:

  • Right of Access and/or Portability. Subject to certain limitations, you can request that we disclose the categories and/or specific pieces of Personal Information that we collect, use, disclose, and may sell, and, in some circumstances, have that data provided to you so that you can provide or “port” that data to another provider.
  • Right to Opt Out. Like many companies, we may use advertising and analytics services that are intended to analyze your interactions with our Services, based on information obtained from cookies or other trackers, including for delivering advertising to you (such as interest-based, targeted, or cross-context behavioral advertising). To opt out of the targeted advertising, follow the instructions below. You may also disable certain cookies in the “Help” function within most browsers. We do not have actual knowledge that we “sell” the Personal Information of consumers under 18 years of age. 
  • Right to Correction. You can request that we correct the Personal Information that we have collected from you under certain circumstances.
  • Right to Deletion. You can ask us to delete the Personal Information that we have collected from you, subject to certain exceptions such as to complete a transaction for you, to exercise our rights, or to comply with a legal obligation.

How to Exercise Your Rights: To exercise your applicable rights, please email us at privacymanager@komen.org, use the contact options on our Contact Us page, or mail your request to: Susan G. Komen, 13770 Noel Road, Suite 801889, Dallas, TX 75380, Attn: Legal. We are required to verify your identity to process your request and reserve the right to confirm your state residency. We will provide a substantive response within 45 calendar days of receiving your request, or inform you of the reason and extension period (up to a total of 90 days) in writing.

Please note that, before we process your request, we may ask that you provide us with additional information to verify your identity. We reserve the right to deny your request if we cannot verify your identity or an exemption applies. You may designate an authorized agent to submit your verified consumer request by providing written permission and verifying your identity, or through proof of power of attorney.

Your Contact Preferences

In addition to the rights listed above, you may update your contact preferences by following the instructions below:

  • Contact Preferences and Restrictions. We respect your privacy and recognize that you may wish to limit the ways in which we contact you. If you no longer wish to receive event emails, newsletters, or other subscriptions, you may opt-out by following the instructions in the “Updating Preferences” section below. If you register for a Komen event or sign up for a newsletter or similar subscription, you will receive communications related to that service, regardless of your prior preferences or restrictions. However, we may continue to send transaction-related emails regarding our relationship and the services you have requested.
  • Apps. You can stop collection of information by Apps by uninstalling the Apps. You may use the standard uninstall processes available as part of your device or network. To discontinue the collection of geolocation data within Apps, you can modify your privacy settings on your mobile device.
  • Updating Preferences. To inform us of any desired restrictions, please make changes through the “Manage Your Email Preferences” link at the bottom of our email communication, email us at privacymanager@komen.org, use the contact options on our Contact Us page, or mail your request to: Susan G. Komen, 13770 Noel Road, Suite 801889, Dallas, TX 75380, Attn: Legal. In addition to the above, Komen offers the following options:
    • Do not contact me by postal mail.
    • Do not contact me by telephone.
    • Do not contact me by SMS (text) message.
    • Do not contact me by email.
    • Do not share my contact information with other nonprofit organizations.
    • Do not share my contact information for other third party opportunities, marketing, or commercial purposes.
    • Do not contact me (ends all communications except transaction-related notifications).

Data Security

Komen is committed to using reasonable organizational, technical and administrative measures designed to secure the information to protect Personal Information within our organization. Unfortunately, however, no data transmission over the Internet nor any data storage system is 100% secure. While we strive to protect your information, we cannot ensure or warrant the security of such information on our or third-party sites. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us using the contact options on our Contact Us page.

Retention

Komen retains Personal Information that we receive for as long as necessary to fulfill the purpose(s) for which the information was collected, to provide our services and products, to pursue legitimate business purposes, to enforce our agreements, and comply with all applicable laws.

Other Notices and Disclosures

Children’s Privacy. You must be 18 years old to use our Services and our Services are not targeted at children. With the signed consent of the parent or guardian, children are able to participate in certain Komen events in which case Personal Information may be collected from such participating children. Other Services are not intended for individuals under the age of 18, or equivalent minimum age depending on jurisdiction, and we do not knowingly collect Personal Information from minors. If you become aware of any Personal Information we have collected from a minor, please contact us using the contact options on our Contact Us page, or mail your request to: Susan G. Komen, 13770 Noel Road, Suite 801889, Dallas, TX 75380, Attn: Legal. If we discover that we have inadvertently collected Personal Information from a person under the age of 18 or if we are provided with a verifiable parental request, we will delete the child’s information.

Links to Third-Party Websites.  Our Services may contain links to third-party websites, whose privacy practices may be different from Komen’s. This Privacy Statement does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third-party operating any website or service to which the Services link. Links to other sites do not imply Komen’s endorsement of the products or services or privacy or security practices of those websites. In addition, we are not responsible for the information collection, use, disclosure of security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM, Salesforce, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with our sites or our social media pages.

How to Contact Us

If you have questions about our Privacy Policy, want to know what Personal Information of yours Komen is in possession of, or if you have concerns regarding our privacy practices, you can email us at privacymanager@komen.org, mail your request to: Susan G. Komen, 13770 Noel Road, Suite 801889, Dallas, TX 75380, Attn: Legal, or use the contact options on our Contact Us page. Please provide a description of your comments or questions in enough detail so we can respond appropriately.

Updates to this Privacy Policy.

Since we will continue to implement new technologies and improve our services and features, we reserve the right to change this Privacy Policy from time to time, consistent with applicable law. When changes are made, we will update the date at the top of our Privacy Policy. When material changes are made, we will notify you. Otherwise, your continued use of Komen’s Services after the effective date of any modification to the Privacy Policy will be deemed to be your agreement to the updated terms.