Read
Links
Buy
Contact
Give
Pray
Legal
Summary (TLDR)
We respect your privacy. We don't sell your contact information or track individual use of our apps and web sites. We only collect information needed for security, for functioning of features like bookmarks and logins, to answer your questions, to send you information your requested, and to create aggregate, anoymized usage statistics.
If you disable or clear cookies, use a VPN to connect to our servers, and never explicitly send us information or log in, then we have no personal information about you, which means that nobody can steal it from us or legally compel us to give it to them.
We only use Internet browser cookies that are necessary for the proper operation of our sites and apps, and then only when it benefits you, our visitor.
Because we don't use cookies to aggregate data about you for any commercial purpose, nor do we sell such information, we don't have an annoying pop-up begging you for consent to use cookies.
Your browser probably has the ability to block cookies on this or all sites, and you can, but if you do, bookmarks, logins, and possibly some other features won't work for you.
This privacy Policy
applies to all of the web sites and apps published by the organization called eBible.org, a registered business name in Hawaii, United States of America,
including some operated on behalf of other organizations.
This includes (without limitation) the following domain names:
eBible.org
alkitab.pw
Baebol.org
Bible.cx
Biblias.me
BibliaTimorLeste.org
cryptography.org
cyber.Bible
e-alkitab.org
fsm.Bible
haiola.org
mljohnson.org
mpj.cx
pacificBibles.org
PNG.Bible
sainte.bible
Solomons.Bible
WorldEnglish.Bible
We respect your privacy.
We operate by the Golden Rule (
Matthew
7:12
), so we are very careful to not collect information about
you that might cause a problem for you. We are particularly sensitive
to the needs of those who might be living in areas where reading the
Holy Bible might trigger persecution. Therefore, we minimize what
personal information we collect, and what we do collect, we protect
with a combination of physically secure locations, cryptography, and
periodic security audits.
What personal data do we collect?
We only collect personal data that we need to provide the services
that we provide, and those items that we need to comply with
applicable law. It seems that most of what information we collect is
common sense, but just to be clear, we list it, below, for people who
might be interested. Unlike many Internet businesses, we are not
actually a business, and we don’t monetize our sites with
advertising or sell contact information. General advertising is potentially
confusing and might end up being a distraction or contradiction to
our primary mission of making God’s Word more easily available to
as many people as possible. Therefore, we only rarely allow any
advertising, except for the promotion of the Bible translation
agencies, missions, churches, and missionaries who make this site
possible, and then only in contexts where such promotion makes sense.
There are six kinds of personal information we may collect:
Identification associated with a login for privileged
access.
Anything you send directly to us by way of one of our web
forms, email, messaging application, file sharing service, etc.
Contact information required by an associated organization
in exchange for access to their intellectual property, which they
presumably intend to use for advertising. (This is a requirement of
some Bible translation organizations.) This will not be done without warning you, first.
Information shared with us from an associated organization
on your behalf, such as notice from
World Outreach Ministries
of a
donation received so that we can thank you for it.
Internet Protocol (IP) addresses of devices connecting to
our servers. This can sometimes be linked to a particular person,
but only when combined with other information and when that person
uses the same IP address consistently.
Web browser cookies, which are small amounts of text stored
by a web site on your browser that can be requested again by the
same web site to help improve your user experience. These, by
themselves, are not personally identifying information, but can be
used as such. We only use them as anonymous session indicators and
bookmarks, unless used in association with a login process.
How do I consent or withdraw consent to personal
information collection?
When you sign up for privileged access, send us information, or
send one of our partners information, you are consenting at that time
to that information being collected and stored. We assume that you
are smart enough to know that when you fill out a form with your
personal information, you know that you are doing that, and have the
capacity to not do it if you don’t want to. To withdraw consent,
you stop doing any of the things that involve providing personal
information, and don’t get the benefits associated with doing so.
In the case of contact information given to gain access to a Bible
translation, you may unsubscribe from the promotional emails that
other organization sends you, using the instructions in those
promotional emails.
ALL web servers collect collect IP address information, at least
as long as it takes to complete operations, and normally longer with
logs. Logs are required for security monitoring purposes. All routers
and computers between you and us have the capacity to log IP address
information. That is the way the Internet works. IP addresses are not
optional. You can, however, unlink the public IP address you use from
your identity by using a
virtual
private network (VPN)
or service like
The
Onion Router (TOR)
or both. That is under your control. On our
side, we already delete logs containing IP addresses we don’t need any more, so
there is nothing more for us to delete. We keep IP addresses long
enough for security review, and for creation of aggregate, anonymized
usage metrics. We also keep IP addresses associated with web contact
form submissions to us, to help sort out messages we want from those
we don’t want (i.e. fraudulent messages and illegal solicitations).
Although it is possible (and widespread practice) to use web
browser cookies to track your identity and browsing habits for
commercial purposes, we don’t do that. We use them to help you have
a better user experience. We also use them to help authenticate
logins for privileged access. Since these are functional requirements
of the web sites, you can’t use the full features of portions of
these sites without allowing cookies. These also don’t qualify as
personal data collection in the way we use them, so you can’t
legally compel us to stop using them, even if you live in Europe. You
can, however block the use of cookies as you see fit using the
features of a web browser. Doing so will make these features not
work, but there are still plenty of things that do work on our sites
without them.
How do we use personal information?
We use personal information in ways that we hope are common sense
and reasonable. Here are some specifics:
If
you would like us to keep in touch with you concerning
our ministry, you may add your name and email address to our
Mailchimp prayer letter mailing list at
MLJohnson.org
If you do, you may unsubscribe at any time using the link provided in
each of those emails.
Mailchimp
tracks opens and approximate location data of those emails based on
the IP addresses used in opening remote images as a measure of
mailing campaign effectiveness. We don’t share that information
with anyone else.
If
you would like to keep up with what we are doing with
Haiola
development and some of the
more technical issues of our digital Bible distribution, you may join
our
Google
Group announcement list for Haiola
. You may join or leave this
group at any time, using the instructions on the sign-up page or in
emails you receive.
If
you would like to make tax-deductible donations to help
support us, those may be made through
World
Outreach Ministries
. As required by law and sound accounting
principles, they track contact and payment information. They share
some of that information with us so that we can send thank-you notes.
They also send out receipts and monthly reminder mails, which we
appreciate.
Many people have helped us by contributing comments via email or a
web contact form
By doing so, you give us permission to keep and use your comments, along with
source information you fill out and your IP address, and to act on
them as we see fit. When a comment is incorporated into a public
domain or open access licensed work, any portion of that comment that
is used in the work also becomes dedicated to the public domain or
included in the open access license. Using our web contact form is
entirely optional. We include the IP address with submissions to
enable certain kinds of spam filtering and to hopefully reduce the
temptation to commit fraud.
Most web sites use cookies. We do too, sometimes. We do it
primarily to improve your user experience, and sometimes as an aid to
collecting aggregate usage statistics. We do not use cookies for
tracking individuals for the purpose of sending them advertising. We
do not link cookies to your identity unless it is a required part of
the way a login process works, and then only for the duration of the
login session. Some third-party web services used on our sites might
write or read cookies, as well. We have no control over their use of
cookies or IP address logging, so we minimize our use of such
services. In most cases, you can enable or disable the use of cookies
in your browser. When cookies are required for proper function of a
portion of a site and you have disabled cookies, we will present a
notice so that you can choose to enable them to use that feature if
you wish.
Our web server software logs all web server activity, including
what file or page was requested, the IP address it was sent to, the
date and time, and the browser’s identity string. Except in the
case of our web contact forms, listed above, we specifically avoid
linking your IP address to your identity. We process these log
entries to extract an approximate location using the
IP2Location
LITE database
, then anonymize both the location and the source
data. The location data is anonymized by taking the
already-approximate location given by the free version of the
geolocation database and shifting it by a random amount of up to 60
nautical miles in a random direction. Note that sometimes, the free
version of the IP2Location database does not include an IP address,
but will give a country. In that case, we use the country’s capital
as an approximate location, which can be thousands of miles from
where the actual user is, and is therefore very effective at
anonymizing the data, probably to excess. The source data is
anonymized cryptographically, then the source log is automatically
deleted. The resulting anonymized data is aggregated into into
Bible
delivery statistics
. The processed log database contains no
personally identifying information. After all of that, we can’t
tell exactly who read what part of which Bible translation, or
exactly where they were, but we can get a pretty good idea of how
many people are reading the Bible in a general geographic area, and
how much each Bible translation is being downloaded or displayed.
We sometimes get content from third parties like the
American
Bible Society
Faith
Comes by Hearing
, and
The
Jesus Film Project
. This content may be served in whole or in
part from their servers. How they handle privacy with respect to web
bugs, IP address logging, cookies, and web usage metrics is subject
to their respective privacy policies.
We act as a reseller of domain registry services for
Computer
Service Langenback GmbH
on behalf of selected partners. We
collect the personal information required by the registry to perform
that function, but shield it from public view by default.
How do we protect personal data?
Nobody can absolutely guarantee the security of personal data, or
any other sensitive data, for that matter. Indeed, major governments
and large corporations with huge IT budgets and the presumed capacity
to protect and defend their information resources repeatedly get
hacked, leaked, stolen from, embarrassed, and humiliated by some data
security oversight. Sometimes they get blind-sided by some new
vulnerability nobody anticipated, and sometimes it is just plain lack
of attention to basic security principles. We intend to not be caught
in the latter case ourselves. Therefore, we use the following
precautions:
Physical security. Our primary operations are in low-risk
areas with appropriate physical safeguards against unauthorized
access.
Cryptography. We use cryptography to authenticate access
and control to critical systems, to prevent unauthorized access to
private data, to prevent unauthorized modification of public data,
and to irreversibly anonymize some usage statistics.
Minimizing what we collect. We don’t collect personal
data we don’t need. Why would we? We don’t sell it or profit off
of it. If we don’t have it, it can’t be stolen from us.
Secure backups. We need backups to protect against data
loss or corruption, so backups are necessary, but they are all in a
secure location or encrypted (or both). This is helpful both in
protecting sensitive data and in ensuring that we can quickly and
reliably restore service when needed.
Malware scans. We regularly scan our computers and servers
for malware of various sorts, including anything that could bypass
access controls.
Software updates. We apply security patches and software
updates timely to avoid unnecessary exposure to newly-discovered
security vulnerabilities.
Security monitoring and response. We monitor logs and web
sites for suspicious activity and take appropriate action to block
suspicious activity. Every day, hundreds of attempts are made at
unauthorized access to our servers, which is not at all uncommon.
What is uncommon is that we look at the logs, analyze the nature of
the attacks, and evaluate if there is a chance that the attack may
succeed. If so, we find ways to thwart that type of attack.
Secure contact forms. We use contact forms that encrypt
data using TLS from you to the server, then use Gnu Privacy Guard to
encrypt the message from the server to the recipient.
Where do you store personal data?
We store sensitive data primarily in the United States of America.
However, backups of it may be stored in encrypted form in other
countries. It may be accessed by an authorized person remotely via
encrypted connection or carried on encrypted media when necessary,
but it is not available unencrypted outside of the USA except when
actually in use by an authorized person.
Are you
compliant?
Yes, even though we are not in the European Union. We may choose
not to respond to GDPR-related requests that do not originate from a
citizen of the European Union currently present in the European
Union, or in case of conflict of law. God’s Law, the laws of the
United States of America, and the laws of the state of Hawaii (in
that order) all take precedence over extraterritorial laws. Our
compliance with the EU GDPR is strictly voluntary, as we have no
physical presence in the EU, and because we were basically doing
things the way the GDPR required already.
If you live in Europe and have a GDPR-related request, you may
write a formal request in English, containing your full contact
information (name, mailing address, email address, and telephone
number), a signed statement that you are a citizen of the European
Union currently present in a member state of the European Union, and
the nature of your request to:
Data
Protection
Officer
c/o Michael Johnson
26 HIWALANI LOOP
MAKAWAO HI 96768-8747
USA
Note that we request paper mail for these legal requests so that we
can check the postmark of origin. You will also have to authenticate
your request by responding to an email to verify that it is indeed
yours. Personal information associated with a GDPR request is
required to make sure that we don’t provide personal information to
someone who has no right to it.
US