CHLSS

about-img
Home / Website Privacy

Website Privacy

Last Updated: 07/31/2025

Children’s Home and Lutheran Social Service of MN (“CH/LSS,” “Children’s Home,” “LSS,” “we,” “our,” or “us”) is fully committed to protecting the privacy and confidentiality of the individuals and communities we serve, including our clients, donors and volunteers.

This Privacy Policy explains how we collect, use, store, and disclose personal information in compliance with applicable laws, including the Minnesota Consumer Data Privacy Act (“MCDPA”), and outlines the rights you have under applicable law.

Categories of Information We Collect

We may collect the following categories of information:

  • Personal Information: such as identifiers (e.g., name, email address, IP address) and demographic information (e.g., age, gender, household size)
  • Commercial information (e.g., purchase history)
  • Internet or other electronic network activity (e.g., browsing history, interactions with our website or app, IP address and other information collected through our website or digital services)
  • Geolocation data
  • Inferences drawn from personal data to create a profile about your preferences
  • Protected Health Information (PHI): This includes any information about your health, health care services, or payment for those services that can be linked to you.

We do not collect sensitive data (e.g., biometric, racial/ethnic origin, precise geolocation, etc.) unless necessary and with your explicit consent.

Purposes for Collecting Personal Data

We collect personal data for the following purposes:

  • To provide and improve our services and website
  • To communicate with you
  • To personalize your user experience
  • To comply with legal obligations
  • For research and program evaluation
  • For marketing and advertising purposes (with your consent where required)
  • To comply with legal and regulatory obligations
  • Fundraising and processing donations
  • Volunteer registrations

Data Sharing and Disclosure

We may share your personal data with:

  • Trusted third-party service providers acting on our behalf (e.g., payment processors or email services)
  • Advertising and analytics partners (if applicable)
  • Government entities when required by law
  • For treatment, payment, or health care operations (if applicable)

We do not sell your personal data.

Your Rights Under the MCDPA

As a Minnesota resident, you have the following rights:

  • Right to Confirm and Access – Request confirmation of data processing and access to your personal data.
  • Right to Correct – Request correction of inaccuracies in your personal data.
  • Right to Delete – Request deletion of your personal data.
  • Right to Data Portability – Obtain a copy of your data in a portable format.
  • Right to Opt Out – Opt out of:
    • Targeted advertising
    • Sale of personal data
    • Profiling in furtherance of decisions that produce legal or similarly significant effects
  • Right to Know Which Third Parties Received Your Information

To exercise these rights, please contact us at:

We will respond within 45 days of receiving your request, as required by law.

International Transfer

Your information, including Personal Information, may be transferred to—and maintained on—computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the information, including Personal Information, to the United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Legal Basis for Processing Personal Information Under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Information we collect and the specific context in which we collect it. We may process your Personal Information because:

  • We need to perform a service for you
  • To provide you with information about services and our organization that is relevant to you
  • You have given us permission to do so
  • For payment processing purposes
  • To comply with the law

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Please contact us via this form to access, update or request deletion of your Personal Information.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Information.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right of data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please submit a request via the below form. Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Appeals

If we deny your request, you may appeal the decision by contacting us at [email protected]. If you are dissatisfied with our response, you may contact the Minnesota Attorney General at: https://www.ag.state.mn.us/.

Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law.

Health Information

When it comes to your health information, you have certain rights. This section explains your rights and some of LSS’ responsibilities to help you.

  1. You have the right to:
    1. Receive an electronic or paper copy of your medical record
      1. You can ask to see or copy an electronic or paper copy of your medical record and other health information.
      2. We will provide a copy or a summary of your health information within 30 days.
      3. If you ask to see or receive a copy of your record for purposes of reviewing current medical care, we may not charge you a fee.
      4. If you request copies of your patient records of past medical care or for specific appeals, we may charge you specified fees as determined by the Minnesota Department of Health. To view 2025 fee amounts, please visit the Minnesota Department of Health Website.
    2. Ask us to correct your medical record
      1. You can ask us to correct health information about you that you think is incorrect or incomplete.
      2. We may say “no” to your request, but we’ll tell you why in writing within 60 days.
    3. Request for us to contact you confidentially
      1. You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
      2. We will say “yes” to all reasonable requests.
    4. Ask us to limit what we use or share
      1. You can ask us not to use or share certain health information for treatment, payment, or our operations (“TPO”). We are not required to agree to your request, and we may say “no” if it would affect your care.
      2. If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.
      3. Minnesota law requires consent for disclosure of treatment, payment, or operations information.
    5. Get a list of those with whom we’ve shared information
      1. You can ask for a list (accounting) of the times we’ve shared your health information for up to six years prior to the date you ask, who we shared it with, and why.
      2. We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
    6. Get a copy of this privacy notice
      1. You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
    7. File a complaint if you feel your rights are violated
      1. You can complain if you feel we have violated your rights by contacting us using the information at the end of this policy.
      2. You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/.
      3. We will not retaliate against you for filing a complaint
  2. Your Choices (*If you have a court-appointed legal guardian, any of the requests or instructions listed below MUST come from your legal guardian)
    1. For certain health information, you can tell us your choices about what we share.
      1. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.
    2. In these cases, you have both the right and choice to tell us NOT to:
      1. Share information with your family, close friends, or others involved in your care
      2. Share information in a disaster relief situation
      3. If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
    3. In these cases, we never share your information unless you give us written permission:
      1. Marketing purposes
      2. Sale of your information
      3. Most sharing of psychotherapy notes
  3. Our Uses and Disclosures

    We need your consent before we disclose protected health information for treatment, payment, and operations purposes, unless the disclosure is to a related entity, or the disclosure is for a medical emergency, and we are unable to obtain your consent due to your condition or the nature of the medical emergency.
    How do we typically use or share your health information?

    1. Treat You
      1. We can use your health information within our organization to treat you. We can share your information with other professionals who are treating you only if we have your consent. We can only release your health records to health care facilities and providers outside our network without your consent if it is an emergency and you are unable to provide consent due to the nature of the emergency. We may also share your health information with a provider in our network.Example: A doctor treating you for an injury asks another doctor about your overall health condition.
    2. Run our Organization
      1. We can use and share your health information to run our business, improve your care, and contact you when necessary. We are required to obtain your consent before we release your health records to other providers for their own health care operations.Example: We use health information about you to manage your treatment and services.
    3. Bill for Your Services
      1. We can use and share your health information to bill and get payment from health plans or other entities only if we obtain your consent.Example: We give information about you to your health insurance plan so it will pay for your services

    How else can we use or share your health information?

    We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. There are many conditions we must meet under the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.

    1. Help with public health and safety issues
      1. We can share health information about you for certain situations such as:
        1. Preventing disease
        2. Helping with product recalls
        3. Reporting adverse reactions to medications
        4. Reporting suspected abuse, neglect, or domestic violence
        5. Preventing or reducing a serious threat to anyone’s health or safety
    2. Comply with the law
      1. We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.
    3. Work with a medical examiner or coroner
      1. We can share health information with a coroner and medical examiner when an individual dies. When possible, we will seek your consent to share information with a funeral director.
    4. Address workers’ compensation, law enforcement, and other government requests
      1. We can use or share health information about you:
        1. For workers’ compensation claims
        2. For law enforcement purposes or with a law enforcement official with your consent, unless required by law
        3. With health oversight agencies for activities authorized by law
        4. For special government functions such as military, national security, and presidential protective services with your consent, unless required by law
    5. Respond to lawsuits and legal actions
      1. We can share health information about you in response to a court or administrative order, or in response to a subpoena.
    6. Minnesota Law
      1. In Minnesota, we need your consent before we disclose protected health information for treatment, payment, and operations purposes, unless the disclosure is to a related entity, or the disclosure is for a medical emergency, and we are unable to obtain your consent.
  4. Our Rights and Responsibilities
    1. Maintain privacy & security
      1. We are required by law to maintain the privacy and security of your protected health information
    2. Inform of breach
      1. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
    3. Follow notice practices
      1. We must follow the duties and privacy practices described in this notice and give you a copy of it.
      2. We will not use or share your health information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know if you change your mind and we will record and follow your wishes.
      3. For more information see: http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html

To exercise any of these rights, email [email protected].

Website Privacy

We take your privacy seriously. If you choose to provide us with personal information while visiting our website, you can be assured that it will only be used to support your relationship with LSS. LSS does not sell, exchange or release your personal information to outside parties without your consent.

  1. Data Security
    1. We implement appropriate physical, electronic and managerial procedures to safeguard and secure the information we collect online. However, there is no guarantee that any electronic transmission of information is completely secure. Despite the security measures undertaken by LSS, we cannot and do not promise or warrant that your information or data will remain secure.
  2. Cookie and Tracking Technologies
    1. We may use cookies and similar technologies to improve user experience, track usage patterns, and for analytics. You may control cookies through your browser settings.
  3. Other Websites
    1. Our website contains links to other websites. Please note that when you click on one of these links, you are entering another website for which LSS has no responsibility. We encourage you to read the privacy statements on all such sites as their policies may be different than ours.
  4. Special Notice to California Residents
    1. We will not share any personal information about you with other companies if prohibited by applicable California law or to the extent your prior consent to share is required by applicable California law. California residents may request information about the disclosures of certain categories of personal information to third parties for direct marketing purposes. To be valid, requests must be submitted through the Contact Us form on the website. We will provide a list of the categories of personal information disclosed for direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of the third parties, within thirty (30) days following receipt of your request. 

Children’s Privacy

Only persons age 18 or older have permission to access our Service. Our Service does not address anyone under the age of 13 (“Children”).

We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you learn that your Children have provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a child under age 13 without verification of parental consent, we take steps to remove that information from our servers.

Limitations

The adoption or publication of this Privacy Policy does not subject LSS to any stricter duty in its collection, handling, storage, and disclosure of nonpublic information than otherwise applies to it under applicable law. No person or entity will have any right or recourse against LSS, its affiliates, agents, sponsors, or other related parties based on any alleged violation or noncompliance with this Privacy Policy.

Governing Law

This Privacy Policy is governed under the laws of the State of Minnesota, without regard to its conflicts of law provisions.

Changes to the Terms of this Privacy Policy

We may update this Privacy Policy at any time. Changes will be posted on our website with an updated “Effective Date.” We encourage you to review this Privacy Policy often.  Your continued use of our website and services after we have posted any update indicates your agreement to the changes.

Contact Us

If you have any questions or concerns about this notice or your rights under the MCDPA, or otherwise, please contact us at:

Main Office

1605 Eustis Street
Saint Paul, MN 55108
651.646.7771
800.952.9302

Follow Us

Subscribe to our newsletter. Stay Up To Date
Charities Review Council
Standards_Seal_BLACK_WEB
Charities Review Council Seal 2022
coa-logo
NCFA Member Seal_
IAAME
Human Rights Campaign seal