Privacy Policy for MyMiracles (Internal Volunteer Portal) Last Updated: December 30, 2025 1. Introduction MyMiracles ("we," "us," or "our") operates this internal volunteer portal to facilitate our mission of managing and praying for submitted requests. This Privacy Policy explains how we collect, use, and protect the information of our authorized volunteers, staff, and administrators ("you"). Important: This application is strictly for authorized internal use. Public registration is not available. Access is granted solely by invitation from a MyMiracles Administrator. 2. Information We Collect A. Volunteer & Staff Information To grant you access to the system, we collect and store the following: Identity Data: Full name, username, and assigned Role (e.g., Volunteer, Moderator, Administrator). Contact Data: Email address and phone number (if provided). Security Data: Hashed passwords, login timestamps, and account status (e.g., Active, Locked Out). Activity Logs: We maintain an audit trail of actions you take within the system, including approving, rejecting, or escalating prayer submissions. This is required for accountability and security. B. Prayer Submission Data In the course of your duties, you will have access to data submitted by the public ("Prayer Requesters"). This includes: Prayer request text. Dates of submission. Potential personally identifiable information (PII) contained within the request text. 3. How We Use Your Information We use your personal data solely for internal operational purposes: Authentication: To verify your identity and grant access to the specific features required by your role. Audit & Accountability: Your User ID is permanently linked to actions you perform (e.g., "Request #123 was approved by [Your Name] on [Date]"). This ensures integrity in our moderation process. Communication: To contact you regarding your volunteer schedule, account security, or critical updates to our moderation policies. 4. Volunteer Confidentiality Agreement By using this platform, you acknowledge that you are accessing sensitive, often personal information from the public. Non-Disclosure: You may not share, copy, take screenshots of, or discuss specific prayer requests outside of the MyMiracles platform or authorized internal meetings. Purpose Limitation: You may only use the data displayed to you for the purpose of moderation and prayer. Using this data to contact requesters personally or for commercial gain is strictly prohibited and grounds for immediate termination of access. 5. Data Sharing and Security No Third-Party Sales: We do not sell, trade, or rent volunteer data or prayer request data to third parties. Internal Visibility: Your activity and basic profile information are visible to Administrators and Super Administrators for management purposes. Data Security: We implement role-based access control (RBAC) to ensure you only see data necessary for your specific role. (e.g., "Needs Admin Review" items are hidden from standard Moderators). 6. Data Retention Volunteer Accounts: We retain your account information as long as you are an active volunteer. If you leave the organization, your account will be deactivated, but your historical activity logs (Audit Trail) will be retained to preserve the history of prayer request management. Prayer Data: Prayer submissions are retained according to our organization’s data retention schedule. Rejected or Deleted submissions may be kept in an archived state for administrative review. 7. Your Rights As an internal user, you have the right to: Request to see what personal data we hold about you. Request correction of inaccurate contact details. Request deactivation of your account if you no longer wish to volunteer. 8. Contact Us If you have questions about this policy or the security of the data you handle, please contact the Super Administrator directly. MyMiracles by: PrayersOutreach | 7519 Hicks Dairy Rd, Silsbee, TX 77656 | privacy@mymiracles.org