Cristo Rey Network Cornerstone Privacy Policy
Last Updated: December 1, 2025
Plain-Language Summary:
This Privacy Policy explains how the Cristo Rey Network (“CRN”) collects, uses, stores, and protects information provided by users of the Cornerstone platform, available at https://cornerstone.cristoreynetwork.org
and through the Cornerstone mobile app. Cornerstone is the internal communication and resource-sharing platform for Cristo Rey Network employees, affiliates, and authorized partners. By using Cornerstone, you acknowledge that your information will be managed according to this Privacy Policy and the Cristo Rey Network Cornerstone Terms of Use. For questions about this policy or your data, contact [email protected]
1. Data Controller
Cristo Rey Network (“CRN”) operates and controls the Cornerstone platform and determines the purposes for which user data are processed.
Contact Email: [email protected]
2. Platform Description
Cornerstone is CRN’s internal communication and collaboration platform, accessible via https://cornerstone.cristoreynetwork.org
and the Cornerstone mobile app. It enables users to connect, share resources, communicate, and participate in CRN network activities.
3. Personal Data Collected
CRN collects and stores the following types of personal information to manage user accounts and support platform functions:
Account Information:
• First and last name
• Email address (through Google or Apple SSO)
• Job title or role
• School or organization name
• Profile photo
• Phone number
Usage Information:
• Text posts and comments
• Images and documents uploaded by users
• Event registrations and attendance details
• Messages (sent directly or in groups)
• Other interactive content voluntarily shared
• Basic analytics such as login activity, device type, and feature engagement
Users should not upload sensitive information such as financial data, medical information, or government identifiers to Cornerstone.
4. Purpose of Data Use
CRN uses personal data for the following purposes:
• Account creation, authentication, and management
• Communication and collaboration among users
• Delivery of Cornerstone features and updates
• Platform maintenance and performance improvement
• Security and fraud prevention
• Event management and participation tracking
• Compliance with applicable laws and organizational policies
5. Data Storage and Retention
User data are stored within the Cornerstone platform operated by Hivebrite and hosted on Google Cloud infrastructure.
CRN may also use Google services to track login activity and maintain security logs.
Data are retained for as long as necessary to support legitimate organizational and technical purposes and may be kept indefinitely over time for archival or recordkeeping needs.
6. Third Parties and Service Providers
User data are processed by Hivebrite and Google Cloud as part of platform operations.
CRN may add other trusted providers in the future to support security, hosting, or technical functions.
All service providers must protect data under confidentiality and security requirements consistent with this policy and U.S. privacy law.
7. User Rights and Requests
Users may:
• Request correction or deletion of their personal information;
• Withdraw consent or deactivate their Cornerstone account; and
• Submit complaints or questions via [email protected]
CRN responds to verified requests within 30 days of receipt, subject to organizational requirements and legal obligations. Data may continue to be retained where required for legitimate administrative purposes.
8. Cookies and Tracking Technologies
Cornerstone uses cookies and session technologies to maintain secure logins and improve performance.
Users may manage cookie preferences through their browser settings. Disabling cookies may limit certain features of Cornerstone.
9. Data Security
CRN implements reasonable technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. This includes encrypted connections, access controls, and audit logs. No system is entirely secure, and users acknowledge that data transmission over the internet carries inherent risk.
10. Disclosure of Data
CRN may disclose user information when required by law, legal process, or valid administrative request, or to protect the rights, property, and safety of CRN and its users. Data will not be sold or shared for commercial purposes.
11. Changes to This Policy
CRN may update this Privacy Policy from time to time to reflect changes in operations or legal requirements. The most recent version will be posted within the Cornerstone platform and take effect upon publication.
12. Governing Law and Jurisdiction
This Privacy Policy is governed by the laws of the United States and the State of Illinois. Any dispute arising from this Policy will be resolved in the state or federal courts located in Cook County, Illinois.
13. Contact Information
For questions or concerns about this Privacy Policy or Cornerstone data practices, please contact: