Privacy Policy
1. Introduction
At The Road for Youth (“we,” “our,” or “us”), accessible via https://theroad4youth.org, we are committed to safeguarding your privacy and ensuring the highest levels of protection for your personal data. We are dedicated to operating with transparency, accountability, and in full compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, protect, and process your personal information when you interact with our website and services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website, services, and digital platforms. The Road for Youth acts as the data controller for the personal data you provide to us or that we collect through your use of https://theroad4youth.org. As a data controller, we determine the purpose and means of processing your personal data in accordance with GDPR, CCPA, and other applicable privacy legislation.
3. Categories of Data We Process
We may collect and process the following categories of personal information:
→ Usage Data
Information about how you use our website, including your browser type, IP address, time zone, referring/exit pages, and duration and frequency of page visits.
→ Account Data
Personal details you provide when creating an account, such as your full name, email address, postal address, and telephone number.
→ Profile Data
Information related to your user preferences, interaction history, purchase activities, and behavioral tracking when engaging with our platforms.
→ Communication Data
Records of your correspondence with us, including emails, support tickets, feedback, and responses to any surveys or event registrations.
→ Technical Data
Device-related information such as operating system versions, browser types, device models, and system configuration details.
→ Transaction Data
Details related to financial transactions, such as billing addresses, payment method identifiers, transaction history, and delivery confirmations.
→ Preference Data
Your communication preferences, opt-in consents for marketing or newsletters, and specified interests in programs or services.
4. Legal Basis for Processing Personal Data
Our collection and use of your personal data are grounded in one or more of the following lawful bases:
– Consent: Where you have given us explicit permission (e.g. for marketing correspondence).
– Contractual Necessity: Where processing is necessary to fulfill a contract with you or to take steps at your request before entering into a contract.
– Legitimate Interests: Where we require your data to pursue our legitimate business interests and those interests are not overridden by your rights and freedoms.
– Legal Obligation: Where we are required to comply with a legal or regulatory obligation.
5. Your Rights Under GDPR and CCPA
As a data subject under GDPR or a consumer under CCPA, you have the following rights:
– Right of Access: You may request access to your personal data held by us.
– Right to Rectification: You may request corrections to inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to applicable legal requirements.
– Right to Restriction: You may limit how we process your data in certain circumstances.
– Right to Data Portability: You may request your data in a machine-readable format to transfer it to another provider.
– Right to Object: You may object at any time to data processing based on legitimate interests or for direct marketing purposes.
– Right Not to Be Subject to Automated Decision-Making: We do not engage in profiling or decisions that produce legal or similarly significant effects solely based on automated processing.
– Right to Opt-Out (CCPA): California residents may request that their personal data not be sold or shared with third parties.
To exercise any of your rights, you may contact us at [email protected].
6. Security Measures
We use industry-standard administrative, technical, and physical safeguards to ensure the security and integrity of your personal data, including:
– End-to-end encryption for data in transit and at rest,
– Secure access controls and role-based permissions,
– Regular backups and disaster recovery planning,
– Ongoing employee privacy and security training,
– Monitoring and auditing of access to systems containing personal data.
7. International Data Transfers
If we transfer personal data outside of the European Economic Area (EEA) or other jurisdictions with data protection laws, we implement appropriate safeguards, including EU Standard Contractual Clauses, binding corporate rules, or other approved mechanisms, to ensure your data receives a level of protection consistent with EU laws.
8. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Specifically:
– Usage Data: retained for up to 12 months for analytics and performance review,
– Account Data: retained while your account remains active and for up to 3 years thereafter,
– Transaction Data: retained for 7 years for legal and tax compliance,
– Communication Data: retained for up to 2 years post inquiry or final contact,
– Preference Data: retained until the user updates preferences or withdraws consent.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance your user experience. These may include:
– Essential Cookies: Required for website functionality (e.g., login, navigation).
– Functional Cookies: Improve user preferences/settings retention.
– Analytics Cookies: Help us understand how users engage with our site (e.g., Google Analytics).
– Performance Cookies: Track page load speeds and interaction components.
Where applicable, third-party services may set cookies, subject to their own privacy practices.
10. Cookie Management and Compliance
Users are given clear options upon their first visit to accept or manage cookie settings consistent with GDPR and CCPA requirements. You may change or withdraw consent by adjusting cookie preferences in the browser settings or using an in-site cookie management tool when available. California residents may opt out of “sale” of data (as defined by CCPA) through our Do Not Sell My Information link when applicable.
11. Special Protections for Children Under 13
We do not knowingly collect or solicit personally identifiable information from children under the age of 13. If you are under 13, do not use our website or submit any personal information via the site. Parents or guardians who believe their child has provided us information should contact us immediately at [email protected] so that we may delete such data.
12. Policy Updates and User Notifications
We reserve the right to periodically update this Privacy Policy to reflect legal, technical, or operational changes. When changes are made, we will update the policy on this page and may, where appropriate, notify users via prominent website notifications or direct contact. Continued use of our services constitutes acceptance of any changes.
13. Contact Us
For any inquiries, data subject access requests, or questions regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
We are committed to upholding the highest standards of privacy and data protection. If you have any concerns regarding our data practices, contact us directly to ensure your rights are respected and enforced.
This Privacy Policy reflects our commitment to your data rights, security, and regulatory compliance.
