PRIVACY POLICY

Divinest Essence
Effective Date: January 1, 2025
Last Updated: December 18, 2024

1. INTRODUCTION AND SCOPE

1.1 Our Commitment to Privacy

Divinest Essence ("we," "us," "our," or "Organization") is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website (www.divinestessence.org), enroll in our programs, or otherwise interact with our organization.

1.2 Who We Are

Divinest Essence is a 501(c)(3) nonprofit organization dedicated to providing accessible arts education to underserved youth and communities. We are incorporated under the laws of Texas.

Contact Information:
Divinest Essence
5900 Balcones Drive, Suite 100 Austin, TX 78731
Email: contact@divinestessence.org
Phone: 713-396-3237

1.3 Acceptance of This Policy

By using our website or services, you accept the practices described in this Privacy Policy. If you do not agree, please do not use our website or services.

PARENTS AND GUARDIANS: Please read this Privacy Policy carefully, especially the section on Children's Privacy (Section 3). Your child's use of our services requires your consent.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide Directly

Enrollment and Registration Information:

• Student name (first and last)

• Date of birth

• Gender (optional)

• Parent/guardian name(s)

• Home address

• Email address(es)

• Phone number(s)

• Emergency contact information

• Medical information (allergies, conditions, medications, special needs)

• Previous arts education experience

• Photograph (for ID purposes)

Payment and Financial Information:

• Credit/debit card information (processed by third-party payment processors)

• Billing address

• Payment history

• Financial assistance applications (including income documentation)

• Donation history

Account Information:

• Username and password (if you create an account)

• Account preferences

• Communication preferences

Communications:

• Content of emails, messages, or calls with our staff

• Feedback, testimonials, or reviews

• Responses to surveys or questionnaires

• Comments on social media or our website

Employment and Volunteer Information:

• Resume/CV

• References

• Background check results

• Employment history

• Certifications and licenses

2.2 Information We Collect Automatically

Website Usage Information:

• IP address

• Browser type and version

• Device type and operating system

• Pages visited and time spent on pages

• Referring website

• Date and time of visit

• Click-stream data

• Geographic location (city/state level)

Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to:

• Remember your preferences

• Understand how you use our website

• Improve website functionality

• Track affiliate link clicks

• Analyze website performance

Types of Cookies We Use:

• Essential Cookies: Required for website functionality

• Analytics Cookies: Help us understand how visitors use our site (Google Analytics)

• Affiliate Cookies: Track referrals from affiliate links

• Preference Cookies: Remember your settings and preferences

Managing Cookies: You can control cookies through your browser settings. Note that disabling cookies may limit website functionality.

2.3 Information from Third Parties

We may receive information from:

• Payment processors (transaction confirmations, fraud prevention)

• Background check providers (for staff and volunteers)

• Schools and community partners (enrollment referrals, program coordination)

• Grant agencies and government entities (program funding and reporting)

• Social media platforms (when you interact with our content)

2.4 Photographs, Videos, and Audio Recordings

With appropriate consent (see our Media Release Form), we may collect:

• Photographs of students in classes and performances

• Video recordings of classes, rehearsals, and performances

• Audio recordings of music and performances

• Student artwork and creative productions

2.5 Information We Do NOT Collect

We do not intentionally collect:

• Social Security Numbers (except when legally required for employment/tax purposes)

• Financial account numbers beyond payment card information

• Precise geolocation data

• Biometric data

• Sensitive personal data beyond what is necessary for program safety

3. CHILDREN'S PRIVACY (COPPA COMPLIANCE)

3.1 Our Commitment to COPPA

We take the privacy of children seriously and comply with the Children's Online Privacy Protection Act (COPPA). COPPA applies to the online collection of personal information from children under 13 years of age.

3.2 Parental Consent Required

We do not knowingly collect personal information from children under 13 without verifiable parental consent.

Before collecting any personal information from a child under 13, we:

1. Provide notice to parents about what information we collect, how we use it, and our disclosure practices

2. Obtain verifiable parental consent

3. Provide parents the option to consent to collection and use without consenting to disclosure to third parties (where applicable)

4. Provide parents access to their child's information

5. Give parents the opportunity to prevent further use or collection

6. Do not condition participation on disclosure of more information than is reasonably necessary

3.3 Methods of Obtaining Parental Consent

We obtain verifiable parental consent through:

• Signed consent forms (paper or electronic signature)

• Credit card verification for paid programs

• Video conference confirmation

• Government-issued ID verification

• Other FTC-approved methods

3.4 What Information We Collect from Children

With parental consent, we may collect from children under 13:

• Name and contact information

• Parent/guardian information

• Medical and emergency information

• Program participation data

• Photographs and videos (with separate media consent)

• Artwork and creative work

• Performance and progress information

3.5 How We Use Children's Information

We use children's information solely for:

• Program enrollment and administration

• Health and safety purposes

• Emergency communication

• Program evaluation and improvement

• Grant reporting (in aggregate, de-identified form)

• Promotional purposes (only with separate media consent and no full names)

3.6 We Do Not Share Children's Information Except:

• With service providers who help us operate programs (subject to confidentiality agreements)

• As required by law or to protect safety

• In aggregate, de-identified form for research or reporting

• With parental consent for specific purposes

3.7 Parental Rights Regarding Children's Information

Parents have the right to:

• Review their child's personal information

• Request deletion of their child's information

• Refuse further collection or use of their child's information

• Withdraw consent at any time

To exercise these rights, contact us at: [Insert Privacy Email]

3.8 Children's Online Activities

We do not:

• Allow children under 13 to post publicly on our website

• Enable children to communicate publicly through our site

• Collect more information than necessary for participation

• Require children to disclose information as a condition of participation beyond what is reasonably necessary

4. HOW WE USE YOUR INFORMATION

4.1 Program Administration and Operations

• Process enrollments and registrations

• Communicate about classes, schedules, and events

• Process payments and financial transactions

• Provide customer service and support

• Maintain attendance records

• Evaluate student progress

• Manage wait lists and program capacity

4.2 Health and Safety

• Respond to medical emergencies

• Accommodate special needs and disabilities

• Maintain safe learning environments

• Comply with facility and insurance requirements

• Conduct background checks on staff and volunteers

4.3 Communication and Marketing

• Send program updates and announcements

• Share newsletters and educational content

• Promote events and performances

• Send fundraising appeals (with opt-out)

• Respond to inquiries and requests

• Conduct satisfaction surveys

4.4 Legal and Compliance

• Comply with applicable laws and regulations

• Respond to legal requests and prevent fraud

• Enforce our Terms and Conditions

• Protect our rights and property

• Fulfill government contract and grant requirements

• Maintain tax-exempt status and nonprofit compliance

4.5 Organizational Improvement

• Analyze program effectiveness and outcomes

• Conduct research and evaluation

• Improve our website and user experience

• Develop new programs and services

• Train staff and volunteers

• Report to funders and stakeholders

4.6 Fundraising and Development

• Process charitable donations

• Issue tax receipts

• Acknowledge donors (unless anonymous)

• Manage donor relationships

• Conduct fundraising campaigns

• Apply for grants and contracts

4.7 Portfolio and Promotional Use

• Showcase Divinity Aluka's talents and achievements

• Create promotional materials for programs

• Share success stories and testimonials

• Post on social media platforms

• Submit to news media and press

• Report outcomes to funders

Note: All promotional use of student images follows our Media Release protocols and respects parental/guardian choices.

5. HOW WE SHARE YOUR INFORMATION

5.1 We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.2 Service Providers and Vendors

We share information with trusted service providers who help us operate, including:

• Payment processors (Stripe, PayPal, Square, etc.)

• Website hosting and technology providers

• Email and communication platforms (Mailchimp, Google Workspace, etc.)

• Accounting and financial services

• Background check companies (for staff/volunteers only)

• Insurance providers

• Database and CRM systems

All service providers are contractually required to:

• Use information only for specified purposes

• Maintain appropriate security measures

• Comply with applicable privacy laws

• Delete or return information when services end

5.3 Government and Grant Agencies

We may share information with:

• Funding agencies requiring program reporting (typically in aggregate form)

• Government contract administrators for compliance and evaluation

• Education agencies when delivering school-based programs

• Public health authorities as required by law

• Child protective services when legally mandated

5.4 School and Community Partners

When delivering programs in partnership with schools or community organizations, we may share:

• Student enrollment information

• Attendance records

• Progress reports

• Medical/safety information as appropriate

• Aggregate program outcomes

5.5 Legal Requirements and Safety

We may disclose information when required to:

• Comply with laws, regulations, or legal processes

• Respond to subpoenas or court orders

• Cooperate with law enforcement

• Protect the rights, property, or safety of our organization, students, or others

• Prevent or investigate fraud, security issues, or illegal activities

• Enforce our Terms and Conditions

5.6 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, personal information may be transferred to the successor organization. We will notify you of any such change and your choices regarding your information.

5.7 With Your Consent

We may share your information for other purposes with your explicit consent.

5.8 Public Information

Information you provide publicly may be seen by others, including:

• Testimonials and reviews you choose to share

• Comments on social media

• Performance programs listing student names (with consent)

• Donor recognition (unless you request anonymity)

6. AFFILIATE LINKS AND THIRD-PARTY ADVERTISING

6.1 Affiliate Program Participation

Our website contains affiliate links to products and services. When you click these links and make a purchase, we may earn a commission at no additional cost to you. These commissions support our nonprofit mission.

We participate in the following affiliate programs:

• Amazon Associates

• [Other affiliate programs]

6.2 How Affiliate Links Work

Affiliate links contain tracking codes that:

• Identify clicks from our website

• Track purchases made through our referrals

• Calculate commissions owed to us

• May place cookies on your device

6.3 Affiliate Link Disclosure

We clearly disclose affiliate relationships in accordance with FTC guidelines. Look for disclosures such as:

• "This post contains affiliate links"

• "We earn from qualifying purchases"

• "Affiliate partner" or "affiliate link" labels

6.4 Third-Party Privacy Practices

When you click affiliate links or third-party links, you leave our website and are subject to the privacy policies of those third parties. We are not responsible for their privacy practices.

We encourage you to read the privacy policies of any third-party sites you visit.

6.5 Opting Out of Affiliate Tracking

You can opt out of affiliate tracking by:

• Disabling cookies in your browser

• Using private/incognito browsing mode

• Using browser extensions that block trackers

• Visiting third-party websites directly without using our links

7. DATA SECURITY

7.1 Our Security Measures

We implement reasonable administrative, technical, and physical safeguards to protect personal information, including:

Technical Measures:

• Encrypted data transmission (SSL/TLS)

• Secure servers and databases

• Firewalls and intrusion detection

• Regular security updates and patches

• Password protection and access controls

• Backup and disaster recovery systems

Administrative Measures:

• Privacy and security training for staff

• Background checks for personnel with data access

• Confidentiality agreements

• Limited access based on need-to-know

• Regular security audits and assessments

• Incident response procedures

Physical Measures:

• Secure facilities with controlled access

• Locked filing cabinets for paper records

• Secure disposal of sensitive documents

• Visitor check-in procedures

7.2 Payment Security

We use PCI-DSS compliant payment processors. We do not store complete credit card numbers on our servers.

7.3 Limitations of Security

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for:

• Keeping your account credentials confidential

• Using strong, unique passwords

• Notifying us immediately of any suspected unauthorized access

• Logging out of accounts when finished

7.4 Data Breach Notification

In the event of a data breach affecting personal information, we will:

• Investigate and contain the breach promptly

• Notify affected individuals as required by law

• Notify relevant authorities as required

• Take steps to prevent future breaches

• Provide information about protective steps you can take

8. DATA RETENTION

8.1 How Long We Keep Information

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Typical Retention Periods:

• Active student records: Duration of enrollment plus 3-7 years

• Inactive student records: 7 years after last enrollment

• Employment records: Duration of employment plus 7 years

• Donor records: Indefinitely (for ongoing relationship and tax compliance)

• Financial records: 7 years (IRS and audit requirements)

• Grant records: Per grantor requirements (typically 3-7 years after grant end)

• Medical records: 7 years or longer if required by law

• Website usage data: 26 months (Google Analytics default)

• Marketing communications: Until you unsubscribe, then immediately deleted

8.2 Factors Affecting Retention

We consider:

• Legal and regulatory requirements

• Statute of limitations periods

• Pending or potential litigation

• Operational needs

• Historical or research value

8.3 Secure Disposal

When information is no longer needed, we:

• Securely delete digital records

• Shred paper documents

• Wipe or destroy storage media

• Ensure service providers also delete information

9. YOUR PRIVACY RIGHTS AND CHOICES

9.1 Access and Correction

You have the right to:

• Request access to the personal information we hold about you

• Request correction of inaccurate information

• Request a copy of your information

To exercise these rights: Contact us at [Insert Privacy Email] or [Insert Phone]

9.2 Deletion Requests

You may request deletion of your personal information, subject to exceptions such as:

• Legal or regulatory retention requirements

• Ongoing contractual obligations

• Legitimate business needs (e.g., processing active enrollments)

• Exercise or defense of legal claims

For children under 13, parents/guardians may request deletion at any time.

9.3 Communication Preferences

Email Communications:

• Transactional emails (enrollment confirmations, payment receipts): Cannot opt out

• Marketing emails (newsletters, promotions): Can opt out via unsubscribe link or by contacting us

• Fundraising appeals: Can opt out by contacting us

Text/SMS:

• Reply STOP to opt out of text messages

• Standard message and data rates may apply

Mail:

• Contact us to remove your address from mailing lists

9.4 Cookie Management

Control cookies through:

• Browser settings (block, delete, or allow cookies)

• Third-party opt-out tools

• Do Not Track signals (note: not all websites honor DNT)

9.5 Media and Photo Consent

You may:

• Withhold consent for photography/video

• Limit consent to specific uses

• Revoke consent at any time (applies to future use only)

• Request removal of photos/videos where feasible

9.6 Third-Party Marketing

We do not share your information for third-party marketing. If we ever plan to do so, we will first obtain your opt-in consent.

9.7 Do Not Track Signals

Our website does not currently respond to "Do Not Track" browser signals, as there is no universal standard for DNT interpretation.

10. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

10.1 California Consumer Privacy Act

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know:

• What personal information we collect

• Sources of information

• Purposes for collection

• Categories of third parties with whom we share information

Right to Delete:

• Request deletion of personal information (subject to exceptions)

Right to Opt-Out:

• We do not "sell" or "share" (for cross-context behavioral advertising) personal information, so this right does not apply

Right to Correct:

• Request correction of inaccurate information

Right to Limit Use:

• Limit use of sensitive personal information (we do not use for purposes beyond those permitted without limitation)

Right to Non-Discrimination:

• We will not discriminate against you for exercising CCPA rights

10.2 How to Exercise California Rights

Submit requests via:

• Email: [Insert Privacy Email]

• Phone: [Insert Phone]

• Mail: [Insert Physical Address]

We will verify your identity before processing requests. For children under 13, parents/guardians must submit requests.

10.3 Response Timeline

We respond to verified requests within 45 days, with possible 45-day extension if needed.

10.4 California Shine the Light Law

California residents may request information about disclosure of personal information to third parties for their direct marketing purposes. We do not disclose information for such purposes.

11. OTHER STATE PRIVACY LAWS

We comply with applicable state privacy laws, including:

• Virginia Consumer Data Protection Act (VCDPA)

• Colorado Privacy Act (CPA)

• Connecticut Data Privacy Act (CTDPA)

• Utah Consumer Privacy Act (UCPA)

• Other state laws as applicable

Residents of these states have rights similar to those described in Section 10. Contact us to exercise your rights.

12. INTERNATIONAL DATA TRANSFERS

Our organization operates in the United States. If you are accessing our website from outside the U.S., please be aware that your information may be transferred to, stored, and processed in the United States where our servers and databases are located.

Data protection laws in the United States may differ from those in your country. By using our services, you consent to the transfer of your information to the United States.

13. CHANGES TO THIS PRIVACY POLICY

13.1 Right to Modify

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors.

13.2 Notice of Changes

We will:

• Post the updated Privacy Policy on our website with a new "Last Updated" date

• For material changes affecting enrolled families, provide email notice

13.3 Your Continued Use

Continued use of our website or services after changes are posted constitutes acceptance of the updated Privacy Policy.

13.4 Review Regularly

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. THIRD-PARTY SERVICES AND LINKS

14.1 Third-Party Services We Use

Our website and operations integrate with third-party services including:

Website and Communications:

• Website hosting providers

• Email service providers

• Social media platforms (Facebook, Instagram, YouTube, etc.)

• Communication tools (Zoom, Google Meet, etc.)

Payment and Financial:

• Stripe, PayPal, Square (payment processing)

• QuickBooks or similar (accounting)

Analytics and Marketing:

• Google Analytics

• Google Ads

• Facebook Pixel

• Email marketing platforms

Operational:

• Student information systems

• Scheduling software

• File storage (Google Drive, Dropbox, etc.)

Each third-party service has its own privacy policy. We encourage you to review their policies.

14.2 Social Media

When you interact with us on social media:

• Your interactions are governed by the social media platform's privacy policy

• Information you share may be public

• We may access insights and analytics from platforms

• We do not control platform data practices

14.3 External Links

Our website contains links to external sites not operated by us. We are not responsible for their privacy practices. Exercise caution when leaving our site.

15. SPECIFIC DATA PROCESSING ACTIVITIES

15.1 Email Communications

When you provide your email address, we may use it to send:

• Enrollment confirmations and program updates

• Payment receipts and billing notices

• Event and performance announcements

• Newsletters and educational content

• Fundraising appeals

• Surveys and feedback requests

• Emergency notifications

15.2 Photography and Video

With appropriate consent:

• We photograph students during classes and events

• We video record performances and rehearsals

• We display photos on our website and social media

• We use photos in print materials and grant applications

• We may share with news media for publicity

• We respect opt-outs and limitations

15.3 Student Performance Data

We track and maintain:

• Attendance records

• Skill assessments and progress notes

• Teacher observations and feedback

• Performance participation

• Awards and achievements

This information is used for:

• Program evaluation and improvement

• Grant reporting (in aggregate form)

• Student progress monitoring

• Communicating with parents/guardians

15.4 Financial Assistance Applications

When you apply for financial aid, we collect:

• Household income information

• Tax documentation

• Family size and composition

• Other financial information

This information is:

• Kept strictly confidential

• Used only for scholarship/aid decisions

• Not shared except as required by funders

• Retained per IRS requirements

15.5 Background Checks

For employees and volunteers working with children, we conduct background checks including:

• Criminal history

• Sex offender registry

• Employment verification

• Reference checks

This information is:

• Kept confidential and secure

• Used only for hiring and safety decisions

• Retained per legal requirements

• Handled by third-party screening companies

16. SPECIAL SITUATIONS

16.1 Health Emergencies

In case of medical emergency, we may:

• Share medical information with emergency responders

• Contact emergency contacts

• Disclose information necessary for treatment

• Notify parents/guardians immediately

16.2 Mandatory Reporting

We are required by law to report suspected:

• Child abuse or neglect

• Threats of violence or self-harm

• Certain communicable diseases

• Other circumstances as required by law

16.3 Attendance at Public Performances

When students perform publicly:

• Names may appear in programs (with consent)

• Audience members may photograph or record

• Media may cover the event

• We cannot control all public photography

16.4 Alumni Relations

For past students, we may:

• Maintain contact information for alumni communications

• Share accomplishments and success stories (with consent)

• Invite to events and reconnect opportunities

• Request donations (with opt-out option)

17. CONTACT US ABOUT PRIVACY

17.1 Privacy Questions and Concerns

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us:

Privacy Contact:
Divinest Essence
Attn: Privacy Officer
5900 Balcones Drive, Suite 100 Austin, TX 78731
Email: contact@divinestessence.org
Phone: 713-396-3237

17.2 Exercising Your Rights

To exercise any privacy rights described in this policy:

1. Submit your request via email, phone, or mail using the contact information above

2. Include your name, contact information, and specific request

3. For children under 13, parents/guardians must submit requests

4. We will verify your identity before processing

17.3 Response Time

We strive to respond to privacy inquiries within:

• 10 business days for general questions

• 45 days for formal rights requests (may extend to 90 days if complex)

• 24-48 hours for urgent safety matters

18. ACCOUNTABILITY AND TRANSPARENCY

18.1 Our Commitment

As a nonprofit serving youth, we hold ourselves to the highest standards of data privacy and protection. This includes:

• Regular staff training on privacy practices

• Annual policy reviews and updates

• Transparent communication with families

• Responsive handling of privacy concerns

• Continuous improvement of security measures

18.2 Nonprofit Transparency

As a 501(c)(3) organization, we are committed to transparency:

• Our Form 990 is publicly available

• Financial information is disclosed to donors and funders

• Program outcomes are reported to stakeholders

• Governance documents are available upon request

18.3 Accountability

We are accountable to:

• The families we serve

• Our funders and donors

• Government oversight agencies

• The communities we serve

• Applicable laws and regulations

19. DEFINITIONS

Personal Information: Information that identifies, relates to, describes, or could reasonably be linked with a particular individual or household.

Child: Any person under 13 years of age (for COPPA purposes). Some state laws define children differently.

Parent/Guardian: A parent or legal guardian of a child.

Verifiable Parental Consent: Reasonable effort to ensure the person providing consent is the child's parent or guardian.

De-identified Data: Information that cannot reasonably identify, relate to, or be linked with a particular individual or household.

Aggregate Data: Data combined from multiple individuals that cannot identify specific persons.

Service Provider: A third party that processes personal information on our behalf under contract.

Sell/Share: Has specific legal meanings under privacy laws; generally, we do not sell or share personal information.

20. EFFECTIVE DATE AND ACKNOWLEDGMENT

This Privacy Policy is effective as of January 1, 2025, and was last updated on December 18, 2024.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

For parents/guardians enrolling children: By enrolling your child, you acknowledge that you have read this Privacy Policy, understand how we collect and use information about your child, and consent to such practices as described herein.

© 2024-2025 Divinest Essence. All rights reserved.

Divinest Essence
501(c)(3) Nonprofit Organization
EIN: 41-3316409
State of Incorporation: Texas

This Privacy Policy is designed to comply with applicable federal and state privacy laws including COPPA, CCPA/CPRA, and other state consumer privacy laws. It should be reviewed by legal counsel and customized to your specific operations.

APPENDIX: SUMMARY OF KEY POINTS

What information do we collect?

• Enrollment and contact information

• Payment information

• Medical and emergency information

• Website usage data

• Photos and videos (with consent)

How do we use information?

• Administer programs and operations

• Ensure health and safety

• Communicate with families

• Improve our programs

• Comply with legal requirements

• Fundraising and development

Do we share information?

• We do NOT sell personal information

• We share with service providers under contract

• We share with government agencies as required

• We share for legal compliance and safety

• We obtain consent for promotional uses

What are your rights?

• Access your information

• Correct inaccurate information

• Request deletion (subject to exceptions)

• Opt out of marketing communications

• Control cookie settings

• For children under 13: Parents can review, delete, and control information

How do we protect information?

• Encryption and secure servers

• Access controls and authentication

• Staff training and confidentiality agreements

• Physical security measures

• Regular security assessments

Questions? Contact us at contact@divinestessence.org | 713-396-3237