Privacy Policy/GDPR Statement

NEXAA Privacy Policy

Effective Date: June 5, 2025

1. Introduction

This Privacy Policy outlines how NEXAA collects, uses, stores, shares, and protects your personal information. By visiting our website, becoming a member, or interacting with our services, you agree to the terms of this policy.

2. Information We Collect

We collect information to operate our association, provide membership benefits, and promote intermodal expressive art therapy. The types of information we collect include:

  • Information You Provide Directly:
    • Membership Information: Name, postal address, email address, phone number, professional credentials (if applicable to your membership tier), payment details (for annual membership fees).
    • Communication Information: Your name and email address when you sign up for our newsletter, contact us via forms, or send us emails.
    • Event/Workshop Registration: Information required for event participation (e.g., dietary restrictions, accessibility needs, emergency contact).
    • Survey Responses: Information you provide when participating in surveys or feedback forms.
    • Sensitive Data (if applicable): While NEXAA itself is an association, if any programs or interactions lead to the collection of sensitive personal data related to therapeutic experiences or health, this will only be collected with explicit consent and for clearly defined purposes, ensuring strict confidentiality and security measures.
  • Information Collected Automatically (Website Usage Data):
    • Technical Data: IP address, browser type, operating system, device type.
    • Usage Data: Pages visited, time spent on our website, referral sources, and interactions with website elements. This is collected through cookies and similar tracking technologies (see Section 5).

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To Manage Your Membership:
    • Process your annual membership payments.
    • Provide you with member benefits (e.g., access to member-only content, discounts, event invitations).
    • Communicate with you regarding your membership status, renewals, and important association updates.
  • To Operate Our Association:
    • Send you newsletters, updates, and information about our events, workshops, and initiatives (you can opt-out at any time).
    • Respond to your inquiries and provide support.
    • Improve our website, services, and member offerings.
    • Analyze website traffic and user behavior to understand how our site is used and identify areas for improvement.
  • For Outreach and Engagement:
    • Promote the benefits of intermodal expressive art therapy.
    • Administer and manage events, workshops, and other programs.
    • Process donations and issue acknowledgements (if applicable).
  • For Legal and Security Reasons:
    • Comply with legal obligations, such as financial reporting or tax requirements.
    • Protect our rights, property, and safety, and that of our members and the public.
    • Prevent fraud and unauthorized access.

4. Sharing and Disclosure of Information

NEXAA is committed to protecting your privacy. We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following limited circumstances:

  • Service Providers: We engage trusted third-party service providers to help us operate our website, process payments (e.g., secure payment gateways), manage email communications, host data, and perform analytics. These providers are contractually obligated to protect your information and use it only for the purposes we specify.
  • With Your Consent: We may share your information with other parties when we have your explicit consent to do so (e.g., for a testimonial, or if you opt-in to share your details with a specific partner organization).
  • Legal Requirements: We may disclose your information if required to do so by law, court order, or governmental request.
  • Aggregated or Anonymized Data: We may share aggregated or anonymized data (which cannot be used to identify you personally) for research, reporting, or analytical purposes.

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your Browse experience, analyze site usage, and understand user behavior.

  • What are cookies? Cookies are small text files stored on your device when you visit a website.
  • How we use them: We use cookies for purposes such as remembering your preferences, analyzing website performance, and managing your login status for membership.
  • Your Choices: Most web browsers allow you to control cookies through their settings. You can choose to block or delete cookies, but this may affect the functionality of our website.

6. Data Security

We implement reasonable technical, administrative, and physical safeguards to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • Using SSL encryption for data transmission on our website.
  • Restricting access to personal information to authorized personnel on a “need-to-know” basis.
  • Regularly reviewing our security practices.
  • Using secure payment processors for all financial transactions.

While we strive to protect your data, no internet transmission or electronic storage is entirely secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for membership management, to comply with legal obligations (e.g., financial records), or to resolve disputes. When your information is no longer needed, we will securely dispose of it.

8. Your Rights and Choices

Depending on where you reside, you may have certain rights regarding your personal information. These may include the right to:

  • Access: Request a copy of the personal information we hold about you.
  • Rectification: Request corrections to inaccurate or incomplete data.
  • Erasure (“Right to be Forgotten”): Request deletion of your personal information, subject to legal exceptions.
  • Restriction of Processing: Request that we limit how we use your personal information.
  • Object: Object to certain types of processing of your personal information (e.g., direct marketing).
  • Data Portability: Receive your data in a structured, commonly used, and machine-readable format.
  • Withdraw Consent: Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time.
  • Opt-Out: You can unsubscribe from our marketing emails at any time by clicking the “unsubscribe” link in the email.

To exercise any of these rights, please contact us using the information in Section 11.

9. Children’s Privacy

Our website and services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly.

10. External Links

Our website may contain links to third-party websites. This Privacy Policy applies only to NEXAA’s website. We are not responsible for the privacy practices or content of external sites. We encourage you to review the privacy policies of any third-party websites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will post any revised policy on this page, and the “Effective Date” at the top will indicate when the policy was last updated. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, please contact us:

 info@nexaa.org