Effective Date: March 23, 2023

Last Revised: August 26, 2025

1. Introduction & Scope

1.1 This Privacy Policy explains how the Oakland Women’s Center (“OWC,” “we,” “our,” or “us”) collects, uses, discloses, and protects information related to participants, donors, volunteers, staff, and partners.

1.2 OWC is a nonprofit social impact hub providing advocacy, wellness, empowerment, and trauma-informed services.

1.3 Scope. This policy applies to all services, including in-person programs, telehealth sessions, digital platforms, fundraising, and outreach campaigns.

1.4 Updates. OWC may update this Privacy Policy at any time. The “Last Revised” date will reflect the most recent version.

1.5 Consent. By engaging with OWC services, individuals consent to the practices described in this policy.

2. Information We Collect

2.1 Personal Identifiers: Names, addresses, phone numbers, email addresses, date of birth, government-issued IDs (where required).

2.2 Sensitive Information: Health information (HIPAA-protected), educational records (FERPA-protected), and disability information.

2.3 Donor Information: Donation history, payment details (processed securely by third-party vendors), and communication preferences.

2.4 Technical Information: IP addresses, browser type, device information, and website analytics.

2.5 Communications: Emails, intake forms, surveys, and other correspondence with OWC.

2.6 Employment/Volunteer Information: Applications, resumes, references, and background checks (where applicable).

3. How We Collect Information

3.1 Direct Collection: Through intake forms, applications, donations, and participation in services.

3.2 Automated Collection: Cookies, digital tracking, and analytics on OWC websites.

3.3 Third-Party Sources: Payment processors, referral partners, and government agencies where legally permitted.

3.4 Recorded Services: With explicit consent, certain telehealth or workshop sessions may be recorded for training or compliance.

3.5 Voluntary Submission: Surveys, testimonials, and feedback provided voluntarily by participants and supporters.

4. How We Use Information

4.1 Service Delivery: To provide advocacy, counseling, telehealth, wraparound care, and wellness programs.

4.2 Donor Stewardship: To process donations, send acknowledgments, and issue tax receipts.

4.3 Compliance: To meet obligations under HIPAA, FERPA, ADA, CPRA, and other applicable laws.

4.4 Communication: To respond to inquiries, provide updates, and send program information.

4.5 Research & Reporting: To evaluate program effectiveness and report anonymized data to funders.

4.6 Security: To prevent fraud, abuse, or misuse of OWC services.

5. Sharing of Information

5.1 Service Providers: Trusted vendors (e.g., IT, payment processors, translation services) with confidentiality agreements.

5.2 Legal Requirements: Disclosure required by law, court order, or government investigation.

5.3 Safety Exceptions: When necessary to protect against imminent harm or threats to life and safety.

5.4 Partnerships: Limited sharing with partner organizations providing complementary services, only with consent.

5.5 Donor Recognition: Public acknowledgment of donors unless anonymity is requested.

5.6 Prohibited Sharing: OWC never sells personal data to third parties.

6. Data Security

6.1 Safeguards. OWC uses industry-standard encryption, secure servers, and restricted access to protect personal information.

6.2 Limitations. While we strive to protect all data, no system is 100% secure. OWC cannot guarantee absolute security.

6.3 Staff Training. All staff, volunteers, and interns receive training on confidentiality, HIPAA compliance, and data security.

6.4 Breach Notification. In the event of a data breach, OWC will notify affected individuals and regulators as required by law.

6.5 Third-Party Processors. Vendors handling sensitive data must comply with contractual confidentiality and security standards.

7. Participant Rights & Controls

7.1 Access. Individuals may request access to their personal information held by OWC.

7.2 Correction. Participants may request correction of inaccurate or incomplete data.

7.3 Deletion. Subject to legal or contractual obligations, individuals may request deletion of their data.

7.4 Restriction. Individuals may request limitations on processing of their information.

7.5 Opt-Out. Participants may opt out of receiving marketing or fundraising communications.

7.6 Portability. Individuals may request a copy of their personal information in a structured, commonly used format.

7.7 Non-Retaliation. OWC will not deny services or benefits due to the exercise of privacy rights.

8. Cookies & Tracking Technologies

8.1 Use of Cookies. OWC uses cookies to improve website functionality, personalize user experience, and track engagement.

8.2 Types of Cookies: Session cookies, preference cookies, and analytics cookies.

8.3 Third-Party Analytics. OWC uses Google Analytics and similar tools to understand website usage trends.

8.4 Consent. Users may accept or reject cookies via the website’s cookie banner.

8.5 Control. Browsers allow users to control cookie settings or delete cookies at any time.

8.6 Limitation. Disabling cookies may limit access to certain website features.

9. International Data Transfers

9.1 Location. OWC is based in the United States. Information may be transferred to or accessed by service providers outside the U.S.

9.2 Protections. OWC ensures reasonable safeguards for international transfers, such as contractual clauses.

9.3 Consent. By using OWC services, individuals consent to cross-border data transfers.

9.4 Limitations. OWC cannot guarantee identical privacy protections in all jurisdictions.

9.5 Regulatory Compliance. OWC complies with CPRA, GDPR (where applicable), and other international frameworks.

10. Data Retention

10.1 Retention Period. OWC retains personal data only as long as necessary for program delivery, legal compliance, and donor reporting.

10.2 Donor Records. Financial records are retained in compliance with IRS requirements.

10.3 Program Records. Counseling, telehealth, and advocacy records are retained consistent with HIPAA and state regulations.

10.4 Volunteer & Employment Data. Applications and background checks may be retained for up to seven years.

10.5 Disposal. Data no longer needed is securely destroyed or anonymized.

11. Children’s Privacy

11.1 Policy. OWC is committed to protecting the privacy of children and youth under 18.

11.2 Consent. Parental or guardian consent is required for collection of minor data.

11.3 Compliance. OWC complies with COPPA (Children’s Online Privacy Protection Act).

11.4 Limited Collection. Only essential information required for program participation is collected.

11.5 Protection. Data related to minors is stored with heightened security and confidentiality.

12. Donor Privacy & Fundraising Data

12.1 Confidentiality. Donor information is kept confidential unless explicit consent is provided for recognition.

12.2 Stewardship. OWC uses donor data only for processing contributions, issuing receipts, and reporting impact.

12.3 Third-Party Vendors. Donations processed online use PCI DSS-compliant payment processors.

12.4 Anonymity. Donors may request to remain anonymous.

12.5 Reporting. Aggregate, anonymized data may be shared with regulators, funders, or the public.

13. Telehealth & Remote Service Privacy

13.1 HIPAA Compliance. OWC complies with HIPAA for telehealth and remote advocacy services.

13.2 Consent. Participants must provide explicit informed consent for telehealth sessions.

13.3 Platforms. OWC uses HIPAA-compliant platforms for telehealth, counseling, and group workshops.

13.4 Risks. Risks such as technical failures or third-party breaches are disclosed before participation.

13.5 Recording. Sessions are not recorded without express consent.

14. Volunteer, Intern & Staff Data

14.1 Collection. OWC collects information from staff, volunteers, and interns for background checks, payroll, and training.

14.2 Confidentiality. Personnel data is maintained securely and shared only with authorized staff or regulators.

14.3 Retention. Employment-related data may be retained for seven years or longer if required by law.

14.4 Rights. Staff and volunteers may request access to their personnel files consistent with state labor laws.

14.5 Security. HR systems use secure access controls and encryption.

15. Third-Party Services

15.1 Vendors. OWC may use third-party providers for IT, translation, telehealth, or data hosting.

15.2 Contracts. Vendors must sign confidentiality agreements and comply with OWC’s privacy standards.

15.3 Responsibility. OWC is not liable for independent third-party practices but monitors compliance.

15.4 External Links. OWC websites may link to third-party sites not controlled by OWC.

15.5 Disclaimer. OWC disclaims responsibility for external content or services linked from its platforms.

16. Affiliate, Testimonial & External Links Disclaimers

16.1 Affiliate Disclaimer: OWC may recommend or work with partner organizations. Any material connection will be disclosed.

16.2 Testimonial Disclaimer: Testimonials are individual experiences and results may vary.

16.3 External Links: OWC is not responsible for content, privacy practices, or services of external websites linked from our platforms.

17. Amendments & Updates

17.1 Policy Changes. OWC may amend this Privacy Policy periodically.

17.2 Notification. Updates will be communicated via our website or email.

17.3 Continued Use. Continued use of OWC services after updates constitutes acceptance of changes.

17.4 Archiving. Previous versions of this policy will be archived and available upon request.

18. Compliance & Oversight

18.1 Regulatory Compliance. OWC complies with HIPAA, FERPA, ADA, CPRA, and state nonprofit laws.

18.2 Oversight. Compliance is monitored internally and may be audited by regulators.

18.3 Accountability. OWC leadership and Board of Directors ensure enforcement of this policy.

18.4 Reporting Violations. Suspected violations may be reported confidentially to OWC leadership.

19. Contact Information

Oakland Women’s Center (OWC)
Email: [email protected]
Phone: 510-756-5700
Address: 1900 Powell Street, Suite 700, Emeryville, CA 94608
Mailing Address: PMB9101, 1999 Harrison Street, Oakland, CA 94612
Business Hours: Monday–Friday, 9 AM–6 PM PST

Appendix A — Glossary of Key Terms

HIPAA: Health Insurance Portability and Accountability Act
FERPA: Family Educational Rights and Privacy Act
ADA: Americans with Disabilities Act
CPRA: California Privacy Rights Act
GDPR: General Data Protection Regulation (where applicable)
PCI DSS: Payment Card Industry Data Security Standard
COPPA: Children’s Online Privacy Protection Act

Appendix B — Consent Templates

Sample language for participant consent to data collection, telehealth, and communications.

Templates are available upon request and may be tailored to specific services.

Appendix C — Cookie Policy

C.1 Types of Cookies: Essential, performance, functionality, and targeting cookies.

C.2 Consent: Users may accept, reject, or customize cookie preferences.

C.3 Withdrawal: Consent may be withdrawn at any time through browser settings or cookie banners.

C.4 Third-Party Tools: OWC may use analytics or advertising cookies subject to user consent.