Privacy

Privacy Policy

Effective Date: November 10, 2025

Last Updated: November 10, 2025

FPMT Regional Office North America Inc. (“we,” “us,” or “our”) is a 501(c)(3) non-profit organization registered in the United States. We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you interact with our website www.fpmtna.org (the “Site”), including through our contact form.


1. Information We Collect

We collect the following personal information only when you voluntarily submit it via our contact form:

  • Name (first and/or last name you provide)
  • Email address
  • Message content (your inquiry or feedback)

We also automatically collect:

  • IP address
  • Browser type and version
  • Date and time of submission
  • Referring page (if applicable)


2. How We Use Your Information

We use the collected data solely for:

  • Responding to your inquiry or message
  • Improving our services and website functionality
  • Internal record-keeping and compliance with IRS non-profit reporting
  • Preventing spam, fraud, or abuse

We do NOT sell, rent, or trade your personal information with third parties for marketing purposes.


3. Legal Basis (CCPA, CalOPPA & GDPR Compliance)

  • CCPA (California residents): We collect minimal PII for a legitimate business purpose (responding to contact requests).
  • GDPR (EU/UK residents): Processing is based on your consent (provided when submitting the form) and legitimate interest (answering your message).


4. Data Sharing & Disclosure

We may share your data only with:

  • Authorized staff and volunteers who need access to respond
  • Service providers bound by confidentiality (e.g., Formspree, Google Workspace, or our web host) under written agreements
  • Law enforcement or government authorities if required by law (e.g., subpoena)


5. Data Storage & Security

  • Storage& Processing: We collect only the minimum data needed to handle inquiries, newsletters, and website analytics. All data is stored securely with encryption and full GDPR compliance:
    – Contact form (name, email, message): Sent via email to [email protected] and stored in Google Workspace (Gmail) — encrypted at rest (AES-256) and in transit (TLS), hosted in Google data centers (EU/US regions with GDPR DPA/SCCs). Deleted after processing your inquiry.
    – Newsletter signup (email): Stored in Constant Contact (US servers, GDPR-compliant via SCCs), encrypted (AES-256 at rest, TLS in transit). Used solely for sending emails with easy unsubscribe. Export/deletion on request.
    – Website analytics (anonymized IP, cookies, visit data): Stored in Matomo (self-hosted on our US servers), encrypted at rest (AES-256) and in transit (TLS). Configured for GDPR (IP masking, consent tools, data retention). Used only for site improvement; no personal identification.
    We do not share data with third parties except as required to deliver services (see Google DPA, Constant Contact privacy, and Matomo GDPR tools).
    Learn more: Google Workspace DPA | Constant Contact Privacy | Matomo GDPR
  • Retention: We retain contact form data only as long as necessary to process your inquiry, then permanently delete unless required longer for legal purposes.
  • Security: We use HTTPS, encryption, access controls, and regular security reviews.


6. Cookies & Tracking

Our site uses only essential cookies (if any) to make the contact form work. We do not use analytics, advertising, or tracking cookies unless explicitly stated here.

If we add Google Analytics or similar in the future, we will update this policy and display a cookie banner.


7. Your Rights

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Delete your data (“right to be forgotten”)
  • Opt-out of future communications
  • Non-discrimination for exercising your rights

To exercise these rights, email us at: [email protected]

California residents: You may submit a verifiable request under CCPA. We will respond within 45 days.


8. Children’s Privacy (COPPA)

Our Site is not directed to children under 13. We do not knowingly collect data from children. If we learn we have, we will delete it immediately.


9. Changes to This Policy

We may update this Privacy Policy. Changes will be posted here with a new “Effective Date.” We will notify you via email if changes are material.


10. Contact Us

For questions about this policy: