Privacy Policy

This Privacy Policy explains:

• What information we collect and why

• How we use and protect your information

• Your rights regarding your data

• How we handle sensitive information about gender identity and LGBTQ+ status

• Our security practices and commitments

Contact Information:

• Website: https://phxbeyondbinary.com

• Email: hello@phxbeyondbinary.com

3.1 Information You Provide Directly

We collect information that you voluntarily provide to us through various means including surveys, feedback forms, email signups, and other community engagement tools. The specific information we collect may include:

3.2 Automatically Collected Information

When you visit our website, we automatically collect:

• Technical Information: IP address, browser type and version, device type, operating system

• Usage Information: Pages visited, time spent on pages, links clicked, referring website

• Performance Data: Page load times, errors, and other diagnostic information

This information is collected through:

• Vercel Analytics: Website traffic and performance monitoring

• Vercel Speed Insights: Performance optimization data

3.3 Session Recording and User Experience Analytics

We use LogRocket, a session recording service, to understand how visitors interact with our website and identify where improvements can be made. LogRocket records sessions including:

• Mouse movements, clicks, scrolling, and page navigation

• Pages visited and time spent on each page

• Browser console logs and JavaScript errors

• Network requests (excluding form submissions)

• Device and browser information

• IP addresses

• A persistent tracking identifier stored in your browser's localStorage to recognize returning visitors

Purpose: Session recordings help us identify where visitors experience confusion, technical issues, or difficulty navigating so we can improve the website for everyone.

Data Location: Session data is stored by LogRocket, Inc. in the United States using Google Cloud Platform infrastructure.

LogRocket Privacy Policy: https://logrocket.com/privacy

3.4 Cookies and Tracking Technologies

Cookies: We do not currently use cookies for tracking user behavior beyond what is necessary for our third-party analytics services. Our third-party service providers (Vercel, LogRocket) may use cookies and similar technologies.

Browser localStorage: We store a persistent tracking identifier in your browser's localStorage to recognize returning visitors across sessions. This identifier helps us understand user journey patterns (e.g., how many visits before conversion) but is not linked to your personal identity. You can clear this by clearing your browser's local storage or site data.

Future Use: If we implement additional cookies or tracking in the future, we will update this policy and may provide you with options to manage your cookie preferences.

3.5 Information We Do NOT Collect

We do not knowingly collect:

• Information from individuals under 18 years of age

• Financial information (credit card numbers, bank account details) — we are not currently processing payments

• Government-issued identification numbers (Social Security numbers, driver's license numbers)

• Health information (unless you voluntarily share it in open-text survey responses)

• Precise geolocation data

4.1 Primary Uses

We use your information to:

4.2 Aggregated and Anonymized Data

We may create aggregated, anonymized, or de-identified data from the information we collect. This means removing any information that could identify you personally. We may use and share this anonymized data for:

• Publishing reports on community needs and interest

• Grant applications and fundraising materials

• Presenting to potential partners or sponsors

• Public communication about our research and findings

Example: "75% of survey respondents indicated interest in server resources" (aggregate data, no individual identification)

4.3 Communication

We may use your contact information to:

• Send you information you requested or signed up for

• Respond to your inquiries, feedback, and support requests

• Provide updates about PHX Beyond Binary's development and launch

• Notify you of events, programs, and opportunities

• Send important administrative or policy updates

• Communicate about your membership (when applicable)

You can always opt-out of promotional communications while still receiving essential service-related messages (see Section 7.4).

4.4 Legal Compliance

We may use or disclose your information as required to:

• Comply with applicable laws, regulations, or legal processes

• Respond to lawful requests from government authorities

• Protect our rights, property, or safety, or that of our community members

• Enforce our Terms of Service

• Investigate and prevent fraud, security issues, or illegal activity

5.1 Recognizing Sensitivity

We recognize that information about gender identity, sexual orientation, and LGBTQ+ community affiliation is highly sensitive, especially in the current political climate. A data breach could expose vulnerable individuals to harm, discrimination, or harassment.

5.2 Special Protections

For sensitive community data, we:

• Use encryption in transit (HTTPS/TLS) for all data transmission

• Use encryption at rest for data stored in our database

• Strictly limit access — Currently, only the founder has access to personal data. As we grow, access will be limited to essential personnel only, all of whom will sign confidentiality agreements

• Follow security best practices for our database and hosting infrastructure

• Monitor for security issues and apply updates promptly

• Train any future staff or volunteers on data handling and confidentiality

• Follow the principle of data minimization — we only collect what we truly need

5.3 Open-Text Responses and Free-Form Feedback

We recognize that when you provide open-ended feedback through surveys, contact forms, or other input mechanisms, your responses may contain:

• Personal stories of discrimination or harassment

• Mental health concerns (anxiety, depression, isolation)

• Financial hardship information

• Safety concerns

• Details about personal circumstances or challenges

• Other sensitive personal information

5.4 Anonymization for Public Use

When we share information publicly (in reports, presentations, or communications), we:

• Remove all personally identifying information

• Aggregate data so individuals cannot be identified

• Avoid sharing unique combinations of characteristics that could reveal identity

• Ask for explicit consent before sharing any identifiable personal stories or testimonials

6.1 We Do NOT Sell Your Data

We will never sell, rent, or trade your personal information to third parties. Your data is not a commodity.

6.2 Service Providers

We share information with trusted service providers who help us operate our website and services:

6.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Court orders or subpoenas

• Law enforcement requests

• Legal proceedings or government investigations

• Protection of our rights or safety of our community

Given the sensitivity of our community data, we take our responsibility to protect your information seriously and will carefully scrutinize any requests we receive.

6.4 Business Transfers

If PHX Beyond Binary is involved in a merger, acquisition, sale of assets, or dissolution, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any such change and provide you with choices regarding your data.

6.5 With Your Consent

We may share your information in other situations with your explicit consent. For example:

• Featuring your testimonial or story (with your approval)

• Connecting you with other community members (with mutual consent)

• Sharing your project or work with proper attribution

7.1 Access Your Information

You have the right to request a copy of the personal information we hold about you. Contact us at hello@phxbeyondbinary.com and we will provide:

• Any contact information we have for you

• Your survey or feedback responses

• Your account information (when applicable)

• Any other personal data we have associated with you

Response Time: We will respond to your request within a reasonable timeframe, typically within 30-45 days. As a small operation, complex requests may take longer, but we will acknowledge receipt of your request promptly and provide a timeline estimate.

Format: We will provide your information in a practical format (such as PDF, spreadsheet, or text file). While we may not have automated export systems, we will ensure you receive all the information we hold about you.

7.2 Correct Your Information

If information we have about you is inaccurate or incomplete, you may request corrections. Contact us at hello@phxbeyondbinary.com with the corrected information.

Response Time: We will update your information within a reasonable timeframe, typically within 30-45 days of receiving your request with the correct information.

7.3 Delete Your Information

You have the right to request deletion of your personal information. Contact us at hello@phxbeyondbinary.com and we will:

• Delete your contact information from our mailing lists

• Delete your feedback and survey responses

• Remove your account information (if applicable)

• Delete all personal information from our active database

Response Time: We will complete deletion within a reasonable timeframe, typically within 30-45 days of your request.

7.4 Opt-Out of Communications

You may opt-out of email communications at any time by:

• Clicking the "unsubscribe" link in any email we send you

• Contacting us at hello@phxbeyondbinary.com

• Replying to any email with "UNSUBSCRIBE"

We will process your opt-out as soon as reasonably possible, typically within a few business days. For immediate effect, you can also mark our emails as spam in your email client.

Note: Even if you opt-out of marketing emails, we may still send you important transactional or administrative messages (such as responses to your inquiries or important policy updates).

7.5 Data Portability

Upon request, we can provide your information in a structured, commonly used, machine-readable format (such as CSV or JSON) so you can transfer it to another service.

7.6 Object to Processing

If you believe we are processing your information inappropriately or unlawfully, you may object. Contact us at hello@phxbeyondbinary.com with your concerns and we will review our practices.

8.1 How Long We Keep Your Data

8.2 When We Close Down

If PHX Beyond Binary ceases operations, we will:

1. Notify all contacts via email

2. Provide at least 30 days notice when possible for data requests

3. Delete all personal information except what's legally required to retain

4. Retain only anonymized aggregate data for archival purposes

You may request deletion of your data at any time, regardless of project status (see Section 7.3).

9.1 Technical Security

We implement industry-standard security measures:

• Encryption in Transit: All data transmitted to/from our website uses HTTPS/TLS encryption

• Encryption at Rest: Sensitive data in our database is encrypted when stored

• Access Controls: Only authorized personnel have access to personal information

• Secure Authentication: Strong passwords and multi-factor authentication for admin access

• Regular Security Updates: Software and systems are kept up-to-date with security patches

• Database Security: PostgreSQL database with proper access controls and security configurations

9.2 Organizational Security

• Limited Access: Only the founder and trusted volunteers (when added) have access to personal data

• Confidentiality Training: Anyone with data access is trained on privacy and confidentiality

• Need-to-Know Basis: Access to data is granted only when necessary for specific purposes

• No Public Sharing: Personal data is never shared publicly or posted online

• Incident Response Plan: Procedures are in place to respond to security breaches

9.3 Content Moderation Security

Our automated content filtering system helps protect the community by:

• Screening user-submitted content for hate speech, slurs, harassment, and harmful content

• Blocking inappropriate submissions from entering our database

• Providing generic error messages that don't expose security details or create opportunities for circumvention

This filtering applies to surveys, feedback forms, and other user input mechanisms to maintain a safe and respectful community environment.

9.4 Limitations and Breach Response

No system is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security. You acknowledge and accept this risk when providing information to us.

Our commitment: We will act quickly and transparently if a breach occurs, within the constraints of our resources.

10.1 Vercel Analytics and Speed Insights

Our website uses Vercel Analytics and Vercel Speed Insights for performance monitoring and traffic analysis. These services may collect:

• IP addresses

• Browser information

• Page views and interactions

• Performance metrics

Privacy Policy: https://vercel.com/legal/privacy-policy

Vercel's data collection is governed by their privacy policy. We have chosen Vercel because they have strong privacy practices and do not sell user data.

10.2 Database and Infrastructure Services

We use third-party database hosting and infrastructure services to store and process information you provide. These providers:

• Are bound by strict data processing agreements

• Use encryption and security best practices

• Are carefully selected based on their security and privacy standards

• May be located in the United States or other jurisdictions

10.3 Future Third-Party Services

As PHX Beyond Binary grows, we may integrate additional third-party services such as:

• Email marketing platforms (for newsletters and updates)

• Payment processors (for membership fees and donations)

• Event management tools (for registrations and ticketing)

• Communication platforms (for community forums or chat)

• Accounting and bookkeeping software

• Other services necessary for operations

You will always know which third parties have access to your information.

10.4 External Links

Our website may contain links to other websites. We are not responsible for the privacy practices of external websites. We encourage you to review the privacy policies of any third-party sites you visit.

11.1 Age Restriction

PHX Beyond Binary is intended for individuals 18 years of age or older only. We do not knowingly collect information from individuals under 18.

11.2 COPPA Compliance

Our services are not directed at children under 13, and we do not knowingly collect personal information from children under 13. If we discover we have collected information from a child under 13, we will delete it immediately.

11.3 Parental Notice

If you are a parent or guardian and believe your child under 18 has provided us with personal information, please contact us immediately at hello@phxbeyondbinary.com so we can delete it.

12.1 United States Operations

PHX Beyond Binary operates in the United States (specifically Arizona). Your information will be collected, processed, and stored in the United States.

12.2 GDPR (European Union)

If you are accessing our website from the European Union, you may have additional rights under the General Data Protection Regulation (GDPR), including:

• Right to access your data

• Right to rectification (correction)

• Right to erasure ("right to be forgotten")

• Right to restrict processing

• Right to data portability

• Right to object to processing

• Right to withdraw consent

• Right to lodge a complaint with a supervisory authority

To exercise your GDPR rights, contact us at hello@phxbeyondbinary.com.

12.3 Other Jurisdictions

Users from other countries may have privacy rights under their local laws. We will comply with applicable data protection laws to the extent they apply to our operations.

13.1 CCPA Compliance

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights:

13.2 Information We Collect (CCPA Categories)

• Identifiers: Email addresses, IP addresses

• Personal Information: Name (optional), survey responses

• Protected Classifications: Gender identity and sexual orientation information (inferred from community relationship question)

• Internet Activity: Website usage and browsing data

• Geolocation: General region (Phoenix area), not precise location

13.3 Exercising Your Rights

California residents may exercise these rights by contacting us at hello@phxbeyondbinary.com. We will verify your identity and respond within 45 days.

14.1 How We Update This Policy

We may update this Privacy Policy from time to time as our practices evolve, new services are added, or laws change. When we make changes:

• We will update the "Last Updated" date at the top of this document

• For material changes (significant changes to how we use or share your data), we will:

  • Send email notification to subscribers

  • Post a prominent notice on our website

  • Provide at least 30 days' notice before changes take effect

• For non-material changes (minor clarifications, formatting, contact information updates), we will:

  • Update the "Last Updated" date

  • Post the updated policy on our website

14.2 Your Continued Use

Your continued use of our website or services after changes to this Privacy Policy constitutes acceptance of the updated policy.

If you do not agree with changes, you must stop using our website and may request deletion of your information.

14.3 Reviewing This Policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

15.1 Providing Consent

By using our website, submitting information through forms, or signing up for email updates, you consent to:

• Our collection and use of your information as described in this Privacy Policy

• Our sharing of information with service providers as described

• Our use of cookies and tracking technologies

• Transfer of your data to the United States

15.2 Withdrawing Consent

You may withdraw your consent at any time by:

• Requesting deletion of your information (see Section 7.3)

• Unsubscribing from email communications (see Section 7.4)

• Stopping use of our website

Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.

PHX Beyond Binary

Email: hello@phxbeyondbinary.com

Website: https://phxbeyondbinary.com

For Privacy-Specific Inquiries:

• Subject Line: Please use "Privacy Request" in your email subject line

• Include: Your email address and specific request (access, deletion, correction, etc.)

• Response Time: We aim to respond within 30-45 days as required by law

For Data Breach Notifications:

If you believe there has been unauthorized access to your information, please contact us immediately at hello@phxbeyondbinary.com with "URGENT: Security Concern" in the subject line.