1. Introduction

The Global Smooth Foundation (“GSF,” “we,” “us,” or “our”) is a 501(c)(3) nonprofit organization dedicated to advancing American Smooth ballroom dance through certification, education, and competitive events. We are committed to protecting the privacy of every individual who interacts with our organization, including website visitors, certification candidates, event participants, donors, volunteers, and members of the public.

This Privacy Policy describes what personal information we collect, how we use and protect it, the choices you have regarding your information, and your rights under applicable law. By using our website or engaging with our services, you acknowledge that you have read and understood this policy.

Effective Date: February 2026

2. Information We Collect

Information You Provide Directly

We collect personal information that you voluntarily provide when you interact with us, including:

• Contact information: name, email address, phone number, mailing address
• Account and membership information: login credentials, certification level, membership status
• Certification and exam data: exam applications, video submissions, scoresheets, results, and appeal correspondence
• Event registration: attendance details, dietary or accommodation preferences, travel information
• Donation and payment data: billing address, credit card or payment information (processed through secure third-party providers; GSF does not store full payment card numbers)
• Communications: emails, messages, feedback, and other correspondence you send to us

Information Collected Automatically

When you visit our website, we may automatically collect certain information, including:

• Device and browser information: device type, operating system, browser type and version
• Usage data: pages viewed, time spent on pages, navigation paths, referring URLs
• Network information: IP address, approximate geographic location
• Cookies and similar technologies: as described in Section 5

Information from Third Parties

We may receive information from third-party services that you use to interact with us, such as payment processors, event registration platforms, and social media networks (only when you choose to interact with us through those platforms).

3. How We Use Your Information

We use personal information only for purposes that are consistent with our charitable mission and legitimate operational needs. Specifically, we use your information to:

• Process certification applications, administer examinations, and communicate results
• Manage event registrations and coordinate event logistics
• Process donations, issue tax receipts, and maintain donor records
• Communicate organizational news, event announcements, and educational resources (with your consent)
• Respond to inquiries, feedback, and support requests
• Manage membership accounts and login access
• Improve our website, services, and user experience through analytics
• Comply with legal obligations, including IRS reporting and state regulatory requirements
• Protect the Foundation’s rights, property, and the safety of our users and the public

4. Information Sharing & Disclosure

We Do Not Sell Your Data

GSF does not sell, rent, or trade your personal information to any third party for marketing or commercial purposes. This applies to all categories of personal information we collect, including donor data.

Limited Sharing

We may share personal information only in the following circumstances:

• Service providers: We work with trusted third-party vendors who assist us with payment processing, email communications, website hosting, analytics, and event management. These providers are bound by confidentiality agreements and are prohibited from using your information for any purpose other than providing services to GSF.
• Legal requirements: We may disclose information when required to do so by law, subpoena, court order, or government regulation, or when we believe disclosure is necessary to protect the rights, property, or safety of the Foundation, our users, or the public.
• Certification verification: With your consent, we may confirm your certification status to third parties who inquire (e.g., event organizers, dance studios). We will not disclose exam scores or detailed results without your written permission.
• Organizational transfers: In the unlikely event that GSF merges with or transfers assets to another nonprofit organization, your information may be transferred as part of that transaction, subject to the same privacy protections described in this policy.

5. Cookies & Tracking

What Are Cookies

Cookies are small text files stored on your device by your web browser when you visit a website. They help the site remember your preferences and understand how you interact with the content.

Cookies We Use

Managing Cookies

You can control and delete cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a cookie is set. Disabling cookies may limit certain features of our website, such as login functionality.

Do Not Track

Our website does not currently respond to “Do Not Track” signals from browsers. However, you can opt out of analytics tracking by using browser-based opt-out tools provided by analytics services.

6. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our safeguards include:

• Encryption of sensitive data in transit (SSL/TLS) and at rest where applicable
• Secure access controls limiting data access to authorized personnel only
• Secure password policies and multi-factor authentication where available
• Regular security reviews and monitoring of our digital platforms
• Regular data backups with secure, access-controlled storage
• Use of PCI-compliant third-party payment processors for all financial transactions

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections and promptly addressing any identified vulnerabilities.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal and regulatory obligations, resolve disputes, and enforce our agreements. General retention guidelines include:

• Certification records (exam results, scoresheets, video submissions): retained for 10 years
• Donor and financial records: retained for 7 years in accordance with IRS requirements
• Event registration data: retained for 3 years following the event
• Website analytics data: retained for up to 26 months
• Account and membership data: retained for the duration of the membership plus 3 years
• General correspondence: retained for 3 years

When personal information is no longer needed, it will be securely deleted or anonymized. In the event of pending or anticipated litigation, investigation, or audit, relevant records will be preserved until the matter is resolved.

8. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right of access: Request a copy of the personal information we hold about you.
• Right to correction: Request that we correct inaccurate or incomplete personal information.
• Right to deletion: Request that we delete your personal information, subject to legal retention requirements.
• Right to restrict processing: Request that we limit how we use your information in certain circumstances.
• Right to data portability: Request a machine-readable copy of your data for transfer to another service.
• Right to object: Object to the processing of your information for certain purposes, including direct marketing.
• Right to withdraw consent: Where processing is based on consent, withdraw your consent at any time without affecting prior processing.
• Right to opt out: Opt out of marketing emails at any time using the unsubscribe link in any communication or by contacting us directly.

To exercise any of these rights, please contact us using the information in Section 15. We will verify your identity and respond to your request within 30 days. We will not charge a fee for processing reasonable requests.

9. California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with additional rights regarding your personal information.

Your CCPA/CPRA Rights

• Right to know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, our purposes for collecting it, and the categories of third parties with whom we share it.
• Right to delete: You may request deletion of your personal information, subject to certain exceptions (e.g., completing a transaction, legal compliance, security).
• Right to correct: You may request that we correct inaccurate personal information.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

Sale of Personal Information

To submit a CCPA/CPRA request, please contact us using the information in Section 15. We will verify your identity before processing your request.

10. International Users

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, your personal data is protected under the General Data Protection Regulation (GDPR) and applicable national laws.

Legal Basis for Processing

We process your personal data based on one or more of the following legal bases:

• Consent: You have given explicit consent for a specific purpose (e.g., subscribing to our newsletter).
• Contractual necessity: Processing is necessary to fulfill a contract with you (e.g., certification services, event registration).
• Legal obligation: Processing is necessary to comply with a legal requirement (e.g., tax reporting).
• Legitimate interest: Processing is necessary for our legitimate interests (e.g., improving our services, fraud prevention), provided those interests do not override your fundamental rights.

International Data Transfers

GSF is based in the United States. If you are accessing our services from outside the U.S., please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country. By using our services, you consent to this transfer. We take appropriate measures to ensure your data receives adequate protection in accordance with applicable law.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and notify affected individuals without undue delay, as required by the GDPR.

Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

11. Donor Privacy

The Global Smooth Foundation values the trust of our donors and maintains the following commitments:

• We will not sell, trade, or share donor personal information—including names, addresses, email addresses, phone numbers, or giving history—with any third party without the donor’s explicit written consent, except as required by law.
• Donor information is stored securely and accessed only by authorized personnel who need it to perform their duties.
• We honor all requests from donors to remain anonymous. Anonymous donors will not be publicly identified without express written permission.
• Donors may opt out of any communications at any time by contacting us or using the unsubscribe link in our emails.
• All gifts of $250 or more will receive written acknowledgment in compliance with IRS substantiation requirements.
• We will use donation information only for processing gifts, issuing receipts, maintaining records required by law, and communicating with donors about our mission (with consent).

This donor privacy commitment applies to all information collected online, by mail, by phone, or in person. Charity watchdog organizations, including Charity Navigator, consider the existence of a published donor privacy policy in their accountability assessments.

12. Children’s Privacy

Our website and services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 in compliance with the Children’s Online Privacy Protection Act (COPPA). If we become aware that we have inadvertently collected personal information from a child under 13, we will take immediate steps to delete that information.

If you are a parent or guardian and believe that your child has provided personal information to us, please contact us using the information in Section 15 so we can take appropriate action.

13. Third-Party Links

Our website may contain links to third-party websites, platforms, and services that are not owned or controlled by the Global Smooth Foundation. These may include payment processors, event ticketing platforms, social media networks, and educational resources.

We are not responsible for the privacy practices, content, or security of third-party sites. We encourage you to review the privacy policies of any third-party websites before providing your personal information. The inclusion of a link on our website does not constitute an endorsement of the linked site or its operators.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or organizational operations. When we make material changes, we will update the “Effective Date” at the top of this page and, where appropriate, notify you by email or through a prominent notice on our website.

We encourage you to review this page periodically. Your continued use of our website and services after any changes constitutes your acceptance of the updated policy.

15. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your privacy rights, or need to report a data concern, please contact us:

We are committed to addressing your concerns promptly. For privacy rights requests, we will respond within 30 days of receiving a verifiable request.