1. Information We Collect

1.1 Personal Information

We collect personal information that you voluntarily provide when you:

• Submit a membership application
• Create an account or access the member portal
• Contact us via email or contact forms
• Participate in member forums, events, or activities
• Make payments for membership fees or services

The personal information we may collect includes:

• Identity Information: Full name, preferred name, date of birth
• Contact Information: Email address, phone number, mailing address, city, country
• Professional Information: Occupation, education level, languages spoken
• Application Information: Motivation statements, personal goals, areas of interest, prior experience
• Payment Information: Billing address, payment method details (processed securely by third-party payment processors)
• Account Information: Username, password (encrypted), member ID, degree level
• Communication Data: Messages, forum posts, feedback, correspondence with mentors or staff

1.2 Automatically Collected Information

When you access our website or portal, we may automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent on pages, links clicked, access times
• Location Data: General geographic location based on IP address
• Cookies and Tracking Technologies: Session cookies, preference cookies, analytics data

1.3 Sensitive Information

We do not intentionally collect sensitive personal information such as racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data. If such information is voluntarily shared in application essays or communications, it will be handled with strict confidentiality.

2. How We Collect Information

2.1 Direct Collection

Most information is collected directly from you through:

• Online forms (application, contact, feedback)
• Email correspondence
• Member portal interactions
• Survey responses
• Event registrations

2.2 Automated Collection

We use cookies, web beacons, and analytics tools to automatically collect usage and device information. See Section 8 for details on cookies.

2.3 Third-Party Sources

In limited cases, we may receive information from:

• Payment processors (transaction confirmation, billing information)
• Referral sources (if you were referred by an existing member)
• Public databases (for verification purposes only, if necessary)

3. How We Use Your Information

3.1 Primary Uses

We use your personal information for the following purposes:

Purpose	Description
Application Processing	Review and evaluate membership applications, conduct interviews, make acceptance decisions
Membership Administration	Create and manage member accounts, track progress, assign mentors, manage degree advancement
Service Delivery	Provide access to curriculum, resources, portal, events, and community features
Communication	Send important updates, respond to inquiries, facilitate mentor-member communication
Payment Processing	Process membership fees, manage billing, issue receipts
Improvement	Analyze usage patterns, gather feedback, enhance curriculum and services
Security	Protect against fraud, unauthorized access, and security threats
Legal Compliance	Comply with legal obligations, enforce Terms and Conditions, resolve disputes

3.2 Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data based on:

• Consent: You have given explicit consent for specific processing purposes
• Contract: Processing is necessary to fulfill our membership agreement with you
• Legitimate Interests: Processing serves our legitimate business interests while respecting your rights
• Legal Obligation: Processing is required to comply with legal requirements

4. Sharing and Disclosure

4.1 General Policy

We do not sell, rent, or trade your personal information to third parties. Your privacy is paramount to our mission.

4.2 Limited Sharing

We may share your information only in the following circumstances:

• Within the Order: Your information is accessible to authorized Order personnel (membership committee, assigned mentors, administrative staff) who need it to perform their duties. All personnel are bound by confidentiality obligations.
• Service Providers: We may share information with trusted third-party service providers who assist with:
  • Payment processing (e.g., Stripe, PayPal)
  • Email delivery (e.g., SendGrid, Mailchimp)
  • Website hosting and infrastructure
  • Analytics and performance monitoring
  These providers are contractually obligated to protect your data and use it only for specified services.
• Legal Requirements: We may disclose information if required by law, court order, subpoena, or government regulation.
• Safety and Protection: We may disclose information to prevent harm, protect rights and property, investigate fraud, or enforce our Terms and Conditions.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to equivalent privacy protections.
• With Your Consent: We may share information for purposes not described here if we obtain your explicit consent.

4.3 Member Anonymity

We do not publicly disclose member identities. Your participation remains confidential unless you choose to reveal it or give us permission to acknowledge you.

5. Data Security

5.1 Security Measures

We implement industry-standard security measures to protect your personal information, including:

• Encryption: SSL/TLS encryption for data transmission; encrypted storage for sensitive data
• Access Controls: Role-based access restrictions; authentication requirements; regular access audits
• Secure Infrastructure: Protected servers; firewalls; intrusion detection systems
• Regular Updates: Software patches; security updates; vulnerability assessments
• Staff Training: Privacy and security training for all personnel with data access

5.2 Your Responsibilities

You are responsible for:

• Maintaining the confidentiality of your login credentials
• Using strong, unique passwords
• Logging out after using shared devices
• Notifying us immediately of any suspected security breach

5.3 No Absolute Security

While we employ robust security measures, no system is completely secure. Data transmission over the internet carries inherent risks. We cannot guarantee absolute security but maintain commercially reasonable protections.

6. Data Retention

6.1 Retention Periods

We retain your personal information for as long as necessary to fulfill the purposes described in this policy:

• Applications: Declined applications are retained for 12 months; accepted applications become part of permanent member records
• Active Membership: All membership data is retained throughout your active membership
• Former Members: Core records (identity, membership history, degree progression) are retained indefinitely for organizational continuity
• Communications: Forum posts and educational contributions may be retained indefinitely; personal correspondence is retained for 7 years
• Financial Records: Payment and billing records are retained for 7 years for accounting and tax purposes

6.2 Deletion Requests

You may request deletion of your personal information, subject to:

• Legal obligations requiring retention (e.g., financial records)
• Legitimate business interests (e.g., protecting against fraud)
• Completion of ongoing investigations or disputes

Upon deletion, your personal information will be permanently removed from active systems. Some residual data may persist in backups for a limited time.

7. Your Privacy Rights

7.1 General Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to exceptions)
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to certain types of processing
• Restriction: Request limitation on how we use your data
• Withdrawal of Consent: Withdraw consent for processing (where consent is the legal basis)

7.2 GDPR Rights (EEA Residents)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

7.3 CCPA Rights (California Residents)

California residents have rights under the California Consumer Privacy Act (CCPA), including:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of sale of personal information (we do not sell personal information)
• Right to deletion
• Right to non-discrimination for exercising privacy rights

7.4 Exercising Your Rights

To exercise any of these rights, contact us at privacy@aurevexorder.org with your request. We will respond within 30 days (or as required by applicable law). We may need to verify your identity before processing requests.

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files stored on your device when you visit our website. They help us provide essential functionality and improve your experience.

8.2 Types of Cookies We Use

Type	Purpose	Duration
Essential Cookies	Enable core functionality like login sessions and portal access	Session or up to 30 days
Preference Cookies	Remember your settings and preferences	Up to 1 year
Analytics Cookies	Track website usage and performance to improve services	Up to 2 years
Security Cookies	Detect and prevent unauthorized access	Session

8.3 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to:

• View and delete cookies
• Block all cookies
• Block third-party cookies
• Clear cookies when closing the browser

Note that blocking essential cookies may impair website functionality and prevent portal access.

8.4 Third-Party Analytics

We may use analytics services like Google Analytics to understand website usage. These services may use cookies and collect anonymized data. You can opt-out of Google Analytics using the Google Analytics Opt-out Browser Add-on.

9. Third-Party Services

9.1 External Links

Our website may contain links to third-party websites for reference or educational purposes. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

9.2 Service Provider Privacy

Third-party service providers we use (payment processors, email services, etc.) have their own privacy policies. We select providers with strong privacy commitments and ensure they contractually protect your data.

10. International Data Transfers

10.1 Cross-Border Transfers

The Order operates internationally. Your information may be transferred to, stored, and processed in countries other than your country of residence. These countries may have different data protection laws.

10.2 Safeguards

When transferring data internationally, we implement appropriate safeguards, including:

• Standard contractual clauses approved by regulatory authorities
• Ensuring adequate data protection in destination countries
• Obtaining your explicit consent where required

11. Children’s Privacy

The Order does not knowingly collect information from individuals under 18 years of age. Membership is restricted to adults (18+). If we discover that we have inadvertently collected information from a minor, we will delete it immediately.

If you believe we have collected information from a minor, please contact us at privacy@aurevexorder.org.

12. Changes to This Privacy Policy

12.1 Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. The “Last Updated” date at the top indicates the most recent revision.

12.2 Notification

Material changes will be communicated via:

• Email notification to members and applicants
• Prominent notice on our website
• Portal announcement for active members

12.3 Continued Use

Your continued use of our website or services after policy changes constitutes acceptance of the revised policy. If you do not agree with changes, you should discontinue use and contact us to close your account.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: