New Roots Institute (“we” or “us”) is committed to protecting your personal information. This policy explains what we collect, how we use it, with whom it may be shared, and the safeguards in place to protect it.
This policy applies whenever you engage with us (e.g., through our websites, events, services, programs, surveys, applications, or forms). By engaging with us, you agree to the current version of this policy. We reserve the right to revise this Privacy Policy, and such revised policy will automatically become effective upon its posting at www.newrootsinstitute.org.
If we make any material changes to our Privacy Policy, we will use reasonable efforts to include a notice on our homepage at www.newrootsinstitute.org, for at least 30 days following the posting of the changes, that our Privacy Policy has changed, or alternatively, in our discretion, to notify you at your email address on record with us.
If you do not agree with this policy, please do not engage with us.
When you engage with us, we may collect the following:
By engaging with us, you consent to the collection of this information.
We do not see, store, or retain full credit card numbers. Payments are processed securely through partners like Stripe and PayPal. We maintain Payment Card Industry Data Security Standard (PCI DSS) compliance.
We may use your personal information to:
All our emails include a link to manage preferences or unsubscribe. You may also email us directly to unsubscribe. To stop receiving physical mail, contact us with your full name and mailing address so we can update our records.
We value your privacy and are committed to protecting your personal information. We do not sell or rent personal information. However, in limited circumstances, we may share information with trusted partners or service providers as described below, always in accordance with applicable privacy laws and best practices.
1. Service Providers and Vendors
We may share personal information with trusted third-party vendors who help us operate our programs, manage data, and communicate with participants and supporters. Examples include:
These vendors are contractually required to:
2. Program Evaluation and Improvement
We may use or share de-identified or aggregated data for internal evaluation, quality improvement, and reporting purposes. This may include:
Individual participants will not be personally identified in any public or external reports without explicit written consent.
3. Research and Academic Partnerships
We sometimes collaborate with universities, researchers, or evaluation partners to study the impact of our programs. Any external research use will follow formal agreements and, where applicable, Institutional Review Board (IRB) approval. Data shared for research purposes will generally be de-identified (removing personal information like name or email) or aggregated. If identifiable data is ever requested, we will obtain individual or parental/guardian consent before sharing.
Participation in research activities is always voluntary.
4. Youth Information Sharing
Personal information about minors is not shared publicly unless parental/guardian consent is given, and it is only disclosed to third parties under the same conditions described in this policy (e.g., secure vendors, research with IRB oversight, or with parental consent).
5. Legal and Safety Requirements
We may disclose personal information if required by law, regulation, subpoena, or court order, or if we believe disclosure is necessary to protect the rights, property, or safety of our organization, participants, or others.
6. Other Limited Circumstances
With your explicit consent (or parental/guardian consent for minors), we may share personal information for additional purposes clearly communicated at the time consent is given — for example, if you or your child are featured in a testimonial, photo, or media story.
We keep information only as long as necessary for the purposes described in this Privacy Policy. Retention periods vary depending on the type of information and may be influenced by certain factors, including, without limitation, legal requirements, potential litigation, contractual obligations, or operational needs.
We take the security of your personal information very seriously. We use industry-standard security measures—including secure storage systems, encryption (SSL), and compliance-based practices—to protect your information from unauthorized access, disclosure, alteration, or destruction. Please keep in mind, however, that the transmission of information over the internet is never completely secure, and any information disclosed online can potentially be collected and used by parties other than the intended recipient.
The California Online Privacy Protection Act protects your right to visit websites anonymously. Some browsers send “Do Not Track” (DNT) signals, but since no standard exists, our sites do not respond to DNT at this time. We continue to monitor developments in this area.
We do not knowingly solicit or collect personal information (as defined by applicable law) from minors under the age permitted by applicable law without parental/guardian consent. If you are a parent or guardian and believe that your minor disclosed information to us in a way that is prohibited by applicable children’s privacy laws, please contact us at operations@newrootsinstitute.org.
New Roots Institute is based in the United States, and we store and process your information in the United States. If you are located in the European Union or other regions with laws governing data collection and use that may differ from United States law, please note that we may transfer your information to a country and jurisdiction that does not have the same data protection laws as your jurisdiction. By engaging with us, you consent to the transfer of your information to such jurisdictions. If you do not want your information to be transferred in this way, please do not engage with us.
Our websites may link to third-party sites. This Privacy Policy does not apply to those sites, and we cannot control how they use your information. Please review the privacy policies of any third-party site before sharing personal information.
To update, correct, or remove your information, email us directly.
If you prefer not to receive our messages, use the unsubscribe/manage preferences link in any email or email us directly.
Please note: donor transaction records must be retained in accordance with our record retention policy and nonprofit best practices.
If you live in the European Economic Area, you have the right to:
We respond to all valid requests under applicable law. However, we may retain certain information as needed to meet legal obligations, resolve disputes, or enforce agreements.
Cookies are small text files stored in your browser that help recognize you, improve your experience, and make our services more useful. They may be temporary (“session”) or long term (“persistent”).
We use cookies to improve your experience, track site traffic, and store preferences. Both session and persistent cookies may be used.
If you have any questions about our Privacy Policy, please contact us as provided below.
For general questions about this Privacy Policy or your rights hereunder or for questions specifically about your information or to exercise your rights with regard to your information, email operations@newrootsinstitute.org.
You may also write to us at:
New Roots Institute
1110 N. Virgil Ave, Suite 98280
Los Angeles, CA 90029
Attn: Operations Department
