Privacy Policy

HUMANDREAM Foundation, Inc. is a federally tax-exempt nonprofit corporation organized under Section 501(c)(3) of the Internal Revenue Code. We are incorporated in the State of California and headquartered at 4804 Laurel Canyon Blvd #328, Valley Village, CA 91607. Our mission is to advance human potential through transformative education, mentorship, economic mobility initiatives, and community empowerment programs.

The Foundation operates as the sole data controller for the personal information described herein. We do not sell, rent, or trade personal data. All information collected serves exclusively to further our charitable mission and maintain meaningful relationships with our community of donors, beneficiaries, volunteers, and partners.

We collect information in two primary ways: directly from you, and automatically through your use of our digital platforms. We are deliberate and minimal in our collection, gathering only what is necessary to fulfill the purposes outlined in this Policy.

Information You Provide Directly

Information Collected Automatically

When you access our website or digital platforms, we automatically receive certain technical information including your IP address, browser type and version, device identifiers, operating system, referring URLs, pages visited, time and duration of visits, and interaction events. This information is collected via cookies, web beacons, and analytics services as described in Section 05.

The Foundation processes personal information only for lawful, specific, and legitimate purposes aligned with our charitable mission. We do not use personal data for advertising, profiling for commercial gain, or any purpose unrelated to our organizational objectives.

Specifically, we use your information to: process and acknowledge donations and issue tax receipts as required by IRS regulations; administer scholarship, fellowship, mentorship, and community programs you have enrolled in; communicate organizational news, impact reports, program updates, and fundraising campaigns to those who have opted in; respond to inquiries, provide customer support, and resolve complaints; verify eligibility and conduct background screening where required by program policy or legal obligation; analyze aggregated usage patterns to improve website functionality and user experience; comply with applicable federal, state, and local laws and regulations; prevent fraud, unauthorized access, and other prohibited activities; and fulfill any other purpose for which you have provided explicit consent.

HUMANDREAM Foundation does not sell, trade, or rent your personal information to third parties under any circumstances. We may share information with carefully vetted service providers, affiliates, and other parties only as described below, and solely to the extent necessary to carry out defined functions on our behalf.

Service Providers: We engage third-party vendors to perform services including payment processing, email delivery, cloud hosting, database management, analytics, background checks, and event management. These parties are contractually bound to use information only for the services rendered and maintain security standards equivalent to or greater than our own.

Legal & Regulatory Requirements: We may disclose information when required by law, court order, subpoena, or government authority; when necessary to enforce our Terms of Use or protect the rights, property, or safety of the Foundation, its personnel, or the public; or in connection with legal proceedings to which the Foundation is a party.

Organizational Transitions: In the unlikely event of a merger, acquisition, reorganization, or dissolution, personal information may be transferred to a successor organization, subject to continued protection under this Policy or its equivalent.

With Your Consent: We may share information with third parties for any purpose with your prior written or affirmative consent.

Our website uses cookies and similar tracking technologies to provide a functional and optimized browsing experience. A cookie is a small text file stored on your device when you visit a website. We use the following categories of cookies:

Strictly Necessary Cookies are essential for the website to operate, enabling core functions such as session management, security authentication, and donation form completion. These cannot be disabled without significantly impairing your ability to use our site.

Analytics Cookies help us understand how visitors interact with our website by collecting aggregated, anonymized data on pages visited, time on site, and navigation patterns. We use Google Analytics (governed by Google's Privacy Policy) and may use comparable tools. You may opt out of Google Analytics tracking at tools.google.com/dlpage/gaoptout.

Preference Cookies remember your choices, such as language preferences or previously completed forms, to enhance your return visits.

You may configure your browser to block or delete cookies at any time. Please note that disabling cookies may limit certain website functionality. We honor Do Not Track (DNT) browser signals and do not engage in cross-site tracking.

We retain personal information for no longer than is necessary to fulfill the purpose for which it was collected, comply with legal and regulatory obligations, resolve disputes, and enforce agreements. Our general retention guidelines are as follows:

Donor Records: Financial and donation records are retained for a minimum of seven (7) years from the date of the last transaction to satisfy IRS record-keeping requirements for 501(c)(3) organizations.

Program Participant Records: Beneficiary and participant data is retained for a minimum of five (5) years following program completion or last active engagement, unless a longer period is required by grant terms or applicable law.

Marketing Communications: Email preferences and consent records are retained until you withdraw consent, plus two (2) additional years for compliance documentation purposes.

Website Analytics Data: Aggregated, anonymized analytics data may be retained indefinitely for historical trend analysis. Identifiable technical data is deleted or anonymized within twenty-six (26) months.

Upon expiration of applicable retention periods, data is securely deleted or irreversibly anonymized in accordance with our data destruction protocols.

Our security infrastructure includes: Transport Layer Security (TLS/SSL) encryption for all data transmitted to and from our website; AES-256 encryption for sensitive data at rest within our databases; PCI-DSS Level 1 compliant payment processing through certified third-party processors — we do not store raw financial data on Foundation servers; role-based access controls limiting staff access to personal data on a strict need-to-know basis; annual third-party security assessments and penetration testing; employee training on data privacy and security practices upon onboarding and annually thereafter; and an incident response plan in compliance with applicable state breach notification laws.

In the event of a security incident that materially affects your personal information, we will notify affected individuals within the timeframes required by applicable law, and no later than seventy-two (72) hours of discovering the breach. Notification will include the nature of the breach, categories of data involved, likely consequences, and measures taken or proposed.

While we employ best-in-class practices, no security system is impenetrable. We encourage you to protect your own accounts by using strong, unique passwords and notifying us immediately if you suspect unauthorized access.

We respect your autonomy over your personal information. Depending on your location and applicable law, you may have the following rights with respect to the personal data we hold about you:

• Right to AccessRequest a copy of the personal information we hold about you, along with information about how we use it and who we share it with.
• Right to Correction (Rectification)Request correction of inaccurate or incomplete personal information we hold about you. We will update records within thirty (30) days of a verified request.
• Right to Deletion (Erasure)Request that we delete your personal information. This right is subject to legal retention obligations; we will inform you of any data we are required to retain and the legal basis for doing so.
• Right to Restrict ProcessingRequest that we limit how we use your personal information in certain circumstances, such as where you contest the accuracy of the data or object to processing pending verification of our legitimate grounds.
• Right to Data PortabilityReceive a copy of personal data you have provided to us in a structured, machine-readable format, and request that we transmit it to another controller where technically feasible.
• Right to Opt Out of CommunicationsUnsubscribe from marketing and fundraising communications at any time by clicking "unsubscribe" in any email, updating your account preferences, or contacting our Privacy Officer. Transactional and legal communications are not subject to opt-out.
• Right to Withdraw ConsentWhere processing is based on your consent, withdraw that consent at any time without affecting the lawfulness of prior processing.
• Right to Lodge a ComplaintFile a complaint with the relevant data protection authority if you believe we have not handled your personal information in accordance with applicable law.

To exercise any of these rights, please submit a written request to contact@humandream.org. We will verify your identity and respond within thirty (30) calendar days. For complex requests, we may extend this period by an additional sixty (60) days with prior notice and explanation.

HUMANDREAM Foundation is deeply committed to the safety and privacy of children. Our public-facing website and general services are not directed to individuals under the age of thirteen (13). We do not knowingly collect, use, or disclose personal information from children under 13 without verifiable parental or guardian consent, in compliance with the Children's Online Privacy Protection Act (COPPA).

For Foundation programs that serve minors, including youth education and mentorship initiatives, we collect information only from the minor's parent or legal guardian. Such information is used solely for program administration and is subject to enhanced protections. Program-specific consent forms and data handling agreements are provided to parents and guardians at the time of enrollment.

If we discover that we have inadvertently collected personal information from a child under 13 without appropriate consent, we will delete such information immediately. If you believe we have collected information from your child in error, please contact us at contact@humandream.org.

If you are a resident of the State of California, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), affords you specific rights regarding your personal information. HUMANDREAM Foundation does not sell or share personal information as defined by the CCPA and has not done so in the preceding twelve (12) months.

In addition to the general rights described in Section 08, California residents have the right to: know the specific pieces of personal information collected about them; know the categories of sources from which information was collected; know the business or commercial purpose for collecting information; know the categories of third parties with whom information is shared; and opt out of the sale or sharing of personal information (not applicable here, as we do not engage in such activities).

We will not discriminate against California residents who exercise any of these rights. To submit a verifiable consumer request, contact our Privacy Officer at contact@humandream.org or toll-free at 1-818-256-5556. You may designate an authorized agent to make requests on your behalf, subject to written authorization and identity verification procedures.

HUMANDREAM Foundation is based in the United States and primarily serves individuals located within the U.S. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the U.S. where our servers are located and our central database is operated.

U.S. data protection laws may differ from those in your jurisdiction. By using our services or submitting information, you consent to this transfer. For individuals in the European Economic Area (EEA), United Kingdom, or Switzerland, we implement appropriate safeguards including Standard Contractual Clauses approved by the European Commission where required. We do not actively target or collect data from EEA residents, and our programs and services are not directed at persons outside the United States.

We may revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or organizational needs. When we make material changes, we will notify you by: posting a prominent notice on our website homepage and the Policy page for at least thirty (30) days prior to the change taking effect; sending an email notification to donors and registered account holders with an active relationship in the preceding twelve (12) months; and updating the "Last Revised" date at the top of this Policy.

For non-material changes — such as corrections of typographical errors or minor clarifications that do not affect how data is used — we will update the Policy without prior notice. We encourage you to review this Policy periodically. Continued use of our services following the effective date of any revision constitutes your acceptance of the updated Policy.

All prior versions of this Policy are archived and available upon request by contacting our Privacy Officer.

Questions, concerns, requests, or complaints regarding this Privacy Policy or our data practices should be directed to our designated Privacy Officer. We are committed to resolving privacy inquiries promptly, transparently, and in a manner that upholds the trust you place in us.