Healing Music Privacy Policy

Effective date: 8 April 2026

Healing Music is a U.S.‑based nonprofit organization that makes music education accessible to children and families in underserved communities through programs, concerts and outreach around the world. We value the trust you place in us and take your privacy seriously.  This Privacy Policy explains what personal information we collect, how we use and protect it, and your choices and rights.

This policy applies to information collected through our websites (including healingmusic.org and any subdomains), mobile applications, email and other digital services (collectively, the “Services”).  If you do not agree with this policy, please do not use the Services.

1  Information We Collect

We collect information that you voluntarily provide to us and information that is collected automatically when you use our Services.  Common categories include:

• Identification and contact information – such as your name, email address, mailing address and phone number.

• Donation and payment information – including the amount of your donation, billing address, and limited payment details (e.g., last four digits of the card).  We use trusted third‑party payment processors that handle full card numbers and comply with PCI DSS security standards .

• Account information – when you create an account or sign up for our newsletter, we may collect a username and password.

• Communications – records of your correspondence with us, including inquiries, feedback, and requests for information.

• Volunteer or program participation information – such as skills, interests and availability when you volunteer or register for classes.

• Demographic information – such as age range and location if you choose to provide it.

• Internet or technical information – including your IP address, browser type, device identifiers, referring URL, pages visited, and usage statistics collected through cookies and similar technologies .

• Marketing preferences – your opt‑in or opt‑out preferences for communications.

We do not knowingly collect personal information from children under 13.  If we learn that a child under 13 has provided personal information, we will delete it.

2  How We Collect Information

We collect personal information in several ways:

• Forms and registrations – when you donate, register for a music program, volunteer, make a purchase, sign up for newsletters, contact us or otherwise submit information via web forms .

• Automatic data collection technologies – we use cookies, pixels and similar technologies to collect technical and usage information as you navigate our Services.  This may include first‑party cookies and third‑party analytics tools such as Google Analytics.  Under many privacy laws, you must disclose analytics and tracking tools .

• Third‑party sources – we may receive updated address and demographic information from service providers and publicly available databases.

• Offline interactions – we may collect personal information during in‑person events such as concerts, tours or volunteer sign‑ups.

3  Why We Collect and Use Your Information

We collect and use personal information for purposes that are transparent and lawful .  Examples include:

1. Processing donations and payments – to receive and acknowledge your contribution, issue receipts, fulfill tax reporting obligations and comply with anti‑fraud laws.

2. Administering music programs and events – to register participants, schedule lessons, communicate with students and volunteers, and coordinate travel on tours.

3. Communications – to send you newsletters, program updates, fundraising appeals, thank‑you letters and other information that may interest you.  We will honor your preferences and provide opt‑out mechanisms .

4. Responding to inquiries – to answer your questions or provide assistance.

5. Improving our Services – to analyze how visitors use our site, measure the effectiveness of campaigns and improve usability .

6. Legal and security purposes – to comply with legal obligations, enforce our policies, protect our rights and detect fraud or abuse.

We will not use your personal information for purposes that are unrelated to these reasons without obtaining your consent .

4  When We Share Your Information

We do not sell or rent your personal information for monetary value.  We may share information in limited circumstances:

• Service providers – We engage trusted third parties to perform services on our behalf (e.g., payment processing, email marketing, analytics, data hosting, event management).  These providers only access the information necessary to perform their duties and are bound by confidentiality agreements.

• Donor recognition – We may acknowledge donors by name or giving level in publications or event programs.  If you prefer to be listed as “anonymous,” please let us know and we will honor your request.

• Legal and safety purposes – We may disclose information when required by law (e.g., tax authorities, courts) or when we believe disclosure is necessary to protect our rights, safety or property or that of others.

• Business transfers – In the unlikely event of a merger, reorganization or transfer of assets, your information may be transferred to the relevant successor subject to this policy.

5  Donor Privacy Commitment

We are committed to protecting donor information.  We collect only the personal and financial information needed for internal purposes such as issuing receipts and updating you on our activities .  Donor information is kept confidential and is not disclosed to third parties unless required by law or with the donor’s explicit consent .  Donors may opt out of public recognition or future communications .

6  Cookies and Tracking Technologies

Like most websites, we use cookies and similar technologies to collect technical data and enhance your experience.  Cookies are small files placed on your device that allow our site to remember your preferences, keep you logged in and gather usage statistics.

We use different types of cookies:

• Essential cookies – necessary for our site to function, such as recognizing whether you have agreed to cookie preferences.

• Performance and analytics cookies – to analyze traffic and usage patterns (e.g., Google Analytics) .

• Functional cookies – to remember your preferences (such as language or font size).

• Marketing cookies – to deliver relevant content or measure the effectiveness of email campaigns.

You can manage cookie preferences via your browser settings or by clicking the cookie banner if one is displayed.  Disabling cookies may affect functionality.  For more details, see the cookie notice on our site.

7  Legal Bases and Regional Requirements

Healing Music operates from the United States, but our Services may be accessed worldwide.  We comply with applicable privacy laws, including the U.S. state privacy laws (such as California’s CCPA/CPRA, Texas’ Data Privacy and Security Act (TDPSA) and others), the European Union’s General Data Protection Regulation (GDPR), the UK Data Protection Act and Canada’s PIPEDA .

• If you are in the European Economic Area (EEA) or UK: we rely on legitimate interests and consent to process personal data.  You have additional rights described in Section 10.

• If you are a California resident: we do not sell your personal information but may “share” it with service providers.  You have rights to know, delete, correct and limit use of sensitive information.

• If you are in Texas: you may have rights to access, correct and delete personal information under the TDPSA.

We may transfer personal data outside of the jurisdiction in which you live (e.g., to the United States).  We implement appropriate safeguards (such as standard contractual clauses) to protect such transfers.

8  How We Protect Your Information

We implement administrative, technical and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration or destruction.  These include encryption, password protection, secure servers, and procedures for limiting access to sensitive data.  We require our service providers to follow comparable security measures and to adhere to industry standards such as PCI DSS for payment processing .  No method of transmission over the Internet is completely secure; therefore, while we strive to protect your information, we cannot guarantee absolute security.

9  Data Retention

We retain personal information only as long as necessary to fulfill the purposes described in this policy and to comply with legal, accounting or reporting requirements.  For example, donation records may be retained for the period required by tax laws.  When data is no longer required, we securely delete or anonymize it.

10  Your Rights and Choices

Depending on your location and applicable law, you may have some or all of the following rights with respect to your personal data :

• Access and correction – You can request a copy of the personal information we hold about you and ask us to correct or update it.

• Deletion – You can request that we delete your personal information, subject to legal obligations that require retention (e.g., donation records for tax purposes).

• Objection and restriction – You can object to our processing of your data or request that we restrict processing in certain circumstances.

• Opt out of marketing – You can opt out of receiving marketing communications at any time by following the unsubscribe instructions in our emails or contacting us.

• Opt out of sale or sharing – If you are in California or another jurisdiction with similar rights, you may request that we do not sell or share your personal information with third parties for cross‑context behavioral advertising.

• Data portability – Under certain laws (e.g., GDPR), you can request that we provide your personal data in a structured, commonly used and machine‑readable format.

• Limit use of sensitive personal information – Where required by law, we will honor requests to limit the use of sensitive personal information.

To exercise your rights, contact us as described below.  We may need to verify your identity before fulfilling a request.  You may designate an authorized agent to make requests on your behalf where permitted by law.

11  Third‑Party Links and Services

Our Services may contain links to other websites or services operated by third parties, including social‑media platforms.  We do not control and are not responsible for the privacy practices of these third parties.  We encourage you to review their privacy policies before providing any information.

12  Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies or legal requirements.  We will post the updated policy on our website and indicate the “Effective date” at the top.  If we make material changes, we will provide notice (such as via email or a prominent notice on our website) as required by law.  Continued use of our Services after any update indicates your acceptance of the revised policy.

13  Contact Us

If you have questions about this Privacy Policy, would like to exercise your rights, or wish to update your information or preferences, please contact us:

• Email: bookings@jaimejorge.com

• Mail: Healing Music, 9536 Mountain Lake Dr. Ooltewah, TN 37363

We value your privacy and will respond to your inquiry within a reasonable timeframe.