Privacy Policy

The Heart of Peace Foundation ("THOPF," "we," "us") is a Charlotte, NC-based 501(c)(3) nonprofit. We believe your inner life is sacred — and so is your data. This policy explains what information we collect, why, and how we protect it. We aim for transparency, simplicity, and respect.

• Contact form submissions (name, email, message)

• Newsletter signup (email address)

• Donation information (processed by our third-party payment provider — we never store credit card numbers)

• Reading progress and preferences stored in your browser's localStorage (never sent to our servers)

• Basic analytics data (page views, approximate location by country) if analytics are enabled

• Technical information (browser type, device type) for ensuring the site works correctly

• We do not use tracking cookies for advertising

• We do not sell, rent, or share your personal information with third parties for marketing

• We do not build advertising profiles

• We do not track you across other websites

We use the information we collect to:

• Respond to your messages and inquiries

• Send you the newsletter you signed up for (you can unsubscribe at any time)

• Process donations and issue tax receipts

• Understand how our content serves readers (aggregate, anonymous analytics only)

• Improve the website experience

We will never use your information for purposes incompatible with these uses.

Our blog features (reading progress, articles marked as read, reading streak) use your browser's localStorage. This data:

• Lives only on your device

• Is never transmitted to our servers

• Can be cleared at any time through your browser settings

• Is not personally identifiable

We use the following third-party services:

• — website hosting (Vercel's privacy policy applies to infrastructure)

• — database for dynamic features (push notifications, community data)

• — for donation processing (they handle payment data under their own privacy policy)

We do not use third-party advertising networks, social media tracking pixels, or data brokers.

We implement appropriate technical and organizational measures to protect your personal information, including encrypted connections (HTTPS), secure authentication, and limited access to personal data. No system is perfectly secure, but we take reasonable steps to protect your information.

You have the right to:

• the personal information we hold about you

• inaccurate information

• your personal information from our systems

• from communications at any time

• to data processing in certain circumstances

To exercise any of these rights, contact us at the address below.

Our website is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

We may update this privacy policy from time to time. We will notify you of significant changes by posting a notice on our website. The "Last updated" date at the top reflects the most recent revision.

When you use the Heart Connection feature, we collect and process additional data:

Profile Dimensions: AI extracts summaries from your tool interactions (what you're seeking, values, growth stage, preferred modalities). This processing happens only when you are logged in. You can review, edit, or delete all extracted dimensions in your profile at any time.

Connection Records: When you send an introduction, we store a frozen copy of what was shared, the recipient entity, consent timestamps, and follow-up status. This data is retained for dispute resolution and quality improvement.

Consent Audit Trail: We log each consent action (terms acceptance, data sharing approval, profile edits) with timestamps. This immutable trail protects both you and THOPF.

Email Communications: Introduction emails and follow-ups are sent via Resend, a third-party email service. Resend processes sender and recipient email addresses for delivery. See Resend's privacy policy for details.

Your Rights: You may request a complete export of all Heart Connection data we hold about you. You may delete your connection brief, connection history, and consent records at any time — deletion is immediate and irreversible. Note that emails already sent cannot be recalled.

Data Minimization: We only collect information necessary for the matching and introduction function. We do not sell, rent, or share your data with any third party other than the specific entity you choose to connect with.

If you have questions about this privacy policy or how we handle your data:

Charlotte, NC

Email: privacy@theheartofpeace.org

Website: theheartofpeace.org