Privacy Policy

Effective Date: May 21, 2026. Last Updated: May 21, 2026.

1. Introduction

Welcome to Parkinson’s Resilience Institute (“PRI,” “we,” “our,” or “us”). We are committed to protecting the privacy, confidentiality, and security of personal information entrusted to us by individuals who visit our websites, participate in our programs, communicate with us, or otherwise engage with our services.

This Privacy Policy explains how we collect, use, disclose, store, and protect information obtained through our website, digital platforms, educational programs, events, support services, fundraising activities, research initiatives, and related communications.

This Privacy Policy is intended to comply with applicable United States privacy, healthcare, consumer protection, and data security laws, including, where applicable:

  • The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)

  • The Health Information Technology for Economic and Clinical Health Act (“HITECH”)

  • State consumer privacy laws

  • Federal Trade Commission (“FTC”) consumer protection requirements

  • Children’s privacy regulations where applicable

  • Applicable nonprofit governance and fundraising privacy standards

By accessing or using PRI services, you acknowledge that you have read and understood this Privacy Policy.

2. Scope of This Policy

This Privacy Policy applies to:

  • PRI websites and microsites

  • Online forms and portals

  • Email communications

  • Educational resources and webinars

  • Support communities and digital engagement platforms

  • Surveys, assessments, and questionnaires

  • Fundraising and donor engagement activities

  • Mobile applications and digital tools operated by PRI

  • Research or pilot programs conducted or sponsored by PRI

This Privacy Policy does not apply to third-party websites, applications, or services that may be linked from PRI platforms.

3. Information We Collect

We may collect the following categories of information.

3.1 Personal Information

Personal information may include:

  • Name

  • Mailing address

  • Email address

  • Telephone number

  • Date of birth

  • Emergency contact information

  • Organization or employer affiliation

  • Demographic information

  • Donation history

  • Communication preferences

3.2 Health-Related Information

Depending on the services or programs involved, PRI may collect health-related information such as:

  • Parkinson’s diagnosis information

  • Symptom descriptions

  • Medication information

  • Treatment experiences

  • Wellness assessments

  • Caregiver information

  • Mobility, cognitive, or emotional health information

  • Survey responses related to health status or quality of life

Certain health information may constitute Protected Health Information (“PHI”) under HIPAA when collected, stored, transmitted, or maintained in connection with covered healthcare activities or business associate relationships.

3.3 Technical and Usage Information

We may automatically collect:

  • IP address

  • Browser type

  • Device identifiers

  • Operating system

  • Geographic region

  • Pages viewed

  • Session duration

  • Referral sources

  • Cookies and tracking technologies

  • Analytics and performance data

3.4 Payment and Donation Information

If you make a donation or payment, we or our payment processors may collect:

  • Billing information

  • Transaction history

  • Payment method details

  • Donation preferences

PRI does not store full payment card numbers on its servers unless specifically disclosed.

3.5 Communications and User-Generated Content

We may collect information you provide through:

  • Contact forms

  • Email correspondence

  • Support groups

  • Community forums

  • Surveys

  • Event registrations

  • Social media interactions

  • Testimonials or stories submitted voluntarily

4. How We Use Information

PRI may use information for the following purposes:

  • Providing programs, education, support, and services

  • Responding to inquiries and support requests

  • Managing memberships, registrations, or participation

  • Conducting assessments or wellness initiatives

  • Facilitating support communities and events

  • Processing donations and acknowledgements

  • Improving website functionality and user experience

  • Conducting research and program evaluation

  • Developing educational materials and outreach efforts

  • Sending newsletters, updates, and marketing communications

  • Complying with legal, regulatory, and contractual obligations

  • Protecting against fraud, abuse, or security threats

  • Enforcing our terms, policies, and organizational rights

Where required by law, we will obtain appropriate consent before using personal information for marketing or other secondary purposes.

5. HIPAA Compliance and Protected Health Information

PRI is committed to safeguarding health-related information in accordance with applicable healthcare privacy and security standards.

5.1 Covered Entity and Business Associate Considerations

Depending on the nature of the services provided, PRI may operate:

  • As a non-covered educational or support organization;

  • As a business associate to healthcare providers or healthcare organizations; or

  • In collaboration with covered healthcare entities.

When PRI receives or maintains Protected Health Information (“PHI”) subject to HIPAA, PRI will implement safeguards designed to comply with applicable HIPAA Privacy Rule, Security Rule, and Breach Notification Rule requirements.

5.2 Permitted Uses and Disclosures of PHI

Where HIPAA applies, PRI may use or disclose PHI:

  • To provide authorized services

  • For healthcare operations and coordination

  • As authorized by the individual

  • As required by law

  • To prevent serious threats to health or safety

  • For public health reporting where legally required

5.3 Safeguards

PRI maintains administrative, technical, and physical safeguards intended to protect PHI and other sensitive information, including:

  • Access controls

  • Encryption where appropriate

  • Secure storage systems

  • Workforce confidentiality obligations

  • Vendor and contractor oversight

  • Incident response procedures

  • Security monitoring and risk management practices

5.4 HIPAA Rights

Where applicable, individuals may have rights regarding their PHI, including:

  • Access to records

  • Requests for corrections or amendments

  • Restrictions on certain uses or disclosures

  • Confidential communications requests

  • Accounting of disclosures

  • Requests for copies of records

Requests may be submitted using the contact information listed at the end of this Privacy Policy.

6. Legal Bases for Processing

Where applicable law requires, PRI processes personal information based on one or more of the following:

  • Consent

  • Performance of services requested by the individual

  • Compliance with legal obligations

  • Legitimate organizational interests

  • Protection of vital interests

  • Public interest or research purposes

7. Cookies and Tracking Technologies

PRI may use cookies, analytics tools, pixels, and similar technologies to:

  • Improve website functionality

  • Analyze traffic and engagement

  • Personalize content

  • Measure campaign effectiveness

  • Support security and fraud prevention

Users may manage cookie preferences through browser settings or available consent tools.

8. Sharing and Disclosure of Information

PRI does not sell personal information. We may share information under the following circumstances:

8.1 Service Providers

We may share information with trusted vendors and contractors that provide services such as:

  • Website hosting

  • Payment processing

  • Email communications

  • Analytics

  • Cloud storage

  • Customer relationship management

  • Event management

  • Security and IT support

Service providers are expected to maintain appropriate confidentiality and security safeguards.

8.2 Healthcare and Research Partners

Where authorized or legally permitted, PRI may share information with:

  • Healthcare providers

  • Research institutions

  • Clinical collaborators

  • Universities

  • Medical advisory organizations

Health-related information used for research may be de-identified where appropriate.

8.3 Legal and Regulatory Requirements

PRI may disclose information when required to:

  • Comply with legal obligations

  • Respond to subpoenas or court orders

  • Cooperate with law enforcement

  • Protect rights, safety, or property

  • Investigate fraud or security incidents

8.4 Organizational Transactions

In the event of a merger, restructuring, partnership, grant transition, or transfer of organizational assets, information may be transferred subject to applicable confidentiality protections.

9. Data Retention

PRI retains personal information only for as long as reasonably necessary to:

  • Fulfill the purposes described in this Privacy Policy

  • Comply with legal, tax, accounting, or regulatory obligations

  • Resolve disputes

  • Enforce agreements

  • Support research or archival obligations where permitted

Retention periods may vary depending on the type of information and legal requirements.

10. Data Security

PRI maintains commercially reasonable administrative, technical, and physical safeguards designed to protect information against unauthorized access, disclosure, alteration, or destruction.

Security measures may include:

  • Encryption

  • Secure hosting environments

  • Access restrictions

  • Multi-factor authentication

  • Security training

  • Monitoring and logging

  • Vulnerability management

  • Incident response procedures

No method of electronic transmission or storage is completely secure. PRI cannot guarantee absolute security.

11. Data Breach Notification

In the event of a data breach involving personal information or PHI, PRI will provide notifications as required under applicable law, including HIPAA breach notification requirements where applicable. PRI may notify affected individuals, regulatory agencies, law enforcement, and other parties as required.

12. Your Privacy Rights

Depending on applicable law and your jurisdiction, you may have rights to:

  • Access personal information

  • Correct inaccurate information

  • Delete certain information

  • Restrict or object to certain processing

  • Withdraw consent

  • Request data portability

  • Opt out of certain communications

  • Appeal privacy-related decisions where applicable

PRI will respond to qualifying requests within applicable legal timeframes.

13. Marketing Communications

PRI may send newsletters, educational materials, event announcements, fundraising communications, or updates. Recipients may opt out of marketing communications at any time using unsubscribe links or by contacting PRI directly. Operational, legal, transactional, or service-related communications may still be sent when necessary.

14. Children’s Privacy

PRI does not knowingly collect personal information from children under 13 without appropriate parental consent. If PRI becomes aware that information from a child under 13 has been collected improperly, we will take reasonable steps to delete it.

15. Research, Surveys, and Program Evaluation

PRI may conduct research studies, surveys, assessments, and program evaluations to improve services, contribute to scientific understanding, or support organizational objectives. Participation in research activities may be subject to separate informed consent documents, authorizations, or institutional review requirements. Where possible and appropriate, research information may be aggregated or de-identified.

16. Third-Party Platforms and Social Media

PRI may maintain profiles or communities on third-party platforms including social media services. Information shared publicly through those platforms may be visible to others and governed by the privacy practices of the platform providers. Users should review the privacy policies of third-party platforms before engaging.

17. International Users

PRI primarily operates in the United States. If users access PRI services from outside the United States, information may be transferred to and processed in the United States or other jurisdictions. By using PRI services, international users acknowledge such transfers.

18. Accessibility and Accommodations

PRI is committed to making its services and communications accessible to individuals with disabilities. Individuals requiring accommodations related to privacy requests or communications may contact PRI using the information below.

19. Changes to This Privacy Policy

PRI may update this Privacy Policy periodically to reflect operational, legal, regulatory, or technological changes. Updated versions will be posted with revised effective dates. Continued use of PRI services following updates constitutes acceptance of the revised policy.

20. Contact Information

Questions, concerns, requests, or complaints regarding this Privacy Policy or PRI privacy practices may be directed to: Parkinson’s Resilience Institute, 16923 Country Bridge Road, Houston, Texas | 713-201-5679 | info@parkinsonsresilience.org | www.ParkinsonsResilience.org

Privacy Officer: Tim Johnson, Director | t.johnson@parkinsonsresilience.org

21. Additional HIPAA Notice

If PRI operates as a HIPAA-covered entity or business associate for specific services or programs, individuals may also receive a separate HIPAA Notice of Privacy Practices describing:

  • How PHI may be used and disclosed

  • Individual HIPAA rights

  • Complaint procedures

  • Legal duties regarding PHI

That Notice of Privacy Practices will govern to the extent required by applicable law.

22. California and State Privacy Rights

Residents of certain states, including California, Colorado, Connecticut, Virginia, and others, may have additional rights regarding personal information under applicable state privacy laws.

Such rights may include:

  • Rights to know what information is collected

  • Rights to request deletion

  • Rights to correct information

  • Rights to opt out of certain data uses

  • Rights to limit sensitive information processing

  • Rights against discrimination for exercising privacy rights

PRI will honor qualifying requests in accordance with applicable law.

23. AI, Digital Health, and Emerging Technologies

PRI may use digital tools, automation systems, analytics platforms, or artificial intelligence technologies to improve educational resources, user experiences, operational efficiency, or research capabilities.

24. Medical Diagnoses or Treatments

PRI does not make medical diagnoses or provide any form of medical treatments. Users should not rely on PRI content, tools, or digital systems as a substitute for professional medical advice, diagnosis, or treatment.

24. Disclaimer

This Privacy Policy is provided for general informational and operational purposes and does not constitute legal advice. PRI should consult qualified legal counsel to review this policy and ensure compliance with all federal, state, nonprofit, healthcare, fundraising, accessibility, and international privacy obligations applicable to its operations.