Skip to Content

Privacy Policy

Introduction and Scope

Who We Are

Sisters Code is a community and educational organization supporting women 45+ in technology and entrepreneurship. We provide coaching, workshops, events, online resources, and a community forum to empower women building businesses and exploring tech careers.

Contact Information:

Organization Name: Sisters Code

Website: https://sisters-code.org

Email: info@sisters-code.org

What This Policy Covers

This Privacy Policy explains how Sisters Code collects, uses, stores, shares, and protects your personal information when you:

  • Visit our website
  • Create an account or register for services
  • Book coaching appointments or register for events
  • Participate in our community forum
  • Subscribe to our newsletter
  • Contact us via email, phone, or social media
  • Interact with our content on third-party platforms

This policy applies to all users, visitors, members, coaching clients, event attendees, and anyone who interacts with Sisters Code services.

Your Consent

By using our website and services, you consent to the collection and use of your personal information as described in this Privacy Policy. If you do not agree with any part of this policy, please do not use our services.

You can withdraw your consent at any time by contacting us at info@sisters-code.org.

Last Updated: October 16, 2025

Information We Collect

We collect several types of information to provide, improve, and protect our services.

Information You Provide Directly

Account Registration:

When you create an account, we collect:

  • Full name
  • Email address
  • Password (encrypted)
  • Phone number (optional)
  • Business name or industry (optional)
  • Profile photo (optional)

Appointment and Event Registration:

When you book coaching sessions or register for events, we collect:

  • Contact information (name, email, phone)
  • Payment information (processed securely by third-party payment processors)
  • Time zone and scheduling preferences
  • Specific needs, goals, or questions you provide
  • Dietary restrictions or accessibility needs for in-person events

Community Forum Participation:

When you participate in our forum, we collect:

  • Username and display name
  • Posts, comments, and replies
  • Profile information you choose to share
  • Interaction data (likes, follows, badges earned)

Communications:

When you contact us, we collect:

  • Email correspondence
  • Phone call records
  • Chat messages
  • Support tickets and inquiries
  • Feedback and survey responses

Newsletter Subscription:

When you subscribe to our newsletter, we collect:

  • Email address
  • Name (optional)
  • Subscription preferences and interests

Information Collected Automatically

Usage Data:

When you visit our website, we automatically collect:

  • IP address and general location (city/region)
  • Browser type and version
  • Device type (desktop, mobile, tablet)
  • Operating system
  • Pages visited and time spent on each page
  • Referral source (how you found our website)
  • Click patterns and navigation behavior
  • Date and time of access

Cookies and Similar Technologies:

We use cookies, web beacons, pixels, and similar technologies to collect information about your interactions with our website. For details, see our Cookies Policy and the section below.

Email Engagement:

When you receive emails from us, we may collect:

  • Open rates
  • Click-through rates
  • Unsubscribe actions
  • Email client and device used

Information from Third Parties

Social Media:

If you connect your social media accounts (Facebook, Instagram, LinkedIn) or use social login, we may receive:

  • Public profile information (name, profile photo, email)
  • Friends or connections list (with your permission)
  • Information you authorize the platform to share

Payment Processors:

Payment information is processed by third-party processors (such as Stripe). We receive:

  • Transaction confirmation
  • Last four digits of payment method
  • Transaction amount and date
  • Billing address

We do not store full credit card numbers on our servers.

Analytics and Advertising Partners:

Third-party services (Google Analytics, Facebook Pixel) may share aggregated or anonymized data about your interactions with our website and ads.

Referrals and Recommendations:

If someone refers you to Sisters Code, we may receive your name and contact information with your consent.

Special Categories of Personal Data

We generally do not collect sensitive personal information (race, ethnicity, health, religion, sexual orientation) unless you voluntarily provide it—for example, in forum discussions, coaching sessions, or demographic surveys.

If you share sensitive information:

  • We treat it with extra care and confidentiality
  • We do not use it for automated decision-making
  • We protect it according to applicable data protection laws
  • You can request deletion at any time

How We Use Your Information

We use your personal information for the following purposes:

To Provide Our Services

Account Management:

  • Create and maintain your user account
  • Authenticate your identity and secure your account
  • Provide access to member-only features

Service Delivery:

  • Process appointment bookings and event registrations
  • Send confirmation emails and reminders
  • Provide access to coaching sessions (Zoom links, meeting details)
  • Deliver digital resources and content
  • Enable forum participation and community interaction

Payment Processing:

  • Process payments for coaching sessions and events
  • Issue receipts and invoices
  • Manage refunds and cancellations

Customer Support:

  • Respond to your inquiries and support requests
  • Troubleshoot technical issues
  • Provide guidance and assistance

To Communicate with You

Transactional Communications:

  • Appointment confirmations and reminders
  • Event registration confirmations
  • Payment receipts and invoices
  • Account notifications (password resets, security alerts)
  • Policy updates and important announcements

Marketing Communications:

  • Newsletters with tips, resources, and success stories
  • Announcements about new events, workshops, and services
  • Special offers, promotions, and early access opportunities
  • Community updates and highlights

You can opt out of marketing communications at any time using the unsubscribe link in emails or by contacting us.

Community Engagement:

  • Notify you of replies to your forum posts
  • Send weekly or daily forum digests
  • Announce new forum features or categories

To Improve Our Services

Analytics and Research:

  • Understand how visitors use our website
  • Identify popular content and features
  • Measure the effectiveness of our programs and events
  • Analyze user behavior to improve navigation and design
  • Test new features and improvements

Feedback and Surveys:

  • Collect feedback on your experience
  • Conduct surveys to understand member needs
  • Evaluate coaching quality and event satisfaction

Performance Monitoring:

  • Monitor website performance and uptime
  • Identify and fix technical issues
  • Prevent fraud and abuse
  • Ensure security and stability

For Marketing and Promotional Purposes

Targeted Advertising:

  • Show relevant ads on third-party platforms (Google, Facebook)
  • Measure ad campaign effectiveness
  • Retarget website visitors with relevant content

Content Personalization:

  • Recommend events, resources, or coaching services based on your interests
  • Personalize email content based on your preferences
  • Suggest forum discussions you might find valuable

Social Media:

  • Share community highlights and success stories (with permission)
  • Promote events and workshops
  • Engage with followers and answer questions

For Legal and Safety Purposes

Compliance:

  • Comply with legal obligations (tax reporting, record-keeping)
  • Respond to legal requests (subpoenas, court orders)
  • Enforce our Terms and Conditions and Community Guidelines
  • Protect our intellectual property rights

Safety and Security:

  • Prevent fraud, abuse, and unauthorized access
  • Investigate violations of our policies
  • Protect the safety and rights of our members, staff, and partners
  • Maintain security of our systems and data

Legal Basis for Processing Your Data

We process your personal information based on the following legal grounds (as required by GDPR and similar privacy laws):

Consent

You have explicitly agreed to the processing of your personal data for specific purposes, such as:

  • Marketing communications (newsletter subscription)
  • Non-essential cookies and tracking
  • Sharing your testimonial or story publicly
  • Social media integration

You can withdraw consent at any time by contacting us or using opt-out tools.

Contract Performance

Processing is necessary to fulfill our contractual obligations to you, such as:

  • Providing coaching services you booked
  • Delivering event access you registered for
  • Maintaining your account
  • Processing payments

Legitimate Interests

Processing is necessary for our legitimate business interests, such as:

  • Improving our services and user experience
  • Analyzing website performance and usage
  • Preventing fraud and ensuring security
  • Communicating about our services
  • Marketing to prospective clients

We balance our interests with your rights and ensure processing does not override your privacy.

Legal Obligations

Processing is required to comply with legal requirements, such as:

  • Tax reporting and financial record-keeping
  • Responding to lawful requests from authorities
  • Protecting legal rights in disputes
  • Complying with data protection laws

How We Share Your Information

We do not sell, rent, or trade your personal information. We share your data only in the following limited circumstances:

Service Providers and Business Partners

We work with trusted third-party service providers who help us operate our business and deliver services. These providers have access to your personal information only to perform tasks on our behalf and are obligated to protect your data.

Examples include:

  • Website hosting and infrastructure (Odoo, cloud storage providers)
  • Email marketing platforms (Mailchimp, SendGrid, or similar)
  • Customer relationship management (CRM) tools
  • Analytics tools (Google Analytics)
  • Communication platforms (Zoom, Slack)
  • Event management software

All service providers are required to maintain confidentiality and security of your data.

Payment Processors

We use secure third-party payment processors (such as Stripe, PayPal, or Square) to handle all payment transactions. These processors collect and process payment information according to their own privacy policies and industry standards (PCI DSS compliance).

We do not store full credit card numbers or sensitive payment data on our servers.

Analytics and Advertising Partners

We use third-party analytics and advertising services to understand user behavior and deliver relevant ads:

  • Google Analytics - website traffic and user behavior analysis
  • Facebook Pixel - ad targeting and conversion tracking
  • Google Ads - advertising and remarketing campaigns

These services may collect information about your device, IP address, and browsing behavior. You can opt out using browser settings or vendor-specific tools (see Cookies Policy).

Legal Requirements and Protection

We may disclose your information when required or permitted by law:

  • Legal obligations - to comply with court orders, subpoenas, or regulatory requirements
  • Enforcement - to enforce our Terms and Conditions or Community Guidelines
  • Protection of rights - to protect our rights, property, or safety, or that of our users or others
  • Fraud prevention - to investigate and prevent fraudulent or illegal activity
  • Emergency situations - to respond to emergencies involving danger of death or serious physical injury

Business Transfers

If Sisters Code is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your personal information may be transferred as part of that transaction. You will be notified via email and/or prominent notice on our website of any such change in ownership or control.

The new entity will continue to honor this Privacy Policy unless you are notified otherwise.

With Your Consent

We may share your information with third parties when you provide explicit consent, such as:

  • Testimonials and success stories - sharing your name, photo, and story on our website or marketing materials
  • Referrals - sharing your contact information with a service provider you requested
  • Public forum posts - your posts and profile information are visible to other community members
  • Social media sharing - when you choose to share content on social platforms

You can withdraw consent at any time.

We Do Not Sell Your Personal Information

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. This commitment applies regardless of jurisdiction, including under the California Consumer Privacy Act (CCPA) and GDPR.

Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar technologies to enhance your experience, analyze website usage, and deliver personalized content and ads.

Types of cookies we use:

  • Strictly necessary cookies - essential for website operation (login, security, session management)
  • Performance and analytics cookies - measure website usage and performance (Google Analytics)
  • Functional cookies - remember your preferences (language, settings)
  • Targeting and advertising cookies - deliver relevant ads and measure campaign effectiveness

For detailed information about cookies, including how to manage or disable them, please see our Cookies Policy.

Your choices:

Data Retention and Storage

How Long We Keep Your Data

We retain your personal information only as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law.

Retention periods:

Active accounts:

As long as your account is active and you continue using our services.

Inactive accounts:

If you do not log in or engage for 3 years, we may delete or anonymize your account data after notifying you.

Coaching and event records:

7 years for financial and tax compliance purposes.

Marketing communications:

Until you unsubscribe or withdraw consent. We may retain your email address to honor unsubscribe requests.

Legal and compliance records:

As required by applicable laws (typically 7-10 years for financial records).

Backups:

Data in system backups is deleted according to our backup retention schedule (typically 30-90 days).

When you request deletion:

We will delete or anonymize your personal data within 30 days, except where retention is required by law.

Where Your Data Is Stored

Your personal information is stored on secure servers located in:

  • United States (primary hosting)
  • European Union (if using EU-based service providers)

We use reputable cloud service providers with robust security measures and compliance certifications (such as AWS, Google Cloud, or Microsoft Azure).

International transfers:

If your data is transferred outside your country of residence, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses, Privacy Shield frameworks, or equivalent mechanisms).

Data Security Measures

We implement reasonable technical, administrative, and physical security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction.

Security measures include:

Technical safeguards:

  • Encryption of data in transit (HTTPS/SSL/TLS)
  • Encryption of sensitive data at rest
  • Secure password storage (hashing and salting)
  • Firewall protection and intrusion detection
  • Regular security updates and patches
  • Secure API integrations

Administrative safeguards:

  • Access controls and user authentication
  • Role-based permissions (staff access only what they need)
  • Regular security training for staff
  • Background checks for employees with data access
  • Confidentiality agreements with service providers

Physical safeguards:

  • Secure data centers with restricted access
  • Environmental controls (temperature, fire protection)
  • Video surveillance and security personnel

Incident response:

  • Data breach notification procedures
  • Incident response plan and team
  • Regular security audits and assessments

Despite our efforts, no method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately at info@sisters-code.org.

Your Privacy Rights

You have certain rights regarding your personal information. These rights may vary depending on your location and applicable laws.

Access and Portability

Right to access:

You can request a copy of the personal information we hold about you. We will provide this in a commonly used, machine-readable format.

Data portability:

You can request that we transfer your data to another service provider (where technically feasible).

How to request:

Email info@sisters-code.org with subject line "Data Access Request." We will respond within 30 days.

Correction and Update

Right to correction:

If your personal information is inaccurate or incomplete, you have the right to request correction or update.

How to update:

Deletion and Erasure

Right to deletion (right to be forgotten):

You can request that we delete your personal information in certain circumstances:

  • Data is no longer necessary for the purposes it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • Data was unlawfully processed
  • Deletion is required to comply with legal obligations

Exceptions:

We may retain data when required by law (tax records, legal disputes) or to establish, exercise, or defend legal claims.

How to request deletion:

Email info@sisters-code.org with subject line "Data Deletion Request."

Restriction and Objection

Right to restrict processing:

You can request that we limit how we use your data in certain situations (for example, while disputing accuracy).

Right to object:

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

How to request:

Email info@sisters-code.org with your request and reason.

Withdraw Consent

Right to withdraw consent:

If we process your data based on consent, you can withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

How to withdraw consent:

  • Unsubscribe from marketing emails using the link in the email
  • Adjust cookie settings in your browser or our consent tool
  • Email info@sisters-code.org

Opt-Out of Marketing

Right to opt out:

You can opt out of marketing communications at any time.

How to opt out:

  • Click "Unsubscribe" in any marketing email
  • Log in to your account and update email preferences
  • Email info@sisters-code.org with subject line "Opt Out"

Note: You will still receive transactional emails (appointment confirmations, receipts) even after opting out of marketing.

Do Not Track Signals

Some browsers have "Do Not Track" (DNT) features. We do not currently respond to DNT signals because there is no industry standard for how to interpret them. You can control tracking through cookie settings and opt-out tools.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know:

Request disclosure of personal information collected, used, and shared in the past 12 months.

Right to delete:

Request deletion of your personal information (subject to exceptions).

Right to opt-out of sale:

We do not sell personal information, so no opt-out is necessary.

Right to non-discrimination:

We will not discriminate against you for exercising your CCPA rights.

How to exercise California rights:

Email info@sisters-code.org or call [phone number if required]. We will verify your identity before processing requests.

Authorized agents:

You may designate an authorized agent to make requests on your behalf by providing written authorization.

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

Rights include:

  • Access, correction, deletion, restriction, portability (as described above)
  • Object to processing based on legitimate interests
  • Withdraw consent
  • Lodge a complaint with a supervisory authority

Data controller:

Sisters Code is the data controller for your personal information.

Legal basis:

We process data based on consent, contract, legitimate interests, or legal obligations (as described above).

International transfers:

We use Standard Contractual Clauses or other approved mechanisms for transfers outside the EEA.

How to exercise GDPR rights:

Email info@sisters-code.org. We will respond within 30 days (or 60 days for complex requests).

Children's Privacy

Sisters Code services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18.

If we discover that we have inadvertently collected information from a child under 18:

  • We will delete the information as soon as possible
  • We will terminate the account
  • We will notify the parent or guardian if contact information is available

If you believe a child under 18 has provided us with personal information, please contact us immediately at info@sisters-code.org.

Third-Party Links and Services

Our website and communications may contain links to third-party websites, services, or resources that are not owned or controlled by Sisters Code.

Examples:

  • Social media platforms (Facebook, Instagram, LinkedIn)
  • Payment processors (Stripe, PayPal)
  • Event platforms (Eventbrite, Zoom)
  • Partner organizations and sponsors
  • External resources and articles

We are not responsible for:

  • The privacy practices of third-party sites
  • The content or accuracy of external resources
  • Data collection by third-party services

Recommendation:

Review the privacy policies and terms of any third-party service before providing personal information or interacting with their platforms.

Third-party cookies:

Third-party services may set their own cookies on your device. See our Cookies Policy for details.

International Data Transfers

Sisters Code is based in the United States. If you access our services from outside the United States, your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

Data protection standards:

Data protection laws in the United States and other countries may differ from those in your country. We take steps to ensure your data is protected according to this Privacy Policy and applicable laws.

Safeguards for international transfers:

  • Standard Contractual Clauses (approved by the European Commission)
  • Privacy Shield frameworks (where applicable and valid)
  • Consent for specific transfers
  • Adequacy decisions by relevant authorities

By using our services, you acknowledge and consent to the transfer of your personal information as described in this Privacy Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

When we make changes:

  • We will update the "Last Updated" date at the top of this page
  • Significant changes will be announced via email, website banner, or community forum post
  • Material changes affecting your rights will be communicated at least 30 days before taking effect

Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us and Data Protection Officer

General Privacy Inquiries

If you have questions, concerns, or feedback about this Privacy Policy or our data practices:

Email: info@sisters-code.org

Subject line: "Privacy Inquiry"

Mail: Sisters Code

Attn: Privacy Team

We will respond to your inquiry within 5-7 business days (or within 30 days for formal rights requests).

Exercise Your Rights

To exercise your privacy rights (access, deletion, correction, opt-out):

Email: info@sisters-code.org

Subject line: "Privacy Rights Request"

Include in your request:

  • Your full name and email address associated with your account
  • Specific right you wish to exercise
  • Any relevant details or context
  • Preferred method of response

Verification:

To protect your privacy, we will verify your identity before processing requests. We may ask for additional information to confirm you are the account holder.

File a Complaint

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with a data protection authority:

United States (FTC):

Federal Trade Commission

Website: https://www.ftc.gov

Consumer Response Center: 1-877-382-4357

European Union (GDPR):

Contact your national data protection authority. List available at:

https://edpb.europa.eu/about-edpb/board/members_en

United Kingdom (ICO):

Information Commissioner's Office

Website: https://ico.org.uk

Phone: 0303 123 1113

We are committed to resolving complaints and will work with you and regulatory authorities to address any privacy concerns.

Related Pages:

Acknowledgment:

By using Sisters Code services, you acknowledge that you have read, understood, and agree to this Privacy Policy and the collection, use, and disclosure of your personal information as described herein.

Thank you for trusting Sisters Code with your personal information. We are committed to protecting your privacy and empowering your entrepreneurial journey with confidence and security.

SUPPLEMENTARY INFORMATION FOR SPECIFIC JURISDICTIONS

California Residents (CCPA/CPRA)

Categories of personal information collected (last 12 months):

CategoryExamplesCollected?
IdentifiersName, email, IP address, account IDYes
Personal recordsPhone number, payment informationYes
Commercial informationPurchase history, services usedYes
Internet activityBrowsing history, interactions with websiteYes
Geolocation dataGeneral location from IP addressYes
Professional informationBusiness name, industry, job titleYes
InferencesPreferences, interests, behavior predictionsYes
Sensitive personal informationAccount credentials (encrypted)Yes

Categories of personal information disclosed for business purposes (last 12 months):

  • Identifiers (to service providers, payment processors)
  • Commercial information (to analytics providers)
  • Internet activity (to analytics providers)

We do not sell or share personal information for cross-context behavioral advertising.

California-specific rights:

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or shared
  • Right to opt out of sale or sharing (not applicable—we don't sell)
  • Right to limit use of sensitive personal information
  • Right to delete personal information
  • Right to correct inaccurate personal information
  • Right to non-discrimination for exercising rights

Retention periods:

See "Data Retention and Storage" section above.

How to exercise rights:

Email info@sisters-code.org or submit a request via our website. We will verify your identity and respond within 45 days (may extend up to 90 days for complex requests).

European Residents (GDPR)

Data controller:

Sisters Code

Email: info@sisters-code.org

Data protection representative (if applicable in EU):

[Name and contact information if you have appointed an EU representative]

Supervisory authority:

You can lodge a complaint with your national data protection authority. Contact details available at: https://edpb.europa.eu/about-edpb/board/members_en

Legal basis for processing:

  • Consent (marketing, cookies, optional features)
  • Contract (service delivery, payments)
  • Legitimate interests (analytics, security, improvements)
  • Legal obligations (compliance, record-keeping)

Data transfers:

We transfer data outside the EEA using Standard Contractual Clauses and other approved mechanisms.

Automated decision-making:

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.