Privacy Policy

Last Updated: Thursday, June 11, 2026

Effective Date: Thursday, June 11, 2026

1. Introduction And Our Commitment To Privacy

Welcome to Unlocking Gems, Inc. (also referred to as “Unlocking Gems,” “we,” “us,” “our,” or the “Ministry”). Our mission is to provide faith-based support to answer the critical need for individuals with high-functioning autism and their families to lead fulfilling, independent, and purpose-driven lives. Guided by our tagline, “From Hidden Treasure To Divine Discovery,” we are deeply committed to helping every individual recognize, protect, and develop their unique, God-given gifts.

Because our work involves supporting vulnerable populations, including minors and adults with high-functioning autism spectrum disorder (ASD), we recognize that trust is the foundation of our ministry. We understand that the information you share with us—ranging from basic contact details to sensitive health, educational, and developmental records—is deeply personal. We are committed to protecting your privacy and handling your personal information with the utmost care, respect, and confidentiality.

This Privacy Policy (“Policy”) explains in comprehensive detail how Unlocking Gems, Inc. collects, uses, discloses, retains, and protects your personal information when you:

  • Visit our official website and any associated web portals (collectively, the “Website”);
  • Apply for or participate in our 4-month cohort training and development programs;
  • Engage with our services, including case management, individual and parental coaching, ABA therapy referrals, job search assistance, life skills education, and social events;
  • Volunteer your time, make a financial donation, or otherwise interact with our Ministry.

By accessing our Website, submitting an application, registering for a program, or utilizing any of our Services, you acknowledge that you have read, understood, and agree to the practices described in this Policy. If you are a parent or legal guardian acting on behalf of a minor or an adult requiring supported decision-making, you represent that you have the legal authority to consent to this Policy on their behalf.

If you do not agree with the terms of this Privacy Policy, please do not access the Website or participate in our programs.

2. Definitions

To ensure clarity, transparency, and mutual understanding, the following terms are defined as they are used throughout this Privacy Policy:

  • “Personal Data” or “Personal Information”: Any information that relates to an identified or identifiable individual. This includes, but is not limited to, names, contact information, identification numbers, location data, online identifiers, and factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that individual.
  • “Sensitive Personal Data”: A subset of Personal Data that requires heightened protection. For Unlocking Gems, this specifically includes health and disability status (e.g., high-functioning ASD diagnosis), medical history, therapy records, aptitude test results, financial account information, and precise geolocation data.
  • “Processing”: Any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, combination, restriction, erasure.
  • “Data Controller”: Unlocking Gems, Inc., which determines the purposes and means of the processing of Personal Data.
  • “Data Subject”: The individual to whom the Personal Data relates (e.g., the Participant, volunteer, donor, or Website visitor).
  • “Participant”: A high-functioning individual on the autism spectrum who has been accepted into and is actively enrolled in an Unlocking Gems cohort or program.
  • “Guardian”: A parent, legal guardian, or authorized caregiver of a Participant, particularly those who are minors or adults requiring supported decision-making.
  • “Cohort”: A structured group of up to ten (10) Participants who undergo our four (4) month training and development program together.
  • “Services”: All offerings provided by Unlocking Gems, including case management, coaching, referrals, job search assistance, education, social events, spiritual growth activities, and vocational readiness training.

3. Information We Collect

We collect Personal Data only to the extent necessary to fulfill our mission, operate our programs, and comply with legal obligations. The types of information we collect depend on how you interact with us.

3.1. Information You Provide Directly to Us

When you interact with our Website, apply for our programs, or engage with our Services, you may voluntarily provide the following categories of information:

  • Identity and Contact Information: Full legal name, preferred name, date of birth, age, physical address, mailing address, phone number, and email address.
  • Application and Eligibility Information: Detailed statements regarding the reason for application, educational background, high school graduation status, and formal documentation or self-reported confirmation of a high-functioning Autism Spectrum Disorder (ASD) diagnosis.
  • Guardian Information: Names, contact details, and legal relationship to the Participant for parents, legal guardians, or authorized caregivers.
  • Program-Specific Health and Developmental Data: Information related to life skills capabilities, communication preferences, sensory sensitivities, behavioral support needs, and goals for independent living or employment. Note: While we are not a medical provider, we collect this information to tailor our coaching, ensure safety during activities (e.g., kitchen/cooking classes), and make appropriate referrals.
  • Vocational and Assessment Data: Resumes, employment history, career interests, and results from any aptitude tests administered or facilitated through our program.
  • Financial and Donation Information: If you choose to make a donation, we collect payment information (e.g., credit card details, billing address). Please note: Payment processing is handled by secure, PCI-DSS compliant third-party payment gateways. We do not store full credit card numbers on our servers.
  • Volunteer Information: If you wish to volunteer, we may collect your professional background, skills, availability, and results of background checks (conducted by a third-party service) to ensure the safety of our Participants.
  • Communications: Records of your correspondence with us, including emails, phone call logs, and feedback or testimonials you choose to share.

3.2. Information Collected Automatically

When you visit our Website or web portal, certain information is collected automatically through cookies, web beacons, and similar tracking technologies. This includes:

  • Device and Technical Information: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage Data: Pages visited, time spent on the site, clickstream data, referral URLs, and interaction with online forms or resources.
  • Location Data: General geographic location derived from your IP address (e.g., city or state level) to help us understand our audience and tailor local resource referrals (e.g., services in Bristow, Chesapeake, or Virginia Beach, VA).

3.3. Information Received from Third Parties

In some cases, we may receive Personal Data about you from third parties, including:

  • Healthcare or Educational Professionals: With your or your Guardian’s explicit written consent, we may receive reports, Individualized Education Programs (IEPs), or transition plans from schools, therapists, or the Virginia Department for Aging and Rehabilitative Services (DARS) to better support your application and cohort placement.
  • Partner Organizations: Information from community partners, such as local Boy Scout or Girl Scout troops, regarding a Participant’s engagement in joint community integration activities.
  • Background Check Providers: For volunteers and staff, we receive verification of identity and criminal history clearances from authorized third-party screening agencies.

4. How We Use Your Information

We process your Personal Data for specific, legitimate purposes aligned with our faith-based mission and operational needs. We do not use your data for unrelated purposes without your prior consent.

4.1. Program Administration and Service Delivery

  • Eligibility Assessment: To review your application, verify your high-functioning ASD diagnosis, and determine if our 4-month cohort program is a suitable fit for your current life stage and needs.
  • Cohort Management: To organize, schedule, and manage the 10-participant cohorts, including assigning instructors, scheduling initial assessments (at homes, churches, or libraries), and tracking attendance and progress.
  • Personalized Support: To tailor our case management, individual coaching, and parental coaching to address your specific goals in financial literacy, communication, self-image, and vocational readiness.
  • Referrals and Coordination: To facilitate warm handoffs and referrals to external Applied Behavior Analysis (ABA) therapy providers, vocational counselors, or community resources like DARS, based on your expressed needs.

4.2. Safety and Well-being

  • Risk Management: To ensure the physical and emotional safety of all Participants during life skills training (e.g., kitchen and baking classes) and community integration events (e.g., Scouting activities).
  • Emergency Response: To maintain up-to-date emergency contact information and relevant health/sensory alerts to respond effectively in case of a medical or behavioral emergency.

4.3. Ministry Operations and Improvement

  • Communication: To send you important updates regarding your cohort schedule, event announcements, program changes, or requests for additional information.
  • Program Evaluation: To analyze aggregated, anonymized data to measure the success of our pilot program, tweak the curriculum, and demonstrate impact to our donors and community partners.
  • Fundraising and Development: To process donations, issue tax receipts, and (with your explicit opt-in consent) send you newsletters, ministry updates, and fundraising campaigns to support our mission.

4.4. Legal and Regulatory Compliance

  • To comply with applicable federal and state laws, including the Virginia Consumer Data Protection Act (VCDPA) and the Children’s Online Privacy Protection Act (COPPA).
  • To protect the rights, property, or safety of Unlocking Gems, Inc., our Participants, volunteers, staff, or the public.

5. Legal Bases For Processing (For Applicable Jurisdictions)

While primarily operating under U.S. law, we align our data practices with robust privacy principles. We process your Personal Data based on the following legal grounds:

  1. Consent: We rely on your explicit, informed consent for specific activities, such as sending marketing emails, sharing sensitive health information with third-party ABA providers, or publishing testimonials/photos on our Website. You may withdraw consent at any time.
  2. Contractual Necessity: Processing is necessary to fulfill our obligations to you, such as administering your enrollment in the 4-month cohort, providing coaching services, or processing a donation you initiated.
  3. Legitimate Interests: We process data for our legitimate interests as a nonprofit ministry, such as improving our Website, ensuring network security, preventing fraud, and managing volunteer relationships, provided these interests do not override your fundamental privacy rights.
  4. Vital Interests: In rare emergency situations, we may process health or contact data to protect the life or physical safety of a Participant.
  5. Legal Obligation: We may process data to comply with legal requirements, such as maintaining financial records for tax-exempt nonprofit status or responding to lawful subpoenas.

6. How We Share Your Information

Unlocking Gems, Inc. is fundamentally opposed to the commercialization of personal data. We do not sell, rent, or trade your Personal Data to third parties for their marketing or commercial purposes.

We only share your information in the following limited, carefully controlled circumstances:

6.1. Trusted Service Providers

We engage third-party vendors to perform specific functions on our behalf. These providers are contractually obligated to protect your data and use it only for the purposes we specify. Examples include:

  • Website Hosting and IT Support: To maintain the security and functionality of our web portal.
  • Payment Processors: To securely handle donation transactions (e.g., Stripe, PayPal).
  • Background Check Services: To screen volunteers and staff.
  • Email Communication Platforms: To send program updates and newsletters (e.g., Mailchimp).

6.2. Community and Healthcare Partners (With Consent)

To provide holistic support, we may share relevant, limited information with external organizations, but only with the prior written consent of the Participant or their Guardian:

  • Therapy Providers: To facilitate referrals to ABA therapy clinics.
  • Government Agencies: Such as the Virginia Department for Aging and Rehabilitative Services (DARS), to assist with vocational transition and job placement.
  • Community Groups: Such as local Boy Scout or Girl Scout troops, to facilitate safe integration into weekend activities.
  • Educational/Vocational Experts: Such as Master Gardeners of Chesapeake (for future farming initiatives) or professionals conducting aptitude tests.

6.3. Legal and Safety Disclosures

We may disclose your Personal Data if we believe, in good faith, that such action is necessary to:

  • Comply with a valid legal process, such as a court order, subpoena, or government investigation.
  • Protect and defend the legal rights, property, or safety of Unlocking Gems, Inc., our staff, Participants, or the public.
  • Investigate or prevent suspected fraud, security breaches, or violations of our Terms and Conditions.

6.4. Business Transfers

In the unlikely event that Unlocking Gems, Inc. undergoes a merger, acquisition, or restructuring, your Personal Data may be transferred to the successor organization. We will require the successor to honor this Privacy Policy or provide you with notice and an opportunity to opt-out before the transfer occurs.

7. Data Security Measures

Given the sensitive nature of the data we handle, particularly regarding individuals with disabilities, we implement a multi-layered approach to data security, encompassing administrative, technical, and physical safeguards.

  • Technical Safeguards: We use industry-standard encryption (SSL/TLS) for data transmitted between your browser and our servers. Our web portal and databases are protected by firewalls, access controls, and regular security patching. Passwords are hashed and salted.
  • Administrative Safeguards: We limit access to Personal Data strictly to authorized staff, board members, and volunteers who have a legitimate “need to know” to perform their duties. All personnel are required to sign confidentiality agreements and undergo training on data privacy and the specific needs of the high-functioning ASD community.
  • Physical Safeguards: Any physical documents containing Personal Data (e.g., printed applications, assessment notes) are stored in locked, secure cabinets within our administrative offices in Bristow, VA, with restricted access.
  • Incident Response: In the event of a suspected data breach, we have an incident response plan to contain the breach, assess the risk, notify affected individuals and relevant authorities as required by Virginia law, and implement corrective measures.

Disclaimer: While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to continuous improvement of our protective measures.

8. Data Retention Policy

We retain your Personal Data only for as long as necessary to fulfill the purposes outlined in this Policy, or as required by applicable law. Our retention periods are guided by the following principles:

  • Application and Cohort Records: Data related to a Participant’s enrollment, assessments, and progress in the 4-month cohort will be retained for a minimum of three (3) years after the conclusion of the program to allow for follow-up support, program evaluation, and potential re-enrollment in subsequent cohorts.
  • Financial and Donation Records: To comply with IRS regulations for nonprofit organizations, we retain records of donations, receipts, and financial transactions for a minimum of seven (7) years.
  • Volunteer and Staff Records: Background checks and volunteer applications are retained for the duration of the individual’s active service, plus two (2) years thereafter, to address any potential liability or reference requests.
  • Website and Analytics Data: Aggregated, anonymized usage data may be retained indefinitely for statistical analysis. Personal data tied to web accounts (e.g., newsletter subscriptions) is retained until you unsubscribe or request deletion.

Once the retention period expires, we will securely destroy or anonymize your Personal Data using industry-standard deletion methods, ensuring it cannot be reconstructed or identified.

9. Your Privacy Rights

Depending on your location and applicable laws, you may have specific rights regarding your Personal Data. Unlocking Gems is committed to honoring these rights. To exercise any of these rights, please contact us using the information in Section 16. We may ask you to verify your identity before processing your request to protect your privacy and security.

  1. Right to Access: You have the right to request a copy of the Personal Data we hold about you, along with information about how it is being processed.
  2. Right to Correction: If your Personal Data is inaccurate or incomplete, you have the right to request that we update or correct it.
  3. Right to Deletion (Right to be Forgotten): You may request that we delete your Personal Data, subject to certain exceptions (e.g., if we are legally required to retain it for tax or safety purposes, or if it is necessary to complete a service you have requested).
  4. Right to Restrict Processing: You may request that we limit how we use your Personal Data, for example, while we are verifying the accuracy of the data or addressing an objection you have raised.
  5. Right to Data Portability: Where technically feasible, you may request that we provide your Personal Data in a structured, commonly used, and machine-readable format, or transmit it directly to another organization.
  6. Right to Opt-Out of Marketing: You may opt out of receiving promotional emails, newsletters, or fundraising communications at any time by clicking the “unsubscribe” link at the bottom of our emails or by contacting us directly. Note: We will still send you essential, non-marketing communications related to your active participation in our programs.
  7. Right to Withdraw Consent: Where we rely on your consent to process your data (e.g., sharing health info with an ABA provider), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

We will respond to all legitimate requests within thirty (30) days. If a request is complex or numerous, we may extend this period, but we will notify you of the delay.

10. Children’s Privacy And Vulnerable Populations

Protecting the privacy of minors and vulnerable individuals is a paramount concern for Unlocking Gems, Inc. Our programs frequently serve individuals transitioning out of high school, many of whom are minors.

10.1. Compliance with COPPA

We comply with the Children’s Online Privacy Protection Act (COPPA). We do not knowingly collect Personal Data from children under the age of 13 through our Website without verifiable parental consent.

  • If you are under 13, you may not use our Website or submit an application without the involvement and explicit consent of a parent or legal guardian.
  • Our online application forms for minors require the name, contact information, and digital signature/consent of a parent or legal guardian.

10.2. Special Protections for High-Functioning ASD Individuals

We recognize that individuals with high-functioning ASD may have unique communication styles or vulnerabilities. Therefore:

  • We ensure that all privacy notices and consent forms are presented in clear, straightforward, and easily understandable language.
  • We actively involve Guardians in the data collection and consent process for minors or adults who require supported decision-making.
  • We strictly limit the collection of Sensitive Personal Data to what is absolutely necessary for program safety and efficacy. We do not use this data for any form of profiling or automated decision-making that could adversely affect the individual.

If you are a parent or guardian and believe that we have inadvertently collected Personal Data from your child without your consent, please contact us immediately. We will promptly investigate and delete such information from our servers.

11. Cookies And Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and personalize content.

11.1. What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, or smartphone) when you visit a website. They help the site remember your actions and preferences over time.

11.2. Types of Cookies We Use

  • Essential/Strictly Necessary Cookies: These are required for the Website to function properly. They enable basic functions like page navigation, secure access to the web portal, and form submission. The Website cannot function properly without these cookies, and they cannot be disabled.
  • Performance and Analytics Cookies: These cookies collect information about how visitors use our Website (e.g., which pages are visited most often, error messages). This data is aggregated and anonymized, helping us improve the site’s functionality and user experience. (e.g., Google Analytics).
  • Functional Cookies: These allow the Website to remember choices you make (such as your language preference or region) to provide a more personalized experience.
  • Targeting/Advertising Cookies: We do not currently use third-party advertising cookies to track your behavior across other websites for marketing purposes.

11.3. Managing Your Cookie Preferences

Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. You can also delete cookies that have already been set. Please note that if you choose to block or delete essential cookies, some features of our Website, such as the online application portal, may not function correctly.

12. Third-party Links And Services

Our Website and program materials may contain links to third-party websites, such as the Virginia Department for Aging and Rehabilitative Services (DARS), local Scouting organizations, or external therapy providers.

Please be aware that this Privacy Policy applies only to the Unlocking Gems, Inc. Website and Services. We do not control, endorse, or assume responsibility for the privacy practices, content, or security of any third-party websites. We strongly encourage you to review the privacy policies of any external site you visit before providing them with your Personal Data.

13. International Data Transfers

Unlocking Gems, Inc. is based in the United States, and our servers and operations are located within the U.S. If you access our Website or Services from outside the United States, please be aware that your Personal Data will be transferred to, stored, and processed in the United States.

The data protection laws in the U.S. may differ from those in your country of residence. By using our Website or Services, you consent to the transfer of your data to the U.S. and agree that it will be subject to U.S. laws, including this Privacy Policy. We will take all reasonable steps to ensure that your data is treated securely and in accordance with this Policy, regardless of where it is processed.

14. Changes To This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technological advancements, legal requirements, or operational needs (such as the addition of new program modules like our planned organic farming initiative).

When we make material changes to this Policy, we will:

  • Update the “Last Updated” date at the top of this document.
  • Post a prominent notice on our Website’s homepage or web portal.
  • For active Participants, Guardians, or registered donors, we may send a direct email notification detailing the significant changes.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Website or participation in our Services after the effective date of any changes constitutes your acceptance of the revised Policy.

15. Virginia Consumer Data Protection Act (Vcdpa) Notice

Because Unlocking Gems, Inc. is headquartered in Bristow, Virginia, we are committed to complying with the Virginia Consumer Data Protection Act (VCDPA). This section provides specific disclosures for Virginia residents (“Consumers”).

15.1. Categories of Personal Data We Process

Under the VCDPA, we process the following categories of data:

  • Identifiers: Name, address, phone number, email address.
  • Protected Classifications: Age, and in some contexts, disability status (high-functioning ASD).
  • Commercial Information: Records of services provided, volunteer history, donation history.
  • Internet/Network Activity: IP address, browser type, website interaction data.
  • Sensitive Data: We process precise geolocation data and health/disability-related information only with your explicit, affirmative consent, and solely for the purpose of providing tailored support and ensuring safety within our programs.

15.2. Purposes of Processing

We process this data for the purposes outlined in Section 4 of this Policy, including program administration, safety, legal compliance, and ministry operations. We do not process data for targeted advertising or the sale of personal data.

15.3. Your VCDPA Rights

Virginia residents have the right to:

  1. Confirm whether we are processing their Personal Data.
  2. Access the Personal Data we are processing.
  3. Correct inaccuracies in their Personal Data, taking into account the nature of the data and the purposes of the processing.
  4. Delete Personal Data provided by or obtained about the Consumer.
  5. Obtain a copy of their Personal Data, in a portable and readily usable format, to transmit to another controller.
  6. Opt out of the processing of their Personal Data for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects. (Note: Unlocking Gems does not engage in the sale of personal data, targeted advertising, or automated profiling that produces significant effects).

15.4. Exercising Your VCDPA Rights

To exercise your VCDPA rights, please submit a verifiable consumer request via the contact methods listed in Section 16. We will respond within 45 days, with a possible 45-day extension if reasonably necessary, with notice to you. We do not discriminate against Consumers who exercise their VCDPA rights.

15.5. Appeals Process

If we deny your request to exercise your VCDPA rights, we will inform you of the reason and provide instructions on how to appeal the decision. You may submit an appeal by contacting our Data Protection contact (see Section 16). We will respond to your appeal within 60 days. If the appeal is denied, you may submit a complaint to the Virginia Attorney General.

16. Contact Information And Data Protection Inquiries

We value open, transparent communication with our community. If you have any questions, concerns, or requests regarding this Privacy Policy, your Personal Data, or our data practices, please do not hesitate to contact us.

We are committed to working with you to obtain a fair resolution of any complaint or concern.

Unlocking Gems, Inc.

(God’s Everyday MiracleS)

Mailing Address: 12509 Erroll Lane, Bristow, VA 20136

Phone: 757-576-5017

Email: unlockinggems-vickiepiscopo@gmx.com

For Privacy-Specific Inquiries:

Please include “Privacy Request” or “VCDPA Rights Request” in the subject line of your email to ensure your message is routed to the appropriate personnel for prompt handling.

If you feel that we have not addressed your concern satisfactorily, you have the right to lodge a complaint with the Virginia Attorney General’s Office or your local data protection authority.