Skip to Content

Privacy Policy

Diversity Recovery Alliance (DRA)

Effective Date: January 1, 2025

Last Updated: February 25, 2026

The Diversity Recovery Alliance ("DRA," "we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect information when you use the DRA Center mobile application ("App").

By using the App or our website, you agree to the terms outlined below.

1. Who We Are

Diversity Recovery Alliance (DRA) is a 501(c)(3) nonprofit organization based in San Antonio, Texas, dedicated to providing safe, inclusive recovery spaces and peer support services for the LGBTQIA+ community.

DRA Center

473 Spencer Lane

San Antonio, TX 78201

Email: board@dracentersa.org

Phone: 210-257-7021

2. Information We Collect

We collect only the information necessary to operate the App and support our mission.

A. Information You Provide Directly

When you use certain features of the App, you may provide:

  • Account Information: Name, email address, phone number (for member portal login)
  • Membership Information: Membership tier, status, access code, payment method
  • Subscription Data: Billing information, subscription tier, payment history
  • Event Registrations: Name, contact information for event reservations
  • Room Reservation Requests: Contact details, group information, event/meeting details (submitted through in-app web forms)
  • Donations: Payment information processed through secure third-party processors
  • Communications: Messages, inquiries, or feedback sent through contact forms or email

B. Automatically Collected Information

When you use the App, we automatically collect:

  • Device Information: Device type, operating system, app version
  • Usage Data: Features accessed, pages viewed, time spent in app, button clicks
  • Location Data: General location (city/state level) for localized content; we do NOT collect precise GPS location unless you explicitly enable it for specific features
  • Log Data: IP address, access times, error logs
  • Cache Data: Locally stored meeting schedules, events, and emergency contacts for offline access

C. Information Collected from Third Parties

  • Odoo Integration: We retrieve membership, subscription, and account information from our Odoo database when you log into the member portal
  • Facebook: When you tap links to our Facebook group, Facebook may collect data according to their privacy policy
  • Payment Processors: Payment and donation information is collected by third-party processors (see Section 4)

D. Information We Do NOT Collect

We do NOT collect:

  • Sensitive recovery details (sobriety date, sponsor information, etc.)
  • Meeting attendance records or participation history
  • Precise GPS location (unless explicitly enabled by you)
  • Health information or medical records
  • Social Security numbers or government ID numbers
  • Information from children under 18

3. How We Use Your Information

We use your information to:

A. Provide App Functionality

  • Display meeting schedules and upcoming events
  • Authenticate member portal access
  • Show your membership details and subscription information
  • Process membership upgrades, downgrades, or cancellations
  • Enable offline access through cached data
  • Display emergency contact information

B. Communications

  • Send responses to your inquiries
  • Provide event reminders (if you've enabled push notifications)
  • Notify you of meeting schedule changes
  • Send membership-related updates
  • Share important DRA Center announcements

C. Process Transactions

  • Handle donation processing
  • Manage membership subscriptions
  • Process room reservation requests
  • Update payment methods

D. Improve the App

  • Analyze usage patterns to enhance features
  • Fix bugs and technical issues
  • Optimize performance
  • Develop new features

E. Legal and Safety

  • Comply with legal obligations
  • Enforce our terms of service
  • Protect the safety, rights, and property of DRA, users, and others
  • Prevent fraud or abuse

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Donations & Payment Processing

All payments and donations made through the App are processed by secure third-party payment processors integrated with our Odoo system.

Key Points:

  • DRA does not store full credit card numbers on our servers
  • Payment data is transmitted directly to payment processors using industry-standard encryption
  • Payment processors are PCI-DSS compliant and responsible for safeguarding your financial data
  • We retain only transaction records (amount, date, membership tier) necessary for accounting and tax purposes

When you make a donation or update your payment method, you are also subject to the privacy policies of our payment processors.

5. Data Sharing and Disclosure

We may share limited information in the following circumstances:

A. Service Providers

We share data with trusted third-party service providers who help us operate the App:

  • Odoo (Database & Member Management): Stores member accounts, subscriptions, events
  • Cloud Hosting Providers: Host app infrastructure
  • Payment Processors: Process donations and subscriptions
  • Analytics Services: Help us understand app usage (anonymized data only)

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

B. Legal Requirements

We may disclose information if required by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Government requests
  • Investigations of potential violations of our policies
  • Situations involving potential threats to safety

C. Business Transfers

If DRA merges with or is acquired by another organization, your information may be transferred as part of that transaction. We will notify you of any such change.

D. With Your Consent

We may share information in other circumstances with your explicit permission.

We will NEVER sell your personal information to third parties.

6. Data Retention

We retain your information for as long as necessary to provide services and fulfill the purposes described in this policy.

Retention Periods:

  • Active Members: Data retained while membership is active and for 7 years after cancellation (for tax/accounting purposes)
  • Inactive Accounts: May be deleted after 3 years of inactivity
  • Donation Records: Retained for 7 years (IRS requirement for 501(c)(3) organizations)
  • Cached Data: Automatically refreshes daily; offline cache cleared when app is uninstalled
  • Event/Reservation Requests: Retained for 2 years after event date

You may request deletion of your data at any time (see Section 8).

7. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your information:

Technical Measures:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication for member portal (API keys, session management)
  • Automatic logout after inactivity
  • Secure credential storage on your device

Administrative Measures:

  • Limited employee access to personal data
  • Regular security reviews
  • Vendor security assessments

Physical Measures:

  • Secure data center facilities for our hosting providers

Important: While we strive to protect your data using industry-standard practices, no system is 100% secure. We cannot guarantee absolute security against unauthorized access, hacking, or data breaches.

8. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

A. Access

You may request a copy of the personal information we have about you.

B. Correction

You may request correction of inaccurate or incomplete information. You can update some information directly through the member portal.

C. Deletion

You may request deletion of your personal information, subject to:

  • Legal obligations (e.g., donation records for tax purposes)
  • Ongoing disputes or investigations
  • Legitimate business needs

D. Data Portability

You may request your data in a portable format.

E. Opt-Out

You may:

  • Disable push notifications in your device settings
  • Unsubscribe from email communications (except essential account-related emails)
  • Decline to provide optional information

F. Withdraw Consent

Where we rely on consent, you may withdraw it at any time.

To exercise these rights, contact us at: board@dracentersa.org

Response Time: We will respond to requests within 30 days.

9. Third-Party Integrations

The App contains links to and integrations with third-party services:

A. Website Forms (via WebView)

When you submit room reservation requests, you are directed to forms on our website (www.dracentersa.org) displayed within the App. These forms are subject to our website's privacy practices and our Odoo privacy settings.

B. Facebook

Links to our Facebook group (https://www.facebook.com/profile.php?id=61572742093726) will open in Facebook's app or browser. Facebook's privacy policy applies to any data they collect.

C. Donation Pages

When you click "Donate," you are directed to our website's donation page, which uses third-party payment processors. Their privacy policies also apply.

We are not responsible for the privacy practices of third-party websites or services. We encourage you to review their privacy policies.

10. Push Notifications

If you enable push notifications, we may send you:

  • Meeting schedule updates or changes
  • Event reminders
  • Important DRA Center announcements
  • Membership-related notifications

You can disable notifications at any time in your device settings. Disabling notifications will not affect other app functionality.

11. Children's Privacy

The App is intended for users 18 years and older. We do not knowingly collect personal information from individuals under 18.

If we learn that we have collected information from a child under 18, we will delete it promptly. If you believe we have inadvertently collected such information, please contact us at board@dracentersa.org.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do not sell personal information, so no opt-out is necessary
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, email: board@dracentersa.org

13. International Users

The App is operated in the United States. If you use the App from outside the U.S., your information will be transferred to, stored, and processed in the United States.

By using the App, you consent to the transfer of your information to the United States, which may have different data protection laws than your country.

14. Changes to This Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in our practices
  • Updates to App features
  • Legal or regulatory requirements

When we make changes:

  • We will update the "Last Updated" date at the top
  • We will post the revised policy in the App
  • For material changes, we may provide additional notice (e.g., in-app notification, email)

Your continued use of the App after changes constitutes acceptance of the updated policy.

We encourage you to review this policy periodically.

15. Admin Panel Data

If you have access to the admin panel (password-protected feature for DRA staff), you may:

  • Update emergency contact information
  • Manage meeting schedule data
  • Force refresh cached data
  • View app status

Admin actions are logged for security purposes. Admins are bound by DRA's confidentiality policies.

16. Offline Functionality

The App caches certain data locally on your device for offline access:

  • Meeting schedules (refreshed daily)
  • Events (refreshed daily)
  • Emergency contacts

Cached data is:

  • Stored securely on your device
  • Automatically deleted when you uninstall the App
  • Not accessible to other apps
  • Refreshed automatically when you have internet connection

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Diversity Recovery Alliance

473 Spencer Lane

San Antonio, TX 78201

Email: board@dracentersa.org

Phone: 210-527-7021

For privacy-specific inquiries, please include "Privacy Request" in your email subject line.

18. Consent

By using the DRA Center mobile app, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

If you do not agree with this policy, please do not use the App.

This Privacy Policy is effective as of [Insert Date] and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted in the App.