Privacy Policy

Trailhead Consulting Privacy Policy

Last updated: June 15, 2025

Trailhead Consulting NW (“Trailhead Consulting,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, share, and safeguard personal information obtained through our website (www.trailheadconsultingnw.com) and related services. It also explains your choices and rights regarding your personal information. Our services are intended for users in the United States, and this policy is written to comply with U.S. privacy laws and best practices. By using our website, you agree to the terms of this Privacy Policy.

Information We Collect

We collect both personal information (information that identifies you as an individual) and non-personal information. The types of information we may collect include:

Contact Information: Such as your name, email address, telephone number, and organization name, especially when you fill out our contact forms, booking forms, or subscribe to our newsletter.
Inquiry Details: Any personal data you provide in messages or forms, including the content of your inquiries, service requests, or information related to scheduling workshops or consultations.
Newsletter Sign-Up Information: Your email address (and possibly your name) when you sign up to receive our newsletter or updates.
Usage Data: Information about how you use our website, which may include your IP address, browser type, device information, pages visited, dates/times of visits, and referring page. This data is typically collected through cookies and analytics tools.
Other Information: Any other information you choose to provide to us voluntarily (for example, when you respond to a survey or participate in a workshop registration form).

We do not intentionally collect sensitive personal information (such as Social Security numbers, racial or ethnic origin, health information, or financial account details) through our site. We ask that you do not provide sensitive information in any contact or sign-up forms.

How We Collect and Store Information

We collect personal information in several ways:

Directly from You: You provide information directly when you fill out a contact form, schedule a consultation or workshop through a booking form, message us, or subscribe to our newsletter. For example, when you fill out our contact form, you will be asked to provide your name, email, and the details of your inquiry.
Through Communications: If you contact us via email, phone, or other means, we may collect and retain the information you share (such as your email address or phone number and any personal details in your communication) in order to respond to you and keep a record of our correspondence.
Automatically: When you visit our website, we (or service providers acting on our behalf) automatically collect Usage Data via cookies, web beacons, and similar tracking technologies (see the Cookies and Tracking Tools section below for more details). This helps us understand how visitors navigate our site and improve your experience.
Third-Party Sources: In general, we collect information directly from you or your device. We do not typically obtain personal information from third-party sources about you. If we ever receive information about you from a third-party (for example, if you interact with us on social media or through a referral partner), we will handle that information in accordance with this policy.

Information Storage: Personal information collected through our website is stored on secure servers provided by our web hosting platform and other service providers. Our website is hosted on the Wix.com platform, which provides us with the online tools to offer our services. Any data you submit through the site may be stored in Wix’s databases and servers. Wix stores this information on secure servers protected by firewalls and other security measures. We may also store certain information in other secure services: for instance, if you subscribe to our newsletter, your email address may be stored with our email marketing provider (e.g., Mailchimp). All such third-party storage providers are contracted to handle your information securely and only for our authorized purposes (see How We Share Your Information below).

How We Use Your Information

We use the collected information for various legitimate business purposes consistent with the reasons you provided it. These purposes include:

Providing and Improving Services: To respond to your inquiries, consult with you about our AI consulting, grant writing, or workshop services, and to deliver the services or information you request. We also use information to personalize and improve our services and website based on user feedback and usage patterns.
Communication: To communicate with you about your requests or bookings. For example, we may use your contact information to confirm appointment details, answer questions about our services, or provide customer support.
Marketing and Newsletters: To send you our newsletter, updates, or promotional communications about our services, workshops, or events – but only if you have subscribed or explicitly opted in to receive such communications. (You can opt out of these messages at any time; see Communications and Marketing below.)
Analytics and Site Optimization: To analyze website usage and performance through tools like Wix Analytics or Google Analytics. This helps us understand visitor traffic and preferences so we can improve site content, layout, and functionality.
Administration and Protection: To administer our website and services, including troubleshooting, data analysis, testing, and monitoring for security threats. We may use information to protect against fraud, unauthorized transactions, or other liabilities, and to ensure the security and integrity of our website.
Legal Obligations: To comply with applicable laws, regulations, legal processes, or governmental requests. For example, we may retain certain information for recordkeeping, tax, or compliance purposes. We may also use personal information to enforce our Terms of Service or other agreements, to resolve disputes, or to protect our rights and the rights of our users or others.

We will use your personal information only for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related purpose that is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and, if required, obtain your consent or rely on an appropriate legal basis.

How We Share Your Information

We respect your privacy and will not sell or rent your personal information to third parties. However, we do share certain information with third parties in the following circumstances, as necessary to run our business or comply with legal obligations:

Service Providers: We share information with trusted third-party companies that perform services on our behalf. This includes:
- Website Hosting and Platform: As mentioned, our site is hosted on Wix.com, which processes and stores data on our behalf.
- Analytics Providers: We use third-party analytics tools such as Google Analytics (and/or Wix’s built-in analytics) to collect information about how visitors use our site. These analytics providers set their own cookies or identifiers to gather Usage Data (e.g., your IP address and browsing behavior). They provide us with aggregated insights and reports. (You can learn about how Google Analytics works and opt out of Google Analytics tracking using the Google Analytics Opt-Out Browser Add-on.)
- Email Marketing Services: If you subscribe to our newsletter or mailing list, we use a service like Mailchimp (an email marketing platform) to store your email address and send out our emails. That service will have access to your contact information for the purpose of sending our communications, but they are not permitted to use your information for their own purposes.
- Scheduling/Booking Tools: If our website uses a scheduling or booking system (for example, Wix Bookings or a third-party scheduling app) to allow you to book consultations or workshop spots, that system will process the information you provide (like name and contact info) to manage the bookings. These tools use your data only to facilitate scheduling and related communications.
Advertising and Marketing Partners: We may work with third-party advertising networks or social media platforms (such as Google Ads or Facebook) to promote our services. If we use these tools, they may set cookies or use similar tracking technologies on our site to collect information about your visit (for example, pages you viewed) and enable us to show you relevant ads on other platforms. Any data shared for these purposes (for instance, a unique cookie identifier or a hashed email address) is used only to target our own marketing messages and not for the third party’s independent use. These partners have their own privacy policies and are expected to handle data in compliance with applicable privacy laws.
Business Transfers: If Trailhead Consulting NW is involved in a merger, acquisition, sale of assets, or other business transaction, your personal information may be transferred to the successor or new owner as part of that transaction. In such cases, we will ensure the new owner is bound by privacy terms that are consistent with this policy, and we will provide notice (e.g., via an update on our website) if your personal information becomes subject to a new privacy policy.
Legal Compliance and Protection: We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to: (i) comply with a legal obligation, subpoena, or government request; (ii) protect and defend our rights or property, or the safety of our clients, users, or others; (iii) investigate or assist in preventing fraud or security issues; or (iv) respond to an emergency that requires personal data for public safety.
With Your Consent: In cases where we wish to share your information for purposes not covered by this Privacy Policy, we will ask for your explicit consent. For example, if we want to feature a client testimonial on our site that includes your name or image, we would seek your permission before doing so.

Cookies and Tracking Tools

Our website uses cookies and similar tracking technologies to enhance your experience, understand how our site is used, and support our marketing efforts.

What Cookies Are: Cookies are small text files that websites place on your device (computer, smartphone, etc.) when you visit. They are widely used to make websites work efficiently and to provide information to website owners. Cookies can be “first-party” (set by our site) or “third-party” (set by another service when you visit our site).
How We Use Cookies: We and our third-party service providers use cookies and similar tools for a few reasons:
- Essential Cookies: Some cookies are necessary for our website to function properly – for example, to enable you to navigate the site or to remember your preferences. These cookies do not collect personal data and are vital to site operation.
- Analytics Cookies: We use analytics cookies (e.g., Google Analytics cookies) to collect information about how visitors interact with our site. This includes data like which pages are visited, how long users stay, and which links are clicked. The information collected is aggregated and not personally identifiable (e.g., we see total number of visitors to a page, not your individual browsing sessions). These analytics cookies may collect your IP address and set a unique identifier to distinguish your browser, but they do not directly reveal your identity to us.
- Advertising/Marketing Cookies: If we engage in advertising or retargeting, advertising cookies or pixels (such as the Facebook Pixel or Google Ads cookies) may be used. These cookies remember that you visited our site and help us serve you targeted advertisements on other platforms that relate to our services. They work by recognizing your browser or device (not by knowing your name or who you are). For example, if we run a campaign on Facebook to promote a new workshop, the Facebook Pixel might note that someone using your device visited our workshop page, and then we could show you a relevant ad on Facebook.
Third-Party Cookies: Some cookies on our site are placed by third parties – for instance, our analytics and advertising partners as mentioned above. We do not control these third-party cookies beyond the purposes we use them for. These third parties have their own privacy policies governing their use of information. For example, data collected via Google Analytics cookies is also subject to Google’s privacy policies.
Your Choices for Cookies: You have the ability to control or limit how cookies work on your device. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies or alert you before accepting a cookie from websites. You can also delete cookies that have already been set. Please be aware that if you disable or remove certain cookies, it may affect the functionality of our site. For instance, some pages might not remember your preferences, or certain features (like videos or forms) might not work properly.
Opting Out of Tracking:
- Google Analytics: If you want to opt out of Google Analytics, Google provides a Browser Opt-Out Add-on that you can install in your web browser. This prevents Google Analytics from collecting information on your visits.
- Interest-Based Advertising: For third-party advertising cookies, you can visit the Network Advertising Initiative or Digital Advertising Alliance websites to opt out of many advertising cookies from participating companies. Keep in mind that opting out of ad cookies does not mean you will not see ads, only that the ads may be less relevant to your interests.
- Do Not Track: Some browsers include a “Do Not Track” (DNT) setting that can send a signal to websites that you do not want to be tracked. However, there is currently no industry consensus on how to interpret DNT signals. At this time, our site does not respond differently to browsers with a DNT signal. We continue to monitor developments around DNT. In the meantime, you can use the other opt-out methods described above to control personalized advertising and analytics.

Communications and Marketing

Service-Related Communications: We may use your contact information to communicate with you about services you have requested or activities you have initiated with us. For example, if you fill out our contact form or book a consultation, we will use your email or phone number to respond to your inquiry and provide the information or scheduling details you need. Likewise, if you become a client, we might contact you to deliver project updates, invoices, or important information related to the service we are providing. These communications are considered transactional or informational and not promotional – by contacting us or signing up for a service, you agree that we can send you such service-related communications. (If you decide you no longer want to receive communications related to an ongoing service, you may need to terminate that service, as we must be able to contact clients regarding active engagements.)

Marketing Communications: With your consent, we will use your personal information (primarily your email address) to send you marketing communications. Consent may be given, for example, by subscribing to our email newsletter, opting in to receive updates at an event, or explicitly requesting information about our offerings. Marketing communications may include our newsletter, announcements about new services or upcoming nonprofit workshops, grant writing tips, or other updates we believe could be valuable to you. We aim to send communications that are relevant and infrequent (we will not flood your inbox), and you can unsubscribe at any time as described below.

Opt-Out Procedures: You have the right to opt out of our marketing emails and newsletters at any time. We provide several easy ways to do this:

Unsubscribe Link: Each marketing email we send will include an “Unsubscribe” link (usually at the bottom of the email). Clicking this link will allow you to stop receiving future marketing emails from us (or adjust your preferences, if applicable).
Contact Us Directly: If you prefer, you can request to be removed from our mailing list by contacting us via email (see the Contact Us section below). Please indicate that you wish to unsubscribe from marketing communications, and provide the email address that you want removed. We will process your request as soon as possible.

Once you opt out of marketing communications, we will cease using your contact information for promotional purposes. Please note, however, that even if you opt out of marketing emails, we may still send you non-promotional communications. For example, we might send you an email to confirm a consultation appointment you scheduled, respond to a direct inquiry you made, or notify you of important changes to our services or this Privacy Policy. Those service or legally-required communications are separate from marketing communications.

Text Messages and Calls: Our primary mode of communication is email. We will not send you text message (SMS) marketing unless you have explicitly opted in to such a service. If you provide a phone number for contact and we believe it is most efficient to reach you by phone or text for a particular matter (for instance, a last-minute change in a workshop schedule you signed up for), we may do so. We will keep such contacts to what is necessary and reasonable. Standard telephone or SMS charges may apply if we contact you by those methods. If you do not wish to receive phone calls or texts, please let us know and we will respect that preference whenever possible.

No Third-Party Marketing Use: We do not share your personal information with third parties for their own marketing or advertising purposes without your consent. In other words, we won’t sell or give your email address to another company so they can market to you. Any marketing related to Trailhead Consulting NW will come from us or our service providers acting on our behalf, in line with this policy.

Data Protection and Security Measures

We take the security of your personal information seriously and implement a variety of measures to protect it from loss, misuse, unauthorized access, or disclosure. Some of the security safeguards we employ include:

Secure Hosting: Our website and databases are hosted on platforms that use industry-standard security measures. As noted, Wix (our website host) stores data on secure servers protected by firewalls. We also use SSL/TLS encryption for our website. You can verify you are connected via a secure connection by looking for the "https://" and lock icon in your browser’s address bar when interacting with our site. This means data transmitted between your browser and our website is encrypted.
Access Controls: We limit access to personal information to only those who need it to perform their work. For example, only authorized personnel (such as the owner or key staff/consultants of Trailhead Consulting NW, or trusted service providers) are allowed to access data that you provide, and even then only for legitimate purposes related to running our business. Those who do have access to personal data are obligated to maintain its confidentiality.
Administrative and Organizational Measures: We have policies and procedures in place to prevent unauthorized access to or misuse of personal data. We periodically review our data collection, storage, and processing practices to ensure we are following appropriate security and privacy guidelines. We also ensure that any third-party service providers that handle personal information on our behalf (such as email newsletter services or analytics providers) are contractually obligated to implement strong data security measures.
Security Monitoring and Updates: We utilize security monitoring tools and take precautions to keep our website and systems updated. Software is kept up-to-date to patch vulnerabilities, and we use anti-malware/antivirus solutions as needed. We also monitor for potential threats or attacks on our website (e.g., suspicious login attempts or spam submissions) and will take action to mitigate any risks.
Payment Data: We allow online payments for our services (such as workshops or consultations) through Wix Payments, a secure and PCI-DSS-compliant payment processing system. When you make a payment on our site, your credit card or other payment information is processed directly by Wix Payments or their integrated third-party providers (such as Stripe or PayPal, depending on the method selected). We do not store or have access to your full payment details (such as your credit card number or security code). These details are encrypted and securely handled by the payment processor in accordance with industry standards to protect your financial information.
Data Breach Response: Despite our best efforts, no method of transmitting or storing data is 100% secure. In the unlikely event of a data breach that affects your personal information, we will act promptly to identify the issue and remediate it. We will also notify affected users and the relevant authorities as required by law. Our notification to you would include an overview of the breach and, if possible, advice on steps you may need to take to protect yourself.

Your Responsibility: While we work hard to protect your data, you also play a role in keeping your information secure. We encourage you to use strong, unique passwords for any accounts (though our website currently does not require a login, this is general good practice for other services you use), to be cautious about sharing personal information, and to contact us if you suspect any unauthorized activity related to your information or our website.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. The length of time we keep information may vary depending on the type of information and the reason we have it. Below are some general guidelines:

Contact and Inquiry Information: If you contact us with a question or inquiry but do not become a client, we may keep your information (and our correspondence with you) for a period of time after we’ve last interacted. This is so we have a record of what communications took place, in case you reach out again or decide to use our services later. Generally, we might retain inquiry information for approximately 6 to 12 months, but not indefinitely.
Client Information: If you engage our consulting or grant writing services, we will retain your information for as long as you are an active client. After our direct work with you has concluded, we may retain relevant information for a period necessary to support our business operations or legal obligations. For example, we may keep contracts, invoices, and work product related to our engagement for several years for tax, auditing, and record-keeping purposes. We will also retain contact information to reach out to you regarding any follow-up services or feedback, unless you request otherwise.
Newsletter Subscription: If you have subscribed to our newsletter or marketing emails, we will keep your email address and any other information you provided for as long as you remain subscribed. If you choose to unsubscribe, we will remove you from our active mailing list. We may, however, keep your email on a suppression list (to ensure we don’t accidentally send you emails again if you’ve opted out) or in our historical records of who has subscribed.
Analytics Data: Data collected via cookies and analytics tools (which is mostly aggregated data about website usage) is retained as long as necessary for the purposes it's used. For example, Google Analytics retains non-personally identifiable site visit data for a certain period (commonly 26 months, unless we change that setting) and automatically deletes older data beyond that. This retention allows us to observe trends over time.
Legal Requirements: In some situations, we may need to retain certain information for longer periods if required by law. For instance, if a specific law requires us to keep records for a minimum time (such as financial records for tax purposes) or if we are involved in a legal dispute and need to preserve evidence. In such cases, we will retain the data as needed only for those purposes.
Deletion of Data: When we no longer have a legitimate need or legal obligation to keep your personal information, we will securely delete or anonymize it. Anonymizing data means altering it so that it can no longer be linked to you personally. If complete deletion or anonymization isn’t immediately possible (for example, because the data is stored in a secure backup archive), we will isolate the data and protect it from further use until deletion is feasible.

If you have a specific question about how long we keep a certain type of data, you can always contact us for more information.

Minors and Children’s Privacy

Protecting the privacy of minors is very important to us. Our website and services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 years old. If you are under 13, please do not submit any personal information to our site. We also advise that individuals under 18 years old should only use our site or provide personal information with the involvement of a parent or guardian.

In the event that we discover we have collected personal information from a child under 13 without parental consent (for instance, if a child misrepresents their age and submits a form), we will take immediate action to delete that information from our servers. If you believe that we might have any information from or about a child under 13, please contact us so that we can investigate and promptly remove the data.

While our consulting and workshop services are geared toward professional and organizational audiences (typically adults working in or with nonprofits), we recognize that high school or college students (who may be minors) could have an interest in AI consulting or nonprofit work. Any participation by minors in our services (such as attending a workshop) would be intended to be with appropriate guardian consent and supervision. We encourage parents and guardians to be involved in their children’s online activities and to discuss data privacy and safety with their children.

Your Privacy Rights and Choices

Depending on where you live, you may have certain legal rights regarding your personal information. Trailhead Consulting NW is committed to respecting and facilitating the exercise of these rights as applicable. These rights can include:

Right to Access: You have the right to request a copy of the personal information we hold about you and to obtain information about how we process it. This is sometimes called a “data subject access request.” We will provide you with the information in our records, subject to any legal limitations (for example, we may not be able to provide information that includes personal data about someone else, or information protected by legal privilege).
Right to Correction (Rectification): If you believe that any personal information we have about you is incorrect or incomplete, you have the right to request that we correct or update it. For instance, if you change your email address or realize we misspelled your name, you can ask us to fix it. We strive to keep our records accurate and will gladly make appropriate updates.
Right to Deletion: You can request that we delete your personal information. This is sometimes known as the “right to be forgotten.” We will honor such requests to the extent possible. However, this right is not absolute – sometimes we need to retain certain information for legal or legitimate business reasons (as described in the Data Retention section). If that’s the case, we will let you know what information we must keep and why. Otherwise, we will erase the personal data you request to be deleted and confirm with you when it’s done.
Right to Opt-Out of Sale/Sharing: We do not sell personal information to third parties. In the context of some state laws (like California’s CCPA/CPRA), “sell” can include sharing personal data for targeted advertising. We do not share personal data in that manner without consent. If you have any questions about this or want to ensure your data isn’t shared in a way that constitutes a “sale” under applicable law, you can contact us. (Because we don’t sell data, this is generally not applicable, but we support your right to ask.)
Right to Opt-Out of Marketing: As discussed, you can opt out of marketing communications at any time. See the Communications and Marketing section above for how to unsubscribe. This is a fundamental right we provide to everyone, not just because of laws but because it’s the right thing to do.
Right to Withdraw Consent: In cases where we rely on your consent to process your information (for example, sending newsletters or using certain cookies), you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of any processing we conducted prior to your withdrawal. For instance, if you consented to receive emails and later withdraw consent, we will stop future emails, but we won’t “un-send” past communications.
Right to Non-Discrimination: If you exercise any of your privacy rights, we will not discriminate against you for doing so. That means we won’t deny you services, charge you different prices, or provide a different level of service just because you made a privacy request. We treat all users equally, whether or not they choose to exercise their privacy rights.
California Residents – CCPA Rights: If you are a resident of California, state law provides specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). These include the right to know what personal information we collect, how we use it, and the categories of third parties we share it with. You also have the right to request that we disclose the specific pieces of personal information we have about you, and to request that we delete personal information (with some exceptions as noted above). Additionally, California residents have the right to opt out of the “sale” or “sharing” of personal information (as defined by law), though as stated, we do not sell personal data. If you would like to exercise any of these rights, please contact us through the methods below. We may need to verify your identity for security purposes when handling CCPA requests (for example, by confirming information we already have on file like your email address). You may also designate an authorized agent to make a request on your behalf, in which case we will need proof of the authorization and still take steps to verify the identity of the agent or the authenticity of the request.
Other State Laws: A number of U.S. states (such as Virginia, Colorado, Connecticut, and others) have enacted their own privacy laws that, in some cases, provide similar rights to those in California or under the EU’s GDPR. If you are a resident of a state that grants additional privacy rights, we will be happy to accommodate those rights as applicable. Generally, the rights include access, correction, deletion, and in some cases the right to opt out of certain data processing activities. We aim to extend the spirit of these rights to all our users where feasible, so please feel free to reach out with any privacy-related request and we will do our best to honor it in accordance with applicable law.

How to Exercise Your Rights: If you wish to exercise any of the rights mentioned above, please contact us using the information provided in the Contact Us section below. In your request, please clearly describe what you are asking for – for example, specify whether you are seeking a copy of your data, a correction of certain information, a deletion of records, or some other action. We may ask you for additional information to verify your identity or to clarify your request. This is to ensure that we do not disclose personal information to an unauthorized person, and to make sure we understand exactly what you want us to do.

Response Time: We will respond to legitimate requests as soon as we reasonably can. Under some laws (like CCPA), we generally have up to 45 days to respond, with the possibility of a 45-day extension in certain cases. We aim to be faster than that if possible. If we need more time, we will inform you of the reason and extension period. If, for some reason, we cannot fulfill your request (due to a legal exception or inability to verify your identity), we will provide an explanation.

Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, to keep up with new legal requirements, or for other operational reasons. When we make changes, we will update the “Last updated” date at the top of this policy. Any changes will become effective when posted unless otherwise stated.

If we make any material changes (significant changes) to this Privacy Policy, we will take additional steps to notify you. For example, we might post a prominent notice on our website’s homepage or send an email notification if we have your email on file (if, say, you are a newsletter subscriber or client). This is to ensure you are aware of what’s changed and how it might affect you.

We encourage you to review this page periodically to stay informed about our privacy practices. Your continued use of our website or services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or about how we handle your personal information, please feel free to contact us. We are here to address your inquiries and appreciate the opportunity to clarify our practices or resolve any issues.

Email: trailheadconsultingnw@gmail.com (Attn: Privacy)
Mail: Trailhead Consulting NW, 112 4th Ave SE 1, Puyallup, WA 98372, United States
Website Contact Form: You can also send us a message through the contact form on our website. Please mention that your inquiry is related to privacy so we can route it to the right person.

We will do our best to respond promptly to your questions or requests. If you are contacting us to exercise a privacy right (such as requesting access or deletion), please provide sufficient detail for us to verify your identity and locate your information (for example, the name and email you provided to us, and the context in which you interacted with us).

Thank you for reading our Privacy Policy. We value your trust and are committed to protecting your personal information and privacy.

Trailhead Consulting