1. Who we are
OsiepePNG is a member-based professional network that coordinates community support, including bereavement-related member assistance. In this policy, “OsiepePNG,” “we,” “our,” and “us” refer to Osiepe Professional Network Group.
2. Information we collect
We may collect information you provide directly, including your name, email address, phone number, mailing address, emergency or next-of-kin details, membership information, communications, uploaded documents, payment or contribution information, and records relevant to bereavement support. We may also collect technical information such as IP address, browser type, pages visited, cookie identifiers, and device information.
3. How we use information
We use personal information to manage membership, provide bereavement support coordination, communicate with members, process contributions, maintain records, improve website services, prevent misuse, protect the security of our systems, and comply with legal obligations.
4. Legal bases for processing under GDPR
Where the GDPR applies, we process personal data based on one or more of the following grounds: consent, performance of a contract, compliance with a legal obligation, protection of vital interests, legitimate interests, and, where applicable, establishment, exercise, or defense of legal claims. We present requests for consent in a clear and separate manner where consent is the basis for processing. Data subjects may withdraw consent at any time, without affecting processing carried out before withdrawal. GDPR rights include the right to be informed, access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making.
5. Sensitive data and bereavement-related information
Because OsiepePNG may handle bereavement-related information, we try to minimize collection, limit access to authorized personnel, and request only the information reasonably necessary for support administration, verification, payment administration, recordkeeping, and communications. Where local law requires it, we obtain explicit consent or rely on another lawful basis before processing special-category or other sensitive personal data.
6. HIPAA notice and protected health information
HIPAA applies only to covered entities and business associates. The HIPAA Privacy Rule protects individually identifiable health information held by covered entities such as health plans, healthcare clearinghouses, and many healthcare providers, and the HIPAA Security Rule requires administrative, physical, and technical safeguards for electronic protected health information. If OsiepePNG is not a covered entity or business associate, references in this policy to HIPAA-style safeguards are intended to describe privacy and security practices and should not be read as a representation that HIPAA formally applies. If OsiepePNG does become a covered entity or business associate, it should adopt a separate Notice of Privacy Practices and execute required business associate agreements where applicable.
7. Security safeguards
We use reasonable administrative, technical, and physical safeguards designed to protect data against unauthorized access, loss, misuse, alteration, and disclosure. Safeguards may include role-based access, passwords, encryption in transit where available, logging, backups, limited access to sensitive records, and periodic review of access permissions. No system can be guaranteed fully secure.
8. Data sharing
We do not sell personal information. We may share personal information with hosting providers, payment processors, email service providers, legal or regulatory authorities, auditors, insurers, professional advisers, and authorized administrators or officers who need the information for legitimate organizational purposes. We may also share information when necessary to protect someone’s vital interests or to investigate misuse or fraud.
9. International transfers
Where personal data subject to GDPR is transferred outside the US Area of jurisdiction, we seek to use recognized transfer mechanisms and safeguards, such as adequacy decisions or standard contractual clauses, as appropriate.
10. Retention
We retain personal information only for as long as reasonably necessary for the purposes described in this policy, including member administration, legal compliance, dispute resolution, auditing, and financial recordkeeping. Retention periods may vary by document type and applicable law.
11. Your privacy rights
You may request access to, correction of, or deletion of your information, subject to legal limitations. Where applicable, you may also object to processing, request restriction, request portability, and lodge a complaint with a supervisory authority. Under HIPAA, individuals generally have rights to access certain health information held by covered entities, with limited exceptions.
12. Cookies and tracking
We may use cookies and similar technologies for site functionality, security, analytics, remembering preferences, and improving user experience. Where required by law, we seek consent before placing non-essential cookies. You can manage cookies through browser settings and the cookie banner choices made available on our site.
13. Children’s privacy
Our website and services are not intended for children under 18. We do not knowingly collect personal information from children through the website without appropriate authorization.
14. Changes to this policy
We may update this policy from time to time. We will post the revised version with a new effective date when material changes are made.
15. Contact
Questions or privacy requests may be sent to OsiepePNG using the contact details published on the website. Our official privacy contact email Email Us.