You are viewing the global institutional website

Privacy policy

How we process personal data.

This policy explains how Exodus & Resilience processes personal data collected through this website, institutional forms, newsletter subscriptions, press requests, partnership conversations and direct communications.

Controller

Who is responsible for data processing

The website exodusandresilience.org operates as the digital institutional headquarters of Exodus & Resilience, an international cultural and social infrastructure platform in its founding phase.

Platform Exodus & Resilience
Institutional phase Founding phase and institutional consolidation
Coordinating entity Registered in the United States for the strategic direction of the ecosystem
Privacy contact contact@exodusandresilience.org

Until segmented inboxes are active, all privacy, legal, governance, press, partnership, research and institutional requests are managed through contact@exodusandresilience.org.

Data we collect

Categories of personal data

Exodus & Resilience may process personal data that users provide voluntarily through contact forms, email communications, newsletter forms, institutional requests or collaboration conversations.

  • Identification data. Name, surname, professional title, organization or institutional affiliation.
  • Contact data. Email address, country, language preference or communication channel.
  • Professional context. Type of organization, role, area of interest, partnership profile or territory of interest.
  • Message content. Information included in forms, emails, proposals, press requests, academic inquiries or institutional communications.
  • Technical data. Browser, device, IP address, approximate location, pages visited, access time and cookie identifiers when applicable.

Users should avoid sending sensitive personal data unless strictly necessary for the specific request and unless they have the legal authority or consent required to share it.

Purposes

Why we process data

Personal data is processed only for institutional, operational, communication, transparency and relationship-management purposes connected to Exodus & Resilience.

  • To respond to institutional, philanthropic, academic, cultural, community or press inquiries.
  • To manage contact forms, meeting requests and requests for institutional dossiers.
  • To evaluate potential partnerships, collaborations, research proposals or territorial conversations.
  • To send institutional updates when the user has subscribed or requested information.
  • To manage legal, privacy, governance or transparency requests.
  • To improve website functionality, security, accessibility and performance.
  • To comply with applicable legal, fiscal, reporting or institutional obligations.

Exodus & Resilience does not sell personal data and does not use personal data for unrelated commercial advertising.

Legal bases

Legal grounds for processing

Depending on the context and the user’s jurisdiction, personal data may be processed on one or more of the following grounds:

  • Consent. When users submit a form, subscribe to updates or authorize specific communications.
  • Legitimate interest. To respond to institutional inquiries, maintain records of conversations, secure the website and manage organizational relationships.
  • Pre-contractual or institutional steps. When communication may lead to a partnership, grant, donation, research collaboration or service relationship.
  • Legal obligation. When data must be processed or retained to comply with applicable laws, reporting obligations or institutional due diligence.

Where consent is required, users may withdraw it at any time by writing to contact@exodusandresilience.org.

Forms and providers

Forms, newsletter and technical services

Contact forms may be processed through third-party form providers or technical services used to receive, route and store institutional messages. Newsletter subscriptions may also be managed through an external provider if activated.

These providers process data only as needed to deliver the corresponding technical or communication service and according to their own security, privacy and contractual standards.

  • Contact forms. Used to receive messages from foundations, institutions, donors, companies, universities, communities, artists, participants, media and other visitors.
  • Newsletter forms. Used only to send institutional updates when the user has subscribed.
  • Website hosting and security. Used to maintain availability, technical integrity, security and performance.
  • Analytics or measurement tools. Used only when configured and in accordance with the Cookie Policy.

Users should not submit confidential, sensitive or privileged information through a website form unless the recipient has previously confirmed the appropriate channel for that communication.

Cookies

Cookies and similar technologies

This website may use technical cookies or similar technologies necessary for navigation, security, accessibility, form functionality or performance. It may also use analytics cookies if they are configured and accepted where consent is required.

Users can manage or block cookies through their browser settings. Blocking some cookies may affect certain website functions.

Read the Cookie Policy

Sharing

When data may be shared

Personal data may be shared only when necessary, proportionate and connected to the purpose for which it was provided.

  • With technical providers that support forms, hosting, security, email delivery or website operations.
  • With institutional partners when the user’s request specifically concerns a territorial node, partnership or collaboration and sharing is necessary to respond.
  • With fiscal, legal, accounting or compliance advisors when required for due diligence, governance, donations or institutional obligations.
  • With public authorities when required by applicable law.

Exodus & Resilience does not sell personal data and does not share personal data with third parties for unrelated advertising purposes.

International transfers

Cross-border processing

Exodus & Resilience is an international platform with territorial nodes in development in New York, Barcelona, Caracas and Acarigua. Communications, institutional conversations and technical services may involve providers or collaborators located in different jurisdictions.

When personal data is processed or accessed across borders, Exodus & Resilience seeks to apply reasonable safeguards according to the nature of the data, the purpose of processing and the applicable legal framework.

Retention

How long data is kept

Personal data is retained only for as long as necessary to respond to the request, manage the institutional relationship, comply with applicable obligations, protect legitimate interests or document relevant institutional processes.

  • Contact requests. Kept for the time needed to respond and maintain appropriate institutional documentation.
  • Partnership or donor conversations. Kept according to due diligence, reporting, governance or legal needs.
  • Newsletter subscriptions. Kept until the user unsubscribes or requests deletion.
  • Technical records. Kept for security, maintenance and performance purposes for a limited period.

When data is no longer necessary, it will be deleted, anonymized or archived according to the applicable purpose and legal requirements.

Rights

User rights

Depending on their jurisdiction, users may have rights to access, correct, delete, restrict, object to or request portability of their personal data.

Users may also withdraw consent where processing is based on consent, request information about processing, ask to stop receiving institutional updates or submit a privacy-related concern.

To exercise these rights, write to contact@exodusandresilience.org with the subject “Privacy request” and enough information to identify the relevant communication or data.

Exodus & Resilience may request additional information to verify the identity of the requester before acting on a privacy request.

Minors and safeguarding

Protection of minors and vulnerable participants

Exodus & Resilience works with cultural, educational and community contexts where safeguarding, dignity, consent and responsible use of images are essential.

The website is not directed to children as an online service. Any future collection or publication of data, images, testimonies or records involving minors or vulnerable persons must follow safeguarding, consent and responsible documentation standards.

View safeguarding policy (framework page)

Security

Security measures

Exodus & Resilience applies reasonable technical and organizational measures to protect personal data against unauthorized access, misuse, loss, alteration or disclosure.

No website, email system or online form can guarantee absolute security. Users should avoid sending highly sensitive, confidential or privileged information through unsecured channels.

Updates

Changes to this policy

This Privacy Policy may be updated to reflect changes in the platform’s institutional phase, technical services, territorial programs, applicable law, governance structure or data-processing practices.

The current version will remain available on this page with its latest update date.

Last updated: May 2026.

Privacy is part of institutional responsibility.

For questions about this policy, data processing or privacy rights, contact the Exodus & Resilience team.

Contact Legal notice