Privacy Policy

Last Updated: December 27, 2025 Effective Date: December 18, 2025

We do not collect personal information, set cookies, or sell data. We host our code openly, use privacy-friendly analytics (aggregate only), and link to external programs without compensation. Our mobile apps include optional crash reporting that you can turn off in Settings.

Bay Navigator is operated by Bay Tides, a 501(c)(3) nonprofit organization (EIN: 93-3889081) committed to helping Bay Area residents access discount programs and community resources. We take your privacy seriously and have designed this website with privacy-by-design principles.

Quick Navigation

  1. About Bay Tides
  2. Our Privacy Commitment
  3. Information We Do NOT Collect
  4. How the Website Works
  5. Mobile App Crash Reporting
  6. Accessibility Features
  7. Plausible Analytics
  8. Cloudflare CDN and Security
  9. Cookies and Tracking
  10. External Links and Third Parties
  11. Children’s Privacy
  12. Data Retention
  13. Your Rights
  14. Contact Us

About Bay Tides

Bay Tides is a qualified tax-exempt nonprofit organization under Section 501(c)(3) of the Internal Revenue Code.

Our Mission: Bay Tides empowers communities to protect and preserve the beauty of the San Francisco Bay through education, advocacy, and hands-on action.

Bay Navigator is one of Bay Tides’ community education initiatives, providing accessible information about discount programs and resources to Bay Area residents.

Organization Details: Bay Tides is a 501(c)(3) Nonprofit Organization located at 274 Redwood Shores Pkwy #619, Redwood City, CA 94065. For privacy-related inquiries, please contact us at privacy [at] baytides [dot] org.

Our Privacy Commitment

We do not collect, store, process, share, or sell any Personally Identifiable Information (PII).

This website is designed with privacy-by-design principles and data minimization as core values. We have intentionally architected this service to operate without collecting personal information. This means we do not collect names, email addresses, phone numbers, physical addresses, Social Security numbers, or any other personally identifiable information. We do not require usernames, passwords, or user profiles. We do not track your browsing patterns, page visits, time on site, or click behavior. We do not display ads, work with ad networks, or engage in behavioral advertising. Since we have no user data, we have nothing to sell to third parties. We do not track you across websites, through our mobile apps, or build user profiles.

Information We Do NOT Collect

To be absolutely clear about our privacy practices, we explicitly state what information we do NOT collect from visitors to this website.

Personal Identifiers

We do not collect any personal identifiers. This includes but is not limited to: full names or partial names, email addresses, postal addresses or zip codes, phone numbers, Social Security numbers, driver’s license numbers, passport numbers, dates of birth, or any government-issued ID numbers. We have no registration system, no contact forms that collect this information, and no backend database where such information could be stored.

Online Identifiers

We do not log or collect online identifiers. Our systems do not log IP addresses, create device fingerprints, collect MAC addresses, generate browser fingerprints, track unique device identifiers, or use cookie identifiers (as we don’t use cookies at all). While GitHub Pages (our hosting provider) may collect IP addresses for security purposes, we do not have access to these logs and do not request or receive this information.

Behavioral Data

We do not track or collect any behavioral data. We do not maintain browsing history, search history, page view statistics, time-on-page metrics, click patterns, mouse movements, or program selections. Any program favorites you save are stored exclusively in your browser’s local storage on your device and are never transmitted to our servers or seen by us.

Demographic Information

We do not collect demographic information of any kind. We do not ask for or infer your age or age range, gender or gender identity, race or ethnicity, income level, employment status, education level, marital status, or household size. We believe access to community resources should be available to everyone without requiring disclosure of demographic information.

Protected Categories

We do not collect information in protected categories. This includes health information, financial information, biometric data, sexual orientation, religious beliefs, or political affiliations. As a nonprofit focused on providing a public service we have no need for or interest in collecting sensitive personal information.

How the Website Works

Client-Side Local Storage Only

This website uses your browser’s local storage exclusively for functionality. Local storage is a technology built into web browsers that allows websites to store small amounts of data on your device. Unlike cookies or server-side storage, local storage data stays only on your device, is never transmitted to our servers, is never seen by us or any third party, can be cleared by you at any time through your browser settings, and is not shared across devices.

What is stored locally: The website stores three types of preferences in local storage. First, your theme preference (Light/Dark/Auto mode), which is simply a CSS preference string. Second, your text spacing preference if you enable enhanced spacing, which is a boolean true/false value. Third, any programs you bookmark or save as favorites, which stores only the program ID numbers, not any information about you or your eligibility.

How to clear this data: You have complete control over this locally stored data. In Chrome or Edge, go to Settings → Privacy → Clear browsing data → Cookies and site data. In Firefox, go to Settings → Privacy & Security → Cookies and Site Data → Clear Data. In Safari, go to Settings → Privacy → Manage Website Data → Remove All. You can also clear all local data by clearing your browser cache entirely.

Legal Note: Local storage data stored on your device is under your exclusive control and is not subject to our data practices or this privacy policy beyond the initial storage mechanism. We cannot access, view, modify, or delete this data. Only you, through your browser, have control over this information.

Browser Display Note: Some browsers (such as Chrome) may display local storage under “Cookies” or “Site Data” in their settings interface. This is a browser UI grouping, not an indication that we use cookies. Local storage is technically distinct from HTTP cookies: it is never sent to our servers with requests, cannot be read by us, and does not track you across websites. When this policy states we use “no cookies,” we mean no HTTP cookies are set or transmitted.

No Accounts or Email Subscriptions

We do not offer user accounts, sign-in features, or email subscription services. All preferences (including the guided “Update Filters” step flow) are stored locally in your browser. We never collect, store, or process email addresses for notifications.

Mobile App Crash Reporting

Overview

The Bay Navigator mobile apps for iOS and Android include optional crash reporting to help us identify and fix bugs. This feature uses Sentry, a third-party error tracking service, to collect anonymous technical diagnostics when the app crashes or encounters an error.

Your Control: Opt-Out Available

You can disable crash reporting at any time by toggling the “Crash Reporting” switch in the app’s Settings tab under the Legal & Privacy section. When disabled, no crash data is sent to Sentry. The setting takes full effect after restarting the app.

By default, crash reporting is enabled to help us improve app stability, but we respect your choice to opt out.

What Is Collected (When Enabled)

When crash reporting is enabled and the app experiences an error, the following anonymous technical information is collected:

  • Error messages and stack traces (technical details about what went wrong)
  • App version and build number
  • Device type and operating system version
  • Available memory and storage at the time of the crash
  • App state and navigation path leading to the error

What Is NOT Collected

Crash reports never include:

  • Your name, email address, or any personal identifiers
  • Your IP address (automatically stripped before transmission)
  • Device identifiers (automatically stripped before transmission)
  • Your saved programs or favorites
  • Your search history or browsing activity within the app
  • Any content you view in the app

Privacy Protections

Our Sentry configuration includes multiple privacy safeguards:

  • PII Stripping: IP addresses, device identifiers, and any potential personal information are automatically removed before crash reports are sent
  • No Performance Tracking: We do not track app performance metrics, only actual errors and crashes
  • No Session Tracking: We do not track individual user sessions
  • Development Disabled: Crash reporting is completely disabled in development builds

Data Retention

Crash reports are retained for 90 days to allow us to identify and fix recurring issues, then automatically deleted from Sentry’s servers.

Why We Use Crash Reporting

Crash reporting helps us identify bugs that affect app stability. Without this information, we would have no way to know when users experience problems or how to fix them. We chose Sentry specifically because it allows us to strip personally identifiable information before reports are sent, ensuring crash reports remain anonymous and focused solely on technical diagnostics.

Sentry Privacy Policy

Sentry is operated by Functional Software, Inc. For more information about how Sentry handles data, see their privacy policy at: https://sentry.io/privacy/

Accessibility Features

All accessibility features on this website operate entirely client-side in your browser, meaning no server communication occurs when you use these features.

Text spacing adjustments are applied via CSS (Cascading Style Sheets) directly on your device. When you enable enhanced text spacing, your browser applies CSS rules to increase letter spacing, word spacing, and line height. This happens instantly in your browser without any data being sent to our servers.

Theme switching (Light/Dark/Auto modes) is managed by JavaScript running in your browser and preferences stored in local storage. When you select a theme, JavaScript applies CSS classes to change colors. Your preference is saved in local storage so it persists across visits. No theme preference data is transmitted to our servers.

Saved programs or favorites are stored in your browser or device’s local storage only. When you click the “favorite” or “save” button on a program, JavaScript stores only the program ID number in your local storage. We never see which programs you’ve favorited or track this information in any way.

Print functionality uses your browser’s native print dialog. When you click “Print,” your browser opens its built-in print interface. We don’t track print actions or see which pages you print.

Keyboard navigation is handled by browser HTML semantics. The website uses proper HTML elements (buttons, links, headings) so your browser’s built-in keyboard navigation works correctly. Tab key navigation, Enter key activation, and screen reader announcements all function through standard browser capabilities without any tracking.

Our services contain links to external resources including government benefit program websites (such as the California Department of Social Services for CalFresh), utility company websites (such as Pacific Gas & Electric for the CARE program), community organization websites, and application portals for discount programs or services.

Important Notice: When you click an external link, you leave baynavigator.org and are directed to a third-party website. At that point, you become subject to the privacy policy of the destination website, not ours. We are not responsible for the privacy practices of external sites. We do not control or endorse the content of external websites. Different organizations have different privacy policies, and some may collect personal information, use cookies, or track visitors. We strongly recommend reviewing the privacy policy of any external site you visit before providing any personal information.

The inclusion of a link to an external website does not imply our endorsement of that website, its operator, or its privacy practices. We provide these links as a public service to help you find information about discount programs, but we cannot and do not guarantee the privacy practices of external organizations.

No Cookies Policy

This website does not use cookies.

What Are Cookies?

Cookies are small text files stored on your device by websites. Traditional cookies are used to track users across sessions and websites, maintain login sessions, store user preferences, and enable advertising tracking and behavioral profiling. Many commercial websites use dozens or even hundreds of cookies from various third parties, creating extensive tracking profiles of users’ online behavior.

Why We Don’t Use Cookies

Many websites use hundreds of tracking cookies. Bay Navigator does not use cookies for several important reasons. First, cookies can track users across sessions and websites, creating privacy concerns. Second, cookies are unnecessary for our purposes as our services utilize your browser or device’s local storage for essential functionality. Third, people seeking assistance deserve privacy without tracking, and cookies can undermine that privacy. Fourth, not using cookies means no cookie consent requirements, simplifying the user experience and eliminating complex consent management systems. Fifth, fewer HTTP requests from cookie exchanges improve page load times and performance.

Third-Party Cookies

We also do NOT allow any third-party cookies on this website. This means we do not permit cookies from advertising networks (such as Google or Facebook), third-party analytics services (such as Google Analytics), social media platforms (such as Facebook pixel trackers or Twitter/X widgets), or tag managers (such as Google Tag Manager). Our zero-cookie policy means you can use this website without any tracking cookies being placed on your device.

Children’s Privacy (COPPA Compliance)

This website is compliant with the Children’s Online Privacy Protection Act (COPPA), a federal law protecting the privacy of children under 13 years of age.

Our Policy

We do not knowingly collect personal information from children under 13. Moreover, we do not knowingly collect personal information from anyone, including adults, as our entire privacy architecture is built on non-collection. No registration or account creation is possible, so children cannot inadvertently create accounts. Children can safely use this website without parental consent because no personal information is collected. Parents can verify our no-collection policy by reviewing our open-source code on GitHub, where every line of code is publicly auditable.

For Parents and Guardians

Our services are designed to help families find assistance programs. Parents and guardians can use our products with confidence knowing that no information about children is collected or stored. No tracking or profiling of children occurs. No targeted advertising to children is displayed (we don’t display any advertising at all). Educational content is freely accessible without registration or data collection. We believe families should be able to research assistance programs privately without surveillance of their children or themselves.

Data Security

While we don’t collect personal information, we still implement security best practices to protect the integrity and availability of the website.

Technical Security Measures

We implement multiple layers of security. All traffic uses HTTPS encryption with TLS 1.3, the latest transport layer security protocol, ensuring all connections between your browser and our website are encrypted. Our static site architecture means there are no server-side databases to breach. There are no SQL injection vulnerabilities because there’s no database. There are no account-based attacks because we have no user accounts and thus no passwords to compromise. We use minimal JavaScript to reduce the attack surface and minimize XSS (cross-site scripting) risk. We implement Content Security Policy headers that restrict unauthorized script execution. We use Subresource Integrity (SRI) to verify the integrity of third-party resources. We benefit from GitHub Pages’ security infrastructure, which includes DDoS protection, automatic security patches, and enterprise-grade hosting security.

What This Means

Our security architecture provides multiple protections. No user database can be hacked because none exists. No passwords can be stolen because we have no accounts. No personal information can be breached because we don’t collect it. Our static site architecture eliminates many common web vulnerabilities like SQL injection, session hijacking, and authentication bypass attacks.

Your Privacy Rights

California Residents (CCPA/CPRA)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information.

Rights You Have Under California Law: California residents have the right to know what personal information is collected about them and the categories and specific pieces of personal information we have collected. They have the right to delete and request deletion of personal information we have collected. They have the right to opt-out of the sale or sharing of personal information. They have the right to correct inaccurate personal information in our records. They have the right to limit the use and disclosure of sensitive personal information. They have the right to non-discrimination, meaning we cannot discriminate against you for exercising your privacy rights.

Our Position: Since Bay Navigator does not collect, store, or process any personal information, these rights are not applicable in the traditional sense because there is no personal information to access, delete, correct, or port. However, we respect the spirit and intent of these laws. If you wish to verify that we hold no personal information about you, you may contact privacy [at] baytides [dot] org and we will provide written confirmation that we maintain no personal information database and have no records associated with you.

Verification Process: Because we have no personal information, there is nothing to verify in the traditional sense. However, we encourage Californians to examine our open-source code, inspect browser network traffic using browser developer tools, or conduct independent security audits to verify our claims.

Other State Privacy Laws

We comply with privacy laws in all US states, including the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA), and Nevada Privacy Law (SB 220). Since we collect no personal information, most provisions of these laws are not applicable. However, we voluntarily exceed the requirements of these laws by implementing privacy-by-design principles that go beyond legal minimums.

International Visitors (GDPR)

For visitors from the European Economic Area (EEA), United Kingdom, or Switzerland, we respect GDPR principles even though we are primarily focused on California residents.

GDPR Compliance: While Bay Tides is a US-based nonprofit and this website is primarily intended for California residents, we respect GDPR principles. We implement data minimization by collecting no personal data. We observe purpose limitation with no personal data to use for any purpose. We practice storage limitation with no personal data to store. We honor the right to erasure with no personal data to erase. We support data portability, though there is no personal data to port. Regarding lawful basis, the concept is not applicable as no personal data processing occurs.

For EU residents visiting our website, no personal data processing occurs. For mobile app users, crash reports (if enabled) may be processed through Sentry’s servers. You can disable crash reporting in the app’s Settings if you prefer to avoid any potential cross-border data processing.

Nonprofit Status and Privacy Exemptions

501(c)(3) Nonprofit Organization

Bay Tides is a qualified 501(c)(3) tax-exempt nonprofit organization under Section 501(c)(3) of the Internal Revenue Code. As a nonprofit organization, Bay Tides operates differently from commercial entities in several important ways. We are not a commercial entity and do not operate with a profit motive. We do not sell products or services, or engage in commercial advertising. Our mission is purely charitable and educational, focused on protecting the San Francisco Bay’s environment.

Privacy Law Exemptions

While certain privacy laws provide exemptions for nonprofits, Bay Tides voluntarily exceeds all privacy requirements as a matter of organizational principle. We do not collect personal information, which exceeds CCPA/CPRA requirements. We do not use cookies, exceeding the ePrivacy Directive (EU Cookie Law). We do not track users, exceeding FTC privacy guidelines. We provide transparency through open-source code, allowing public verification of our practices.

Important: Even though we may qualify for certain nonprofit exemptions under various laws, we choose to operate under the strictest privacy standards as a matter of principle and community trust. We believe nonprofits should be held to the highest privacy standards, not the lowest legal requirements.

Third-Party Services

This website uses minimal third-party services, and we are transparent about each one.

1. GitHub Pages (Website Hosting)

Service: Static website hosting Provider: GitHub, Inc. (a Microsoft subsidiary) Data Collected by GitHub: GitHub may collect IP addresses for security and abuse prevention purposes, visitor browser information for security purposes, and requested page URLs for service delivery.

Privacy Policy: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement

Note: We do not have access to GitHub’s server logs and do not request or receive this information. GitHub’s data collection is beyond our control as it is inherent to web hosting services. We chose GitHub Pages specifically because it is a reputable provider with strong privacy practices and does not inject tracking scripts or advertising.

2. Sentry (Mobile App Crash Reporting)

Service: Crash and error reporting for mobile applications Provider: Functional Software, Inc. (Sentry) Applies To: Bay Navigator mobile apps for iOS and Android only (not the website)

For complete details about what data is collected, how it’s protected, and how to opt out, see the Mobile App Crash Reporting section above.

Privacy Policy: https://sentry.io/privacy/

Plausible Analytics

Hosting: Self-hosted Plausible Analytics on infrastructure we control Status: Currently ENABLED

We use a self-hosted version of Plausible Analytics to understand basic usage patterns and improve our website. Unlike many analytics services, Plausible collects only essential, aggregated metrics with strict privacy protections.

What We Measure

We measure only the following aggregate metrics that do NOT identify individuals:

  • Source/UTMs: Campaign source tracking to understand how visitors find us (e.g., from search, social media, direct links)
  • Unique and Total Site Visitor Counts: How many people visit the website and how many visits occur
  • Country of Origin: The country from which visitors access the site (determined at the country level only, not city or region)
  • Browser Type: Which web browser visitors use (e.g., Chrome, Firefox, Safari)
  • Operating System: Which OS visitors use (e.g., Windows, macOS, iOS, Android)

What We DO NOT Collect

We explicitly do NOT collect:

  • IP Addresses: No IP addresses are collected, logged, or stored
  • Personally Identifiable Information (PII): No names, email addresses, phone numbers, or any other personal identifiers
  • Session Identifiers: No session tokens, cookies, or user tracking IDs
  • Device Fingerprints: No unique device identifiers or fingerprinting data
  • Behavioral Details: No page-by-page tracking, click tracking, search queries, or time-on-page metrics
  • Referral Data: No tracking of which specific links you clicked or where you go after leaving our site
  • Geographic Detail: No city-level or more precise location tracking (country only)

Technical Privacy Measures

The self-hosted Plausible instance includes privacy-by-default technical measures:

  • No Cookies: Plausible does not set or use cookies of any kind
  • No Cross-Site Tracking: Data is not tracked across multiple websites
  • No User Profiles: No individual user profiles or histories are maintained
  • Raw Data Retention: We retain only the aggregated statistics necessary for website improvement, not individual visitor records
  • HTTPS Encryption: All data transmission is encrypted

Data Retention and Deletion

We retain aggregated analytics data for 365 days. After that period, older data is automatically purged. Individual analytics records are not retained; only aggregate statistics are stored. Since individual visitor data is never collected, there is nothing to delete on a per-person basis.

Your Analytics Privacy

Because we collect only aggregate metrics with no personal identifiers:

  • We cannot identify you as an individual
  • We cannot track your movements across pages (only the aggregate flow of visitors)
  • We cannot tie your visit to any personal information
  • You have no user account or identifier in our system
  • Your privacy is protected by design, not by consent or opt-out mechanisms

Cloudflare CDN and Security

Content Delivery and Security

Cloudflare CDN: This website uses Cloudflare Content Delivery Network (CDN) for website security and performance optimization.

Cloudflare’s Role: Cloudflare acts as a reverse proxy between visitors and our servers, which means:

  • All requests to our website are routed through Cloudflare’s network
  • Cloudflare provides DDoS protection to prevent malicious attacks
  • Cloudflare provides SSL/TLS encryption for all traffic
  • Cloudflare caches static content for faster page loads
  • Cloudflare filters malicious traffic before it reaches our servers

Cloudflare and Your Data: Cloudflare may collect certain technical data as part of its security and CDN operations, which may include:

  • Request metadata (not personal data, but technical request information)
  • HTTP headers sent with requests
  • Aggregate statistics about traffic

Cloudflare’s data practices are governed by their Privacy Policy available at https://www.cloudflare.com/privacy/. We do not control Cloudflare’s data collection and retention practices. However, we specifically chose Cloudflare because:

  • They have a strong reputation for privacy and security
  • They do not use collected data for behavioral advertising or profiling
  • They provide services specifically designed for privacy-conscious organizations
  • They comply with GDPR, CCPA, and other major privacy regulations

Note: Cloudflare’s collection of technical request data is minimal and does not target or identify individuals. This is inherent to web security services and is beyond our direct control, but is industry-standard practice for protecting websites from attacks.

Data Retention

Our Data Retention Policy

Simple Answer: We retain zero personal information because we collect zero personal information.

Detailed Policy: Our data retention practices are straightforward because we don’t collect personal data to retain. Local storage is controlled by you and persists until you clear your browser data. Translation requests are processed in real-time and are not logged or retained by our systems. We do not maintain server logs (though GitHub Pages may log for security purposes beyond our control). Analytics is not currently enabled, but if enabled in the future, would only store aggregated statistics with no personal data.

Retention Periods by Data Type: Personal Information is not applicable (not collected). IP Addresses are not applicable (not logged by our systems, though GitHub Pages may log them). Cookies are not applicable (not used). Local Storage has indefinite retention but is user-controlled, meaning you determine how long this data persists by choosing when to clear your browser storage.

Legal Compliance: Our zero-data-retention approach exceeds the requirements of most data retention laws. Because we don’t collect personal information, we don’t need to establish retention schedules, implement data deletion procedures, or maintain records of processing activities that would otherwise be required under laws like GDPR.

Changes to This Policy

How We Update This Policy

We may update this privacy policy periodically to reflect changes in website features or functionality, changes in applicable laws or regulations, changes in privacy best practices, or changes in third-party services we use.

Notification of Changes

Material Changes: If we make material changes to this privacy policy (such as beginning to collect personal information, which would represent a fundamental change in our privacy architecture), we will update the “Last Updated” date at the top of this page, provide prominent notice on the website homepage for at least 30 days, and maintain prior versions in our GitHub repository for comparison. Material changes will not take effect until at least 30 days after notice is provided.

Non-Material Changes: For minor updates (such as clarifications, formatting changes, or updates to contact information), we will update the “Last Updated” date and document changes in our GitHub commit history. Non-material changes take effect immediately upon posting.

Review Recommendation

We encourage you to review this privacy policy periodically. Your continued use of the website after changes are posted indicates your acceptance of the updated policy. If you do not agree with any changes, you should discontinue use of the website.

Version History

All versions of this privacy policy are available in our public GitHub repository (github.com/baytides/baynavigator) for transparency and accountability. You can view the complete history of changes, including what was changed and when, by reviewing the Git commit history for this file.

Cookies and Tracking

Do Not Track (DNT) Signals

Many web browsers offer a “Do Not Track” (DNT) signal that requests websites not track users’ online activity.

Our Position: Since we do not track users under any circumstances, DNT signals are unnecessary but fully respected. Whether your browser sends a DNT signal or not makes no difference to our practices because we do not track users in any case. We implement a universal “do not track” policy regardless of browser settings.

Global Privacy Control (GPC): Similarly, we respect Global Privacy Control signals, though they are not applicable in the traditional sense since we do not sell or share personal information. GPC is a browser signal indicating that users want to opt out of data sales and sharing. Since we have no data to sell or share, GPC compliance is automatic.

If Bay Tides receives a valid legal request (such as a subpoena, court order, or search warrant) for user information, we have a straightforward response process.

Our Response: We will respond truthfully that we do not collect, store, or have access to personal information about our website visitors. We can provide this privacy policy as evidence of our practices. We can provide access to our open-source code to verify that no data collection occurs. However, there is no user database, no server logs (beyond GitHub Pages’ hosting logs which we don’t control), and no personal information to provide.

Transparency: If legally permitted, we will notify users of legal requests through a public transparency report and publish anonymized information about the nature and number of requests received. We will challenge any legal requests that we believe are overly broad, legally unsupported, or seek information we do not possess.

Government Requests

As of the date of this privacy policy, we have not received any national security letters, FISA orders, or gag orders. If we were to receive such a request, we would challenge any provisions that prevent us from notifying users, within the bounds of the law. We are committed to transparency about government requests to the maximum extent legally possible.

Bay Navigator does not receive any form of compensation, payment, commission, referral fees, donations, or other financial benefit for including or linking to external programs, services, government agencies, nonprofits, or organizations. All external links are provided as a public service to help Bay Area residents access community resources. We operate independently with no financial incentives or conflicts of interest influencing our program listings.

UTM Parameters: To track the effectiveness of our referrals and demonstrate the value of our work to our community, we add standardized tracking parameters (UTM codes) to external links. These parameters show the source, medium, and campaign of referrals (e.g., “utm_source=baynavigator”). These UTM parameters enable us to report on community impact without collecting any personal information about you. The tracking is aggregate and anonymous - we can see that visitors were referred from Bay Navigator, but we cannot identify who those visitors are or track their individual journeys. This data helps us understand which programs are most valuable to the community, but it does not involve personal data collection.

Children’s Privacy

International Data Transfers

Website Hosting: GitHub Pages (United States) Mobile App Crash Reporting: Sentry (United States) User Data: Stored locally on each user’s device (worldwide)

Cross-Border Transfers

Since we collect no personal information on our website, cross-border data transfer regulations (such as GDPR’s Chapter V) are generally not applicable to website visitors. For mobile app users with crash reporting enabled, crash data may be processed through Sentry’s servers in the United States. Sentry complies with applicable data transfer frameworks. Users can disable crash reporting in the app’s Settings if they prefer to avoid any potential international data processing.

Your Rights

Contact Information

If you have questions about this privacy policy or concerns about your privacy while using Bay Navigator, please contact us:

Bay Tides Attn: Privacy Officer 274 Redwood Shores Pkwy #619 Redwood City, CA 94065

Email: privacy [at] baytides [dot] org

Response Time: We strive to respond to privacy inquiries within 30 days (or as required by applicable law).

Exercising Your Rights

To exercise any privacy rights under California or other state laws (though not applicable since we collect no data), contact us using the information above. We may request verification of your identity before responding, though in practice there is no personal information for us to provide, delete, or correct.

Complaints

If you believe your privacy rights have been violated, you may contact us at privacy [at] baytides [dot] org, file a complaint with the California Attorney General’s Office (oag.ca.gov), file a complaint with the Federal Trade Commission (FTC) at ftc.gov, or for EU residents, file a complaint with your local Data Protection Authority.

Why We Built It This Way

Our Philosophy

Bay Navigator was intentionally designed with privacy-by-design principles because we believe in several core values. First, people seeking assistance programs deserve privacy and respect. Looking for help should not mean surrendering your privacy. Second, community trust is earned through actions, not promises. We demonstrate our commitment to privacy through our technical architecture, not just policy statements. Third, data minimization is the ethical choice for nonprofits serving the community. Collecting less data reduces risk and respects dignity. Fourth, the best way to protect data is not to collect it in the first place. This eliminates the risk of data breaches, unauthorized access, or misuse. Fifth, privacy should be accessible to everyone, not just technical users who know how to use ad blockers or VPNs. Finally, as part of Bay Tides’ mission to empower communities through education, we believe people should be able to access educational resources without mass surveillance or tracking.

Technical Choices

We made deliberate technical choices to ensure privacy. We built a static site with no server-side database, which eliminates data breach risk entirely. We use client-side logic with processing happening in the browser, keeping data on users’ devices. We use no analytics because we measure success by community impact, not page views. We are open source, providing transparency through publicly auditable code. We maintain minimal dependencies, recognizing that fewer third parties means less privacy risk.

Transparency and Accountability

Open Source Commitment

Bay Navigator is open source, meaning our entire codebase is publicly available at github.com/baytides/baynavigator. Every line of code can be inspected and audited. There is no hidden code or proprietary tracking. Anyone can verify our privacy claims by reading the source code.

How to Verify Our Claims

You can independently verify our privacy practices through several methods. Review our source code on GitHub to see exactly how the website works. Inspect browser storage using browser developer tools (press F12) to see that only local storage is used, not cookies. Monitor network traffic using browser network tools to verify that no tracking requests are made. Check for cookies in your browser settings to confirm zero cookies are set. Read our documentation, as all features are fully documented in our GitHub repository.

Third-Party Audits

We welcome independent security and privacy audits. If you conduct an audit and find issues, please report them to privacy [at] baytides [dot] org. We are committed to addressing any legitimate privacy concerns promptly. We encourage security researchers, privacy advocates, and concerned citizens to review our code and hold us accountable.

Accessibility and Privacy

Inclusive Privacy

We believe privacy and accessibility are interconnected rights that should be available to everyone. Our accessible privacy controls ensure all privacy features are keyboard-accessible and usable without a mouse, and our products are screen reader compatible, with proper heading structure and ARIA labels. Our accessibility features don’t send analytics or tracking data to our servers. This privacy policy is written in plain language to be understandable to the general public, not just lawyers. The website and this privacy policy are WCAG 2.2 AAA compliant, meeting the highest accessibility standard.

Privacy for All

Privacy is not a luxury - it’s a right for everyone. People with disabilities deserve privacy without compromising accessibility. Low-income individuals deserve privacy when seeking assistance. Children and families deserve privacy when researching programs. We designed our services so that accessibility features work without tracking, ensuring privacy and accessibility are not in conflict.

Additional State-Specific Rights

Nevada Residents

Nevada residents have the right under Nevada law (SB 220) to opt-out of the sale of personal information. Since we do not collect or sell personal information, this right is not applicable. However, we respect Nevada residents’ privacy rights and confirm that no personal information is sold.

Texas Residents

Under Texas law, individuals have specific rights regarding biometric data (such as fingerprints, face scans, or retina scans). We do not collect biometric data of any kind.

Washington Residents

Washington’s My Health My Data Act protects consumer health data. We do not collect health information. This website provides information about assistance programs, but we do not collect information about your health status, medical conditions, or use of health-related programs.

Definitions

For clarity, we define key terms used in this privacy policy.

Personal Information (PI): Information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

Personally Identifiable Information (PII): Information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

Sensitive Personal Information: Personal information that reveals racial or ethnic origin, religious or philosophical beliefs, mental or physical health, sexual orientation, or citizenship or immigration status, or the processing of genetic or biometric data for the purpose of uniquely identifying an individual.

Data Controller: The entity that determines the purposes and means of processing personal data. In the context of this website, Bay Tides would be the data controller if we collected personal data (which we do not).

Data Processor: The entity that processes personal data on behalf of the data controller. Microsoft Azure acts as a data processor for translation services.

Local Storage: A web browser technology that stores data locally on a user’s device. Unlike cookies, local storage data is not transmitted to the server with each HTTP request and is not subject to the same size limitations as cookies.

Policy Scope

What This Policy Covers

This privacy policy applies to the baynavigator.org website, all subdomains of baynavigator.org (if any), mobile-responsive versions of the website (the same website viewed on mobile devices), Progressive Web App (PWA) version if installed on your device, Bay Navigator mobile app for iOS (available on the App Store), and Bay Navigator mobile app for Android (available on Google Play).

What This Policy Does NOT Cover

This privacy policy does not cover external websites linked from baynavigator.org (which have their own privacy policies), third-party services such as GitHub Pages and Microsoft Azure (which have their own privacy policies linked in this document), offline interactions with Bay Tides (such as in-person meetings or phone calls), or other Bay Tides websites or services (if any), which would have their own privacy policies.

Effective Date and Version

Privacy Policy Version: 2.3 Effective Date: December 18, 2025 Last Updated: December 27, 2025 Next Scheduled Review: June 27, 2026

This privacy policy and website are designed to comply with applicable federal and state laws.

Federal Laws

We comply with the Children’s Online Privacy Protection Act (COPPA), protecting children under 13 from data collection. We comply with the Federal Trade Commission Act (FTC Act), ensuring no deceptive privacy practices. We meet the Americans with Disabilities Act (ADA) requirements for accessible digital content. We comply with Rehabilitation Act Section 508 accessibility requirements. The Gramm-Leach-Bliley Act is not applicable as we do not collect financial data. The Health Insurance Portability and Accountability Act (HIPAA) is not applicable as we do not collect health data.

State Laws

We comply with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), providing California residents the strongest privacy protections in the United States. We comply with California Online Privacy Protection Act (CalOPPA), providing a comprehensive privacy policy. We comply with the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA), and Nevada Privacy Law (SB 220).

International Standards

We respect General Data Protection Regulation (GDPR) principles for international visitors. We comply with the ePrivacy Directive (Cookie Law) by not using cookies. We follow ISO/IEC 29100 Privacy Framework principles. We meet WCAG 2.2 Level AAA accessibility standards.

Summary

The Bottom Line

Bay Navigator is a community resource operated by Bay Tides, a 501(c)(3) nonprofit (EIN: 93-3889081), designed to help you find assistance programs while respecting your absolute privacy.

Simple Truth: We collect ZERO personal information. We use ZERO cookies. We do ZERO tracking. We sell ZERO data (we have none to sell).

Your Control: Any preferences you set are stored only on your device. You can clear all data by clearing your browser cache. You can verify our claims by inspecting our open-source code.

Questions? Contact us anytime at privacy [at] baytides [dot] org. We will respond within 30 days and provide honest, transparent answers.

Bay Navigator Operated by Bay Tides (501(c)(3) Nonprofit) Privacy Policy Version 2.3 Effective Date: December 18, 2025

Back to Home