Website Privacy Policy

How we collect, use, and protect information you share through our website.

Effective Date: September 25, 2025 | Last Updated: March 15, 2026

The Stigma Stand Down (SSD) (“we,” “us,” or “our”), a program led by the Kindbridge Research Institute (KRI), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and interact with our services.

This Privacy Policy applies to information collected through stigmastanddown.com. Information shared here is for educational, screening, and referral purposes and does not establish a provider-patient relationship. Clinical services provided by our partners are governed by separate HIPAA-compliant policies. We observe HIPAA standards for all data transfers to our clinical partners.

SECTION 1

Important Distinction: Website vs. Clinical Services

Information collected through this website is not the same as information collected as part of clinical care.

We do not use website tracking technologies to collect or process PHI.


SECTION 2

Categories of Information We Collect

Information You Provide

Automatically Collected Information

Information from Third Parties

How We Use Information

We do not use website-collected information to make clinical decisions.


SECTION 3

Cookies, Tracking Pixels, and Related Technologies

We use the following categories of tracking technologies on our website. Non-essential tracking technologies are activated only after you provide consent through our cookie consent banner. You may withdraw or modify your consent at any time — see Section 05.

CategoryWhat It DoesData CollectedSpecific TechnologiesBasis
Strictly Necessary CookiesEnable core website functionality — security, session management, consent preference storage, fraud preventionSession tokens, security identifiers, consent stateSession and security cookiesNo consent required
Analytics CookiesUnderstand how visitors use the site — pages visited, time on page, navigation paths. Data is pseudonymized and used in aggregate only. Not used to collect form data or identify individuals by name.Pages visited, time on page, device/browser type, general location, referring URLGoogle Analytics 4 (GA4)Consent Only
Marketing / Advertising CookiesMeasure campaign effectiveness and attribution for Google Ads. No remarketing or cross-site behavioral advertising is conducted.Click events, conversions, IP address, cookie identifiersGoogle Ads_gcl_*, __gadsConsent Only
Tracking Pixels & Web BeaconsSmall, typically invisible image or code snippets that send information back to a third-party platform when a page loads. Currently used for Google Ads conversion tracking only. Because our site covers behavioral health topics, page URLs may indirectly indicate health-related interests — tracking pixels are therefore strictly consent-gated. If pixels from additional platforms (e.g., Meta, LinkedIn) are added in the future, this policy will be updated.Page URL visited, IP address, browser/device information, timestamp, referral sourceGoogle Ads conversion pixelsConsent Only
Embedded Video PlayersDeliver video content — testimonials, educational videos — hosted on third-party platforms. Video players are consent-gated; see Section 06 (VPPA) for full details.Video viewing data, device identifiers, IP addressYouTube (privacy-enhanced mode where possible), VimeoConsent Only
Functional / Preference CookiesRemember settings and preferences across sessions (e.g., language, accessibility options)User-selected preferences, session stateFirst-party preference cookiesConsent Only

What We Do Not Do

Information submitted through forms is transmitted directly to secure systems and is not shared with analytics or advertising platforms.


SECTION 4

Do Not Track (DNT) and Global Privacy Control (GPC) Signals

These are two distinct browser-based privacy signals. We treat them differently because they have different legal standing.

  1. Global Privacy Control (GPC)

GPC is a legally enforceable opt-out signal under several U.S. state privacy laws. When your browser or browser extension transmits a GPC signal, it communicates that you do not consent to the sale or sharing of your personal information for cross-context behavioral advertising.

States that legally require recognition of GPC include: California (CCPA/CPRA), Colorado (CPA), Delaware (DPDPA), and Montana (MCDPA).

[✓ Stigma Stand Down honors GPC Signal]

  1. Do Not Track (DNT)

Do Not Track is an older, voluntary browser signal with no consistent legal enforcement framework in the United States. There is no uniform standard for how DNT signals should be interpreted or implemented, and no U.S. state currently mandates that websites honor it.

Our website does not currently make specific legal commitments to honor DNT signals due to the absence of a uniform standard.

[⚠ No legal obligation — not currently honored]

How GPC works on our site:

✓ State Compliance — No Additional Steps Required

Residents of California, Colorado, Delaware, and Montana who use a GPC-enabled browser do not need to take any additional steps to exercise their opt-out right under applicable state law. The GPC signal is automatically detected and honored. You may also use the consent panel (Section 05) to manage preferences manually.


SECTION 5

Managing Your Preferences: Consent, Modification & Withdrawal

When you first visit our website, a consent banner allows you to accept or decline each category of non-essential tracking technology. You may change or withdraw your consent at any time — consenting once does not prevent you from withdrawing later.

How to manage, modify, or withdraw your consent:

What Happens When You Withdraw Consent

Withdrawing consent stops future non-essential tracking from the point of withdrawal forward. It does not automatically delete data that was already collected before you withdrew. To request deletion of previously collected tracking data, submit a deletion request as described in Section 08 (Your Rights). Withdrawing consent does not affect the lawfulness of any data processing that occurred prior to withdrawal, and it does not affect your access to our website or services.


SECTION 6

Video Content & the Video Privacy Protection Act (VPPA)

Our website may host or embed video content — including client testimonials and educational videos — served through third-party platforms such as YouTube or Vimeo.

The Video Privacy Protection Act (VPPA), 18 U.S.C. § 2710, restricts the disclosure of personally identifiable information in connection with video content viewed by a consumer. Where tracking pixels or third-party scripts associated with embedded video players could transmit video viewing data alongside identifying information (such as a cookie identifier, email address, or IP address) to third parties, Stigma Stand Down takes the following steps:

⚠ Third-Party Video Platforms

Stigma Stand Down cannot fully control data collection by third-party video platforms once a player is loaded by you. For maximum privacy when viewing video content, we recommend using a GPC-enabled browser or declining non-essential cookies in the consent panel before playing videos.


SECTION 7

How We Share Information

We do not sell personal information. We may share information with service providers such as analytics providers, cloud hosting providers, and communications platforms, under appropriate safeguards and data processing agreements.

We may also disclose information to comply with legal obligations or to protect our rights, safety, or property, or that of others.

Data Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction.

However, no method of transmission over the internet is completely secure. 

While we strive to protect your information, we cannot guarantee absolute security.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce agreements. When information is no longer needed, it is securely deleted or de-identified.


SECTION 8

Your Privacy Rights

Depending on your state of residence, you may have one or more of the following rights regarding data collected about you through our website. These rights apply to website and tracking data. Rights related to your clinical health records are governed by our HIPAA Notice of Privacy Practices.

How to submit a request: Contact us at <compliance@stigmastanddown.com> with the subject line “Privacy Request — [Right You Are Exercising].” We will verify your identity before processing your request and respond within 45 days, with a possible 45-day extension where permitted by applicable law.

Children’s Privacy

Our website is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child, please contact us immediately at <compliance@stigmastanddown.com>.

International Users

If you access our website from outside the United States, your information may be transferred to and processed in the United States. By using our website, you consent to the transfer of your information to the United States, where data protection laws may differ from those in your country.


SECTION 9

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will post the updated policy with a revised effective date.


Questions about this Website Privacy Policy? We’re here to help.

<compliance@stigmastanddown.com>