Privacy Policy

Adopted: November 20, 2025

Front Runners New York (“FRNY,” “we,” “us,” “our”) is a nonprofit running club incorporated in New York State. We are committed to protecting the privacy and security of our members’, donors’, and participants’ personal information.

This Privacy Policy explains how we collect, use, share, and protect your information when you join our club, visit our website (frny.org), register for our events, donate, or otherwise interact with us. 

  1. Information We Collect. We collect personal information directly from you, as well as limited information from third-party service providers we use to operate the club.

    1. Membership & Registration Data

      1. Full name, email address, mailing address, phone number

      2. Date of birth (for age-group and eligibility purposes)

      3. Gender identity or pronouns (optional, for race categories and community representation)

      4. Emergency contact name and phone number

      5. Membership status, volunteer activities, and event participation history

    2. Payment Information. When you pay for membership, events, or merchandise, payments are processed securely through our providers (such as Neon CRM, TD Bank, Rho Technologies, or affiliated gateways). FRNY does not store full credit card numbers or bank account information.

    3. Event & Race Data. We record and may publicly share race or event results (e.g., name, age group, gender category, finishing time) as part of our mission to promote community running and fitness.

    4. Communications & Forms. We collect information you provide through forms (such as Jotform or Formstack), surveys, emails, or correspondence with FRNY via Google Workspaces.

    5. Technical & Website Data

      1. Our website may use cookies and analytics tools (for example, Google Analytics) that collect IP addresses, browser type, device information, and usage patterns to improve site performance and security.

      2. You can adjust browser settings to refuse cookies; some site functions may be limited if you do.

    6. Photos & Media. We may take photographs or video at club events for promotional, archival, or historical purposes consistent with FRNY’s nonprofit mission. You may opt out of identifiable images by contacting us.

  2. How We Use Your Information. We use your personal data only for legitimate nonprofit and operational purposes:

    1. To manage membership and renewals

    2. To communicate newsletters, announcements, and event updates

    3. To register and coordinate races, coaching programs, and volunteer activities

    4. To publish event or race results consistent with running-club norms

    5. To maintain internal operations (financial records, budgets, committee reports)

    6. To comply with legal and nonprofit reporting obligations under New York law

    7. To improve club programs, safety, and accessibility

    8. We do not sell personal information or share it for commercial marketing purposes.

  3. How We Share Information

    1. We share limited personal data only with trusted service providers who help us operate securely and effectively.

    2. Each vendor is contractually required to maintain reasonable administrative, technical, and physical safeguards consistent with the New York SHIELD Act and to use data only for authorized purposes.

    3. Our site may link to other third-party pages (for example, race registration or partner events). FRNY is not responsible for those sites’ privacy practices.

  4. Data Security. FRNY maintains reasonable safeguards to protect the security, confidentiality, and integrity of personal information, including:

    1. Administrative safeguards: Access restricted to authorized board members and volunteers on a need-to-know basis; training on data privacy and security; annual reviews of data handling practices.

    2. Technical safeguards: SSL encryption on our website; password-protected accounts; multi-factor authentication on core systems (such as Neon CRM and Google Workspaces).

    3. Physical safeguards: Secure storage for paper records and secure digital deletion when information is no longer needed.

    4. Data Breach Notification: If a security incident involving unauthorized access to your private information occurs, FRNY will take immediate steps to investigate, mitigate harm, and notify affected individuals and the New York Attorney General as required by New York General Business Law § 899-aa.  The following measures outline the Data Breach Notification Procedures. 

    5. Detection and Reporting: Suspected data breaches should be immediately reported to FRNY’s Board or privacy contact who will initiate an investigation to determine the scope and nature of the breach.

      1. Assessment:

        1. Determine whether private information was accessed or acquired without authorization.

        2. Assess the number of affected members and the type of information involved.

      2. Notification Requirements:

        1. Affected Members: Notification must be made in the most expedient time possible and without unreasonable delay, consistent with law enforcement needs and measures to determine the scope of the breach.

        2. New York State Authorities:

          1. Notify the Attorney General, Department of State, and Office of Information Technology Services if more than 500 New York residents are affected.

        3. Consumer Reporting Agencies: If more than 5,000 individuals are affected, notify nationwide consumer reporting agencies.

      3. Notification Methods: Written notice, electronic notice (if consented), or telephone notice.

      4. Content of Notification

        1. Description of the breach

        2. Types of information compromised

        3. Steps taken to protect affected individuals

        4. Contact information for further inquiries

    6. Documentation: Maintain records of the breach, investigation, and notifications for at least five years.

    7. Provide documentation to the Attorney General upon request.

    8. Training and Awareness: Conduct regular training for Board Members on data protection and breach response procedures.

    9. Enforcement: Violations of this policy may result in disciplinary action, up to and including termination of membership if a member and notification of to law enforcement if a non-member.   

  5. Your Rights and Choices

    1. Access and Correction: You may review and update your personal information by logging into your Neon CRM member account or contacting us at privacy@frny.org.

    2. Deletion Requests: You may request that we delete your data, subject to record-keeping requirements under tax and nonprofit law.

    3. Communications Preferences: You may unsubscribe from email newsletters or opt out of non-essential communications at any time.

    4. Cookie Controls: You may refuse cookies through your browser settings, though some website features may not function properly without them.

    5. California Residents: We do not sell personal information as defined by the California Consumer Privacy Act (CCPA).

    6. European Residents: Our programs and website are primarily directed to individuals in the United States. However, to the extent the EU General Data Protection Regulation (GDPR) applies, we process data on the bases of legitimate interest, consent, and contract as appropriate.

    7. Data Retention: We retain personal information only for as long as necessary to fulfill the purposes of this policy and to comply with legal and financial obligations. Financial and membership records are typically retained for up to seven (7) years.

    8. Children’s Privacy: Our membership and events are intended for adults aged 18 and older. We do not knowingly collect personal information from children under 13. If we learn we have inadvertently collected such information, we will delete it promptly.

    9. Right to Nondiscrimination: We will not discriminate against you for exercising any of your privacy rights. You have the right to equal service and treatment regardless of your privacy choices.

  6. International Transfers. All personal information is stored and processed in the United States. By interacting with FRNY, you consent to the transfer of your data to the U.S., which may have different data-protection laws from your jurisdiction.

  7. Changes to This Policy. We may update this policy periodically to reflect changes in law or operations. The date above indicates the most recent revision. Material changes will be announced to members via email or newsletter and posted on our website.

  8. Contact Us. For questions, concerns, or requests regarding this Privacy Policy, please contact:

    1. Email: privacy@frny.org

    2. Mail: Front Runners New York, Inc., P.O. Box 230087, Ansonia Station, New York, NY 10023 - USA.

  9. Review and Updates: This policy will be reviewed annually and updated as necessary to remain compliant with applicable laws and regulations.