Commitment to Privacy and Security
The Association for Sandplay Therapy (AST) holds the privacy and security of its members and customers in the highest regard. AST does not store any credit card or other financial information on this site. All sales transactions are securely processed offsite through trusted third-party payment processors.
We do not share any personal information provided by our members or customers through this website. Any personal data entered on application forms is kept strictly confidential and is never shared with third parties.
Please note that information voluntarily posted to the Members Directory is publicly accessible.
Wild Apricot’s Compliance with EU Data Protection Regulations
Wild Apricot processes EU personal data on behalf of AST in full compliance with the General Data Protection Regulation (GDPR) and applicable Member State laws, according to the following principles:
-
Processing is conducted strictly according to documented instructions provided by AST.
-
Wild Apricot will promptly notify AST if any instruction appears to conflict with GDPR or other data protection laws.
-
Access to EU personal data is limited to authorized personnel who are bound by confidentiality agreements.
-
Appropriate technical and organizational safeguards have been implemented in line with Article 32 of the GDPR to ensure data security.
-
Sub-processors are appointed only in accordance with GDPR requirements.
-
Wild Apricot supports AST in responding to data subject requests to exercise their rights under GDPR.
-
In the event of a personal data breach involving EU personal data, Wild Apricot will notify AST without undue delay.
-
Assistance is provided to AST for GDPR compliance matters related to data security, breach notifications, Data Protection Impact Assessments (DPIAs), and prior consultations.
-
Upon termination of services, Wild Apricot will delete or return all EU personal data to AST, unless retention is required by law.
-
Upon written request, Wild Apricot will provide AST with information demonstrating compliance with GDPR Article 28 and will cooperate with audits or inspections conducted by AST or its appointed auditors.
If you have any questions about our privacy practices or data protection policies, please contact us directly.