Privacy Policy

Privacy Policy

How We Handle Your Personal Information

boardofnursings.org/ takes data protection seriously. This page sets out what we collect, why, and the rights you have under the California CCPA/CPRA, the Texas TDPSA, the Virginia VCDPA, and other applicable U.S. state privacy laws.

Effective date: January 1, 2026
Last reviewed: April 2026
Applies to: boardofnursings.org/

What’s on this page

  1. Who we are
  2. Information we collect
  3. License records carve-out
  4. No HIPAA scope
  5. How we collect it
  6. Why we collect it
  7. Who we share with
  8. “Sale” and “sharing”
  9. Cookies and analytics
  10. Retention
  11. California rights
  12. Texas rights
  13. Other state rights
  14. How to exercise rights
  15. Children
  16. Security
  17. International visitors
  18. Changes to this policy

1. Who We Are

boardofnursings.org/ is an independent editorial reference site that publishes guides to U.S. state Board of Nursing licensure, renewal, and discipline procedures. We are the business and the controller for the personal information described on this page.

For any privacy-related question, contact us at info@boardofnursings.org with the subject line “Privacy request” and we will respond within the time limits set out below.

2. The Personal Information We Collect

CategoryExamplesSource
IdentifiersEmail address, name (if provided), IP addressYou ยท Your browser, automatically
Contact contentThe content of messages you send usYou โ€” when you email us or use a contact form
Internet/network activityPages visited, time on page, search terms used on the site, click paths, referring URLCookies and analytics, when you consent
Device and technical dataBrowser, device type, OS, approximate location from IPYour browser, automatically
InferencesAggregate inferences about which states a visitor reads aboutDerived from analytics, where consented
Advertising identifiersIdentifiers used to limit ad frequency and measure ad performanceThird-party advertising networks, when you consent

We do not collect Sensitive Personal Information as defined under CCPA/CPRA โ€” no Social Security numbers, government identification numbers, financial accounts, precise geolocation, racial or ethnic origin, religious beliefs, union membership, contents of mail/email/text, genetic data, biometric data, sex-life or sexual-orientation data, or specific health information about you. We do not ask for it and you should not send it through our contact channel.

3. Nursing License Records Are Public Records โ€” Not Personal Information We Collect

Important distinction

The information returned by state Board of Nursing license verification portals โ€” name, license number, expiration, status, license type, public discipline records โ€” is state public record by statute in nearly every U.S. state. It is not personal information that we collect or hold; it is information you obtain directly from the state board’s portal when you click through. Concerns about the publication of license-record data should be raised with the relevant state Board of Nursing or with NCSBN’s Nursys system.

4. HIPAA Does Not Apply to This Site

boardofnursings.org/ is not a covered entity or business associate under the federal Health Insurance Portability and Accountability Act (HIPAA). HIPAA governs how healthcare providers, health plans, and clearinghouses handle Protected Health Information (PHI) โ€” it doesn't apply to information published about a nurse's license status, which is professional licensing data, not patient health data. Please don't send patient information, your own clinical health information, or any PHI through our contact channel โ€” we have no need for it and won't use it.

5. How We Collect Personal Information

  • Directly from you โ€” when you email us, complete a contact form, or set cookie preferences.
  • Automatically โ€” when you visit the site, your browser sends standard technical information so the page can load.
  • From third-party services we use โ€” analytics and advertising providers, but only after you have given consent through our cookie banner.

6. Business Purposes for Collection and Use

  • Providing the website and its content
  • Responding to questions, corrections, and feedback
  • Securing the site and protecting against abuse, fraud, and unauthorized access
  • Auditing interactions and measuring site performance (analytics, where consented)
  • Supporting display advertising that funds the site (where consented)
  • Complying with legal obligations and responding to lawful requests

We do not use personal information for automated decision-making with legal or similarly significant effects, and do not engage in profiling within the meaning of state privacy laws.

7. Who We Share Personal Information With

Recipient categoryPurpose
Hosting and infrastructure providersServes the website; processes IP addresses and request logs
Email providerReceives and stores messages sent to info@boardofnursings.org
Analytics provider (Google Analytics 4 or equivalent)Aggregated usage measurement โ€” only when consented
Advertising network (Google AdSense or equivalent)Display advertising and frequency capping โ€” only when consented
Content delivery network / security providerSite security, bot mitigation, performance
AuthoritiesOnly where required by law, valid court order, or formal regulator request

8. “Sale” and “Sharing” of Personal Information

We do not sell personal information for money. However, under CCPA/CPRA the term “sale” is broad, and use of certain advertising cookies may meet the CCPA/CPRA definition of “sharing for cross-context behavioral advertising.” Where that applies, you have the right to opt out โ€” see Section 11 for the California-specific procedure and Section 9 for the cookie controls.

The site honors the Global Privacy Control (GPC) signal as a valid opt-out of “sale” and “sharing” under CCPA/CPRA, the Colorado Privacy Act, and the Connecticut Data Privacy Act.

9. Cookies, Analytics, and Advertising

For full detail โ€” including the cookies used, third-party services, and how to manage them โ€” see our Cookie Policy. Key controls: the cookie banner, the “Cookie settings” link in the footer, browser-level controls, and industry opt-outs (NAI, DAA).

10. How Long We Keep Personal Information

CategoryRetention
Email correspondence and contact-form messagesUp to 24 months from last contact, then deleted unless an active matter requires longer retention
Server access logs (IP addresses, request data)Up to 90 days, then aggregated or deleted
Analytics dataAggregated; identifiable data retained no longer than 14 months
Cookie consent records12 months from when you set your preference
BackupsRotating backups deleted on a 30โ€“90 day cycle

11. California Rights (CCPA / CPRA)

Right to know

Categories and specific pieces of personal information we have collected, sources, business purposes, and recipients.

Right to delete

To request deletion of personal information we hold, subject to legal exceptions.

Right to correct

To request correction of inaccurate personal information.

Right to opt out of sale/sharing

To opt out of any “sale” or cross-context behavioral advertising “sharing.” We honor the Global Privacy Control signal.

Right to limit use of sensitive PI

We do not collect Sensitive Personal Information, but the right exists in principle.

Right to non-discrimination

You will not be denied service or charged more for exercising these rights.

To exercise these rights, email info@boardofnursings.org with the subject line “California privacy request.” We respond within 45 days as required by CCPA, with one possible 45-day extension. You may also escalate to the California Privacy Protection Agency at cppa.ca.gov or the California Attorney General.

12. Texas Rights (TDPSA)

If you are a Texas resident, the Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024, gives you:

  • Right to confirm and access โ€” to confirm processing and access your personal data
  • Right to correct โ€” to correct inaccuracies
  • Right to delete โ€” to delete personal data
  • Right to data portability โ€” to obtain a copy in a portable, technically feasible format
  • Right to opt out โ€” of (a) targeted advertising, (b) sale of personal data, and (c) profiling that produces legal or similarly significant effects

To exercise your TDPSA rights, email us with subject “Texas privacy request.” We respond within 45 days. After exhausting the appeal you may contact the Texas Attorney General at texasattorneygeneral.gov.

13. Other State Privacy Rights

StateLaw
VirginiaVirginia Consumer Data Protection Act (VCDPA)
ColoradoColorado Privacy Act (CPA) โ€” recognizes Universal Opt-Out Mechanisms
ConnecticutConnecticut Data Privacy Act (CTDPA)
UtahUtah Consumer Privacy Act (UCPA)
OregonOregon Consumer Privacy Act (OCPA)
MontanaMontana Consumer Data Privacy Act (MCDPA)
Florida, Delaware, Iowa, Indiana, Tennessee, New Jersey, New Hampshire, Kentucky, Minnesota, Maryland, Rhode IslandComprehensive state privacy laws (effective dates vary)

To exercise these rights, email us with the subject line “[State] privacy request.” We respond within the period required by the applicable law (typically 45 days, with possible extensions).

14. How to Exercise Your Rights

For all privacy requests, email info@boardofnursings.org. Include enough information for us to identify the data you’re asking about. We may need to verify your identity before responding โ€” most commonly by confirming you control the email address that submitted the request.

Authorized agents

Under CCPA and similar state laws, you may use an authorized agent to submit requests on your behalf. We may require written authorization and verification of the agent’s identity before processing.

15. Children

This site is not directed at children under 13 and we do not knowingly collect personal information from children under 13. We comply with the federal Children’s Online Privacy Protection Act (COPPA). If we learn we have collected personal information from a child under 13 without verifiable parental consent, we will delete it promptly.

16. Security

We apply technical and organizational measures appropriate to the risk: encryption of data in transit (HTTPS across the site), access controls on administrative tools, regular software updates, secure authentication for our editorial team, and contractual security commitments from vendors. If we become aware of a breach involving your personal information, we will notify you and applicable authorities consistent with state breach-notification laws including those of Texas (Tex. Bus. & Com. Code ยง521.053), California (Cal. Civ. Code ยง1798.82), and similar laws in other states.

17. International Visitors (GDPR / UK GDPR)

The site is operated for a U.S. audience but is accessible globally. EU and UK visitors have rights under the EU GDPR and UK GDPR โ€” access, rectification, erasure, restriction, portability, and objection. UK residents may complain to the Information Commissioner’s Office at ico.org.uk.

18. Changes to This Policy

We update this policy when our practices change or when state privacy laws change. The “Last reviewed” date at the top reflects the current version. Substantive changes will be flagged on the homepage banner for at least 30 days. This policy is read alongside our Cookie Policy, Terms of Service, and Disclaimer.

Questions About Your Personal Information?

Email us. We respond to general privacy questions within seven business days, and to formal state-law requests within the deadline set by the applicable law.

๐Ÿ“ง info@boardofnursings.org