Privacy Policy

How we handle your information at MorePathways®.

Last updated: May 20, 2026

This Privacy Policy explains what information BridgeYear collects through MorePathways®, why we collect it, who we share it with, and the choices you have. We have tried to write this in plain language. If anything is unclear, email us at support@morepathways.org.

Who we are

MorePathways® is a website operated by BridgeYear, a Texas 501(c)(3) nonprofit based in Houston, Texas. You can reach us about anything in this policy at support@morepathways.org.

Who this site is for

MorePathways is built for users 16 and older. We do not knowingly collect personal information from anyone under 16, and we do not knowingly collect personal information from children under 13 in compliance with the Children’s Online Privacy Protection Act (COPPA).

If a parent or guardian believes a child under 16 has created an account, please contact support@morepathways.org. We will delete the account and associated data within 30 days of verifying the request.

Parents or guardians of users 16–17 may contact us to review, correct, or delete a minor’s data on their behalf.

What we collect

Information you give us

  • Account information— the contact details you use to sign in (such as a phone number or email address), any name or profile details you provide, and information shared by a third-party identity provider if you choose to sign in through one
  • Activity on your profile— the trainings, careers, or other items you save or interact with
  • Communications— anything you send us when you contact us for help or otherwise reach out

Information collected automatically

When you use the site, we record product events to understand which features work and which don’t. Each event is tied to a random identifier; once you sign in, that identifier is linked to your account ID so we can count you as one person across visits. We capture:

  • Product usage— pages viewed, interactions with buttons and links, authentication events, and other actions you take on the site
  • Device and browser metadata— browser, operating system, screen size, and approximate region
  • Error reports— technical details about failures and uncaught exceptions, so we can fix bugs
  • Cookies and similar technologies needed to keep you signed in and to operate core site features (see “Cookies and tracking” below)

We try not to send personally identifying information to our analytics provider. Once you sign in, events are tied to your account’s internal ID, not to your phone number, email, name, or the contents of any form field.

How we use your information

We use your information to:

  • Provide the service— sign you in, save your trainings and careers, and deliver the features you use
  • Communicate with you— send account-related messages (sign-in codes, magic links), respond to support requests, and notify you about changes to the service or this policy
  • Support you— connect you with BridgeYear staff when you ask for help
  • Improve the service— understand which features work and which don’t, fix bugs, and develop new features
  • Protect the service— detect abuse, prevent fraud, and enforce our terms
  • Comply with law— meet legal, regulatory, audit, or grant-compliance obligations

If we want to use your information for a new purpose that is not compatible with the purposes above, we will tell you and, where required, ask for your consent first.

We do not sell your personal information. We do not use your information for advertising. We do notshare your information with third parties except as described in “Service providers” below.

Cookies and tracking

We do not use third-party advertising trackers, social pixels, or cross-site tracking on this site. We do not currently use session recording.

Cookies and local storage we set:

  • A first-party analytics cookie and a localStorage entry, used to recognize you across pages
  • An authentication session cookie used to keep you signed in
  • A short-lived functional cookie that preserves a save action across sign-in (so the item you tried to save is saved once you finish signing in)

You can clear these at any time in your browser settings, or email us to request deletion of the analytics data tied to your account.

Program data and our internal CRM

Program information(training names, schools, requirements, costs) shown on the site is sourced from BridgeYear’s internal CRM. This is information about training programs, not about you.

Account information you create on MorePathways (phone, email, name, saved items) is stored in our database and synced to that CRM so BridgeYear staff can support you.

Service providers

We work with the following service providers (“subprocessors”) to operate the site. Each receives only the information needed to do its job and is bound by its standard data processing terms.

  • A database and authentication provider
  • An SMS provider for one-time sign-in codes
  • An identity provider for optional Google sign-in
  • A maps provider used to display training locations (your IP address and browser metadata are shared with the maps provider when a map loads)
  • A product analytics provider
  • BridgeYear’s internal CRM

We will name a specific provider on request if you need it to exercise your rights under applicable law.

How long we keep your data

Account data (phone, email, name, saved trainings and careers): kept until you delete your account, except where we are required to retain it for legal, compliance, or audit purposes. You can delete your account at any time from your profile, which removes your account and saved items from our active systems.

CRM data:Account information synced to BridgeYear’s CRM is deleted or anonymized following the same schedule as your account data, subject to the same legal and audit carve-outs.

Support correspondence: Messages you send us for help are retained as long as needed to respond and follow up.

Authentication data:

  • Sign-in codes (SMS, email links) expire after a short period
  • Sign-in sessions expire on sign-out or after a period of inactivity

Analytics data:Product usage events are retained per our analytics provider’s policy (up to 7 years). When you delete your account, we also delete the events linked to your account from our analytics provider.

Database backups:Encrypted automated backups are retained per our database provider’s standard backup window, then purged. After you delete your account, copies may persist in backups for a short period before being purged in the normal rotation.

We do not keep personal information longer than needed for the purposes described in this policy or longer than required by law.

Your rights

You have the right to:

  • Access the personal information we have about you
  • Correctinformation that’s wrong
  • Delete your account and associated data
  • Withdraw consent for analytics or stop receiving emails
  • Take your data with you in a portable format
  • Appeal a decision we make about your request

You can also add, remove, or change the phone number or email linked to your account from your profile, as long as you keep at least one sign-in method on file.

Parents or guardians of users 16–17 may exercise these rights on a minor’s behalf.

Texas residents: Under the Texas Data Privacy and Security Act, you have the rights described above.

To exercise any of these rights: email support@morepathways.org, or use the controls in your account (you can edit your profile and delete your account directly from the profile page). We will respond within 45 days. We may need to verify your identity before acting on a request.

Appeals: If we deny your request, you may appeal by replying to our response or emailing support@morepathways.orgwith the subject line “Privacy appeal.” We will respond to appeals within 60 days. If we deny your appeal, you may contact the Texas Attorney General to submit a complaint.

Children's privacy (COPPA)

MorePathways is built for users 16 and older. It is not directed at children under 13, and we do not knowingly collect personal information from anyone under 16.

If we learn that we have collected personal information from a child under 13, we will delete that information promptly.

If you are a parent or guardian and believe a child under 13 has provided us with personal information, please contact support@morepathways.org. We will:

  1. Verify that you are the parent or guardian
  2. Provide you with the specific information we have collected, upon verifying your identity
  3. Delete the account and associated information within 30 days
  4. Stop any further collection

Parents and guardians of users 16–17 may make the same requests on the minor’s behalf.

International users

MorePathways is operated from the United States, and your information is processed and stored in the United States. If you access the site from outside the United States, you consent to your information being transferred to and processed in the United States.

Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top of this page reflects when it was last changed.

For material changes, we will notify you by email or with an in-app notice before the changes take effect. The updated policy applies from its effective date. If you don’t agree with a change, you can stop using MorePathways or delete your account.

Contact us

Questions about this policy or about your information?

Email: support@morepathways.org