Effective date: November 5, 2025
Last updated: November 5, 2025

1. Introduction

Welcome to the website of WRTP | BIG STEP (WRTP) (“we”, “us”, “our”, “WRTP”). We respect your privacy and are committed to protecting the personal data we collect from you, and/or that you provide to us, through our website at https://wrtp.org/ (the “Site”). This Privacy Policy explains how we collect, use, disclose, transfer, and store your personal data, and the rights you have in relation to that data.

If you are located in the European Economic Area (“EEA”) or the UK, this policy also explains how we comply with the GDPR. If you are a U.S. resident (including residents of California), this policy explains how we comply with U.S. privacy obligations. By using the Site, you accept the practices described in this policy.

2. Who we are

Data controller: WRTP | BIG STEP
Contact details:
WRTP | BIG STEP
3841 W Wisconsin Ave
Milwaukee, WI 53208
milwaukee@wrtp.org
(414) 342-9787

If you are in the EEA/UK and we have appointed a Data Protection Officer (DPO) or EU representative, you may contact them at: info@wrtp.org.

3. Personal data we collect

We may collect the following categories of personal data (depending on how you use the Site, interact with us, subscribe, or otherwise):

  • Contact information (such as name, email address, postal address, telephone number) 
  • Account/subscription information (usernames, passwords, profile data) 
  • Payment or billing information (if applicable) 
  • Usage or log data (such as IP address, browser type, operating system, referral URL, pages visited, time stamps) 
  • Cookies and tracking data (see our Cookie Policy) 
  • Marketing and communications data (preferences, consent data, responses to surveys) 
  • Any other personal data you voluntarily provide (e.g., via contact forms, support requests)

We do not collect special category (sensitive) personal data (such as racial or ethnic origin, political opinions, religious beliefs, biometric data) unless explicitly indicated and you provide explicit consent.

4. How and why we process your personal data (legal basis)

GDPR (EEA/UK users)

Under the GDPR, we rely on one or more of the following legal bases:

  • Your consent (where you have given it) 
  • Performance of a contract (e.g., you subscribed to services) 
  • Compliance with a legal obligation 
  • Our legitimate interests (provided your rights don’t override them) 

For example:

  • We collect your contact details so we can communicate with you (contractual or legitimate interest). 
  • We use cookies and analytics for improving our Site (legitimate interest). 
  • We send marketing communications if you opted in (consent). 

U.S. Users (including California)

Under U.S. federal and state laws, we collect, use, and disclose personal information in accordance with the notices provided herein.

For California residents: we comply with the CCPA/CPRA requirements.

5. Use of personal data

We use your personal data for the following purposes:

  • Providing, operating, maintaining, and improving our Site and services 
  • Responding to your inquiries and providing customer support 
  • Administering your account, if you have one 
  • Personalising your experience and delivering content tailored to your interests 
  • Marketing communications (if you have consented or where permitted) 
  • Meeting legal or regulatory obligations 
  • Detecting, preventing, or investigating security breaches or misuse 

6. Sharing and disclosure of personal data

We may share your personal data with:

  • Service providers and vendors who perform services on our behalf (hosting, analytics, payment processing, email delivery) 
  • Affiliates or partners (as described to you at the time of collection) 
  • Law enforcement, regulators, or other third parties, when required by law or to protect rights, property, or safety 
  • Successors in the case of a merger, acquisition, or sale of assets 

We require our service providers to handle your data in accordance with applicable laws and to implement appropriate security measures.

7. International transfers of personal data

Because we operate globally (or may use vendors or hosts located outside your jurisdiction), your personal data may be transferred to, stored, or processed in locations outside your country of residence (including the EEA, UK, U.S., and other countries).

 

Where required by the GDPR (Articles 44–50), we ensure that appropriate safeguards are in place (e.g., standard contractual clauses, adequacy decisions) to protect your data.

For U.S. transfers, we rely on contractual protections and vendor commitments.

8. Cookies and tracking technologies

We use cookies, web beacons, and similar technologies to collect usage and tracking information (see our separate Cookie Policy for details).

Under GDPR, consent is required for non-strictly-necessary cookies (e.g., marketing, analytics) when used for EEA/UK users.

You have the right to manage or disable cookies via your browser settings, but note this may affect your experience of the Site.

9. Data retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy (or as required by law). Where the purpose no longer applies, we delete or anonymise your data.

We also apply internal retention schedules and review retention periods regularly.

10. Your rights

For EEA/UK users (GDPR)

Under the GDPR, you have the following rights:

  • Right of access to your personal data 
  • Right to rectification of inaccurate data 
  • Right to erasure (“right to be forgotten”) 
  • Right to restrict or object to processing 
  • Right to data portability 
  • Right to withdraw consent at any time (if consent is the basis) 
  • Right to lodge a complaint with a data protection supervisory authority. 

For U.S./California users

If you are a California resident, you have the following rights under the CCPA/CPRA:

  • The right to know the categories of personal information we collect, use, disclose or sell (if any) about you, and the purposes for which we use it. 
  • The right to request that we delete your personal information (subject to certain exceptions) 
  • The right to correct inaccurate personal information (if applicable) 
  • The right to opt-out of the sale or sharing of your personal information (if applicable) 
  • The right not to receive discriminatory treatment for exercising your privacy rights.

To exercise these rights, please contact us at [insert contact email]. We will respond within the applicable legal timeframe.

11. Security of personal data

We implement appropriate technical and organisational measures designed to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. For example: data encryption, access controls, secure vendor selection, monitoring, and training of personnel.

However, no system is completely secure, and we cannot guarantee the absolute security of your data.

12. Children’s privacy

Our Site is not directed to children under 16 (or where U.S. law applies, children under 13). We do not knowingly collect personal data from children in those age groups. If you become aware that a child has provided us with personal data, please contact us and we will delete the data.

If we do knowingly collect from children under 13 in the U.S., we comply with the Children’s Online Privacy Protection Act (“COPPA”) requirements (verifiable parental consent, etc.). 

13. Changes to this Privacy Policy

We may update this policy from time to time. When we do, we will revise the “Last updated” date at the top and notify you (e.g., via email or a notice on the Site) if the changes are material. We encourage you to review this policy periodically.

14. Contact us

If you have any questions, requests, or concerns about our privacy practices, please contact us at:
WRTP | BIG STEP
3841 W Wisconsin Ave
Milwaukee, WI 53208
milwaukee@wrtp.org
(414) 342-9787