Privacy Policy
Last updated:
NOTICE: PRIVACY POLICY UPDATE
Effective Date: March 11, 2026
At ICDR, we are constantly hardening our security protocols to protect the next generation of performers.
We have updated our Privacy Policy to provide greater clarity on how we secure your account data.
Key updates in this version include:
Standardized Security: Implementation of mandatory Multi-Factor Authentication (MFA) for all user types to prevent unauthorized access to sensitive records.
MFA Options: Added specific language regarding the use of SMS (Text Message) for secure code delivery.
Opt-Out Choices: Clarification on your right to opt-out of SMS verification in favor of using an Authenticator App or Passkey for account security.
We encourage all registry members to review the updated “Account Security and Multi-Factor Authentication” section below. Your continued use of the ICDR platform following these changes constitutes your acceptance of the updated policy.
Table of Contents
About Us
Changes to This Privacy Policy
Information We Collect From Dancers 18 and Under
Information We Collect From Parents
Information We Collect From Dancers 18+
Account Security and Multi-Factor Authentication (MFA)
Data Retention and Deletion
Legal Basis for Processing Personal Data under GDPR
Disclosure of Information
Links
Security
Cookies and Technical Essentials
Data Transfer
Notice to EU/EEA Member States and UK Citizens
Notice for Individuals in US states and Other Jurisdictions
Contact Us
About Us
The International Competitive Dancer Registry (ICDR) takes privacy very seriously. This policy explains what information we collect and how we use it on our website, www.icdrdance.com.
The International Competitive Dancer Registry (ICDR) was created to bring greater safety, fairness, and trust to competitive dance through a secure, privacy-compliant danceID system. By verifying dancers and their legal guardians, ICDR helps protect dancers, safeguard performance media, and preserve achievements across studios, events, media distribution and registration platforms, without replacing existing workflows or organizations.
Changes to This Privacy Policy
We may update this policy from time to time, and we will post a notice at the top of the policy if we do. If we make a material change to this policy that affects the collection and use of personal information, we will post a notice at the top of this policy and notify you if we have your email address or other contact information prior to making the change. If you have any questions, please contact us at privacy@icdrdance.com.
Information We Collect From Dancers 18 and Under
To create an account on ICDR we ask children to provide a date of birth, an email address (which will solely be used for account creation and access purposes), and the email address of their parent/legal guardian (Parental) to seek parental consent to join the registry. During the account creation and verification process we will use the Parent email solely to contact the Parent to seek full verifiable parental consent (full VPC) and will not use it for any other purpose. If the parent does not provide consent or takes no action we will delete the email address from our records.
Once full VPC has been obtained the Parent becomes a Verified Parent. A Verified Parent is able to complete their child account’s profile including first and last name, gender, and an optional headshot photo. Once that is complete the child account is able to upload or update the optional headshot photo and add or update their nickname. ICDR will use the information collected at registration and on the child’s profile to determine eligibility for the program.
If a child contacts us through our customer support feature before consent has been obtained, we will use that child’s information to respond once to the child’s inquiry before promptly deleting our copy of the communication. If a full VPC has been obtained for the child, we may use the child’s contact information to respond more than once to the child, until their inquiry or issue has been addressed.
Verified parents can choose to add additional parents or legal guardians to their child’s profile. These secondary guardians will be restricted to only view the child’s profile, and redeem performance media.
Primary parents can choose to revoke or decline consent at any time through their account directly or by contacting us at support@icdrdance.com. If a parent revokes consent, we will take action to delete personal information collected from the child within 30 business days of the request.
The primary parent can request access to review, delete or prevent further collection of their child’s personal information by contacting us at support@icdrdance.com.
When you or your child visits our site, we automatically collect the following information:
IP Address: Used for geolocation derivation and then discarded/anonymized immediately
Device Information: Browser type, Operating System, Screen resolution
Usage Data: Page views, button clicks, session duration, referral source
General Location Data: City/Region level, not precise GPS
ICDR does not retain automatically collected personal information or use it for any other purpose other than as described above, including to contact a specific individual, to build a profile of a child or behavioral advertising. Aggregated, non-identifiable reporting data may be kept indefinitely for historical trend analysis.
ICDR may aggregate or de-identify personal information so that it is no longer directly associated with an identified individual. De-identified data may be used for analytics, research, reporting, fraud prevention, service improvement, and statistical purposes.
Where we rely on de-identification, we implement reasonable measures designed to reduce the likelihood that the information can be re-associated with an individual. ICDR does not attempt to re-identify de-identified data except as permitted or required by law for security, fraud prevention, or compliance purposes.
Aggregated or de-identified data may be retained for longer periods than identifiable personal information.
ICDR does not use children’s personal information for behavioral advertising, targeted advertising, profiling, or automated decision-making that produces legal or similarly significant effects. We do not sell children’s personal information.
Information We Collect From Parents
ICDR will collect a parent’s full name and contact information (email address and mobile phone) to create a parent account and for verification purposes. We will use the phone number for authentication purposes and security (multi-factor authentication, fraud and spam prevention).
We verify the information provided with the child’s studio (if connected), or via our privacy partner, PRIVO to obtain full verifiable parental consent. PRIVO is a leading privacy solutions expert as well as an FTC approved COPPA Safe Harbor. All information collected for verification is used solely for identity verification and consent purposes and handled in accordance with applicable privacy and security standards. For more information on PRIVO please see here: https://www.privo.com/platform-privacy-policy.
To verify, parents will be asked to provide and scan their government ID (driver’s license or passport) and a selfie which will be used to verify their identity. ICDR does not collect, generate, store, or retain biometric identifiers or biometric information (as defined under applicable law, including without limitation the Illinois Biometric Information Privacy Act).
Parents will be able to add up to 4 additional guardians to the account by providing contact information. The parent adding the guardians is the primary guardian and can manage access for all additional guardians. Additional guardians on the account will not be able to access and manage the child’s profile and media.
Information We Collect From Dancers 18+
Dancers 18+ will be asked to verify their own identity by providing their full name, email address or other contact information. We will use the contact information provided for authentication and security purposes.
Dancers will be asked to verify their identity by providing and scanning their government ID (driver’s license or passport) and a selfie (same reasons as stated above).
The biometric information limitations described above apply equally to identity verification of dancers aged 18 and older.
Service Providers
ICDR works with the following service providers in relation to children:
LiveAgent: Manages live chat, support tickets, and email inquiries. Personal information, including contact information may be collected in an inquiry or support ticket to validate user. If this information has been provided by a child without consent, we will use the information to respond once to the child before promptly deleting the account. If we receive inquiries received from parents, children with full verifiable parental consent or dancers 18+, we may use the contact information provided to respond more than once to the direct inquiry.
Twilio: Powers mobile and email notifications. Twilio will use the contact information provided at registration to deliver notifications and updates about the service. Message Logs and metadata are retained for 13 months before being deleted. Contact Information is retained for the lifetime of the account and can be deleted upon request.
Selectcom: Provider for voice support and phone communication. Personal information, including contact information may be collected in an inquiry. If this information has been provided by a child without consent, we will use the information to respond once to the child before promptly deleting the account. If we receive inquiries received from parents, children with full verifiable parental consent or dancers 18+, we may use the contact information provided to respond more than once to the direct inquiry.
These providers will use the information collected above for the purposes outlined only. This information will not be used to build a profile of the child or behavioural advertising.
Account Security and Multi-Factor Authentication (MFA)
To maintain the highest level of data integrity and protection for our community, the International Competitive Dancer Registry (ICDR) requires Multi-Factor Authentication (MFA) for all account types, including Studio Representatives, Parents or Legal Guardians, and Dancers.
Email Communications: ICDR utilizes email as the primary channel for account activation, security updates, and identity verification notices.
MFA via SMS: Users may choose to opt-in to receive secure, one-time authorization codes via SMS (text message) to their registered mobile device. This is the sole instance in which ICDR will initiate contact via text. These codes are used exclusively for account access and must be entered directly on our platform; a reply via text is never required.
Opt-Out and Alternatives: SMS verification is an optional preference. Users may choose to opt-out of SMS at any time. To maintain mandatory account security, users who opt-out of SMS must instead utilize an Authenticator App, or Passkey to fulfill their Multi-Factor Authentication requirements.
Data Retention and Deletion
ICDR retains personal information for as long as a user’s account remains active.
Accounts may be deemed inactive if there has been no login activity for a period of three (3) consecutive years. Inactive accounts may be anonymized or deleted following reasonable notice to the account holder.
Backup systems may retain archived copies of data for a limited period consistent with standard industry practices and legal obligations.
Dancers or the primary guardian can request access to review, delete, modify, or prevent the further collection of personal information by contacting us at support@icdrdance.com. We will take action to process deletion requests within 30 days. Certain consent records and compliance documentation may be retained as required by law, even if the associated account information is deleted.
ICDR may aggregate or de-identify personal information so that it is no longer directly associated with an identified individual. De-identified data may be used for analytics, research, reporting, fraud prevention, service improvement, and statistical purposes.
Legal Basis for Processing Personal Data under GDPR
We may process Personal Data under the following conditions:
Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject
For individuals located in Canada, ICDR processes personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.
In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
ICDR does not use personal information to make solely automated decisions that produce legal or similarly significant effects without meaningful human involvement.
Disclosure of Information
ICDR may disclose your or your child’s personal information if required by law or in the event of a company sale or proposed change of ownership. We may also disclose it to protect ICDR’s rights and properties or to investigate fraud or intellectual property infringement.
Links
Please be aware that our service contains links to other services that are not governed by this privacy policy. We encourage visitors to review the privacy policy of each site before disclosing personal information.
Security
ICDR implements administrative, technical, and physical safeguards designed to protect personal information appropriate to the nature of the data and associated risks. These safeguards include encryption in transit, access controls, role-based permissions, monitoring of verification systems, and secure storage practices.
However, no method of transmission over the Internet or method of electronic storage is entirely secure. While we strive to use commercially reasonable means to protect personal information, we cannot guarantee absolute security.
Data Transfer
ICDR is headquartered in Canada. Personal information may be processed and stored in Canada, the United States, or other jurisdictions where our service providers operate.
Where personal information is transferred outside the European Economic Area (EEA) or the United Kingdom, we implement appropriate safeguards as required by applicable law, including standard contractual clauses or other legally recognized transfer mechanisms.
By using the Service, you acknowledge that your information may be transferred to jurisdictions with privacy laws that may differ from those in your country of residence.
Cookies and Technical Essentials
At ICDR, we do not use cookies for advertising, behavioral tracking, or third-party marketing. We prioritize a clean digital footprint for every user.
Essential Cookies Only
We use some essential cookies to make this service work. These technical files are strictly necessary to provide the registry’s core features. These cookies are used for:
Authentication & Session Integrity: To keep you securely signed in as you navigate the registry and to ensure that your data remains connected to your authorized session only.
Security & Fraud Prevention: To protect the registry against digital threats, such as cross-site request forgery (CSRF), and to verify that interactions are being made by a real person rather than an automated bot.
Verification Workflow: To manage the multi-step verification process, ensuring that information is processed accurately and securely from start to finish.
Managing Your Settings
Because these cookies are essential for the security and basic operation of the registry, they cannot be opted out of within our system. You may set your browser to block these cookies, but please be aware that the ICDR platform will not function, and you will not be able to complete the verification process without them.
Notice to EU/EEA Member States and UK Citizens
Under the General Data Protection Regulation (GDPR) and UK GDPR data protection law, where applicable, you have certain data protection rights including:
Right of access: You have the right to ask us for copies of your personal information.
Right to rectification: You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Right to erasure: You have the right to ask us to erase your personal information.
Right to restriction of processing: You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Right to object to processing: You have the right to object to the processing of your personal information.
Right to data portability: You have the right to ask that we transfer the personal information you gave us to another organisation, or to you If you make a request, we have one month to respond to you.
Please contact us at privacy@icdrdance.com, Canada/US Toll Free: +1-833-371-5433 or by mail at 235 Carlaw Avenue, Unit 513, Toronto, Ontario, M4M 2S1 if you wish to make a request. If you have any concerns about our use of your data, you can make a complaint to us at privacy@icdrdance.com addressed to: Monica Valencia, ICDR Privacy Officer. You can also complain to the relevant data protection authority if you are unhappy about how we have handled your personal data.
Notice for Individuals in US states and Other Jurisdictions
Residents of certain U.S. states (including California, Colorado, Connecticut, Utah, and Virginia) may have additional rights under applicable privacy laws, including the right to:
Know what personal information we collect and how it is used
Request deletion of personal information
Request deletion of personal information
Correct inaccurate personal information
Obtain a copy of personal information in a portable format
Opt out of the sale or sharing of personal information (where applicable)
Limit the use of sensitive personal information (where applicable)
ICDR does not sell personal information.
To exercise any applicable rights, please contact privacy@icdrdance.com.
Contact Us
If you have any questions about this policy, or the collection and use of your or your child’s personal information, please contact us at:
235 Carlaw Avenue, Unit 513, Toronto, Ontario, M4M 2S1
Canada/USA Toll Free: +1-833-371-5433
OR
For technical support: support@icdrdance.com
