Privacy Policy

Last updated: March 16, 2026

This Privacy Policy (“Policy”) describes how the Multidisciplinary Association for Psychedelic Studies (“MAPS,” “we,”  “us,” or “our”) collects, uses, and shares information that can reasonably be used to identify a natural person directly or indirectly (“Personal Data”). It applies to Personal Data that is collected while you visit maps.org or any other website where this Policy is linked (our “Sites”) or that you provide to us via our social media pages or other online services or applications. This Policy does not apply to:

  • Information related to clinical studies: If you have participated in a clinical trial that MAPS has sponsored or otherwise supported, please refer to the informed consent form you signed for details about how the Personal Data collected in connection with the trial will be used.
  • Human resources data and business-to-business communications: This Policy does not describe how we handle Personal Data collected in the context of employment or in our communications with natural persons who are the personnel of entities with which we transact business.
  • Information collected by third parties: This Policy does not apply to information collected by third parties, including affiliated but independently operated organizations such as Resilient Pharmaceuticals (formerly known as Lykos Therapeutics and MAPS Public Benefit Corporation), Zendo Project, and the members of the MAPS Global Affiliates Program. For information about how these and any other third parties handle your Personal Data, please refer to their privacy policies.

Please note that:

  • Our Sites and services are not intended for access by children, and we do not knowingly collect Personal Data from individuals who are considered minors under applicable laws.
  • Our Sites may link to external websites or applications operated by third parties. MAPS is not responsible for the practices of these third-party websites and applications. 

We encourage you to read this Policy before using our Sites or providing us with any Personal Data. If you choose to provide us with your Personal Data, you are confirming that you understand and accept the practices detailed in this Policy.

We update this Policy from time to time.  Our notices are effective when posted. To the extent required under applicable law, we will seek affirmative consent before making material changes to how we handle Personal Data previously collected from you. If you do not provide such consent, your Personal Data will continue to be used in a manner consistent with the version of this Policy under which it was collected.

If you have any questions, please get in touch with us using the details in the “How to Contact Us” section below.

1. What Personal Data Do We Collect?

Identity and Contact Data
When you communicate with us, sign up for one of our mailing lists (including our volunteer list or email newsletter list), donate to us, purchase items from us (or have them shipped to you), or register for or participate in one of our events or educational programs, we collect relevant identity and contact data, which may include, depending on the context of the engagement:

  • First and last names 
  • Email address
  • Postal address
  • Phone number
  • Demographic data, such as age, languages spoken, gender identity, race, or ethnicity
  • Contents of your communications and survey responses
  • Professional information (such as license numbers and jurisdictions, affiliated healthcare organizations, and professional website URLs), if required to participate in an event or educational program

Financial Data
When you donate to us or purchase a product or service from us (including a ticket or registration to an online or in-person event or program), we collect financial information, such as your credit card or bank account details, in addition to contact information. Your financial information is handled by the third-party payment processors with whom we contract. In compliance with PCI DSS, MAPS does not receive your full card number or security code but only the final four digits of your card number.

Webinar Data
When you participate in one of our webinars, we may collect recordings and take screenshots during the webinars, which may include your name and any text comments you post. Presenters and any participants who choose to share their video and audio will have their image and voice captured in the recordings and screenshots.

Program Participation Data
When you participate in one of our programs, we may gather additional information related to your participation, such as your answers to exams and surveys, information you share with our instructors during the program, and video recordings and photographs of the sessions, which may include your image and voice.

Data Collected by Cookies and Similar Technologies
Like many websites, our Sites use “cookies,” which are small text files that record your preferences and are stored on your computer or equipment when you visit certain webpages. We use cookies and similar technologies to track use of our Sites and online services, monitor traffic, improve our Sites, and make our Sites easier and/or more relevant for your use. Web browsers are typically set to automatically accept cookies, but if you prefer, you can usually modify your browser settings to decline cookies. Our Sites are functional without the use of cookies. 

MAPS uses Google Analytics, which allows us to gain insights about how our Sites are being used, while limiting the amount of information Personal Data collected and stored. Google provides a tool for opting out of Google Analytics that you can install on any major browser you use. Certain technical data may still be collected as otherwise noted in this section of the Policy. 

We automatically obtain certain basic technical information about your device and browser when you use our Sites, but we endeavor not to track your browsing activity in a personally identifiable way. For example, MAPS does not use trackers like the Meta Pixel. Please be aware, however, that some externally hosted or embedded services do engage in tracking for their analytics purposes. If you want to block tracking beacons and gain greater control over targeted ads, consider installing a tool like Ghostery or Privacy Badger, the latter of which is maintained by the Electronic Frontier Foundation (EFF),  the leading nonprofit defending digital privacy, free speech, and innovation.

Data Collected by Third-Party Service Providers
We may engage third-party service providers to facilitate certain interactions via our Sites, such as donation processing, event registration, or communications. When you choose to engage in these interactions, you may be required to provide Personal Data directly to such third-party service providers, or your Personal Data may be collected by them on our behalf. For example:

  • When you donate to MAPS, the fundraising platform that processes your donation provides us with information about you and your donation, including how it was made. 
  • When purchases are made on our website store, MAPS collects the IP address to help prevent fraud. We regularly delete this information after the transactions are completed.
  • The email platform we use to communicate with you collects information on whether or not the email was opened and what content was clicked.

Any Personal Data collected by third-party service providers in connection with these interactions is governed by the privacy policies of those third parties, and we encourage you to review these before providing your Personal Data. We will endeavor to notify you at the time your personal data is collected of the involvement of third-party service providers and provide links to their privacy policies.

2. How Do We Use Personal Data?

In general, we use your Personal Data to:

  • Answer your inquiries.
  • Keep a record of your communications with us and your participation in our activities, including programs and fundraising campaigns.
  • Comply with legal requirements that apply to us.
  • Improve our services, provide technical support, and protect the security and integrity of our Sites.
  • Send you personalized email outreach and other communications to let you know how your support makes a difference, including information about MAPS’ activities and initiatives (such as events and educational programs), program updates (such as research progress and policy news), surveys, fundraising appeals, and volunteer and employment opportunities. 
    • If you receive an email from us, you may choose to not receive subsequent emails by clicking the “unsubscribe” link. Note that you cannot unsubscribe from certain service-related emails (like account verification, confirmations of transactions, or required legal notices).
  • Process and acknowledge your contributions to MAPS.
  • Fulfill your orders from our online store.
  • Provide you with access to online services that require sign-up or paid registration. 

Depending on the reasons for which you are providing Personal Data to us, additional uses as listed below may apply:

  • Use of financial data: Financial data is used by our third-party payment service providers to process your donations or payments. When processing your donations and other payments on our behalf, our payment service providers typically act as our “processors” and only use your financial data on our behalf for the limited purpose of processing the payment. These providers may, however, also have their own legal and regulatory obligations that require them to use your financial data for their own compliance-related purposes (such as security and fraud prevention). This Policy does not apply to such uses, which will be subject to the applicable provider’s own privacy policy.
  • Use of program and event data: We will use the Personal Data you provide to us in connection with our programs and events, as well as any Personal Data our collaborators share with us, as necessary to administer these programs and events, and as relevant to other MAPS programs and activities.
    • For example, if you apply to participate in one of our programs, or to receive a scholarship to one of our events, we will use the information in your application to assess your eligibility, make admissions or award decisions, communicate with you about your application, and provide you with related program or event information. 
    • In addition, information about who participates in our programs and events may be used for our internal purposes (such as to assess our achievement of our diversity and inclusion goals), included in our external communication materials (in aggregated, de-identified form), or shared with organizations that sponsor or collaborate with us in producing the program or event. 
3. Who Has Access to Personal Data?
  • Trained staff: Your Personal Data may be accessible by MAPS’ trained staff and volunteers who have a legitimate business need to access it and who are required to comply with this Privacy Policy. 
  • Service providers: We engage the services of third parties to help us manage and store Personal Data and to carry out certain activities on our behalf, such as research and analytics, content creation, website hosting, donation processing, and database maintenance. We regularly review which third-party contractors have access to Personal Data and ensure that they are bound by appropriate confidentiality and data use agreements.
  • Partner organizations: We may share your Personal Data with other like-minded organizations that partner with us and support our nonprofit mission. For example, when you donate to MAPS to support a project sponsored or operated by a partner organization, we may share information about your donation with that organization. We will not sell or exchange your financial information with any partner organization under any circumstances. We endeavor to carefully choose our partners and expect them to respect your preferences just like we do.
  • Other third parties:
    • We may disclose your Personal Data when we have a good faith belief that we are legally required to do so, such as to respond to a court order, subpoena, or similar legal process. In that case, we will endeavor to provide you with advance notice — unless such notice is prohibited or would be futile — by email or postal mail, so that you have the opportunity to object to the disclosure. If you do not object according to the process and timeline communicated in our notice, we may be required to disclose your Personal Data. If we believe a request for disclosure of Personal Data is improper, we may independently object to it.
    • We may also transfer Personal Data in the event of a change of control. For example, your Personal Data could be shared with third parties if we merge with another organization or in connection with transfers made as part of insolvency proceedings, in which case we would endeavor to ensure that any such Personal Data is processed in a manner consistent with this Policy.  
4. How Do We Keep Your Information Safe?

We are committed to keeping your Personal Data safe. As any digital activity carries risk, however, we cannot guarantee the security of your Personal Data.We stay abreast of best practices and utilize appropriate technical and organizational measures to prevent the loss, misuse, or alteration of your Personal Data.

5. How Long Do We Keep Personal Data?

We retain Personal Data only for as long as necessary for the purposes for which the data was collected, except where a longer retention period is required to meet our legal obligations; establish, exercise, or defend against potential legal claims; or pursue other legitimate interests.

If you request to receive no further contact from us, we will keep some basic information about you on our contact list to avoid sending you unwanted materials in the future.

6. Notice for Residents of the European Economic Area (EEA), Switzerland, and United Kingdom (UK)
  • Identity of the controller. MAPS is the “controller” of your Personal Data, as that term is used under applicable law, and is responsible for its processing.
  • Legitimate bases for processing. As required by applicable law, all processing of Personal Data is justified by a legally recognized basis. In the majority of cases, processing will be justified on one or more of the following bases: 
    • We have your consent to process your Personal Data (e.g., you have subscribed to our email newsletters or other communications). Where your consent is the basis for our processing of your Personal Data, you may withdraw such consent at any time by contacting us as provided below.
    • We process your Personal Data where necessary to comply with a legal obligation (e.g., our obligations as a charitable organization to report certain donation-related data).  
    • The processing is in our legitimate interests, which are not overridden by your interests and fundamental rights. Our legitimate interests are to use the Personal Data of all individuals reasonably and responsibly to operate our organization and develop our activities without abusing the privacy interests or rights of such individuals.
  • Your privacy rights. If you are a resident of the EEA, Switzerland, or the UK, you may exercise the following rights with respect to your Personal Data by contacting us as provided below:
    • Request details about and a copy of the Personal Data that we hold about you.
    • Request to correct or update your Personal Data.
    • Port your Personal Data, in machine-readable format, to another entity.
    • Request the deletion of your Personal Data in some cases.
    • Restrict our processing of your Personal Data in some cases.
    • Object to our processing of your Personal Data based on grounds relating to your particular situation.
    • Submit a complaint concerning our processing of your Personal Data to the appropriate supervisory authority in your jurisdiction, but only where such Personal Data is being processed for direct marketing purposes.
  • Cross-border transfers. MAPS is based in the United States, and our Sites are hosted on servers in the United States and Canada. When you submit Personal Data to us, you are transferring it across borders to a jurisdiction that may not provide the same level of data protection as your country of residence. This transfer is necessary for one or more of the purposes described above. When cross-border transfers of Personal Data occur, MAPS implements appropriate solutions as required or permitted by applicable laws. Where permitted by such laws, you may request a copy of the mechanisms we have in place by contacting us as provided below.
  • If you’d like to exercise any of your privacy choices as a resident of the EEA, Switzerland, or the UK, you may do so, free from discrimination, by submitting a request to us at privacy@maps.org
    • If you choose to submit such a request, you must provide us with enough information to identify you (e.g., your first and last name, email address, and telephone number) and the data that is the subject of your request. We will only use the information you provide in your request in order to respond to it. 
    • We will not be able to disclose Personal Data or otherwise comply with a request if we cannot verify that the person making the request is either the person about whom we collected the Personal Data or someone authorized to act on such person’s behalf. We will verify your request by comparing the information you provide with the Personal Data in our records and, if a request is submitted by your authorized agent, we will require you to provide signed written consent for such agent to act on your behalf. 
    • While we typically do not charge any fees for exercising the choices described above, we may charge a reasonable fee for a second or subsequent request within a 12-month period. If we determine your request warrants a fee, we will notify you of the fee before proceeding with your request.
7. How to Contact Us

This Policy was prepared to be as comprehensive as possible but does not include an exhaustive list of every aspect of our collection and use of Personal Data. We would be happy to provide any further information or explanation about our practices. If you have any questions, comments, or suggestions, please contact us at privacy@maps.org or by mail at:

MAPS
3141 Stevens Creek Blvd #40563
San Jose, CA 95117