Defense Orientation Conference Association

Last updated: March 2, 2026

1. Who We Are

The Defense Orientation Conference Association (DOCA) is a nationwide nonprofit organization dedicated to providing continuing education in defense and national security affairs for civilian leaders. This privacy policy applies to our website, member portal, and all related services operated at doca.org.

2. Information We Collect

Information You Provide

Account information: Name, email address, phone number, mailing address when you register for membership or create an account.
Membership details: Professional title, organization, region, military affiliation or service history, and biographical information.
Conference registration: Dietary restrictions, accessibility needs, emergency contact, hotel preferences, and security clearance information required for military installation visits.
Payment information: Credit card and billing details are processed securely through Stripe and are never stored on our servers.
Communications: Messages sent through the contact form, email correspondence, and chatbot conversations within the member portal.

Information Collected Automatically

Usage data: Pages visited, features used, and interaction patterns to improve the platform.
Device information: Browser type, operating system, and screen resolution.
Log data: IP addresses, access times, and referring URLs for security monitoring.

3. How We Use Your Information

Processing membership applications and dues payments
Managing conference registrations and logistics
Generating security/access lists required for military installation visits
Sending membership communications, event notices, and dues reminders
Providing the member directory (only fields you consent to share)
Improving platform functionality and user experience
Fulfilling legal and organizational obligations

4. Information Sharing

DOCA does not sell, rent, or trade your personal information. We share data only in the following circumstances:

Military installations: When you register for conferences at military facilities, we provide necessary identification and security information as required by the Department of Defense.
Service providers: We use trusted third-party services (Stripe for payments, Resend for email delivery, Vercel for hosting) that process data on our behalf under strict confidentiality agreements.
Member directory: Your name, region, and other details you opt to share are visible to fellow DOCA members through the member directory. You control which fields are shared via your profile privacy settings.
Legal requirements: We may disclose information if required by law, court order, or to protect the rights and safety of DOCA and its members.

5. Data Security

As a defense-oriented organization, we take security seriously. Our measures include:

Encryption of sensitive personal information at rest and in transit (TLS/HTTPS)
Role-based access controls limiting data access to authorized personnel
Rate limiting and brute-force protection on all authentication endpoints
Regular security audits and dependency vulnerability scanning
Comprehensive audit logging of administrative actions
Strict Content Security Policy and security headers

6. Data Retention

We retain your personal information for as long as your membership is active and for a reasonable period afterward for administrative and legal purposes. Financial records are retained in accordance with IRS requirements for nonprofit organizations (typically seven years). Conference attendance records are maintained as part of DOCA's historical archive. You may request deletion of your account, subject to our record-keeping obligations.

7. Your Rights

As a DOCA member or website visitor, you have the right to:

Access: Request a copy of the personal data we hold about you.
Correction: Update or correct inaccurate information through your member profile or by contacting us.
Deletion: Request deletion of your account and personal data, subject to legal and organizational record-keeping requirements.
Data portability: Request an export of your personal data in a standard format.
Privacy controls: Manage which personal details are visible in the member directory through your profile settings.
Opt out: Unsubscribe from non-essential communications at any time.

8. Cookies

We use essential cookies required for authentication and session management. These are strictly necessary for the platform to function and cannot be disabled. We do not use third-party tracking cookies or advertising cookies. If we implement analytics in the future, we will use a privacy-respecting solution and update this policy accordingly.

9. Children's Privacy

DOCA services are intended for adults. We do not knowingly collect personal information from individuals under 18 years of age. If we learn that we have collected data from a minor, we will promptly delete it.

10. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated to members via email. The “last updated” date at the top of this page reflects the most recent revision.

11. Contact Us

For privacy-related questions or to exercise your data rights, please contact us: