Effective Date: March 1, 2020
This policy is incorporated into and made a part of our Terms of Service.
1. GDPR Compliance Statement: Pursuant to the terms of the EU General Data Protection Regulation (“GDPR”) and is the “Data Controller” with respect to all of the information collected from visitors to our Website and users of our Service. To ensure compliance with the GDPR, we have incorporated the following practices and procedures:
(a) We verify that the third parties with which we share User information are GDPR compliant;
(b) We ensure that data is stored in a manner that facilitates our ability to locate and delete information pertaining to a specific user upon request;
(f) If we modify any of the terms of this policy, we inform all of our Users; and
(g) We have appointed an internal Data Protection Officer who is responsible for overseeing our privacy and data protection procedures and will serve as the individual point of contact for information access and deletion requests.
2. Information We Collect. We collect two basic types of information from our Users:
(a) Personal Data:
(i) What is Personal Data? Personal Data is information that pertains to you specifically, and can help identify you as a person. We collect Personal Data from you whenever you complete a contact form on our website, including your name, email address, phone number, country, city, state, and zip code. You may also provide us with additional Personal Data in any email messages you send to us, or in the form of user forum posts or chats.
(ii) When and How do we collect it? We collect Personal Data from Users when: (1) they submit a contact form on our website; (2) initiate an online chat with us; or (3) submit a post to our User forum. In addition, when you visit our Website we will record your IP address and/or unique mobile device identifier. Under ordinary circumstances, an IP address recorded in isolation is not Personal Data under the standard definition of the term. However, it may become Personal Data when it is combined with other information, such as an email message.
(iii) How do we use Personal Data? We use Personal Data to communicate with you and respond to your requests. We may also use your email address to send you account related notices and promotional marketing materials. We use your IP address to identify your location in order to provide you with notices and other information that may be required by your local regulatory authority.
(iv) Where is Personal Data Stored? All Personal Data collected from Users outside and within the United States will be transferred and to and stored on the Amazon Cloud.
(b) General Information: General Information consists of information that is anonymous in nature and does not identify you as an individual. This includes your computer IP address, unique mobile device identifier, browser type, ISP or carrier name, and the URL of the last web page you visited before visiting our website. This information gives us insights on how our users use our site and our other products. We collect this information by using “cookies”, which are small bits of computer code that are transferred to your computer’s hard drive via a web browser, which enable us to record the general information described above. We use this information to ensure that our service continues to appeal to our users.
(ii) Where is General Information Stored? All General Information collected from Users outside and within the United States will be transferred and to and stored on servers located in the Amazon Cloud.
3. How We Share information. We will not share Personal Data with third parties for marketing purposes without your consent. We will share Personal Data with certain third parties in the following ways:
(a) Service Providers: We utilize the following third-party service providers to perform certain functions on our behalf and must share certain information (including Personal Data) with them in order for them to do so. However, the information that is shared is limited to that which is necessary to perform their specific functions:
(b) Law Enforcement: If requested or required by law enforcement authorities, courts, or regulators, we may disclose any information we have about our users. We also may disclose your Personal Data to exercise or protect legal rights or defend against legal claims.
(c) Bulk Asset Transfers: In some cases, we may choose to buy or sell assets. In these business transfers, customer information, including Personal Data, is typically one of the business assets that are transferred. Moreover, if all or substantially all of our business assets were acquired, or in the unlikely event that we go out of business or enter into bankruptcy, customer information (including your Personal Data), would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any assets may continue to be used according to your Personal Data as set forth in this policy.
(d) Other Third Parties: We may reserve and have the right to disclose any information about you or your use of our Service without your prior permission, if we in good faith believe that such action is necessary to protect and defend the rights, property or safety of our company or its affiliates, other Users of the Service or the public.
4. How We Protect Information. We use appropriate technical and organizational measures to protect the data we collect against unauthorized or unlawful access and against accidental loss, destruction or damage. We also limit access to User information to employees who reasonably need access to it in order to do their jobs. However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we may have collected from or about you. In addition, we have no control over the security of other web sites that you might visit even when a link may appear to those web sites site from our Site. If you share your computer or use a computer that is accessed by the general public, remember to log off and close your browser window when you have finished your session.
5. How Long We Keep Information. We retain Personal Data and General Information for as long as necessary to fulfill a business purpose or comply with a legal request. We may also choose to anonymize certain elements of the information you provide to us so that it can no longer be attributed to you if we would like to retain it for longer periods of time. You may also request that we delete your information in the manner described in Section 6.
6. Your Options and Rights. We currently offer Users the following options with respect to the manner in which we collect, use, and maintain information, or to otherwise exercise their rights under applicable privacy statutes:
(a) All Users: You may request that we stop sending you non-account related emails by clicking the “unsubscribe” link that is included at the bottom of non-account related emails. You may also request that we delete the information we collected from and about you by contacting our Data Protection Officer. You may also request that we not share your Personal Data with one or more of the third parties we share it with. Be advised, however, that this may limit or prevent you from using our Website.
(b) EU Citizens: If you are an EU citizen, you may request that we provide you with (or delete) all the information we collected from and about you, or otherwise exercise your rights under the GDPR by contacting our Data Protection Officer. Data reporting and deletion requests will be processed free of charge within thirty (30) days.
(c) California Residents: Under the California Online Privacy Protection Act (“CalOPPA”), if you are a California Resident you may request information regarding the types of Personal Data we share with third parties for direct marketing purposes, and the identities of the third parties with whom we have shared such information during the immediately preceding calendar year. You may request further information about our compliance with CalOPPA by contacting our Data Protection Officer. Please note that under CalOPPA, we are only required to respond to one request per User each year, and we are not required to respond to requests made by means other than through requests submitted to our Data Protection Officer.
7. Tracking Technology and Do-Not-Track Requests. We employ certain applications that may enable us to track your online activities over time and across third-party web sites. We honor Do-Not-Track requests transmitted by Web browsers.
8. Children under 13. Our Website is not intended for users under the age of 18, and we do not knowingly collect any personal information from children under 18. If we become aware that a person submitting information is under 18, we will attempt to delete the information as soon as possible.
10. Questions. If you ever have any questions about this policy or the Personal Data and General Information we have collected please contact our Data Protection Officer. We respect your rights and privacy, and will be happy to answer any questions or concerns you might have.
Data Protection Officer Contact: firstname.lastname@example.org