8 minutes read
Personal Data: information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular user
Processing: all activities relating to the use of your personal data by the Website such as collection, storage, and deletion
Cookies: files containing a small amount of data that are commonly used as anonymous unique identifiers
Cookies are sent to your browser from the websites you visit and are stored on your device's internal memory. You can instruct your browser to deny cookies or to prompt when a cookie is being sent. However, without accepting cookies you might not be able to use some features of the Website. Examples of cookies the Website may utilize include session cookies that remembers a user's logged-in status, or from third-party service providers as outlined below.
We process data using the following principles:
Lawfulness, fairness, and transparency: obey the law; only process personal data in a way that people would reasonably expect; always be open about our data protection practices
Purpose limitation: process personal data for the specific reason it was collected for
Data minimization: do not process any more data than needed
Accuracy: ensure personal data is as adequate and accurate as possible
Storage limitation: do not store personal data longer than necessary
Integrity and confidentiality: always process personal data securely to the best of our ability
We store personal data that is provided voluntarily to us which may include email addresses, hashed passwords, feedback, page content, and subscription details for users of the Website. General log data may also be generated in certain cases for site maintenance purposes, which could include but is not limited to browser details, timestamps, and referring page information. This data is stored in addition to non-personally identifying data on our servers which include aggregated daily page views and link click counts for user generated pages existing on the Website.
We collect data through the general use of the Website. The data we collect is to provide and maintain the services of the Website. We utilize trusted third-party service providers as outlined below that process information for payments, support, and security if those parties agree to keep such information confidential. Additionally, we may use information from service providers for purposes such as retargeted marketing. We do not sell or trade personally identifiable information to third parties.
In specific cases we may need to disclose personal data when we believe it is necessary to comply with the law, enforce the Terms of Service for our site, or protect the legal rights of ourselves or others.
We only process data for the following reasons:
Consent: earned permission in a GDPR-compliant way when applicable
Contract: needed to fulfill a contract such as our terms of service
Legal obligation: would be breaking the law if not processed
Vital interests: a person's life depends on it
Public task: needed to carry out a task in the public interest
Legitimate interests: determined to be in our interests following a Legitimate Interests Assessment
Data that has not been explicitly removed or replaced by the user is typically stored for the duration of the account or page. Full pages and accounts that are deleted by the user remain stored in an inactive state for a brief period until being permanently removed from our system. This policy is to help safeguard against cases of accidental or malicious deletion. You can request to have your data erased immediately by contacting us at firstname.lastname@example.org.
Retargeting: The Website and some of the user generated pages use retargeting services provided by Facebook Pixel to advertise to you on third-party Websites after visiting or interacting with specific pages on the site. You can learn more about this type of interest-based advertising here. Cookies are used by Facebook to inform, optimize, and serve ads based on your previous usage of the Website. You can opt-out of this type of marketing by following the steps provided by Facebook here.
Rights to Access
As the consumer, and in accordance with the CCPA, you have the right to request personal data stored on the Website in an easily accessible format regarding your account. This includes the information we collect, what we use the information for, and which third-party service providers we utilize to process data and maintain the Website's services.
You have the right to request deletion of personal data that we hold with the following exceptions: to provide the Website's services to the consumer, detect or resolve security or functionality-related issues, comply with the law, conduct research in the public interest, safeguard the right to free speech, or carry out any actions for internal purposes that the consumer might reasonably expect.
Specifically, for having exercised the rights above, you have the right to not be discriminated against including: denied services to the Website, charged different prices for services, provided with a different quality of service, or threatened with any of the prior.
Under the jurisdiction of the GDPR, you have the following rights over your data: to be informed, access, rectification, erasure (known as 'the right to be forgotten'), restrict processing, data portability, objection, and rights in relation to automated decision-making.
To exercise any of the rights above you can contact us at email@example.com and will receive a response within a reasonable timeframe. If under the jurisdiction of the GDPR you may also make a complaint to a Data Protection Authority, such as the Information Commissioner's Office (ICO) in the UK, or the Data Protection Commission (DPC) in Ireland.
We have taken numerous measures to ensure the security of the Website by minimizing the amount of data we collect and following applicable security standards including utilizing the services of Cloudflare as outlined above under Service Providers. Subscription payment methods are processed securely by Stripe, and not stored on our servers. Our servers are regularly kept up to date with security and bug fixing patches. Although no method of transmission over the Internet can be guaranteed to have absolute security due to its inherent nature, we take the security of the Website and users very seriously and strive to continuously improve it any way we can.
Links to Other Sites
The Website does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13 for compliance with the requirements of the Children's Online Privacy Protection Act (COPPA).
In the case of discovering a child under 13 has provided us with personal data, we will immediately remove it from our servers. If you are a parent or guardian and are aware that your child has provided us with personal data, please contact us so that we will be able to take necessary action.