© 2013 | Boss it Back®
Boss it Back™ Free Your Mind. Free Your Life. Defy OCD.
1. The Basics
About Tammy LaBrake
I am a Cognitive Behavioral Therapist with an online platform. I send and manage email campaigns, maintain a blog, Twitter, Linked-In, Pinterest and Facebook account.
1.2 Key Terms
"Contact" is a person who has made contact through my online platform. In other words, a Contact is anyone who has given me information. For example, the Contact may have subscribed to my email campaigns or left a comment on a blog post.
"Visitor" means any person who visits any of my Websites but doesn’t ask for further information.
"Personal Information" means any information that identifies or can be used to identify a Contact, or a Visitor, directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, date of birth, email address, gender, occupation, or other demographic information.
"Website(s)" means any website(s) I own and operate (such as bossitback.com, ocdstrategies.com, blog.bossitback.com) or any web pages, interactive features, applications, widgets, blogs, social networks, social network "tabs," or other online, mobile, or wireless offerings.
1.3 Information I Do and Don’t Collect
The Personal Information that I may collect broadly falls into the following categories:
In the course of engaging with my online platform, the Contact or Visitor may provide Personal Information. Personal Information is often, but not exclusively, provided to me when the Contact or Visitor signs up for and uses the Services, sends me an email, or communicates with me in any other way. The provision of Personal Information I collect is on a voluntary basis and there are no consequences, for not providing the information. By giving me this information, the Contact or Visitor agree to the information being collected by me.
Web Servers collect usage data to improve the content and operation of the Web Service, and facilitate research and analysis of the Services. Whenever the Contact or Visitor interact with my online platforms, Web Servers collect information which may include the dates and times the Contact or Visitor access the services and the Contact or Visitor browsing activities (such as what portions of the Services are used). Web Servers also collect information regarding the performance of the Services, including metrics related to the deliverability of emails and other communications the Contact or Visitor send through the Services.
I don’t access metadata and other information associated with those files. I don’t collect or share information about the Contact or Visitor with third-party sources, such as public databases, social media platforms, third-party data providers and joint marketing partners.
I do automatically receive information from social networks which include demographic information (such as age and gender), device information (such as IP addresses), location (such as city and state), and online behavioral data (such as information about use of social media websites, page view information and search results and links). I use this information, alone or in combination with other information (including Personal Information) to enhance my ability to provide relevant marketing and content to the Contact or Visitor and to develop and provide the Contact or Visitor with more relevant products, features, and services.
1.4 Use of Personal Information
I may use the Personal Information the Contact or Visitor has given me to:
Bill and collect money owed to me by the Contact or Visitor. This includes sending emails, invoices, receipts, notices of delinquency, and alerting the Contact or Visitor if a different credit card number is needed. I use third parties for secure credit card transaction processing, such as Paypal and those third parties collect billing information to process orders and credit card payments.
To communicate with the Contact their account and provide customer support. For example, if the Contact uses online scheduling and forgets their password. If the Contact uses mobile apps I may ask the Contact if he or she wants to receive push notifications about activity in the Contact account. If the Contact has opted into these push notifications and no longer wants to receive them, the Contact may turn them off through the Contact operating system.
Member Distribution Lists. A Distribution List can be created in a number of ways, including by importing Contacts, such as through a CSV or directly from the Contact email client. The Contact Distribution Lists are stored on a secure MailChimp server. I do not, under any circumstances, sell the Contact Distribution Lists.
Social Media Follows. If a Contact or Visitor follows me on a Social Media platform, such name may be viewed by others. If the Contact detects inappropriate, abusive or illegal behavior related to following me, please contact me and the Social Media platform in question.
If a Contact or Visitor chooses to use the Forward to a Friend (FTF) link to share information, it will allow the Contact to share the content with individuals, not on the Email Distribution List or Social Media “Friends” list. When a Contact forwards an email to a friend, I do not store the Contact’s email address or their friend’s email address, and no one is added to any Distribution List as a result of the FTF link.
1.5 Data Protection Rights
The Contact or Visitor may have the following data protection rights:
To access, correct, update or request deletion of Personal Information. I take reasonable steps to ensure that the data collected is reliable for its intended use, accurate, complete and up to date. A Contact or Visitor can manage individual account and profile settings by contacting me directly by emailing at firstname.lastname@example.org.
In addition, individuals who are residents of the EEA can object to the processing of their Personal Information, ask to restrict processing of their Personal Information or request portability of their Personal Information. The Contact or Visitor can exercise these rights by contacting me at email@example.com.
Similarly, if Personal Information is collected or processed on the basis of consent, the data subject can withdraw their consent at any time. Withdrawing the Contact or Visitor consent will not affect the lawfulness of any processing conducted prior to the Contact or Visitor withdrawal, nor will it affect processing of the Contact or Visitor Personal Information conducted in reliance on lawful processing grounds other than consent.
The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact the Contact or Visitor local data protection authority. Contact details for data protection authorities in the EEA are available here.
I respond to all requests received from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. I may ask the Contact or Visitor to verify their identity in order to help me respond efficiently to the request.
1.6 Public Information and Third-Party Websites
Blog. I have public blogs on my Websites. Any information the Contact or Visitor include in a comment on the blog may be read, collected, and used by anyone. I intend to authorize all comments only after removing email and name of the Contact or Visitor. If the Contact or Visitor Personal Information mistakenly appears on my blog and the Contact or Visitor want it removed, contact firstname.lastname@example.org.
Social media platforms and widgets. My Websites include social media features, such as the Facebook Like button. These features may collect information about the Contact or Visitor IP address and which page The Contact or Visitor are visiting on the Website, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on my Website. I also maintain presences on social media platforms, including Facebook, Twitter, Linked-In, and Pinterest. Any information, communications, or materials the Contact or Visitor submit to us via a social media platform is done at the Contact or Visitor’s own risk without any expectation of privacy. I cannot control the actions of other users of these platforms or the actions of the platforms themselves. The Contact or Visitor interactions with those features and platforms are governed by the privacy policies of the companies that provide them.
1.7 Other Times Personal Information Can Be Shared
With any competent law enforcement body, regulatory body, government agency, court or other third party where disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish, or defend my legal rights, or (c) to protect the Contact or Visitor vital interests or those of any other person.
Any other person with The Contact or Visitor consent.
1.8 The Contact or Visitor Choices and Opt-Outs
Contacts and Visitors who have opted in to receive emails can opt out of receiving emails from me at any time by clicking the "unsubscribe" link at the bottom of the email messages. Please note that some communications (such as service messages, account notifications, billing information) are considered transactional and necessary for account management.
Appropriate and reasonable technical and organizational measures are taken to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. If the Contact or Visitor have any questions about the security of Personal Information, may contact me at email@example.com.
If The Contact or Visitor have an unresolved privacy or data use concern that has not been addressed satisfactorily, please contact a U.S.-based third-party dispute resolution provider such as TRUSTe (free of charge to the Contact or Visitor) here. Under certain conditions, more fully described on the Privacy Shield website, here, the Contact or Visitor may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
1.10 Retention of Data
I retain Personal Information where there is an ongoing legitimate business or legal need to do so. Retention periods will vary depending on the type of data involved, but, generally, I'll refer to these criteria in order to determine retention period:
Whether there is a legal or contractual need to retain the data.
Whether the data is necessary to provide Services.
Whether it is reasonably expected that I would retain the data until the Contact or Visitor remove it, opt out or until accounts are closed or terminated.
When there is no ongoing legitimate business need to process the Contact or Visitor Personal Information, the information will either be deleted or anonymized or, if this is not possible (for example, because the Contact or Visitor Personal Information has been stored in backup archives), then Personal Information will be stored and isolated from any further processing until deletion is possible.
Questions & Concerns
If the Contact or Visitor have any questions or comments, or if the Contact or Visitor have a concern about the way in which any privacy matter has been handled, please use email firstname.lastname@example.org or use the Contact Form at bossitback.com to send a message.