The Holder and the person in charge of the collected data
Jupiter 9, Ap 27
What personal information do we collect from the people that visit our blog, website or app?
When signing to our newsletter, you may be asked to enter your name and email address.
Since this blog is hosted on worpress.com, it uses Jetpack for comments on posts and pages. When writing a comment, you need to provide your name and your email address. The email address is used by Jetpack to notify you when someone replies to your comment. We don’t use your email address you supplied for comments for any other purpose. Other than email, your IP address is collected by Jetpack. We never use this IP address for analytics or for any other purpose.
When do we collect information?
We collect information from you when you subscribe to a newsletter, fill out a form or enter information on our site.
Also, we use the Redirection plugin which logs the IP address in case of a 301 redirect or a 404 HTTP response. This is used so that we can find out if a certain resource on our site is no longer found or to redirect the user to the new resource location in case we changed the slug of a page or post.
How do we use your information?
We may use the information we collect from you when you make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
To send periodic emails regarding new blog posts, your order or other products and services.
We have an email list which allows us to communicate with the regular readers of this blog. We use an email marketing tool called MailChimp for this purpose.
MailChimp collects the following data:
- The email address of the subscriber.
- The name of the subscriber
- The location of the subscriber.
- The method that was used to subscribe the newsletter.
- The preffered language.
- The favorite email client and format.
- the last profile update timestamp
- The tags which are used to segment subscribers to different lists. These email preferences are saved by using tags. Also, if the person has purchased my video courses or books, he/she will have tags which identify him/her as a person who has purchased this course.
- A list of emails sent to the subscriber.
- A list of emails which were opened by the subscriber.
- A list of emails which were clicked by the subscriber.
MailChimp collects its data by using these data sources:
- The email address and email preferences (tags) are provided by the subscriber. Also, when a subscriber opens our email or clicks a link found from our email, MailChimp updates the open and click statistics of the email in question.
- A list of emails sent to the student is updated by MailChimp when we send a new email to the subscribers of our newsletter.
- When a person subscribes our newsletter and he/she has purchased any of my video courses or books, an administrator will add to the correct tags to the subscriber.
We use the collected data for four different purposes:
First, we send useful content to our subscribers. This means that every time when we publish a new blog post, we send an email to our subscribers.
Second, we send relevant marketing emails to our subscribers. These emails target our own products which are created by the same persons who write the articles you read on this blog.
Third, we send an email if one of the subscribers has been nominating for winning a free copy of our books.
Fourth, we use the open and click rates for improving our communication. We want to provide useful information to our readers. If the user does not engage with our content, we might unsubscribe him/her because we don’t want to send emails to people who are not genuinely interested in our content.
We collect this data because the subscriber has given us his/her consent to do so. When a person subscribes our email newsletter, we are using double opt-in so that he/she has to confirm his/her subscription by clicking the confirm link found from the confirmation email.
This data is stored as long as the subscriber is subscribed to the newsletter. When a subscriber wants a refund for his/her video course purchase, we permanently delete their data from MailChimp, but his/her purchase/refund will still be available in Teachable, the platform hosting and managing payments for the video course.
How do we protect visitor information?
This site is hosted on WordPress.com and security is guaranteed by the hosting platform.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information.
Since this site is hosted on WordPress.com, there are several cookies that might be used by WordPress as documented on their site.
We have enabled the Google Analytics support offered by WordPress.com for tracking how users interact with this website. If you want to know what cookies are set by Google Analytics, you should read this article: How Google uses data when you use our partners’ sites or apps.
When you leave a comment on our website, WordPress might set a cookie to your browser. This cookie ensures that you don’t have re-type your information when you want to leave another comment. You can get more information about this by reading this article: WordPress Cookies.
Transfer of data outside of the EU or EEA
The following data is transferred outside the EU or EEA:
- The data collected by Google Analytics. Note that the Google complies with the EU-US and Swiss-US Privacy Shield Frameworks.
- The data collected by MailChimp. Note that MailChimp is a U.S. company and the data that is collected by it is processed in the United States or any other country in which MailChimp or its subsidiaries, affiliates or service providers maintain facilities.
The Data Stored in Backups
Being hosted on wordpress.com, Automattic takes periodical backups of the vladmihalcea.com website. These backups contain all data that is collected by this website.
Once a month, we also take a backup and store it on a private GitHub repository. The backup of the blog is encrypted using a strong password and only the owner of this site knows it.
We have to take these backups because have a legitimate interest to be able to recover from accidents that lead to loss of data.
Each database backup is stored for one month. When this period is over, the backup is overwritten with the new version of the website.
Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.
Third party links
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser add-on.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
Users can visit our site anonymously.
Users are able to change their personal information:
- Either directly following the link provided in the email newsletter for the newsletter personal information, or via their personal account they have created on the Teachable platform, in case they enrolled in any video course.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
The Principles of Protecting the Collected Data
This section describes the principles which we use to protect the data that is collected by us.
The data that is collected by the vladmihalcea.com website is protected by following these rules:
- All communication between a web browser and the website uses HTTPS.
- The website is scanned for virus and malware software regularly by the wordpress.com platform.
- WordPress plugin updates are installed as soon as the owner of the site is notified by wordpress.com.
- Only the administrator of the website has the required permissions to access the information stored in the database of the website.
- The database server and web server are managed by the wordpress.com platform.
When we process the collected data manually, we follow these principles:
- We minimize the number of persons who can access the collected data. At the moment only one person (Vlad Mihalcea) can access it.
- All communication between the administrator and wordpress.com happens by using HTTPS.
- All website backups which store email addresses associated with comments are encrypted using a strong password known by the administrator and stored in a private GitHub repository that only the administrator has access to it.
You have the right to access your personal data that has been collected by us. You can obtain a copy of your personal data by sending a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. You can obtain your personal data free of charge once per year. Your request is processed within 30 days of receiving your letter.
You have the right to rectify incorrect data or complete incomplete data. If you want to exercise this right, you have to contact the person who is in charge of the collected data. Your request is processed within 30 days.
You have the right to have your personal data erased. You can have your personal data erased by sending a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. Your request is processed within 30 days of receiving your letter. Note that if you want to erase the data collected by wordpress.com, Mailchimp or Teachable, we will forward your request to all these platforms.
You have the right to restrict the processing of your personal data. If you want to restrict us from processing your personal data, you have to send a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. Your request is processed within 30 days of receiving your letter.
You have the right to data portability. This means that you can obtain the collected data in a machine-readable format. You can obtain a copy of your personal data in a machine-readable format by sending a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. Your request is processed within 30 days of receiving your letter.
You have the right to object the data processing based on legitimate interest, direct marketing, and data processing for purposes of scientific/historical research and statistics. If you want to exercise this right, you have to contact the person who is in charge of the collected data. Your request is processed within 30 days.
Also, if you think that we are processing your personal data in a way that breaks the law, you have the right to file a complaint with the office of the EU data protection.