Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their Personally identifiable information (PII) is being used online. PII, as used in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

The Holder and the person in charge of the collected data

Vlad Mihalcea
Jupiter 9, Ap 27
400492, Cluj-Napoca
Romania
vlad@vladmihalcea.com

What personal information do we collect from the people that visit our blog, website or app?

When signing to our newsletter, you may be asked to enter your name and email address.

Since this blog is hosted on worpress.com, it uses Jetpack for comments on posts and pages. When writing a comment, you need to provide your name and your email address. The email address is used by Jetpack to notify you when someone replies to your comment. We don’t use your email address you supplied for comments for any other purpose. Other than email, your IP address is collected by Jetpack. We never use this IP address for analytics or for any other purpose.

For more details about how Jetpack manages comments, check out their privacy policy.

When do we collect information?

We collect information from you when you subscribe to a newsletter, fill out a form or enter information on our site.

Also, we use the Redirection plugin which logs the IP address in case of a 301 redirect or a 404 HTTP response. This is used so that we can find out if a certain resource on our site is no longer found or to redirect the user to the new resource location in case we changed the slug of a page or post.

How do we use your information?

We may use the information we collect from you when you make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

To send periodic emails regarding new blog posts, your order or other products and services.

Email List

We have an email list which allows us to communicate with the regular readers of this blog. We use an email marketing tool called MailChimp for this purpose.

MailChimp collects the following data:

  • The email address of the subscriber.
  • The name of the subscriber
  • The location of the subscriber.
  • The method that was used to subscribe the newsletter.
  • The preffered language.
  • The favorite email client and format.
  • the last profile update timestamp
  • The tags which are used to segment subscribers to different lists. These email preferences are saved by using tags. Also, if the person has purchased my video courses or books, he/she will have tags which identify him/her as a person who has purchased this course.
  • A list of emails sent to the subscriber.
  • A list of emails which were opened by the subscriber.
  • A list of emails which were clicked by the subscriber.

MailChimp collects its data by using these data sources:

  • The email address and email preferences (tags) are provided by the subscriber. Also, when a subscriber opens our email or clicks a link found from our email, MailChimp updates the open and click statistics of the email in question.
  • A list of emails sent to the student is updated by MailChimp when we send a new email to the subscribers of our newsletter.
  • When a person subscribes our newsletter and he/she has purchased any of my video courses or books, an administrator will add to the correct tags to the subscriber.

We use the collected data for four different purposes:

First, we send useful content to our subscribers. This means that every time when we publish a new blog post, we send an email to our subscribers.

Second, we send relevant marketing emails to our subscribers. These emails target our own products which are created by the same persons who write the articles you read on this blog.

Third, we send an email if one of the subscribers has been nominating for winning a free copy of our books.

Fourth, we use the open and click rates for improving our communication. We want to provide useful information to our readers. If the user does not engage with our content, we might unsubscribe him/her because we don’t want to send emails to people who are not genuinely interested in our content.

We collect this data because the subscriber has given us his/her consent to do so. When a person subscribes our email newsletter, we are using double opt-in so that he/she has to confirm his/her subscription by clicking the confirm link found from the confirmation email.

This data is stored as long as the subscriber is subscribed to the newsletter. When a subscriber wants a refund for his/her video course purchase, we permanently delete their data from MailChimp, but his/her purchase/refund will still be available in Teachable, the platform hosting and managing payments for the video course.

More Information:

MailChimp’s Privacy Policy

Teachable’s Privacy Policy

How do we protect visitor information?

This site is hosted on WordPress.com and security is guaranteed by the hosting platform.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information.

For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

Since this site is hosted on WordPress.com, there are several cookies that might be used by WordPress as documented on their site.

We have enabled the Google Analytics support offered by WordPress.com for tracking how users interact with this website. If you want to know what cookies are set by Google Analytics, you should read this article: How Google uses data when you use our partners’ sites or apps.

For email newsletter, I use the MailChimp for WordPress plugin that might use cookies to remember if you already signed up to our newsletter.

When you leave a comment on our website, WordPress might set a cookie to your browser. This cookie ensures that you don’t have re-type your information when you want to leave another comment. You can get more information about this by reading this article: WordPress Cookies.

You can share my posts on Facebook, Google+, LinkedIn, Twitter, etc. My website uses a social sharing plugin that loads custom Javascript provided by these social media services. This Javascript might or might not set cookies to your browser. Also, if you share my posts by clicking the icons found from the social sharing bar, the social media service might set a new cookie to your browser.

Transfer of data outside of the EU or EEA

The following data is transferred outside the EU or EEA:

  • The data collected by Google Analytics. Note that the Google complies with the EU-US and Swiss-US Privacy Shield Frameworks.
  • The data collected by MailChimp. Note that MailChimp is a U.S. company and the data that is collected by it is processed in the United States or any other country in which MailChimp or its subsidiaries, affiliates or service providers maintain facilities.

The Data Stored in Backups

Being hosted on wordpress.com, Automattic takes periodical backups of the vladmihalcea.com website. These backups contain all data that is collected by this website.

Once a month, we also take a backup and store it on a private GitHub repository. The backup of the blog is encrypted using a strong password and only the owner of this site knows it.

We have to take these backups because have a legitimate interest to be able to recover from accidents that lead to loss of data.

Each database backup is stored for one month. When this period is over, the backup is overwritten with the new version of the website.

Third Party Disclosure

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.

Third party links

We may allow WordAds serve advertisements on our Website and/or collect non-personal information through cookies or web beacons (or other technologies). These third parties may use such information (i) to help tailor site content to users; (ii) to serve ads on our behalf; (iii) to measure advertising effectiveness (such as which web pages are visited or what products are purchased); and/or (iv) to provide advertisements about goods and services that may be of interest to you. Third-party cookies and web beacons are governed by each third party’s own privacy policy, not our Privacy Policy.

Our Website may contain links to other websites which are outside our control and are not covered by this Privacy Policy (“Third-Party Websites”). If you access Third-Party Websites using the links provided, the operators of such sites may collect information from you which will be used by them in accordance with their own privacy policies, which may differ from ours. We encourage you to review the privacy policies of those Third-Party Websites so that you understand if/how they collect and/or use information from you or your computer.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.

https://support.google.com/adwordspolicy/answer/1316548?hl=en

Opting out

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser add-on.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at:

http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA we agree to the following:

Users can visit our site anonymously.

Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website. Our Privacy Policy link includes the word ‘Privacy’ and can be easily be found on the page specified above.

Users will be notified of any privacy policy changes:
  • On our Privacy Policy Page
Users are able to change their personal information:
  • Either directly following the link provided in the email newsletter for the newsletter personal information, or via their personal account they have created on the Teachable platform, in case they enrolled in any video course.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under 13.

The Principles of Protecting the Collected Data

This section describes the principles which we use to protect the data that is collected by us.

The data that is collected by the vladmihalcea.com website is protected by following these rules:

  • All communication between a web browser and the website uses HTTPS.
  • The website is scanned for virus and malware software regularly by the wordpress.com platform.
  • WordPress plugin updates are installed as soon as the owner of the site is notified by wordpress.com.
  • Only the administrator of the website has the required permissions to access the information stored in the database of the website.
  • The database server and web server are managed by the wordpress.com platform.

When we process the collected data manually, we follow these principles:

  • We minimize the number of persons who can access the collected data. At the moment only one person (Vlad Mihalcea) can access it.
  • All communication between the administrator and wordpress.com happens by using HTTPS.
  • All website backups which store email addresses associated with comments are encrypted using a strong password known by the administrator and stored in a private GitHub repository that only the administrator has access to it.

Individual Rights

You have the right to access your personal data that has been collected by us. You can obtain a copy of your personal data by sending a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. You can obtain your personal data free of charge once per year. Your request is processed within 30 days of receiving your letter.

You have the right to rectify incorrect data or complete incomplete data. If you want to exercise this right, you have to contact the person who is in charge of the collected data. Your request is processed within 30 days.

You have the right to have your personal data erased. You can have your personal data erased by sending a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. Your request is processed within 30 days of receiving your letter. Note that if you want to erase the data collected by wordpress.com, Mailchimp or Teachable, we will forward your request to all these platforms.

You have the right to restrict the processing of your personal data. If you want restrict us from processing your personal data, you have to send a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. Your request is processed within 30 days of receiving your letter.

You have the right to data portability. This means that you can obtain the collected data in a machine-readable format. You can obtain a copy of your personal data in a machine-readable format by sending a signed letter to the person who is in charge of the collected data. This letter must contain the information that allows us to identify you. Your request is processed within 30 days of receiving your letter.

You have the right to object the data processing based on legitimate interest, direct marketing, and data processing for purposes of scientific/historical research and statistics. If you want to exercise this right, you have to contact the person who is in charge of the collected data. Your request is processed within 30 days.

Also, if you think that we are processing your personal data in a way that breaks the law, you have the right to file a complaint with the office of the EU data protection.