Privacy & Your Data
This entertaining reading discloses the privacy practices for DielleCiesco.com and pertains to information collected by me to serve you including:
- What kind of personally identifiable information is collected from you through the web site, how it is used and with whom it may be shared.
- What choices are available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- How you can correct any inaccuracies in the information.
- Other GDPR stuff.
DielleCiesco.com may change this policy from time to time by updating this page. This particular Pulitzer-worthy version is effective from April 23, 2018.
What we collect
You are free to use the contact page to contact me. By using our contact form, provided by Simple Basic Contact Form plugin, you are consenting to have the information you relay transmitted, processed, and stored on my servers and/or in our email client(s). In fact, it says so right on the page when you submit. It collects only your name and email for this purpose and uses it for no other purpose than responding to your comments or questions.
Incoming email is processed through our domain server (see Data Retention below for more info). Replies and ongoing communication is processed via ProtonMail which is an encrypted email service.
Likewise, subscription to my mailing list(s) is completely voluntary and managed through our GDPR compliant partner, MailerLite. We do not store the information collected by MailerLite on our website or locally, and you should refer to MailerLite’s policies regarding your data.
When you book a class or session with the automated booking system, Webba Booking plugin, your name and contact information is stored temporarily by DielleCiesco.com. This information includes your name, phone number, and email, and in some cases, Skype contact. It is automatically deleted once the class or session has taken place, but may be stored locally in our office. Any emails you receive as a result of automated booking are sent via Post SMPT plugin which logs and records only the last 20 emails in our database.
Other WordPress plugins that affect user data are related to security or GDPR compliance. For example, I use a backup plugin to save my website from time to time, intermittently, for example before any big changes are made to the website. This would freeze certain information within the database onto the backup that would otherwise be purged (see Data Retention below for more info.).
Client intake forms, sign-in sheets, and invoices are not stored online. They are maintained locally in the office.
Any payments made via the website are managed by Paypal. We do not store the information collected by Paypal on our website or locally. You should refer to Paypal’s policies regarding your data. Paypal is also GDPR compliant.
What we do with the information we gather
Any information gathered is the bare minimum I need to provide you the service you’ve requested and may include:
- Internal record keeping.
- I may need to contact you by email, phone, or mail (for example, to resolve technical issues, to provide customer service, or to notify you of any data breaches in compliance with GDPR).
As a rule, cookies will make your browsing experience better, as things will work as they should. However, you may prefer to disable cookies altogether via your browser options. (I do!) May I suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers? Of course, you can also choose not to use this site, but then you’d miss out on all the cool stuff that’s here.
I don’t share anything with anybody. I’m selfish that way. I like to keep you to myself. As previously mentioned, Paypal processes all our payments. They are GDPR compliant and don’t retain, share, store or use personally identifiable information for any secondary purposes beyond filling your order. Likewise, when I partner with other parties to provide specific services to you, say, a newsletter through Mailerlite, I may share names, or other contact information that is necessary for the third party to provide those services. Those parties are not allowed to use personally identifiable information except for the purpose of providing these services. By the way, Mailerlite is GDPR compliant too!
COMMENTS, FORUMS, GROUPS & PAGES
Comments are disabled here. But please remember that comments you may post to blogs, on forums, on groups or pages that are hosted by DielleCiesco.com will be visible to others. Some such platforms may be public and viewable by anyone, such as posts to outside blogs and on Facebook pages (and we’re all aware now of our unbelievable treasure trove of personal histories making money for Facebook!) Others will be only be viewable by other members of our closed Facebook groups. DielleCiesco.com cannot control who does or doesn’t see information (such as your identity) that you may share under these circumstances.
Nobody likes retaining water. Thanks to GDPR, nobody likes retaining data either. Basically, I only keep what I have to. Emails stored on InMotion servers are purged on a 90-day basis. Site backups are created intermittently and the two most recent backups made are stored. Paperwork (factures, invoices, sign-in sheets) are kept for 10 years in accordance with taxation requirements. Intake forms and other client documents will be purged if you have relocated or stopped taking classes in the last 12 months. (Was it something I said?)
YOUR RIGHTS TO ACCESS & CONTROL
Can you feel the power? You have a right to inquire about your personal data that may be stored with me. You also have a right to request that information be updated and/or vaporized…I mean, deleted. You may also opt out of any future contacts from me at any time, tho’ I can’t imagine why you’d want to! You can exercise these rights by contacting me via email or by phone at 1-571-494-1967 in the USA or +33 (0)783611432 in France…or just call and we’ll have a nice chat.
This site is accessible via HTTP and HTTPS. Please use the HTTPS for your own sake! Precautions to protect stored information are managed with recommended WordPress security measures and various password protections. I also protect your information offline. If I had an employee other than myself, he’d only have access to the information needed to do his job (for example, billing or customer service). Actually, my accountant might see your invoices. The computers/servers and paperwork on which I store your personally identifiable information are kept in a secure environment. Passwords that I store are encrypted.
In compliance with GDPR, you will be notified within 72 hours in the event of a data breach of the website and/or storage systems including my email clients which may result in the vulnerability of your name and email address. Obviously, this only applies to those who have shared personal data that would be still be stored in our database at the time of breach.
This web site contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements (such interesting reading and the obvious “go to first” page of any website!) of any other site that collects personally identifiable information.
I will not sell, distribute or lease your personal information to third parties unless I have your permission or are required by law. You have my word.