Effective Date: September 2020
This Policy addresses:
- Who we are
- How we collect personal information
- What personal information we collect
- How we use your personal information
- With whom we share your personal information
- Legal basis for processing your personal information
- Users outside the European Economic Area
- Security and storage of information
- Your legal rights and choices
- Third party links
- Cookies and other tracking mechanisms
- California disclosures
- Changes to the policy
- How to contact us
1. What Personal Information We Collect
The term “personal information” is defined as information that you voluntarily provide us which personally identified you and/or your contact information, including but not limited to your name, phone number, email address, and mailing address.
We may process and collect the following personal information when you provide it to us:
- personal name
- email address
- mailing address
- IP address
- date of birth
- debit or credit card information
2. How We Collect Personal Information
Your personal information is collected in various ways:
- directly (e.g., when you complete a form or sign a contract);
- automatically (e.g., when you access our website, or social account); and
- through third parties and publicly available sources (e.g., through Facebook, LinkedIn, your company website, or otherwise).
3. How We Use Your Personal Information
We use your personal information to:
- contact you for customer service
- send newsletters
- advertise and market products or services
4. With Whom We Share Your Personal Information
We do not share your information with any third parties. We do, however, use the following data processors who share your personal information with us:
Using this website, our web-forms will share your email address and messages with us. We will not share this information with anyone.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We will share personal information with law enforcement or other authorities if required by law.
We will not share your personal information with any other third party.
5. Legal Basis for Processing Your Personal Information
We rely on these legal grounds to process your personal information:
- Consent. We may use your personal information as described in this Policy subject to your consent. To withdraw your consent, please email us at firstname.lastname@example.org. You may also choose not to provide, or to withdraw, your consent for cookies. Please see Your Legal Rights and Choices below for more information on opt-outs.
- Performance of a contract. We may need to collect and use your personal information to perform our contractual obligations.
- Legitimate Interests. We may use your personal information for our legitimate interests to provide our services and to improve our services and content. We process information on behalf of our customers who have legitimate interests in operating their businesses. We may use technical information as described in this Policy and use personal information for our advertising and marketing purposes consistent with our legitimate interests and any choices that we offer or consents that may be required under applicable law.
6. Users Outside the European Economic Area
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Many of our third-party service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal information out of the EEA, we do our best to ensure a similar data security by ensuring at least one of these safeguards is in place:
- We will only transfer your personal information to countries that the European Commission have approved as providing an adequate level of protection for personal information; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal information the same protection it has in Europe; or
- If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.
If none of the above safeguards are available, we may request your explicit consent to the specific transfer. You may withdraw this consent.
7. Security and Storage of Information
We have tried to help protect the personal information we collect. Unfortunately, no measures can be guaranteed to provide 100% security. We cannot guarantee the security of your personal information in all circumstances.
Take steps to protect against unauthorized access to your device and account by choosing a robust password nobody else knows or can easily guess and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
We retain the personal data we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected, to perform our contractual and legal obligations, and for any statute of limitations periods to bring and defend claims.
8. Your Legal Rights and Choices
Under the General Data Protection Regulation (“GDPR”), you have several important rights free of charge. In summary, these rights include:
- Fair processing of information and transparency over how we use your use personal information
- Access to your personal information and to certain other supplementary information that this Policy is already designed to address
- Correcting any mistakes in your personal information
- Requiring the erasure of personal information about you in certain situations
- Receiving the personal information about you which you have provided to us, in a structured, commonly used and machine-readable format and may transmit those data to a third party in certain situations
- Objecting to processing of personal information about you for direct marketing
- Objecting to decisions being taken by automated means which produce legal effects about you or similarly affect you
- Objecting in certain other situations to our continued processing of your personal information
- Restricting our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.
If you would like to exercise any of these rights, please:
- Email or call us at info@graceclassicalacademy,org
- Provide enough information to identify you
- Provide proof of your identity and address
- Provide the information to which your request relates, including any account or reference numbers, if you have them
If you would like to unsubscribe from any email newsletter, you may click on the unsubscribe button at the bottom of the email newsletter. The un-subscription processing may take a few days.
9. Third-Party Links
10. Cookies and Other Tracking Mechanisms
This website is not directed to children under thirteen (13) years of age. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will promptly delete that information from our systems.
12. California Disclosures
- California Information-Sharing Disclosure. California residents may request a list of all third parties regarding which we have disclosed any information about you for direct marketing purposes and the categories of information disclosed. If you are a California resident and want such a list, please send us a written request by email to email@example.com with “California Privacy Rights” in the subject line.
- Do Not Track. We do not currently recognize or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance.
13. Changes to The Policy
This Policy is current as of the Effective Date above. We may change this Policy occasionally, and will post any changes, including any material changes, on this page. Please check back periodically. If you continue to use our service after those changes are in effect, you agree to the revised Policy.
14. Contact Us
Please email us at firstname.lastname@example.org if you have questions about this Policy.