1.0 PRIVACY AND DATA PROTECTION
We have a duty of care for the individual protection for the people within our list of contacts
Individual data is a liability, it is only collected and processed when necessary
We do no sell, rent, distribute, or make your personal information public in any way
2.0 RELEVANT LEGISLATION
The Supporting Success website, our product purchasing processes, and our internal computer systems are designed to comply with the EU General Data Protection Regulation 2018 (GDPR) international legislation and the following US legislation that regards data protection and user privacy:
California Online Privacy Protection Act Compliance
Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.
Children’s Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
3.0 PERSONAL INFORMATION THAT THIS WEBSITE COLLECTS AND WHY WE COLLECT IT
The Supporting Success website collects and uses personal information for the following reasons:
3.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website so that we can continually improve the viewer experience.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website. If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, the website will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
3.2 Our blog
We do not feature a blog. No blog-related information from comments is saved to this website’s database.
3.3 Contact forms and email links
Should you choose to contact us using the forms or e-mail links on our site, none of the data that you supply will be stored by this website or passed to / be processed by any of the third-party data processors defined in section 6.0. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP).
We would suggest that you always consider email as an insecure medium and not include personal, confidential, or otherwise sensitive information within an email.
3.4 Email newsletter (Our Bimonthly Updates)
If you make a purchase from Supporting Success and/or choose to join our email newsletter, the email address that you submit to us will be forwarded to an automated third-party email service called MailChimp which provides us with email marketing services. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within this third-party database for as long as we continue to use its services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within a third-party database, you will receive periodic newsletter-style emails from us.
3.5 Our Shopping Cart
When you place an order from WooCommerce, our online store, your data will be collected into a third-party online e-commerce system and stored securely on our site. We will use the information you provide to communicate with you about your order and to let you know of additional products you may be interested in based upon your purchases.
3.6 Teacher Tools Memberships
When you become a member of our Teacher Tools Membership, your order will be processed through WooCommerce, our online e-commerce system and stored securely on our site. We will use the information you provide to communicate with you about your Teacher Tools Membership, and to let you know of upcoming enhancements to your Membership and products you may be interested in based upon your Membership.
4.0 HOW WE STORE YOUR PERSONAL INFORMATION
As detailed in section 3.0 above, if you purchase products or Teacher Tools Memberships through our store, some personal information will be stored within this website’s database.
This data is currently stored in an identifiable fashion which is a function of the content management system that this website is built on (WordPress). In the near future we aim to change the storage of this data to a pseudonymous fashion meaning that the data would require additional processing using a separately stored ‘key’ before it could be used to identify an individual.
Pseudonymization is a recent requirement of the GDPR which many web application developers are currently working to fully implement. We are committed to keeping it as a high priority and will implement it on the Supporting Success website as soon as we are able to.
5.0 ABOUT THIS WEBSITE’S SERVER
This website is hosted by Singlehop Hosting, with servers located in Chicago, Illinois.
How did SingleHop ready itself for the GDPR?
As both a controller of our own customer data and a partner to our customers, SingleHop’s compliance team has worked diligently to review current policies and procedures and implement changes in accordance with the new requirements, including as follows:
SingleHop is EU-US Privacy Shield certified
SingleHop’s Data Processing Agreement meets the requirements of the GDPR.
Operational procedures are in place to handle data sovereignty restrictions.
SingleHop’s vendors designated as a sub-processor vendor have been issued sub-processor agreements, ensuring proper handling of data.
We will continue to adhere to rigid, best-practice security procedures across our global operations.
All traffic (transferal of files) between this website and your browser is encrypted and delivered over HTTPS via Secure Socket Layer (SSL).
6.0 OUR THIRD-PARTY DATA PROCESSORS
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2.0. All 3 of these third parties are based in the USA and are EU-U.S Privacy Shield compliant.
7.0 THIRD PARTY LINKS
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
The Parent and Professional resources that have been posted on the website are freely available for download under the conditions that:
(1) the resources are not made available for sale by any party
(2) a credit to the source obtained/author is specified whenever the information is shared beyond a single individual’s use
(3) the information not be included in any publication without permission of the author/website administrator and
(4) individual’s do not claim any of these resources, in whole or part, as their own work per copyright violation.
9.0 YOUR CONSENT
10.0 DATA BREACHES
We will report any unlawful data breach of this website’s database or the database(s) of any of our third-party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
11.0 DATA CONTROLLER
The data controller of this website is:
Supporting Success For Kids With Hearing Loss 1775 Garland Lane N. Plymouth, MN 55447 firstname.lastname@example.org
12.0 DATA PROTECTION OFFICER
Karen Anderson Email: email@example.com