1. What Information is Collected.
2. How and When the Information is Used.
3. Who Has Access to the Information.
4. How We Protect Your Information.
6. How You Can Access and Correct Your Information.
9. Privacy Policies and Data Collection From Third Party Websites.
10. Links to our GDPR, CCPA, Social Media and other information.
11. Effective Date.
1. What Information is Collected. As a data controller, we do not regularly collect personal data like most other websites you may be accustomed to visiting. We do, however, occasionally collect a variety of data in order to deliver our services, such as open an account for you when you request it, answer a question you may ask us, or fulfill an order pursuant to your request of us and our acceptance (like buying a coffee mug). Of the data we collect, (which we will talk about in more detail below), we do not collect or process what are called “special categories” of data that may risk your rights and freedoms. We ensure that we collect and manage your personal data transparently, fairly and securely through the use of processors and sub processors that consistently represent they are in compliance with European Union privacy guidelines (“GDPR”) as well as incorporate many of the safeguards of other policies, (please see GDPR Faqs and CCPA policy).
Whenever we collect Personal Information from you we are open and transparent about its use, and you can access the following precise information from us:
• data we have collected from you
• the basis on which we are holding it (e.g. because you gave us consent)
• what we will do with it
• how long we will hold it for
• where it is stored
• who it might be shared with
• your rights in relation to the data, and
• information on how you can access and manage this data.
We have provided further detail below about the specific types of data we collect, how we collect the data, and our reasons for doing so.
(a) Information You Provide to Us Directly: It should not surprise you we collect any information you enter on our site, send us through email, or that you give us in any other way. This information does not include information collected through other websites operated by a third party or otherwise collected by someone other than us. You can choose not to provide certain information, but you may not be able to take advantage of all of our services and features.
(b) Automatic Information: When you visit a website, you disclose certain information, such as your Internet Protocol (IP) address and the time of your visit. This site, like many other sites, records this basic information about visits to our site through Google Analytics, but we reasonably anonymize IP addresses by blocking part of your IP address so that it cannot be reasonably connected to you or used to identify you. If you would like more information about Google Analytics you can click here (https://marketingplatform.google.com/about/analytics/).
(c) We collect two types of information about you. The first type of information we collect is information by which you may be personally identified and you voluntarily provide to us, such as basic account information to set up a member account, such as name and email address. If you have other requests of us, such as purchasing editing services, buying a coffee mug, entering a contest or promotion sponsored by us, or reporting a problem with our Website, you may choose to provide us information such as your name, postal address, email address, telephone number or any other identifier by which you may be contacted by us online or offline (“personally identifiable information”). We may keep a copy of your correspondence (including your email address) if you write us. This includes any User Contributions so we can keep track of who submitted what and are able to contact you if we need to regarding your submission. We do not collect personal data relating to special categories, criminal convictions or information that is likely to result in any risk to your rights and freedoms.
2. How, Where and When the Information is Used. The information we collect is used for administering our business activities and fulfilling any other purpose for which you provide it and consent. This data is transferred out of the EU with your consent. You have explicitly consented to us transferring your first and last name, email, and any other information you provide to us to California, United States, in order for us to perform services for you and your requests of us to do so as well as to our processors, sub processors and third-party vendors, who are also located in the United States, which you can review below. If you do not fill out contact forms or send us your information with your explicit consent, we do not collect your information. We may use your information: to carry out our obligations and enforce our rights for contracts entered into between you and us; to prevent fraud; to protect the rights and/or life of an individual; to protect our rights or prevent misuse of our website, property or services; to notify you about changes to our website, new services, or special offers; to recognize you when you return to our Site and remember your preferences; and, when you ask us to use your information for business activities administered by third parties, such as releasing your address information to the delivery service to deliver products that you ordered or provide order information to third parties that help us provide customer service.
Specifically, if you fill out your first and last name and email on our website and request information or a response from us, we will contact you using the email you provide to us to answer your questions and communicate with you. We will use this information to help you find a local chapter to join or how to start a chapter of Shut Up & Write!®; local events for you to attend; send you our newsletter if you request; respond to questions or requests you may ask us; or, maybe even to send you free copy of the Shut Up & Write!® method for free if you request one. We also use the name and emails of our group organizers to contact them from time to time to inquire about their Shut Up & Write! ® chapter. We collect this data using the lawful basis: Legitimate Interest, to fulfill our commitments to you under applicable terms of service or other agreements, compliance with a legal obligation, and Consent. We will ask you if you consent if we use your information for another purpose, such as our organizer draws and give-aways; notify you of important changes to our Website; or to fulfill any other purpose for which you provide us your personal information or which we obtain your consent. We collect this data using the lawful basis: Legitimate Interest, compliance with a legal obligation, and/or Consent. We do not share or sell your information to third parties for marketing purposes.
Information that you choose to make public is shared publicly. Although this may seem obvious, we want to make sure that if you share information in your on-line identification information, in a User Contribution for us to post in our member area or elsewhere with your consent, or in Social Media (like Facebook or Twitter), you realize that this will become public over the internet. As you probably know, public information may be indexed by search engines or used by third parties. Pease keep this in mind when deciding what you would like to share. For more discussion on Social Media, you can review our Social Media policy here.
We may use your non-personal information for any purpose, including the collection of information about online activities over time and across third-party websites or other online services (behavioral tracking). We, like most other websites, may collect this information by using small data text files called “cookies” that are stored on your device’s hard drive (if your web browser permits) that can later be retrieved to identify you to us. The purpose of a cookie is to tell the web server that you have returned to a specific page. The cookies make your use of the site easier, make the site run more smoothly, help us estimate our audience size usage patterns and maintain a secure site.
By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. You are always free to decline our cookies if your browser permits, but some parts of our site may not work properly in that case.
We may also use Flash cookies, which are similar to cookies but are not managed by the same browser settings that are used for cookies. To learn how to manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website (www.adobe.com).
Further, we may use small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We do not process or respond to “Do Not Track” signals or other similar transmissions that indicate a request to disable online tracking of users who visit our site or who use our services.
As we mentioned above, we may share your information with our processors and sub processors and third-party vendors for example, for cloud services, hosting, payment services and data storage. Here is a non-exclusive list of our processors and sub processors and what they are used for. This list is subject to change as our business evolves, and we will notify you by email or posting on this Website as the list evolves.
|Sub processor Name||Nature of Processing||Entity Country:|
|The Rocket Science Group, LLC. d/b/a Mailchimp||Cloud Service Provider||United States|
|Formagrid, Inc. d/b/a Airtable||Cloud Service Provider||United States|
|Automattic, Inc. d/b/a WordPress||Cloud Service Provider and Website Host||United States, South Africa and Ireland|
While the data protection, privacy, and other laws of the United States might not be as comprehensive as those in your country, our processors and sub processors many steps to protect your privacy. Mailchimp and Airtable servers and offices are located in the United States, so your information may be transferred to, stored, or processed in the United States. For example, Mailchimp and Automattic represent that they participate in and have certified compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework and/or standard contractual arrangements. If you are in Australia, Mailchimp also represents that it and its subcontractors comply with the Australian Privacy Act. Airtable data processing agreements include the EU Standard Contractual Clauses. WordPress hosts our Website and provides functionality to its functions.
We use MailChimp to keep records in the cloud. Mailchimp delivers billions of emails each month for millions of users and uses multiple message transit agents (sometimes called “MTA”) in different world-class data centers around the USA with world-class security measures, which you can read more about here (https://mailchimp.com/about/security/ or at mailchimp.com). Visitors and members who ar elocated in the EU or Switzerland should also review Mailchimp’s Data Processing Addendum (https://mailchimp.com/legal/data-processing-addendum/).
4. How We Protect Your Information. The importance of security of your personally identifiable information is also very important to us. We have implemented measures designed to secure your personally identifiable information from accidental loss and from unauthorized access, use, alteration, and disclosure. For example, we use security software to protect the confidentiality of your personally identifiable information. We use a Secure Socket Layer (SSL) technology when information is submitted to us on line. We do not store any of your personal data at Shut Up & Write!®, but instead use secure cloud storage through Mailchimp services and others mentioned above. However, please know that when we access your personally identifiable information from our computers, it is protected in several ways with firewalls, data encryption, physical security for our buildings, files and information contained therein and other current industry standards. In addition, our business practices are reviewed periodically for compliance with policies and procedures governing the security and confidentiality of our information. Our business practices limit employee access to confidential information, and limit the use and disclosure of such information to authorized persons. Non-personal information that you provide or that we collect also resides on a secure server in our processor and sub processor and cloud infrastructure mentioned above and is only accessible via password.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personally identifiable information, you acknowledge that: (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity and privacy of any and all information and data exchanged between you and us through this site cannot be guaranteed; and (c) any such information and data may be viewed or tampered with in transit by a third party. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website or other service.
In the unlikely event of a breach of our security, we will inform the relevant regulatory body within 72 hours (or other legal requirements) and, if your personal data was included in the breach, we will also inform you.
5. Children. This website does not provide services or sell products to children under the age of 18. If you are under the age of 18 years old please do not enter any information into this site and do not use this site. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you are aware of any information we may have collected from a child under 18 years of age, please let us know so that we can delete that information.
Your personal data is yours and you have rights over it, including but not limited to:
• the right to be informed about the collection and use of your personal data;
• the right of access to your personal data and any supplementary information;
• the right to have any errors in your personal data rectified;
• the right to have your personal data erased;
• the right to block or suppress the processing of your personal data;
• the right to move, copy or transfer your personal data from one IT environment to another;
• the right to withdraw your consent of our processing of your personal and data;
• the right to file a complaint with your local supervisory authority;
• the right to object to processing of your personal data in certain circumstances; and,
• rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).
To manage your data, you can contact us via e-mail with any requests that you may have.
You can request access to all your personally identifiable information and manage your data, including your withdrawal of consent, by sending an e-mail to us at firstname.lastname@example.org. We may not accommodate a request to change information if we believe the change would violate a law or cause the information to be incorrect. Please note that the personally identifiable information and non-personal information that we maintain will be deleted after we determine there is no longer any reason to process your information or otherwise fulfill our contractual obligations to you. While we do not hold personal data any longer than we need to, the duration will depend on your relationship with us. However, it may be impossible to completely delete your information from third party servers (if it was submitted to third parties) or without some residual information because of backups. Also, if you request us to delete your information, you should realize that that deleting personal information may affect our ability to deliver services or may result in deleting your account completely.
California residents have the right to request specific disclosures about our privacy practices, including telling you about the information we share with third parties for marketing purposes. To make such a request, please contact us at the addresses below. Additionally, you can click the link for more information http://shutupwrite.com/privacy-policy/ .
10. Links to our GDPR, CCPA, Social Media and other information. Here you can find links where we provide more information for you.
For information about the European GDPR, click here.
For information about Cookies and Related Technologies, click here.
For information about California’s CCPA, click here.
For information about Social Media, click here.
For our Website Copyright (DCMA), click here.
For our Terms of Sale, click here.
Shut Up & Write!
Attn: Privacy Compliance Officer
PO Box 318061
San Francisco, CA 94131