Tobin Jarrett Consulting, Effective May 1st, 2018
The policy: This privacy policy notice is for this website; www.tobinjarrett.com and served by Tobin Jarrett Consulting 224 Fennel Dun Circle, Biltmore Lake, N.C., 28715, and governs the privacy of those who use it. The purpose of this policy is to explain to you how we collect, control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations, including the General Data Protection Regulation (GDPR). If you do not agree to the following policy you may wish to cease viewing/using this website.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, Inspired Business Holdings LLC DBA Tobin Jarrett Consulting.
- “you”, and “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- Cookies mean small files stored on a user’s computer or device.
1. Data Processing & Storage
Ontraport (www.ontraport.com) acts as Data Processor for all personal data collected and stored when you consent to do business with Tobin Jarrett Consulting. Ontraport is fully GDPR and PCI-compliant. You can view further information here www.ontraport.com/legal
2. Data Controller & Protection Officer
Tobin Poppenberg; Inspired Business Holdings LLC; Tobin Jarrett Consulting acts as Data Protection Officer.
DPO may be contacted at: [email protected]
3. Legitimate Interests of Tobin Jarrett Consulting
As part of normal business operations of Tobin Jarrett Consulting, you have given active consent to the processing of your personal data for one or more specific purposes as part of the services we offer, either in direct contact or by actively choosing to engage with our website.
Processing of data is necessary for the performance of a contract of which you are a part or in order to take steps at your request prior to entering into a contract.
Processing of data is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
4. What Kind of Personal Information is Being Collected?
Under the GDPR we use the active consent lawful basis for the collection of personal information
The following types of personal information may be collected, stored, and used:
- information about your computer including your IP address, geographical location, browser type and version, and operating system;
- information about your visits to and use of this website including the referral source, length of visit, page views, and website navigation paths;
- information, such as your email address, that you enter when you register with our website;
- information that you enter when you create a profile on our website—for example, your name, profile pictures, gender, birthday, relationship status, interests and hobbies, educational details, and employment details;
- information, such as your name and email address, that you enter in order to set up subscriptions to our emails and/or newsletters;
- information that you enter while using the services on our website;
- information that is generated while using our website, including when, how often, and under what circumstances you use it;
- information relating to anything you purchase, services you use, or transactions you make through our website, which includes your name, address, telephone number, email address, and credit card details;
- information that you post to our website with the intention of publishing it on the internet, which includes your username, profile pictures, and the content of your posts;
- information contained in any communications that you send to us by email or through our website, including its communication content and metadata;
- any other personal information that you send to us.
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
5. Who is Collecting Your Personal Information
Tobin Jarrett Consulting is the business collecting personal information and it is processed and stored, as noted in Section 1, by Ontraport.
6. How Your Personal Information is Being Collected
Under the GDPR we use the active consent lawful basis for the collection of personal information.
This means that you have full control over what information you are providing when you do any of the following, including but not limited to:
- Checking boxes that subscribe you to emails, marketing, and other notifications.
- Enter into any forms or communications any personally identifying information such as email, address, phone number, birthday, and so forth.
- Provide information by the actions listed in Section 7.
7. Why & How We Use Your Personal Information
Personal information submitted to us through our website, emails, forms, and so forth will be used for the purposes specified in this policy or on the relevant pages of the website. We may use your personal information for the following:
- Administering our website and business;
- Personalizing our website for you;
- Enabling your use of the services available on our website;
- Sending you goods purchased through our website;
- Supplying services purchased through our website;
- Sending statements, invoices, and payment reminders to you, and collecting payments from you;
- Sending you non-marketing commercial communications;
- Sending you email notifications that you have specifically requested;
- Sending you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter);
- Sending you marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you, by post or, where you have specifically agreed to this, by email, SMS/text message
- Providing third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);
- Dealing with inquiries and complaints made by or about you relating to our website;
- Keeping our website secure and preventing fraud;
- Verifying compliance with the terms and conditions governing the use of our website (including monitoring private messages sent through our website’s private messaging service); and
We will not, without your express consent, supply your personal information to any third party for their or any other third party’s direct marketing.
8. Disclosure and Transfers of Personal Information
We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers, or subcontractors as reasonably necessary for the purposes set out in this policy.
We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company, and all its subsidiaries) as reasonably necessary for the purposes set out in this policy).
We may disclose your personal information:
- To the extent that we are required to do so by law;
- In connection with any ongoing or prospective legal proceedings;
- In order to establish, exercise, or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
- To the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
- To any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
Except as provided in this policy, we will not provide your personal information to third parties.
9. International data transfers
Information that we collect may be stored, processed, and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
Information that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: the United States of America, Russia, Japan, China, and India.
Personal information that you publish on our website or submit for publication on our website may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
You expressly agree to the transfers of personal information described in this Section 9.
10. Data Retention Period
Personal data shall be kept for no longer than is necessary for the purposes for which it is being processed for your use of our website, communications, and products until you withdraw consent. There are some circumstances where personal data may be stored for longer periods (e.g. archiving purposes in the public interest, scientific or historical research purposes).
Section 10 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations regarding the retention and deletion of personal information.
- Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose.
- We will usually delete personal data falling within the categories set out below at the date/time set out below:
a. 10 years from the date of the last email you opened or date of an unsubscribe request. - Notwithstanding the other provisions of this Section 10, we will retain documents (including electronic documents) containing personal data:
- To the extent that we are required to do so by law;
- If we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
- In order to establish, exercise, or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
11. Your Individual Rights & Control of Your Personal Information
Under the GDPR your rights are as follows. You can read more about your rights in detail here;
- The right to be informed;
- We provide individuals with all of the privacy policies that relate to our doing business with you, contained herein.
- The right of access;
- You are entitled to the confirmation that we are processing your personal data;
- A copy of your personal data; and
- Other supplementary information – this largely corresponds to the information that we provide in a privacy notice.
- The right to rectification;
- Individuals have the right to have inaccurate personal data rectified. An individual may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve providing a supplementary statement to the incomplete data.
- The right to erasure;
- Individuals have the right to have their personal data erased if: the personal data is no longer necessary for the purpose which we originally collected or processed it for; we are relying on consent as your lawful basis for holding the data, and the individual withdraws their consent; we are relying on legitimate interests as your basis for processing, the individual objects to the processing of their data, and there is no overriding legitimate interest to continue this processing; we are processing the personal data for direct marketing purposes and the individual objects to that processing; we have processed the personal data unlawfully (ie in breach of the lawfulness requirement of the 1st principle); we have to do it to comply with a legal obligation; or we have processed the personal data to offer information society services to a child.
- The right to restrict processing;
- Individuals have the right to request the restriction or suppression of their personal data. This is not an absolute right and only applies in certain circumstances. When processing is restricted, we are permitted to store personal data, but not use it. An individual can make a request for restriction verbally or in writing. We have one calendar month to respond to a request.
- Individuals have the right to request you restrict the processing of their personal data in the following circumstances: the individual contests the accuracy of their personal data and we are verifying the accuracy of the data; the data has been unlawfully processed (ie in breach of the lawfulness requirement of the first principle of the GDPR) and the individual opposes erasure and requests restriction instead; we no longer need the personal data but the individual needs you to keep it in order to establish, exercise or defend a legal claim; or the individual has objected to our processing your data under Article 21(1), and we are considering whether your legitimate grounds override those of the individual.
- The right to data portability;
- The right to data portability gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine-readable format. It also gives them the right to request that a controller transmits this data directly to another controller.
- The right to data portability only applies when: our lawful basis for processing this information is consent or for the performance of a contract, and we are carrying out the processing by automated means (ie excluding paper files).
- The right to object;
- Individuals have the absolute right to object to the processing of their personal data if it is for direct marketing purposes. Individuals can also object if the processing is for a task carried out in the public interest; the exercise of official authority vested in us; or our legitimate interests (or those of a third party). In these circumstances, the right to object is not absolute. If we are processing data for scientific or historical research, or statistical purposes, the right to object is more limited.
- The right not to be subject to automated decision-making including profiling.
- You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you and similarly significantly affects you
12. Internet Cookies
We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device/computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.
Some cookies are required to enjoy and use the full functionality of this website.
We use a cookie control system that allows you to accept the use of cookies and control which cookies are saved to your device/computer. Some cookies will be saved for specific time periods, whereas others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.
13. Data security and protection
We ensure the security of any personal information we collect by using secure data storage technologies and precise procedures in how we store, access, and manage that information. As noted in Section 1, data collected is processed and stored by Ontraport and meets the GDPR and PCI compliance requirements.
14. Sponsored links, Affiliate Tracking & Commissions
Our website may contain adverts, sponsored and affiliate links on some pages.
Clicking on any adverts, sponsored, or affiliate links may track your actions by using a cookie saved to your device. You can read more about cookies on this website above. Your actions are usually recorded as a referral from our website by this cookie. In most cases, we earn a commission from the advertiser or advertising partner if/when you make a purchase.
We use advertising partners in these ways to help generate income from the website, which allows us to continue our work and provide you with the best overall experience and valued information.
If you have any concerns about this we suggest you do not click on any adverts, sponsored or affiliate links found throughout the website.
15. Email Marketing Messages & Subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software/applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, IP addresses, opens, clicks, forwards, and geographic and demographic data. Such data, within its limitations, will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See the bottom of any marketing messages for instructions on how to unsubscribe or manage your preferences.
Our EMS provider is; [Ontraport]. We hold the following information about you within our EMS system;
- Email address
- I.P address
- Subscription time & date
- [list other data that is stored]
16. SMS Privacy and Frequency Disclosure
We will never share your mobile number with anyone. We will not send SMS messages unless you provide your SMS number and permission to send SMS updates. You can expect no more than 3 SMS messages from us per month. Message and data rates may apply. You may unsubscribe by replying “stop”.