Last Updated: May 7, 2019
Owner & Data Controller
My Chaotic Brain (“us”, “we”, “our”) operates https://mychaoticbrain.com (the “Site”).
P.O. Box 113381 Pittsburgh, PA 15241
Information Collection, Purpose and Use
- Send you newsletters, articles or information only.
- Manage contacts and send messages
- Ensure that content from our Site is presented in the most effective manner for you and for your computer
- Provide you with information, products or services that you request from us that may be of interest to you
- Interact with external social network and platforms (e.g. social media widgets and share bars)
- Allow registration and authentication (e.g. affiliate portals and membership areas)
- Allow access to third-party services’ accounts
- Monitor infrastructure
- Manage hosting and back end infrastructure
- Carry out re-marketing and behavioral targeting (including display ads)
- Display content from external platforms
- Carry out commercial affiliation (e.g. display ads)
- Interact with support and feedback platforms
- Manage user database
We do not collect any sensitive data about you (e.g. race, ethnicity, religious beliefs, sexual orientation/life, political opinions, criminal convictions/offenses, health, etc.). We do not carry out automated decision making or any type of automated profiling.
Like many site operators, we collect information that your browser sends whenever you visit our Site. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics. In addition, we may use third-party services such as Google Analytics that collect, monitor and analyze this data.
Some of the third parties such as, for example, Google Analytics, collect statistics in an anonymized and aggregated form and may not require the consent of the user or may be managed directly by us without the help of third parties.
These may be used to track users’ browsing habits, in addition to the information specified herein and without our knowledge. Please email firstname.lastname@example.org if you are requesting a complete Technology Profile list containing detailed information.
Lawful Basis of Processing Personal Data
We may process personal data relating to users if the user(s) have given their consent for one or more specific purpose.
We process and store your personal data for as long as required by the purpose for which they are collected. Therefore:
- Personal data collected for purposes related to the performance of a contract between us and the user will be retained until such contract has been fully performed;
- Personal data collected for the purpose of our legitimate interests will be retained as long as needed to fulfill such purposes;
- We may be allowed to retain personal data for a longer period whenever the user has given consent to such processing, as long as such consent is not withdrawn;
- We may be obliged to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personal information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our Site policies, or protect our or others’ rights, property or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising or other uses.
Third Party Links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our Site and welcome any feedback about these sites.
Users have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their personal data.
- Object to processing of their data. Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent.
- Access their data. Users have the right to learn if data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their data and ask for it to be updated or corrected.
- Restrict the processing of their data. Users have the right, under certain circumstances, to restrict the processing of their data. In this case, we will not process their data for any purpose other than storing it.
- Have their personal data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their data from us.
- Receive their data and have it transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any undue delay.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection supervisory authority.
You can exercise your right to prevent such processing by contacting us at email@example.com via our contact form. These requests can be exercised free of charge and will be addressed by us as soon as possible and always within 30 days.
The security of your personal information is important to us. Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our Site as safe as possible. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer technology. We implement a variety of security measures when a user enters, submits or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
COPPA (Children Online Privacy Protection Act)
The Children’s Online Privacy Protection Act puts parents in control when it comes to the collection of personal information from children under the age of 13 years old. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old. If we learn we have collected or received personal information from a child under 13 years of age without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at one of email addresses below.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- We will notify the users via in-site notification within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN –SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
To be in compliance with CAN-SPAM, we agree to the following:
- Not use false or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Provide an address of our business
- Monitor third-party email marketing services for compliance, if one is used
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of each email
If, at any time, you would like to unsubscribe from receiving future emails, you can do so by following the instructions at the bottom of each email.