Privacy Policy

Who we are

Our website address is: https://candidlymedina.com

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

We collect data and process data when you access our Website, fill out forms on our Website, register, make a purchase, sign up for our newsletter, respond to a survey, surf the Website, or use or view our Website via your browser’s cookies.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

  1. We may disclose aggregated information about our users and information that does not identify any individual without restriction.
  • We do not disclose personal information that we collect or you provide as described in this Privacy Policy to third parties.
  • We use your provided data to prevent fraudulent purchases by sharing your data with credit reference agencies.   
  • We will release information when it is appropriate to comply with the law or enforce our site policies.
  • Do Not Track Policy: Our site honors Do Not Track (“DNT”) browser settings. We do not track your online browsing activity on any other online service.  
  • We do not transfer personal data collected from you to third party processors located internationally. Please be aware that such counties may not have the same level of data protection; however, our collection, storage and use of your personal data will continue to be governed by this Privacy Policy.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

How we protect your data

  1. The company securely stores your data on secured servers. We have implemented security measures designed to protect your visit to the Website.
  • All payment information is encrypted.
  • All information you provide to us is stored on our secure servers behind firewalls.
  • We use regular Malware Scanning.
  • No transmission over the internet or email is completely secure or error free. Please keep this in mind when disclosing personal information over the internet.

What data breach procedures we have in place

What third parties we receive data from

Some content or applications on the Website are served by third parties, such as advertisements. We do not control third parties tracking technologies. You should consult the privacy policies of any such third party for more detailed information on their practices. Our Company Website contains links to other websites. Our privacy policy applies only to our Website, so if you click on a link to another website, you should read their privacy policy.

What automated decision making and/or profiling we do with user data

Industry regulatory disclosure requirements

Your California Privacy Rights

  1. If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit https://oag.ca.gov/privacy/ccpa
  • Under the CCPA, California residents have the right to opt-out of the sale of personal information about them or their household, such as their name, postal or email address, and other personal identifying information. The right is subject to certain exceptions. For example, it does not apply to information that we share with certain third-party service providers so they can perform business functions for us or on our behalf. You may opt out by calling or by emailing hello@candidlymedina.com.
    • In the preceding twelve months, we have not sold personal information. Our policy is that we do not and will not sell your personal information, unless you give us your consent or direct us to do so.
  •  Right to Opt Out. You have agreed to receive marketing material from the Company and have consented to the Company disclosing your information to third parties for marketing purposes.  You may opt out at any time. If you no longer wish to be contacted for marketing purposes, please click here.
  •  Your Data Protection Rights.
  1. The Right to be Informed: This means anyone processing your personal data must make clear what they are processing, why, and who else the data may be passed to.
  • The Right to Access: This is your right to see what data is held about you by a Data Controller.
  • The Right to Rectification: You have the right to have your data corrected and amended if what is held is incorrect in some way. You can request that we correct any information that you believe is inaccurate or request that we complete information that you believe is incomplete.
  • The Right to Erasure: Under certain circumstances you can ask for your personal data to be deleted. This is also called “The Right to be Forgotten.” This would apply if the personal data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
  • The Right to Restrict Processing: This gives the you the right to ask for a temporary halt to processing of personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
  • The Right of Portability: you have the right to ask for any data supplied directly to the Data Controller by you, to be provided in a structured, commonly used, and machine-readable format. You may request copies of your personal data from us. You may request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions. We may charge a small fee for this service or for any copies requested.
  • The Right to Object: You have the right to object to further processing of your data which is inconsistent with the primary purpose for which it was collected, including profiling, automation, and direct marketing.
  • Rights in Relation to Automated Decision-making and Profiling: You have the right not to be subject to a decision based solely on automated processing.
  1. Right Not to be Subject to Discrimination for the Exercise of Rights: The Company will not refuse goods or services to individuals who exercise their consumer rights.

If you would like to exercise these rights, please contact us at hello@candidlymedina.com

  • Changes to Privacy Policy. The date the Privacy Policy was last revised on 9/16/2022. We reserve to update this policy and if we make material changes to how we treat our users’ personal information we will notify you by email. You are responsible for periodically visiting our Website and Privacy Policy to check for any changes.
  •  Contact. You may send us an email to inquire about our Privacy Policy or to request access to, correct or delete any personal information that you have provided to us at:
  1. COMPLAINTS. Should you wish to report a complaint or if you feel that our Company has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s office (if an individual located in the United Kingdom) or the European Data Protection Board.

 INDIVIDUALS LOCATED WITHIN THE UNITED KINGDOM

  1. Restricted Transfers: Our Company may make a restricted transfer if the receiver is located in a third country or territory or is an international organization, covered by UK “adequacy regulations.” If there are no adequacy regulations about the country, territory or sector for the restricted transfer, our Company should then find out whether you can make the transfer subject to ‘appropriate safeguards’ as listed in the UK GDPR. Before we rely on an appropriate safeguard to make a restricted transfer, we must be satisfied that the data subjects of the transferred data continue to have a level of protection essentially equivalent to that under the UK data protection regime. We do this by undertaking a risk assessment, which takes into account the protections contained in that appropriate safeguard and the legal framework of the destination country (including laws governing public authority access to the data). If our assessment is that the appropriate safeguard does not provide the required level of protection, we will include additional measures. Appropriate safeguards may be: (1) A legally binding and enforceable instrument between public authorities or bodies; (2) binding corporate rules as defined in Article 47 of the UK GDPR; (3) a contract incorporating standard data protection clauses recognized or issued in accordance with the UK data protection regime; (4) a code of conduct approved by the ICO; (4) Certification under an approved certification scheme; (5) a bespoke contract governing a specific restricted transfer which has been individually authorized by the ICO; or (6) Administrative arrangements between public authorities or bodies. If none of the criteria above apply for the transfer, we may still make the transfer if the transfer is covered by an ‘exception’ set out in Article 49 of the UK GDPR.
  • Children under the Age of 13:
    • All website users located in the United Kingdom must be at least 13 years of age. If we learn we have received information from a child under 13 we will delete the information. If you have reason to believe that a child under the age of 13 located in the United Kingdom has provided Personal Data to us through the Website or Services, please contact us and we will endeavor to delete the information from our database. If we learn a user is under 13 years of age, we will not disclose any personal information to any third parties unless the user has given opt-in consent. If you have reason to believe that a user is under 13 years of age, notify the Company in order to prevent disclosure of any personal data without opt-in consent.
  • Local Representative in United Kingdom: We do not either offer goods or services to individuals in the UK; or monitor the behavior of individuals in the UK.

Spread the love