- provides information about the personal data we collect, and how and why we collect, store, use and share your personal data; and
- tells you about your rights in relation to your personal data and how to contact us or supervisory authorities if you have a complaint.
‘Personal data’ is any information that can directly or indirectly identify an individual (‘a data subject’). My Peak Challenge LLC a company organised and existing under the laws of Delaware and California USA, and with correspondence address at 325 N. Larchmont Blvd. #173, Los Angeles, CA 90004 (we, us, our) is the data controller. This means that we determine the purposes for which, and the way in which personal data are processed. As a data controller we will comply with all applicable data protection laws. Should you have concerns about the way we process your data or would like us to stop processing your data please email us at firstname.lastname@example.org. 1.0 WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU? We may collect and process the following personal information:
- Identity Data which includes first name, last name, username or similar identifier, title, date of birth
- Contact Data includes billing address, delivery address, email address and telephone numbers
- Financial Data include payment card details
- Profile Data includes your username and password, purchases or orders made by you
- Marketing and Communications Data includes your preferences in receiving marketing information from us, e.g. via email if you signed up to our newsletter.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone, setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
- Any other information, which you provide to us.
We do not collect any special categories of personal data (which include sensitive personal information such as details about your race, ethnicity, religious beliefs, political affiliation and sexual orientation). 2.0 HOW WE COLLECT PERSONAL DATA We collect most of this information from you directly, for example, Identity Data, Contact Data, Financial Data and Transaction Data when you fill in forms, correspond with us by email, post or otherwise when you:
- create an account on our website to join the MPC program;
- purchase products and/or services from us;
- subscribe to our e-newsletter;
- request marketing, promotional material or information to be sent to you; or
- give us some feedback.
We may also collect information from
- automated technologies, such as cookies which collect Technical Data about your equipment and browsing activities;
- providers of technical, payment and delivery services, such as Shopify or DHL
- analytics providers [such as Google, based in the US];
- a third party with your specific consent (e.g. your bank);
3.0 HOW WE PROCESS YOUR PERSONAL DATA
- Processing an order: If you order products from us we or our suppliers such as our e-commerce platform, Shopify, process identity, contact, financial, profile and transaction data.
- Registering on our website To enable you to become a member or order products from us we ask you to register on our website. For this purpose, we collect identity and profile data.
OUR APPROACH TO MARKETING
Our Website does not contain third party advertising. We may collect identity data about you to send you updates on our products or services if you are a member or ordered products from us. We do not permit third party advertising (or targeted advertising) on our website. If you click on links to our social media pages, or to any third-party website, you may be subject to targeted marketing via that site. Where we have obtained your specific consent (e.g. when you subscribe to our e-newsletter), we may engage in direct marketing, such as sending you e-mails to inform you of our services. We provide these communications on the basis that you have asked to receive these. If you change your mind, you may opt-out at any time via the unsubscribe feature that appears in our e-mails or by emailing email@example.com We will not share with any third party the personal information that we obtain about you for the purposes of marketing unless you have provided your specific consent for us to do so and those third parties have agreed to make no independent or further use of that data and to maintain its confidentiality Our Social Media Pages This Website contains links to our social media pages on Facebook, Twitter, Instagram. These third-party websites have their own respective privacy policies (which we would advise you to read) for which those sites are solely responsible. Should you visit those social media pages and choose to follow us on Facebook, Twitter, or Instagram, we may receive identity or contact data from the social media providers, including:
- Address (email and/or postal);
- Telephone number(s);
- IP address;
- Social media account URL;
- Date of birth; and/or
- How Google uses data when you use our partners' sites or apps, or
When you visit our website, these analytics service providers may collect the following data, which will almost always be anonymised and aggregated before reporting back to us:
- number of visitors to our website;
- pages visited while on the website and time spent per page;
- page interaction information, such as scrolling, clicks and browsing methods;
- websites where visitors have come from and where they go afterwards;
- page response times and any download errors;
- other technical information relating to end user device, such as IP address or browser plug-in.
We process this information to understand how visitors use our website and to compile statistical reports regarding that activity (for example, your IP address is used to approximate the country from which you access our website, and we aggregate this information together, so we know that, for example, most of the visitors to our website come from the US or Canada). This processing is crucial to the running of our online service and we therefore undertake such monitoring in the pursuit of our legitimate interests in improving our website to provide a better service and source of information to visitors or members. This information is not used to develop a personal profile of you. 5.0 YOUR RIGHTS IN RELATION TO THE PERSONAL DATA THAT WE PROCESS You have the following rights over the way we process personal data relating to you. We aim to respond as soon as practicable but within one month at the latest. We do not charge a fee to respond to your request:
- to ask for a copy of data we are processing about you and have inaccuracies corrected;
- to ask us to restrict, stop processing, or to delete your personal data;
- to request a machine-readable copy of your personal data;
To make a request in relation to any of your rights, please email us at firstname.lastname@example.org 6.0 MINORS We do not knowingly use the website to solicit data from or market to minors. 7.0 SECURITY We will take commercially reasonable, appropriate technical and organisational measures to ensure a level of security appropriate to the risk that could be encountered if you use our website and services, taking into account the likelihood and severity those risks might pose to the rights and freedoms of our Website visitors. In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal information transmitted, stored or otherwise processed by us. Please be aware that, while we make the security of our website and your personal information a high priority and devote considerable time and resources to maintain robust IT security, no security system can prevent all security breaches. When you choose to share your personal information with us, you accept that you provide your information at your own risk. 8.0 RETENTION In accordance with data protection laws and good commercial practice, we do not retain data in a form that permits identification of the person(s) to whom it relates for any longer than is necessary. Once the purpose for which information has been collected has been fulfilled, we will either permanently delete your personal information or remove all identifiers within it so that it is no longer personal data. We may use such anonymised data for research and/or business analysis purposes. 9.0 SHARING PERSONAL DATA WITH THIRD PARTIES Our servers are located in North America (such as USA or Canada) and the information that we collect directly from you will be stored on these servers. We share personal data with third-party service providers who help to provide our services to you. Many of which are located in the US, operate from multiple locations including non-EU based operations or engage sub-processors located outside the EU. For example, we use Shopify as our payment gateway to process your orders (including membership) and MailChimp to send our e-newsletter. Both service providers comply with the EU-U.S Privacy Shield Framework: https://www.privacyshield.gov/article?id=Requirements-of-Participation Please note that we cannot fulfil our contractual obligations to you when you become a member or when you order from our shop without our processing your data in this way. If you do not want us to share your personal data with third-party providers as explained you cannot become a member or order from our shop. Where we collect and process personal data received from the EU there are agreements in place to ensure that any international transfers of personal data to our third-party service providers have appropriate safeguards that meet the requirements of EU data protection laws. We may also share your information in the following circumstances:
- to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
- to conform to legal requirements, or to respond to lawful court orders, subpoenas, warrants, or other requests by public authorities (including to meet national security or law enforcement requirements).