- Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
- We will collect and use personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
- We will only retain personal information as long as necessary for the fulfillment of those purposes.
- We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
- Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
- We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
- We will make readily available to customers information about our policies and practices relating to the management of personal information.
We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.
Europe’s General Data Protection Regulation (aka GDPR) is a new and far-reaching privacy regulation that takes effect May 2018.
You can read the full text of the law here.
The GDPR gives EU individuals rights to their personal data. There are some exceptions/exemptions to the rights granted by the GDPR, but in general, it includes rights to:
- request access to the data we store about you
- request updates/changes to your personal data
- request the deletion of your personal data
- take your personal data to a new service
- request we limit our collection and use of your personal data (e.g., opt out of being tracked by our first party analytics tool)