Data Protection Framework
- European Union (EU) General Data Protection Regulation (GDPR) of 2018
- European Union (EU) Enforcement and Modernisation Directive (OMNIBUS) of 2020
- Brazil’s Lei Geral de Proteção de Dados Pessoais (LGPD) of 2020
- South Africa’s Protection of Personal Information Act (POPIA) of 2020
- the California Consumer Protections Act (CPPA) of 2018
- the California Privacy Rights Act (CPRA) of 2020
- the Virginia Consumer Data Protection Act (CPDA) of 2021
- the Colorado Privacy Act (CPA) of 2021
- the Connecticut Data Privacy Act (CTDPA) of 2022
- the Utah Consumer Privacy Act (UCPA) of 2022
PSPG has completed applicable Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR) for activities related to this website, and these are available upon request from PSPG’s Data Protection Officer (see Section 9).
1. Customer and Citizen Data
You may decide to send us your personal information via this website if you are seeking more information, requesting to attend one of our events, making payments for our Services, or for other similar purposes. Your decision to disclose your personal data is entirely voluntary, and by doing so, you are providing us with specific consent to use your personal data only for the purposes for which you have disclosed it to us.
We will at all times handle and store your personal data in accordance with industry best practice aligned with ISO/IEC 27001, the international standard for information security. This includes the activities and procedures undertaken by our own personnel and authorized third parties (see Section 5), and the technical controls which we have implemented to prevent unauthorized access, compromise or theft of information from our applications, supporting computer systems and premises.
We use information about you as mentioned above and as follows:
- To provide our Services – for example, to set up and maintain your account or charge you for any of our paid services;
- To further develop our Services – for example by adding new features that we think our users will enjoy or will help them to create and manage their accounts more efficiently;
- To monitor and analyze trends and better understand how users interact with our Services, which helps us improve our Services and make them easier to use;
- To monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of PSPG and others;
- To communicate with you (with you specific consent to do so) about Services / promotions offered by PSPG, solicit your feedback, or keep you up to date on PSPG and our products; and
- To personalize your experience using our Services, provide content recommendations and serve relevant advertisements.
How We Share Information
We do not sell our users’ private personal information. We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy:
- Third Party Vendors: We may share information about you with third party vendors who need to know information about you in order to provide their services to us. This group includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information) and those that help us understand and enhance our Services (like analytics providers). We require vendors to agree to privacy commitments in order to share information with them.
- As Required by Law: We may disclose information about you in response to a subpoena, court order, or other governmental request.
- To Protect Rights and Property: We may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of PSPG, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
- With Your Consent: We may share and disclose information with your consent or at your direction. For example, we may share your information with third parties with which you authorize us to do so, such as the social media services that you connect to your site through our Publicize feature.
- Aggregated and De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
- Published Support Requests: And if you send us a request (for example, via a support email or one of our feedback mechanisms), we reserve the right to publish that request in order to help us clarify or respond to your request or to help us support other users.
Information Shared Publicly
Information that you choose to make public is–you guessed it–disclosed publicly. That means, of course, that information like your public profile, posts, other content that you make public on your website, and your “likes” and comments on other websites that may use our Services, are all available to others. We provide a stream of public data (like posts and comments) from sites that use our Services to provide that data to subscribers, who may view and analyze the content, but do not have rights to re-publish it, publicly. Public information may also be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what you would like to share.
2. Sensitive Personal Data
GDPR/LGPD/POPIA specifies a set of personal data categories which are considered to be “sensitive”, and which require special consideration by Data Controllers. This website, and any services available from this website, do not knowingly collect or process any sensitive personal data, and supporting Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR) are available upon request from PSPG’s Data Protection Officer (see Section 9).
3. Children’s Personal Data
We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older. If you learn that a child under the age of 13 has provided us with their personal information without having parental consent, please contact the PSPG Data Protection Officer (see Section 9) immediately so that we can take appropriate action.
4. PSPG Customer and EU, South Africa and/or Brazil Citizen Data Rights
As prescribed within data protection regulations, you have several rights connected to the provision of your personal data to PSPG using this website. These include your rights to request that PSPG:
- confirms to you what personal data it may hold about you, if any, and for what purposes
- changes the consent which you have provided in relation to your personal data
- corrects any inaccurate or incomplete personal data which may be held about you
- provides you with a complete copy of your personal data for you to move elsewhere
- stops processing your personal data, whilst an objection from you is being resolved
- permanently erases all your personal data promptly, and confirms to you that it has done so (there may be reasons why we may be unable to do this)
If/when an individual contacts the company requesting this information, this is called a Subject Access Request (SAR). Subject Access Requests from individuals should be made by email, addressed to the data controller at firstname.lastname@example.org. The data controller can supply a standard request form, although individuals do not have to use this.
Individuals may be charged $10 per subject access request. The data controller will aim to provide the relevant data within 14 days. The data controller will always verify the identity of anyone making a subject access request before handing over any information. To contact Imagination Factory, please see Section 9 below.
If PSPG does not address your request, or fails to provide you with a valid reason why it is unable to do so, you have the right to contact your country’s Information Commissioner’s Office to make a complaint.
5. Declaration of Sub-Processing
To make an informed decision on whether to provide your personal data to PSPG using this website, we need to make you aware of several organizations that act as Data Processors for us in the provision of our services to you:
- WP Engine, Inc., a provider of secure hosting services, based in the United States
- CloudFlare, Inc., a provider of content delivery network services, based in the United States
- KEAP, Inc. (formerly Infusionsoft), a provider of CRM, sales/mktg automation services, based in the United States
- Amazon, Inc. (AWS), a provider of cloud storage services, based in the United States
- Google, LLC. & Google Ireland ltd., provider(s) of web fonts, spam reduction & analytics services, based in the United States & Ireland respectively
- FontAwesome, Inc., a provider of web symbols/icons, based in the United States
- Paypal, Inc. & Braintree, Inc., provider(s) of secure payment processing, based in the United States
- Rock Lobster, LLC., a provider of online form processing software, based in the Japan
- Automattic, Inc., a provider of content management, learning management and ecommerce software, based in United States
All listed third-parties comply with the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce, covering the collection, use and retention of personal data transferred from the European Union to the United States.
The activities within which each of these Data Processors participates have been recorded within the applicable PSPG Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR) and these are available upon request from the Imagination Factory’s Data Protection Officer (see Section 9).
6. Website Cookies
If you do not want these cookies to be served on your device, you are able to disable them by changing the settings on your browsers or third-party software can allow you to block cookies while you use this Website site. If you want to know how to do this, please look at the menu on your browser, or visit www.allaboutcookies.org for more information about cookies and how you can turn them off. Or, you can use third-party “anonymizer” services to mask information in your cookies, or even general data such as your IP address. In such cases you would not be able to take advantage of most of the personalization Services offered by PSPG. Please note that if you do decide to disable cookies you may not be able to access this Website, some of the features of this Website or this Website may not function properly. By continuing to use this Website you consent to the relevant cookies being set on your device.
7. External Links
This website may include relevant hyperlinks to external websites not controlled by PSPG. Whilst all reasonable care has been exercised in selecting and providing any such links, you are advised to exercise caution before clicking any external links. We cannot guarantee the ongoing suitability of external links, nor do we continually verify the safety or security of the contents which may be provided to you. You are advised, therefore, that your use of external links is at your own risk and we cannot be responsible for any damages or consequences caused by your use of them.
9. Contacting PSPG
The Data Protection Officer
Paragon School of Pet Grooming, Inc.
15 Ionia SW, Ste. 220B
Grand Rapids, MI 49503