Last updated: January 31st, 2021
OWNER AND DATA CONTROLLER
The Virtual Momma (“us,” “we,” or “our”) operates https://TheVirtualMomma.com (the “Site”).
Address: P.O. Box 201 Hartswood, VA 22406
Contact email: [email protected]
Data Protection Officer: Ashley Havecker
We are committed to protecting and respecting your privacy.
This Site collects some personal data from its users.
By submitting personal data to us, you agree to us using your personal data as follows.
INFORMATION COLLECTION, BUSINESS PURPOSE, AND USE
While using our Site, we may ask you to provide us with certain, personally identifiable information that can be used to contact or identify you. Personally, identifiable information may include but is not limited to name, email address, cookies, usage data, password.
We may use your personal information to
- send you our newsletters from time to time (twice a week to weekly)
- manage contacts and send messages
- ensure that content from our site is presented in the most effective manner for you and for your computer
- provide you with information, products or services that you request from us which may be of interest to you
- carry out our obligations arising from any contracts entered into between you and us
- interact with external social networks and platforms (e.g., social media widgets and share bars)
- allow access to third party services’ accounts
- monitor infrastructure
- manage hosting and backend infrastructure
- interact with live chat platforms
- carry out remarketing and behavioral targeting (including display ads)
- display content from external platforms
- carry out commercial affiliation (e.g., display ads)
- interact with support and feedback platforms
- manage user database
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device. Personal information does not include
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s and GDPR’s scope
In particular, we have collected the following categories of personal information from our users within the last twelve (12) months:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||YES|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||YES|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||NO|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES|
|G. Geolocation data.||Physical location or movements.||YES|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||NO|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or a party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|K. Inferences are drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||NO|
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms, you submit or transactions related to products and services you purchase.
- Indirectly from you. For example, from your browser, while visiting our Site.
- From third parties. For example, our business partners or service providers.
We do not intentionally collect or use the personal information of minors under sixteen (16) years of age or sell it with or without affirmative authorization.
Like many site operators, we collect information that your browser sends whenever you visit our Site.
This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
Also, we may use third party services such as Google Analytics that collect, monitor, and analyze this data.
Cookies are text files with a small amount of data, which may include a unique anonymous identifier.
Cookies are sent to your browser from a web site and stored on your computer’s or tablet device’s or mobile device’s part of the hard drive specifically designated for cookies.
Like many sites, we use “cookies” to recognize, collect, and/or track information about and relevant to your usage of the Site.
LAWFUL BASIS OF PROCESSING PERSONAL DATA
We may process personal data relating to users if one of the following applies:
- users have given their consent for one or more specific purposes;
- provision of data is necessary for the performance of an agreement with the user and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which we are subject;
- processing is related to a task that is carried out in the public interest or the exercise of official authority vested in us;
- processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
We process and store your personal data for as long as required by the purpose they have been collected for.
- personal data collected for purposes related to the performance of a contract between us and the user will be retained until such contract has been fully performed;
- personal data collected for the purposes of our legitimate interests will be retained if needed to fulfill such purposes;
- we may be allowed to retain personal data for a longer period whenever the User has given consent to such processing if such consent is not withdrawn;
- we may be obliged to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
We do not sell, trade, or otherwise transfer to outside parties your personal information unless we provide users with advance notice. It does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users (such as, for example, Mailerlite), so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
- Category A: Identifiers
- Category B: California Customer Records personal information categories
- Category D: Commercial information.
- Category F: Internet or other similar network activity.
- Category G: Geolocation data.
We disclose your personal information for a business purpose to the following categories of third parties:
- Professional service providers.
- Third parties whose services you purchase through our Site.
- Social Media Networks.
THIRD-PARTY LINKS AND USE:
We have no control over these third parties and they have their own privacy policies. Neither are we responsible for the activities and practices of these third parties. You should contact them directly and read their privacy policies for any questions.
We do not envisage offering goods or services to individuals living in the European Union as outlined in the General Data Protection Regulation (“GDPR”).
If you are in the European Union and opt-in to receive any of our free products or services and/or purchase any products or services through our website then you will be subscribed to receive our free email newsletter once you affirmatively consent to it. Please see the Opt-Out section below should you wish to “unsubscribe” and not receive any emails from us.
But if you are NOT in the European Union then you will be automatically subscribed to receive our free email newsletter once you opt-in to receive any of our free products or services and/or purchase any products or services through our website. Please see the Opt-Out section below should you wish to “unsubscribe” and not receive any emails from us.
We comply with the CAN-SPAM Act of 2003 and do not spam or send misleading information. Should you wish to no longer receive communication from us, you have the option of unsubscribing by clicking “unsubscribe” at the bottom of the email we send to you or by contacting us at [email protected]
As for third party websites, please contact them directly to unsubscribe and/or opt-out from their communications.
GDPR VISITOR RIGHTS
Under the GDPR, if you are within the European Union, you are entitled to certain rights and information listed below.
We will retain any information you choose to provide to us until the earlier of:
- You ask us to delete the information by sending a request to [email protected] Please note that such requests may result in you no longer being able to access paid or free content previously provided to you.
- Our decision to cease using our existing data providers
- The Company decides to no longer be in business or continue to offer the services
- The data is no longer needed to provide you service, is too costly to maintain further retention, or the Company finds it outdated
You have the right to request access to your data that the Company stores and the rights to either rectify or erase your personal data.
You have the right to seek restrictions on the processing of your data.
You have the right to object to the processing of your data and the right to the portability of your data.
If you have provided consent to the Company’s processing of your personal data, you have the right to withdraw that consent any time without affecting the lawfulness of processing based upon consent that occurred prior to your withdrawal of consent.
You have the right to lodge a complaint with a supervisory authority that has jurisdiction over issues related to the General Data Protection Regulation.
We require only the information that is reasonably necessary to enter a contract with you. We will not require you to provide consent for any unnecessary processing as a condition of entering a contract with us.
YOUR RIGHTS UNDER GDPR
Users based in the European Union have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent, where they have previously given their consent to the processing of their personal data.
- Object to processing of their data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent.
- Access their data. Users have the right to learn if we are processing data, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their data and ask for it to be updated or corrected.
- Restrict the processing of their data. Users have the right, under certain circumstances, to restrict the processing of their data. In this case, we will not process their data for any purpose other than storing it.
- Have their personal data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their data from us.
- Receive their data and have it transferred to another controller. Users have the right to receive their data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without any undue delay.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection supervisory authority.
These requests can be exercised free of charge and will be addressed by us as soon as possible and always within 30 days.
YOUR RIGHTS UNDER THE CCPA
Users who reside in California have the right to request any of the following
- disclosure of the categories and specific pieces of personal information we have collected
- deletion of personal information we have collected from you
- disclosure of the categories of personal information we have collected, the categories of sources from which we collected it, the business or commercial purpose for collecting or selling it, the categories of third parties with whom we share it, and the specific pieces of personal information we have collected
- disclosure of the categories of personal information we collected or sold and the categories of third parties to whom it was sold
You have the right not to receive discriminatory treatment for the exercise of these privacy rights.
These requests can be exercised free of charge and will be addressed by us as soon as possible and always within forty-five (45) days.
YOUR RIGHT TO OPT OUT OF THE SALE OF PERSONAL INFORMATION
Under the CCPA, “sell,” “selling,” “sale,” or “sold,” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.
As per the CCPA definition, selling personal information includes disclosing information to a third party by using analytics tools, running ads or having social media pixels and plugins installed.
Users who reside in California have the right to opt-out of the sale of personal information.
Requests to exercise your right to opt-out can be submitted by you or someone legally authorized to act on your behalf by email to [email protected] and by following the link below and submitting your request via our web form.
NON DISCRIMINATION AND NOTICE OF FINANCIAL INCENTIVES
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you of goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you with a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels.
Any financial incentive we offer will reasonably relate to the value of your personal information and will describe the material terms of the financial incentive program. Participation in any financial incentive program we offer requires your prior consent to opt-in, which you may revoke at any time.
We offer freebies to any user who subscribes to our newsletter and/or marketing emails. This has been calculated by taking into account the value of each subscriber of $1 per month and $44-lifetime earning potential and the cost of email marketing and overheads per subscriber as per the industry average.
We do not use financial incentive practices that are unjust, unreasonable, coercive, or usurious in nature.
The security of your personal information is important to us.
Our website is scanned regularly for security holes and known vulnerabilities to make your visit to our Site as safe as possible.
We use regular Malware Scanning.
Your personal information is contained behind secured networks. It is only accessible by a limited number of persons who have exclusive access rights to such systems and are required to keep the information confidential.
In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Unfortunately, no method of transmission over the internet is entirely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
CalOPPA (CALIFORNIA ONLINE PRIVACY PROTECTION ACT)
We agree to users visiting our Site anonymously.
Do not track signals
Pursuant to the California Online Privacy Protection Act (CalOPPA), we hereby disclose that we do not currently honor “do not track” signals issued by browsers or other third-party sources.
COPPA (CHILDREN ONLINE PRIVACY PROTECTION ACT)
For the collection of personal information from children under the age of 13 years old, we comply with the Children’s Online Privacy Protection Act (COPPA).
The Site is not intended for children under 13 years of age.
We do not specifically market to children under 13 years of age. We do not knowingly collect personal information from children under 13 years of age. We do not knowingly collect personal information from children under 13.
If you are under 13 years of age, please do not use the Site or provide any information on the Site, including your name, screen name, username, address, telephone number, email address, and payment details.
If we learn we have collected or received personal information from a child under 13 years of age without verification of consent from a parent or guardian, the personal information collected or received shall be deleted with no delay.
If you believe we might have any information concerning a child under 13 years of age, please contact us at [email protected] or via our contact form, and we will endeavor to delete such data with no delay.