The type of personal information we collect
We collect certain personal information about visitors and users of our website. The most common types of information we collect include things like: member names, email addresses, phone numbers, IP addresses, billing address details, payment information such as payment agent details, transactional details, support queries, website administration information, app store account credentials, server information and web analytics data.
How we collect personal information
We collect personal information directly when you provide it to us, automatically as you navigate through the website, or through other people when you use services associated with the website. We collect your personal information when you provide it to us when you complete registration and buy products or services on our website, subscribe to a newsletter, email list, submit feedback, submit support ticket, enter a contest, fill out a survey, or send us a communication.
Personal information we collect about you from others
Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular:
How we use personal information
We will use your personal information:
When we disclose your personal information
We will disclose personal information to the following recipients:
Where we transfer and/or store your personal information
We are based in the US with our servers based in US, so your data will be processed in the US. Some of the recipients we have described in section 10 above, and to whom we disclose your personal information, are based outside in the US and occasionally outside of the US. We do this based on your consent to this policy. In order to protect your information, we take care where possible to work with service providers who we believe maintain an acceptable standard of data security compliance. Data that flows between each of your sub-processors is done on the server-side of our operation. This information is never cached and is sent directly to the sub processor using a secure connection and private keys provided by the sub processor. These private keys are never stored on any of the servers in flat files.
List of Sub processors
Google cloud hosting (https://cloud.google.com)
Mailchimp (Newsletters - https://mailchimp.com/)
Sendgrid (Email Processor - https://sendgrid.com/)
Google Analytics (https://privacy.google.com/businesses/compliance/)
PayPal (Payment Processor - https://www.paypal.com/us/webapps/mpp/ua/privacy-full)
OSticket (Ticket System - http://osticket.com/)
How you can access your personal information
You can access some of the personal information that we collect about you by logging in to your account. You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. You can also close the account you have with us at any time. To make an access or correction request, contact our privacy inspector using the contact details at the end of this policy.
Marketing Choices regarding your personal information
Where we have your consent to do so (e.g. if you have subscribed to one of our e-mail lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself. You also have choices about cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our website may not work properly in your case.
Cookies and web analytics
Information you make public or give to others
How long we keep your personal information
When we need to update this policy
We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices. When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.
How you can contact us
Data Protection Officer: We have a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. You may contact this officer if you have any questions about our privacy practices or the way in which we have been managing your personal information This Data Protection Officer can be reached at the following address: MyfitCEO, LLC, One World Trade Center, Suite 8500, New York, NY 10007, USA or firstname.lastname@example.org.
If you’re a user or visitor in the European Economic Area these rights also apply to you:
For the purposes of applicable EU data protection law (including the General Data Protection Regulation (the “GDPR”), we are a ‘data controller’ of your personal information. How you can access your personal information. You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below. These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent. Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional. If you have unresolved concerns, you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.
One World Trade Center, Suite 8500
New York, NY 10007
United States of America