Who we are
Our website address is: https://tospeakonline.com, Charles Randolph is the sole owner of this website. Contact CharlesRandolph@ToSpeakOnline for further information if needed.
What data breach procedures we have in place
We prioritize the security and confidentiality of your personal data. In the event of a data breach, we have established procedures to promptly address and mitigate potential risks:
Detection and Assessment: Our systems are continuously monitored for unauthorized access or anomalies. Upon detecting a potential breach, we assess the scope, nature, and impact to determine the appropriate response. We have advanced security measures in place provided by our service GoDaddy, including Firewalls on back and front end, SL certificates, malware detection est.
Third-Party Security Measures
- GoDaddy: Employs a comprehensive risk management process and maintains an information security program to protect customer data, including regular assessments and monitoring. GoDaddy
- MonsterInsights: Offers GDPR compliance features and integrates with Google Analytics to enhance data protection .MonsterInsights
- Constant Contact: Conducts routine security audits and applies timely security updates to safeguard user data .Constant Contact Knowledge Base
- WooCommerce: Provides tools for data management and supports GDPR compliance, including features for data erasure and export .WooCommerce
- SendLayer: Enhances email security through authentication protocols like SPF, DKIM, and DMARC, and emphasizes regular backups and security audits. SendLayer
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email. Analytics data maybe collected by Monsterinsights which uses Google Analytics. This is what Google Analytics collects:
| Cookie Name | Expiration Time | Description | Which MonsterInsights Users |
|---|---|---|---|
| _ga | 2 years | Used to distinguish users. Stores the ClientID, a unique and randomly generated string, so that the user can be associated on future visits, the date of first visit and version of GA cookie. | All Users |
| _gid | 24 hours | Stores the ClientID | All Users |
| _gat | 1 minute | Throttles the number of requests a user does to Google Analytics’s servers | All Users |
| ga-disable-{YOUR UA CODE} | Never | If a user opts out via MonsterInsights’s opt out system or the official Google do not track methods, this cookie prevents Google Analytics from tracking the user. | All Users |
| AMP_TOKEN | 30 seconds – 1 year (varies) | Identifies a user who was first given a ClientID on an AMP (Accelerated Mobile Page) version of your site. The length of time stored varies, with users who visit the AMP page first, and visit more frequently getting higher durations. | AMP Addon Users |
| __utmx | 18 months | For users utilizing Google Analytics’s Content Experiments feature, this cookie determines if a user is included in an experiment. | MI users using Content Experiments |
| __utmxx | 18 months | For users utilizing Google Analytics’s Content Experiments feature, this cookie determines when a user’s experiment ends. | MI users using Content Experiments |
Your email address is stored securely with Constant Contact.
Constant Contact Privacy Policy is the Following:
Last modified: March 27, 2024
About Constant Contact
Constant Contact, Inc. (together with its subsidiaries, “Constant Contact”, “us” or “we”) offers its customers a range of services, including email and digital marketing services and lead generation and customer relationship management services. We are a service provider to our customers, most of whom are small businesses and non-profits. Our products and services help our customers design and send email newsletters, share them on social networks, manage lists of contacts and marketing preferences, and track email campaign results. We analyze that information and send communications to customers’ contacts only at the direction of the customer who provided the information, and only on that customer’s behalf. We do not have a direct relationship with the recipients of our customers’ emails (“Contacts” or “you”).
We require our customers, including the sender of the email you received, to use our platform only for permission-based marketing, in compliance with our Acceptable Use Policy. If you believe you have received unwanted, unsolicited messages sent through our platform (or seemingly sent through our platform), please forward a copy of that message with your comments for review to one of the following: for email and digital marketing services to [email protected]; and for lead generation and customer relationship management services to [email protected].
Collection of Customers’ Contact Data
Contact Data Provided by our Customers
Our customers upload lists of their contacts, including their email addresses, names, and other contact data, into their Constant Contact account in order to use our products. We may also collect our customers’ contacts’ demographic data, shopping histories and details about such contacts’ interactions with marketing communication. Our customers then use our platform and technology to send email campaigns to people on their contact lists. Our customers are required to obtain permission before adding an email address to their lists. Constant Contact does not share contact lists uploaded by a customer with any of its other customers, nor do we email to our customers’ contact lists for our own purposes.
Contact Data Provided by You
Constant Contact will have your email address and other contact data under the following circumstances:
- If you sign up to receive emails from one or more of our customers, including by means of a sign-up form or link;
- If you register for an event held by one of our customers; or
- If you otherwise submit your email address to our customer by means of a product or service offered by Constant Contact.
Constant Contact also receives information directly from you when you interact with an email marketing campaign or other Constant Contact product that our customers may use as part of the services we provide to them, including when you sign up to our customers’ email lists. We hold any data received as part of campaigns on behalf of our customer, and as such you need to contact our customer if you have any questions.
Email campaigns sent from our platform may include a web beacon that allows us to determine, on behalf of our customers, if you open an email, as well as the email delivery status and your geographic location. Email campaigns may also contain other tracking technology that allows us to determine what you click on in an email and if you unsubscribe or change your subscription preferences. This web beacon and other tracking technologies also allow us to collect log data, including your IP address, browser type and version. We share information about email delivery, email opens, email clicks, and subscription preferences, as well as aggregated information about browser types, with our customers so they can optimize their campaigns, customize offerings to you, understand your level of engagement with them and any other uses the customer describes in its online privacy policy.
Please note that web beacons may be refused when delivered via email by disabling HTML images or refusing HTML (select “Text Only”) emails via your email software. Other tracking technologies used in our email campaigns are only activated when you click on a link in an email or otherwise interact with content in an email, and you may opt out of such data collection by not interacting with emails sent from our platform.
We may also collect data about the devices that are used to access our customers’ websites including IP address, type of operating system and the content that is viewed on our customers’ websites and how users navigate between our customers’ webpages.
We (or another third party) may also set a cookie on your browser when you access an event registration form, donation form, coupon, or similar website from a customer’s email in order to better track visitors to such website. For more information on how to manage cookies in your web browser, visit http://www.allaboutcookies.org.
Use and Sharing of Customers’ Contact Data: We will never email our customers’ lists of contacts for our own purposes. We provide information we collect about your interaction with the email that was sent using our products to our customers and use it on behalf of our customers to provide our products and services, to improve our products and services, and in connection with our security and compliance programs.
We may share your information with service providers who develop certain features and functionality that integrate with our products, provided that such sharing is authorized by our customers. This allows us to make certain features of our services available to Constant Contact customers. We impose obligations on our service providers to ensure they use data in a manner consistent with our use and consistent with applicable privacy laws.
We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process.
We are located in, and store and process your information in, the United States, although we may use service providers outside the United States. When we transfer your information to service providers, we do so in compliance with applicable privacy laws.
Customer Contact Targeting
We offer our customers certain features that allow them to better target who they contact through our products and services. In order to do this, we may also partner with third parties who can provide our customers with information about you. If both you and our customer are located outside of the European Union, this may include demographic information, shopping histories, geographic location and details about customers’ contacts’ interactions with marketing communications. We require that these partners are contractually or legally permitted to share this information with our customers and with us.
Our customers opt in to these features so that they can optimize their campaigns, segment their lists, and better customize their offerings to you. We require all our customers to comply with applicable laws and maintain compliant privacy policies. For more information about how our customers use the enriched data we provide them, and about how you can opt out of having this data collected by our customers, please contact the sender (our customer) of the communication you received.
Choice/Opt-Out
All emails you receive through our platform include an easy, automated way to stop receiving marketing emails from the sender (unsubscribe). Certain senders also allow you to change the topics you’re interested in by updating your profile with our customers. If you wish to unsubscribe or update your profile, simply click on the Unsubscribe, SafeUnsubscribe® and/or Update Profile links at the end of any email you receive from a Constant Contact sender. If you believe you have received an unsolicited commercial email from us on behalf of any of our customers, you may report it to us at one of the following: for the email and digital marketing services at [email protected]; and for the lead generation and customer relationship management services at: [email protected].
Requests Related to Your Personal Information
Constant Contact does not own the contact lists or databases held by our customers. We are a “data processor” or “service provider” under applicable privacy laws, which means that we have an obligation to keep your data safe and secure. We take instructions from our customers who are the “data controllers” or “businesses” (to the extent such privacy laws apply to them) to send emails on their behalf and to assist them with fulfilling data subject rights requests made directly to them, such as correcting or deleting an individual’s contact information. If your personal information is held in a Constant Contact customer’s database, it is our customer’s responsibility to deal with your request in their role as a data controller and to the extent necessary, we will support them.
If you have a query or would like to make a data subject rights request under applicable privacy laws, we recommend that you reply to the email address on the communication you received for further contact details and information as we are unable to provide any additional information about our customers.
Constant Contact (including SharpSpring Technologies, Inc.) participates in and has certified its compliance with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-U.S. Data Privacy Framework (together, the “Frameworks” or the “Privacy Frameworks”). Constant Contact (including SharpSpring Technologies, Inc.) is committed to subjecting all Personal Data received from the EEA, UK and Switzerland, respectively, in accordance with each Privacy Frameworks, and to the Frameworks’ applicable Principles. To learn more about the Privacy Frameworks, and to view our certifications, visit the U.S. Department of Commerce at https://www.dataprivacyframework.gov/s/participant-search.
Constant Contact is responsible for the Processing of Personal Data it receives, under each Privacy Framework, and subsequently transfers to a third party acting as an agent on its behalf. Constant Contact complies with the Privacy Framework Principles for all onward transfers of Personal Data from the EEA, UK and Switzerland, including the onward transfer liability provisions.
With respect to Personal Data received or transferred pursuant to the Privacy Frameworks, Constant Contact is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, as more fully described on the Privacy Framework website found at https://www.dataprivacyframework.gov/s/, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
You can contact the Data Protection Officer listed below to obtain a copy of the data transfer agreement or more information regarding the relevant safeguard we put in place. For more information about the Privacy Frameworks, please visit the U.S. Department of Commerce’s Privacy Framework website found at https://www.dataprivacyframework.gov/s/.
You may click on the seal to check Constant Contact’s privacy verification status.
Notification of Changes
We may update the information on this page at any time, so please review it frequently. If we decide to change this privacy notice in any material way, we will notify you here, by email, or by means of a notice on our websites. In all cases, your continued use of any Services constitutes acceptance to any such changes.
Contact Us: If you have any questions about this document, please contact us at [email protected] or Legal and Compliance Department, Constant Contact, Inc. 1601 Trapelo Road, Waltham, Massachusetts 02451, USA.
How long we retain your data (To Speak Online Privacy Policy Continued)
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. See WooCommerce and Constant Contact section for further information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where your data is sent
Visitor comments may be checked through an automated spam detection service.
We collect information about you during the checkout process on our store (See WooCommerce section and Constant Contact section for further information).
WooCommerce – What we collect and store
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of cart contents while you’re browsing our site.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
What we share with others
We share information with third parties who help us provide our orders and store services to you; for example – Constant Contact (to store emails for marketing purposes, e.g., sending newsletters, offers from our valued partners, discounts est.) and WP Mail STMP (to verify emails have been sent without failure and for your security). We will not sell your email address.
Payments
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Please see the PayPal Privacy Policy for more details.