Skip to content
Give us a call: (415) 927-7504

Privacy Policy

Who we are

This Privacy Statement describes how International Capital Group Real Estate Investments (ICGRE) manage personal information and respect your privacy. This policy may be amended from time to time. We encourage visitors to and users of our sites to regularly review our Privacy Policy.

All "Personal Information" (which is defined as any information that identifies or can be used to identify, contact, or locate the person to whom such information pertains) that we collect and maintain will be subject to this Privacy Policy, as amended from time to time. To update your information and preferences, see the section entitled "Updating Your Personal Information and Privacy Preferences."

International Capital Group Real Estate Investments is made up of different legal entities. This privacy notice is issued on behalf of the International Capital Group Real Estate Investments group of companies. When we refer to "ICGRE", "we", "us" or "our" in this privacy notice, we mean the ICGRE entity that acts as the controller or processor of your information, as explained in more detail in the "Entities Collecting Personal Information" section below.

Our website address is: https://icgre.com.

What personal data we collect and why we collect it

As a visitor to the Site, you can engage in many activities without providing any Personal Information.

However, when you register to use a ICGRE site and order products or services as a ICGRE subscriber in order to provide the services to you, we may collect the following Personal Information from you:

  • Contact information such as your name, phone and fax numbers, address and email address; and
  • Billing information such as the number, expiration date, card type and billing address of your credit card;
  • Profile data, including your username and password, details about your purchases and the Content that you license from us.

Depending upon the activity, some of the information that we ask you to provide is identified as mandatory and some as voluntary. If you do not provide the mandatory data with respect to a particular activity, you will not be able to engage in that activity.

As is true of most websites, when you use the Site, ICGRE or third party subprocessors contracted by ICGRE may also collect certain technical and routing information about your computer to facilitate your use of the Site and its services. For example, we may log environmental variables, such as browser type, operating system, CPU speed, and the Internet Protocol (IP) address of your computer. We use these environmental variables to facilitate and track your use of the Site and its services. ICGRE also uses such environmental variables to measure traffic patterns on the Site. To better understand the needs of our visitors to the Site we may occasionally match such information with your Personal Information.

In order to reduce errors in our database, authenticate our users, and prevent abuse of our system, we may on occasion supplement the Personal Information you submit to us with information from third-party sources. For example, we may supplement your contact information with address information provided by the U.S. Postal Service to qualify your information and prevent errors in our database. We may supplement the information that we collect directly from you with information stored in third-party databases, such as demographic information or company information in order to make it more likely that any marketing communications we send will be relevant and of interest to you.

Understanding Your Personal Information and Privacy Preferences

Upon request ICGRE will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information please contact us at membership@icgre.com.

You have the right to access and correct, or delete your Personal Information and privacy preferences at any time. This may be accomplished by clicking on the link, "My Account", where you can view and make changes to most of your Personal Information immediately. If you wish to delete your account or request that we no longer use your information to provide you services, contact our office by email (info@icgre.com) or phone (415-927-7504.) We will respond to your request promptly within a reasonable timeframe.

How Your Personal Information Is Used

ICGRE collects your information in order to provide services to you, comply with our legal obligations, and to improve our products and services. We do not sell, rent or share your personally identifiable information to or with third parties in any way other than as disclosed in this Privacy Policy. ICGRE may use this information to:

  • Authenticate and provide access to the ICGRE website and services.
  • Process your financial transactions.
  • Send you order / renewal confirmations.
  • Respond to customer service requests, questions and concerns.
  • Administer your account.
  • Send you requested product or service information.
  • Keep you informed about special offers and services of ICGRE and selected third parties.
  • Investigate, prevent or take action regarding illegal activities and/or violations of our Terms of Service.
  • Meet our research and product/service development needs and to improve our Site, services and offerings; and
  • Customize your experience, including targeting our services, search results, and offerings to you.

We store information that we collect through cookies, log files, transparent images, and/or third party sources to create a summary of your preferences. We tie your personally identifiable information, and/or your membership usage history, to information in the summary, in order to provide tailored promotions and marketing offers, to improve the content of the site for you and/or to determine your preferences.  This information is explained in more detail in sections below.

In certain situations, ICGRE may be required to comply with legal obligations to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Where required by law (e.g., to comply with a subpoena, warrant, court order, or legal process served on ICGRE), and when we believe that disclosure is necessary to protect our rights, avoid litigation, protect your safety or the safety of others, investigate fraud, and/or respond to a government request. We may also disclose information about you in order to comply with our legal obligations if we determine that such disclosure should be made for reasons of national security, law enforcement, or other issues of public importance.

Legal Bases for Processing

For individuals located in European Economic Area (EEA) and UK, we rely on the following legal bases for the processing of your personal data:

  • Where processing is necessary to perform our contract with you:
    • Providing access to the ICGRE websites, mobiles applications, and services to fulfill the terms of your contract;
    • Customizing your experience, including targeting our services, search results, and offerings to you.
    • Providing information so that you can make decisions about ICGRE services;
    • Processing your financial transactions and sending you order / renewal confirmations;
    • Register your rights, if any, to technical support or other benefits that may be made available to registered users;
    • Responding to your customer service requests, questions and concerns;
    • Administering your account.
  • Processing in furtherance of ICGRE’s legitimate interests:
    • Providing, improving and customizing our website and services;
    • Administering our operations and meeting our contractual obligations to our customers and contributors;
    • Analyzing and understanding how our online platforms are being used;
    • Maintaining the security and integrity of our websites, mobile applications and other services;
    • Sending you requested product or service information and keeping you informed about special offers and services of ICGRE and selected third parties;
    • Administering promotions and sweepstakes;
    • Research and product/service development for the improvement of our Site, services and offerings.
  • Processing is necessary for compliance with ICGRE legal obligations, including:
    • Investigating and protecting against intellectual property infringement, fraud, spam, harassment, crime and security risks;
    • Compliance with money laundering, bribery, corruption, and applicable sanctions laws and regulations; and
    • Meeting financial reporting and other obligations under applicable securities laws.

Protection of Your Personal Information

The Personal Information that you provide in connection with the use of the Site is protected in several ways.

  • Access by you to your account profile is available through a password and unique customer ID selected by you. This password is encrypted. You should strive to use a strong, alpha-numeric password which you should not divulge to anyone.
  • Your Personal Information resides on secure servers that only selected ICGRE personnel and contractors have access to via password.
  • Your Personal Information is encrypted whenever it is transmitted to ICGRE.
  • When you enter sensitive information (such as credit card number) on our registration or order forms, we encrypt that information using transport layer security technology

We strive to protect the Personal Information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we take into account the sensitivity of the Personal Information we collect, process and store, and the current state of technology to use these measures protect your Personal Information, we cannot guarantee its absolute security.

If you have any questions about security on our Web Sites, you can send email to us at membership@icgre.com

Changes in Privacy Policy

ICGRE reserves the right to amend the Privacy Policy from time to time at its sole discretion and will provide notice by email or on the home page of the Site when we make material changes to this Privacy Policy prior to the change becoming effective. If as the result of such changes, you want to alter the ways in which ICGRE is allowed to use your Personal Information, you can do so by following the procedure described in the section entitled "Updating Your Personal Information and Privacy Preferences."

You will be deemed to have been made aware of, and will be subject to, any material changes to the Privacy Policy after such notice has been posted with the following exception: If at the time you provide Personal Information to ICGRE you are given the opportunity (as you currently are) to limit how such information will be used to communicate with you, either by ICGRE or by third parties, ICGRE will not change your preference in this regard without your express consent. However, if ICGRE is acquired by or merged with another entity, ICGRE may provide to such entity customer information that is related to that part of our business that was sold to or merged with the other entity without your consent, but ICGRE will provide notice of such asset sales, acquisitions, or mergers on this Site.

Children

We do not intend to solicit or collect Personal Information from anyone under the age of 18. If you are under 18, do not enter information on this site or engage our services. If you believe a child of yours under the age of 18 has entered Personal Information please contact membership@icgre.com to have the data removed and terminate the child's account.

Entities Collecting Personal Information

Personal Information on this website is collected by International Capital Group Real Estate Investments, 165 N. Redwood Dr., Suite #150, San Rafael, CA, 94903, USA and its telephone number is (415) 927-7504.

Privacy Complaints

Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Personal Data, seek to update, delete or correct this Information, and request to restrict further processing of your Personal Data.

To the extent that International Capital Group Real Estate Investments processing of your Personal Data is subject to the EU General Data Protection Regulation, ICGRE relies on its legitimate interests, described above, to process your data. Where ICGRE processes certain Personal Data for ICGRE’s own direct marketing purposes, you have a right to object to ICGRE’s use of your Personal Data for this purpose at any time by clicking on the link, "My Account" and opting out from receiving all email. If you are a contributor, you can change your profile here.

You may request the deletion of your Personal Data from our systems and/or opt-out of further processing of your Personal Data by visiting the "My Account – Preferences" page and following the instructions under the section titled "Delete My Personal Data”

If you wish to make any other objection to the processor of your personal data, you may also object to processing by emailing membership@icgre.com

International Capital Group Real Estate Investments takes its users' privacy concerns seriously. If you believe that ICGRE has not complied with this Privacy Policy with respect to your Personal Information, you may contact us  at International Capital Group Real Estate Investments, 165 N. Redwood Dr., Suite #150, San Rafael, CA, 94903, USA  (415) 927-7504. In your letter please describe in as much detail as possible the ways in which you believe that the ICGRE Privacy Policy has not been complied with. We will investigate your complaint promptly.

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this Web site, you can contact us at membership@icgre.com

Specific information about how this website may collect, retain, and use your personal information.

Website Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact and other online forms

If you use one of our contact forms to contact ICG to request information your message and other contact information is transmitted to our business administrators.  If you use one of our signup forms (e.g. the Quick Send List request) your name will be added to our mailing list.  If you register for membership, an event, or purchase other products or services we will retain your information.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We send anonymous data to Google Analytics to gather other anonymous statistical information about site usage.

  • Learn more about how Google Analytics tracks your data here.
  • Learn how to Opt-out of sending your data to Google Analytics here.
  • We also use Google AdWords which uses cookies to display ads based on your past visits to our website.
  • You can control the information Google uses to show you ads here.
  • Learn how to opt out of Interest-based Advertising such as Google AdWords and Facebook pixel by going here.

Who we share your data with

Google Analytic products (Google Analytics and Google Adwords). See Analytics section of Privacy Policy for more information.
Constant Contact (we send your name and email address to Constant Contact when you enter email address into a form submission, and when you sign up for membership.)

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

What third parties we receive data from

We may receive data on user behavior from third-party analytics companies such as Google Analytics.  We may also receive data from social media companies we advertise with, such as Facebook, in order to measure the usefulness of our advertising.  While we don't rule out the possibility that information about particular could be included in this 3rd-party data, it is generally presented as aggregated or statistical data.

What automated decision making and/or profiling we do with user data

The website emails registered participants based on certain simple triggers such as making a purchase or completing a lesson in the online course.  The site may also generate messages to course participants if no activity had been detected for a certain period of time.

Our contact information

Personal Information on this website is collected by International Capital Group Real Estate Investments, 165 N. Redwood Dr., Suite #150, San Rafael, CA, 94903, USA and its telephone number is (415) 927-7504.

Additional information

How we protect your data

The website is hosted on a web server that is deemed PCI compliant, meaning the hosting company maintains security and data integrity sufficient to pass payment card industry data security standards.  In addition, we use a series of security measures and protocols to minimize the risk that the site will be compromised by user error.  These measures include but are not limited to enforcing strong passwords, routine security scans, frequent software updates, and monitoring unexpected file changes.

What data breach procedures we have in place

If we detect or if  we are informed of a data breach we will perform the following steps

  • Notify the hosting company and ask for assistance to prevent further intrusion, damage, and loss of information
  • Make an archive of the current, compromised website and data and store it in a secure location isolated from the server
  • Restore the website to the most recent "clean" (uncompromised) version available
  • Attempt to determine what if any information was lost
  • Notify all visitors that we have contact information for that their information may have been accessed
  • Attempt to determine who the relevant law-enforcement authorities are and notify them of the breach

3rd-Party utilities and software we use

BackupBuddy

What personal data we collect and why we collect it

Backups

Per the functionality of this plugin, backups of our website files and/or database are created and stored locally on our server and/or remotely on 3rd party servers based on the settings of this plugin. Archives can include, but are not limited to, file and database assets, including hashed passwords, 3rd party data, uploads and user information. These backups are stored to provide critical functionality of this plugin.

How long we retain your data

Backups

Backup retention is completely up to the website owner. This can vary from less than one minute to indefinitely.

Cookies

Cookies used during the restore/import process expire after 24 hours.

Plugin Settings

Settings are retained indefinitely until they are changed or removed manually.

Where we send your data

Backups are configured to be sent to third-party (Amazon.com's S3) servers for long-term storage.

How we protect your data

Backups

Backup zip files are stored with hashed file names to prevent filename guessing and directory browsing is disabled.

What third parties we receive data from

Backup Destinations

Backups can be sent to third-party destination servers, including but not limited to:

Amazon S3 | Privacy Policy

Links to third party privacy policies have been included.

Events Manager

  • We collect and store information you submit to us when making a booking, for the purpose of reserving your requested spaces at our event and maintaining a record of attendance.
  • We collect and store information you submit to us about events (and corresponding locations) you would like to publish on our site.
  • We may use cookies to temporarily store information about a booking in progress as well as any error/confirmation messages whilst submitting or managing your events and locations.

iThemes Security

What personal data we collect and why we collect it

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 14 days.

Who we share your data with

This site is scanned for potential malware and vulnerabilities by Sucuri's SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri's privacy policy.

In order to ensure file integrity, iThemes Security pulls data from wordpress.org, ithemes.com, and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site's locale, a list of installed plugins, and a list of each plugin's version. Requests to ithemes.com and amazonaws.com include the installed iThemes products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For ithemes.com privacy policy details, please see the iThemes Privacy Policy. Requests to amazonaws.com are to content added and managed by iThemes which is covered by the Amazon Web Services Data Privacy policy.

When running Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site's URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.

How long we retain your data

Security logs are retained for 14 days.

Where we send your data

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.

Paid Memberships Pro

Data Collected to Manage Your Membership

At checkout, we will collect your name, email address, username, and password. This information is used to setup your account for our site. If you are redirected to an offsite payment gateway to complete your payment, we may store this information in a temporary session variable to setup your account when you return to our site.

At checkout, we may also collect your billing address and phone number. This information is used to confirm your credit card. The billing address and phone number are saved by our site to prepopulate the checkout form for future purchases and so we can get in touch with you if needed to discuss your order.

At checkout, we may also collect your credit card number, expiration date, and security code. This information is passed to our payment gateway to process your purchase. The last 4 digits of your credit card number and the expiration date are saved by our site to use for reference and to send you an email if your credit card will expire before the next recurring payment.

When logged in, we use cookies to track some of your activity on our site including logins, visits, and page views.

Ecommerce

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
  • We’ll also use cookies to keep track of cart contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them
  • If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.

We may share information with third parties who help us provide our orders and store services to you; for example PayPal or Stripe payment processing.

Payments

We accept payments through PayPal and Stripe. When processing payments, some of your data will be passed to PayPal or Stripe, including information required to process or support the payment, such as the purchase total and billing information.

Who we are

Our website address is: https://icgre.com.

What personal data we collect and why we collect it

We collect certain voluntary and "utility" information about our site visitors.  This may include personal data, such as name, email address, and personal account preferences for those who sign up for our mailing list, one-to-one conferences, or public events; transactional data, such as purchase information; and technical data, such as site metrics, cookies (stored on your browser0 to facilitate your user experience.

By default WordPress does not collect any personal data about visitors, and only collects the data shown on the User Profile screen from registered users. However some of your plugins may collect personal data. You should add the relevant information below.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

When you use one of our contact forms or mailing-list signup forms we will receive the information you type in the form.  We'll retain it for as long as you wish to continue receiving our newsletters.  When you unsubscribe your information will be removed from our system.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We send anonymous data to Google Analytics to gather other anonymous statistical information about site usage.
Learn more about how Google Analyitics tracks your data here.
Learn how to Opt-out of sending your data to Google Analytics here.

Who we share your data with

Google Analytic products (Google Analytics and Google Adwords). See Analytics section of Privacy Policy for more information.
Google Maps products

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

If you sign up for our Quick Send list newsletter we will retain your information until you unsubscribe.

For our seminars and events we will retain your contact and attendance information until and unless you request that we delete it.  For event payments we will retain your records for as long as relevant national banking and tax record-keeping laws require us to.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

In this section you should provide a contact method for privacy-specific concerns. If you are required to have a Data Protection Officer, list their name and full contact details here as well.

Additional information

If you use your site for commercial purposes and you engage in more complex collection or processing of personal data, you should note the following information in your privacy policy in addition to the information we have already discussed.

How we protect your data

In this section you should explain what measures you have taken to protect your users’ data. This could include technical measures such as encryption; security measures such as two factor authentication; and measures such as staff training in data protection. If you have carried out a Privacy Impact Assessment, you can mention it here too.

How we protect your data

The website is hosted on a web server that is deemed secure by internet shared-hosting standards.  In addition, we use a series of security measures and protocols to minimize the risk that the site will be compromised by user error.  These measures include but are not limited to enforcing strong passwords, routine security scans, frequent software updates, and monitoring unexpected file changes.

What data breach procedures we have in place

If we detect or if  we are informed of a data breach we will perform the following steps

  • Notify the hosting company and ask for assistance to prevent further intrusion, damage, and loss of information
  • Make an archive of the current, compromised website and data and store it in a secure location isolated from the server
  • Restore the website to the most recent “clean” (uncompromised) version available
  • Attempt to determine what if any information was lost
  • Notify all visitors that we have contact information for that their information may have been accessed
  • Attempt to determine who the relevant law-enforcement authorities are and notify them of the breach

What third parties we receive data from

If your web site receives data about users from third parties, including advertisers, this information must be included within the section of your privacy policy dealing with third party data.

What automated decision making and/or profiling we do with user data

If your web site provides a service which includes automated decision making - for example, allowing customers to apply for credit, or aggregating their data into an advertising profile - you must note that this is taking place, and include information about how that information is used, what decisions are made with that aggregated data, and what rights users have over decisions made without human intervention.

Industry regulatory disclosure requirements

If you are a member of a regulated industry, or if you are subject to additional privacy laws, you may be required to disclose that information here.

↑ Return to Top

 

Source: BackupBuddy

What personal data we collect and why we collect it

Backups

Per the functionality of this plugin, backups of your website files and/or database are created and stored locally on your server and/or remotely on 3rd party servers based on the settings of this plugin. Archives can include, but are not limited to, file and database assets, including hashed passwords, 3rd party data, uploads and user information. These backups are stored to provide critical functionality of this plugin.

Cookies

Cookies are used to handle importing and restoring backups.

Plugin Settings

Some plugin settings ask for an email address or login credentials to 3rd party services. This is stored to provide functional features to the plugin.

Recent Activity

This plugin tracks dates, times and actions of successful and unsuccessful backups and remote data transfers. This is stored to help make the plugin better and assist with troubleshooting problems.

Logging

This plugin logs some personal information such as email addresses, usernames, database and server information. This is stored to help make the plugin better and assist with troubleshooting problems.

How long we retain your data

Backups

Backups are compressed and stored in secure, off-site facilities for a minimum of two years, after which they're typically discarded without examination.  Except in extraordinary circumstances, these will never be retrieved, decrypted, or restored.  In the event this is necessary steps will be taken to remove any retained user data where we've received an request to remove such information.  It is not practical nor do we consider it secure to unpack, upload, and then remove personal information from archived sites as the potential for exposure during download, decryption, re-installation, and then re-archiving is greater than leaving them intact.

Cookies

Cookies used during the restore/import process expire after 24 hours.

Plugin Settings

Settings are retained indefinitely until they are changed or removed manually.

Where we send your data

Backups

Backups are password protected and stored on secured second- and third-party backup drives and servers.

How we protect your data

Backups

Backup zip files are stored with hashed file names to prevent filename guessing and directory browsing is disabled.

What third parties we receive data from

Backup Destinations

Backups can be sent to third-party destination servers, including but not limited to:

Links to third party privacy policies have been included.

↑ Return to Top

 

Source: Beaver Builder

In terms of GDPR, Beaver Builder products do not collect any personal information from your users. However some modules such as videos and maps might need you to update your privacy policy accordingly.

↑ Return to Top

 

Source: Events Manager

We use Google services to generate maps and provide autocompletion when searching for events by location, which may collect data via your browser in accordance to Google's privacy policy.

We collect and store information you submit to us when making a booking, for the purpose of reserving your requested spaces at our event and maintaining a record of attendance.

We collect and store information you submit to us about events (and corresponding locations) you would like to publish on our site.

We may use cookies to temporarily store information about a booking in progress as well as any error/confirmation messages whilst submitting or managing your events and locations.

↑ Return to Top

 

Source: WooCommerce

This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

Note: you may want to further detail your cookie policy, and link to that section from here.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for as many years as relevant laws and financial requirements demand for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.

We share information with third parties who help us provide our orders and store services to you; for example --

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

↑ Return to Top

 

Source: iThemes Security

What personal data we collect and why we collect it

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 14 days.

Who we share your data with

This site is scanned for potential malware and vulnerabilities by Sucuri's SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri's privacy policy.

In order to ensure file integrity, iThemes Security pulls data from wordpress.org, ithemes.com, and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site's locale, a list of installed plugins, and a list of each plugin's version. Requests to ithemes.com and amazonaws.com include the installed iThemes products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For ithemes.com privacy policy details, please see the iThemes Privacy Policy. Requests to amazonaws.com are to content added and managed by iThemes which is covered by the Amazon Web Services Data Privacy policy.

When running Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site's URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.

How long we retain your data

Security logs are retained for 14 days.

Where we send your data

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.

↑ Return to Top

 

Source: Ninja Forms

Data collected via contact forms are not stored on the website.  Instead they're sent via email to administrators in our offices.  If you request to be added to one of our mailing lists we'll store your information in our newsletter database.

↑ Return to Top

 

Source: Popup Maker

Hello,

This information serves as a guide on what sections need to be modified due to usage of Popup Maker and its extensions.

You should include the information below in the correct sections of you privacy policy.

Disclaimer: This information is only for guidance and not to be considered as legal advice.

Note: Some of the information below is dynamically generated, such as cookies. If you add or change popups you will see those additions or changes below and will need to update your policy accordingly.

What personal data we collect and why we collect it

Subscription forms

Popup Maker subscription forms are not enabled by default.

If you have used them in your popups to collect email subscribers, use this subsection to note what personal data is captured when someone submits a subscription form, and how long you keep it.

For example, you may note that you keep form submissions for ongoing marketing purposes.

If you submit a subscription form on our site you will be opting in for us to save your name, email address and other relevant information.

These subscriptions are used to notify you about related content, discounts & other special offers.

You can opt our or unsubscribe at any time in the future by clicking link in the bottom of any email.

Cookies

Popup Maker uses cookies for most popups. The primary function is to prevent your users from being annoyed by seeing the same popup repeatedly.

This may result in cookies being saved for an extended period of time. These are non-tracking cookies used only by our popups.

We use anonymous cookies to prevent users from seeing the same popup repetitively in an attempt to make our users experience more pleasant while still delivering time sensitive messaging.

Analytics

Popup Maker anonymously tracks popup views and conversions.

How long we retain your data

Subscriber information is retained in the local database indefinitely for analytic tracking purposes and for future export.

Data will be exported or removed upon users request via the existing Exporter or Eraser.

If syncing data to a 3rd party service (for example Mailchimp), data is retained there until unsubscribed or deleted.

Where we send your data

Popup Maker does not send any user data outside of your site by default.

If you have extended our subscription forms to send data to a 3rd party service such as Mailchimp, user info may be passed to these external services. These services may be located abroad.