Last Updated: May 6, 2019
This Privacy Statement discloses the information gathering, use, and storage practices of eMindful Inc. (also referred to here in the first person or as “eMindful” or “eMindful.com”) as they apply to individual site users (referred to here in the second person or as users or individuals). eMindful.com collects information from its users at several different points on its site. By using any of eMindful’s services, you are agreeing to the terms of this Privacy Statement and Terms of Service.
Collection of Personal Information
We collect personal information for a variety of reasons, most commonly at registration and when you are requesting services from us. Information may include name, email and mailing address, phone numbers, billing information etc. eMindful.com uses this information to contact users about services, courses, or training which they have purchased, requested information, or expressed interest.
When you browse our website, we also automatically receive your computer’s Internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
For the effectiveness of its services, eMindful sometimes collects special categories of personal data such as gender, race, ethnic origin, genetics, and health information.
Collection of Personal Information from Children
eMindful does not knowingly collect personally identifiable information from children under the age of 13. If eMindful is made aware of collecting information from a child under 13, we will delete this information.
Use of Information
We use the information collected for the purpose it was provided for such as billing or delivery of services. We may also use this data for limited marketing purposes about our services to you, or for the fulfillment of services or awards that you requested. We do not sell or provide your contact information to any third-parties except as described in the Third-party Services section below. We will provide the least amount of information needed for third-party services, and they are not permitted to use this information for any reason other than to provide the services for which they were contracted. For corporate customers whose companies have provided you access to our programs, we may provide your employer with aggregate, de-identified information about the use of our platform. For those companies that provide incentives for the use of our programs we may provide your employer with information that allows them to know that you have used our services. However, we do not provide individual responses to any questions or surveys without receiving your explicit permission.
In general, the third-party providers used by eMindful will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. The third-party services that we use include Google Analytics and Tag Manager for understanding website usage, Facebook Pixel for social media insight, MailChimp for monitoring email campaigns, AdRoll to measure advertising initiatives, New Relic to monitor application performance and other similar services.
These third-party service providers may have their own privacy policies in respect to the information they collect, process, and store. For these providers, we recommend that you read their privacy statements so you can understand the manner in which your personal information will be handled.
A cookie is a piece of data stored on the user’s computer tied to information about the user. Cookie data may be linked to personally identifiable information for data analysis and quality assurance purposes, but individual cookie data is never shared with or sold to any third parties. We use session ID cookies and persistent cookies with a life up to 60 days. For the session ID cookie, once users close the browser, the cookie simply terminates. A persistent cookie is a small text file stored on the user’s hard drive for an extended period of time.
When you provide us with personal information through our website, we imply that you consent to our collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to refuse consent. For more information on rescinding consent or opting-out, please see the Personal Information Access and Control section below.
We follow industry standards on information security management to safeguard sensitive information, such as personal information entrusted to us. Our information security systems apply to people, processes and information technology systems on a risk management basis.
We perform annual audits to ensure our handling of your personal information aligns with industry guidelines. We employ security and data protection mechanisms such as encrypting web and file transfer data in transit using a modern version of Transport Layer Security and encrypting data at rest using long key length Advanced Encryption Standard. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of your personal information.
Furthermore, we cannot secure any information that you choose to disclose either in public discussions or chats, or in publicly visible sections of your profile (e.g. display name).
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
We may grant emergency access to critical personal information under strictly controlled circumstances. This “Break the Glass” practice allows eMindful to cautiously disclose personal information, such as name and email address, to an employer, police department, fire department, or licensed health practitioner in urgent cases concerning the person’s health and welfare.
Notification of Security Breach
In the event of a breach of our security systems resulting in an unintended disclosure of personal information, eMindful will notify affected individuals, U.S. Department of Health & Human Services (HHS), and in some cases, the media as required under U.S. regulation and GDPR rules. This notification will usually take place within 72 hours of eMindful identifying the unintended disclosure of personal information but in no case longer than is required by law.
We store information that we collect through cookies, log files, and/or third parties to create a profile of our users. A profile is stored information that we keep on individual users that details their viewing preferences. This information is not tied to the users personally identifiable information. We do not share your profile with other third-parties.
Like most standard website servers, we use log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. Information in the log files is not linked to personally identifiable information.
The information shared with each other in a class may be both personal and confidential. In order to build trust and confidence with everyone in the class you agree that you will not share personal information learned in this class with anyone outside of this class.
eMindful will be sending you emails to the email address you use for registration about your class. Because these emails are being sent via regular email, they cannot be considered secure or private. However, these emails will only contain the name of the class and information about the class in the body of the email and no personal information will be included. If you wish to opt-out of these communications, please refer to the Personal Information Access and Control section below.
Personal Information Access and Control
You retain all rights to your personal information and can access it anytime. In addition, eMindful takes reasonable steps to allow you to correct, amend, delete, or limit the use of your personal information. You can update many types of personal information, such as contact information, directly within your account settings. If you are unable to change your personal information within your account settings, please contact us to make the required changes. It’s important to remember that if you delete or limit the use of your personal information, the services may not function properly.
If you have any questions about your personal information or this Privacy Statement, or if you would like to make a complaint about how eMindful processes your personal data, please contact us by email at firstname.lastname@example.org, or by using the contact details below:
Attn: Chief Privacy Officer
11315 Corporate Blvd., Suite 210
Orlando, FL 32817
We reserve the right to modify this Privacy Statement at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this Privacy Statement, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
If eMindful is acquired or merged with another company, your information may be transferred to the new owners.