How Beyond the Chaos, LLC, complies with GDPR and Data Protection

This page is mostly related to the General Data Protection Regulation (GDPR) within the EU however, Beyond the Chaos, LLC, believes it to be good practice to provide a unified experience and service to all users, worldwide. As such, Beyond the Chaos, LLC, has carefully put together this document in an effort to make all information regarding privacy policy, data collection and usage as clear as possible.

We are affected by GDPR in three areas

Area 1 is how we conduct activities with the information we gather from people using our website.

Area 2 is how we manage our services working with a number of clients.

Area 3 is how we manage the data/information we gather on our clients whilst in a working relationship and how that data is managed/stored and deleted accordingly.

Why do we collect data on our website?

All the data we collect is used to help to understand who is using our website and to help us improve the online experience offered. We also can use it to help us understand if someone who has contacted us through our contact form visits the site a number of times. It helps us to gather insights around online behaviors and see where people have come from before visiting our website. We believe that none of the information gathered is used to target or market to people who are not already somehow engaged with our company.

What data is collected?

We use Google Analytics to collect and store information around each users session who visits our website. This information is all anonymous and it is not possible to personally identify people or repeat visitors from Google Analytics. You can read more about its Terms and Conditions here.

https://privacy.google.com/businesses/compliance/

We use HubSpot to collect and store information around each user who fills in one of our contact forms. It saves the information actively given us into the HubSpot CRM system, allowing us to track if after someone has submitted a form, they visit the website again. You can read more about its Terms and Conditions here.

https://www.hubspot.com/data-privacy/gdpr

We use MailChimp to store information for people who wish to be on our mailing list. If you submit the mailing list form on our website you will be added to a MailChimp list. You can read more about their privacy policy here.

https://mailchimp.com/legal/

For all of the information we collect, we do not actively share it with any other parties and it is only used internally to help us improve our service.

Security

We maintain security measures to protect your personal information from unauthorized access, misuse, or disclosure. However, no exchange of data over the Internet can be guaranteed as 100% secure. While we make every effort to protect your personal information shared with us through our Site, you acknowledge that the personal information you voluntarily share with us through this Site could be accessed or tampered with by a third party. You agree that we are not responsible for any intercepted information shared through our Site without our knowledge or permission. Additionally, you release us from any and all claims arising out of or related to the use of such intercepted information in any unauthorized manner.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

Contact Forms

When someone submits information through a contact form a number of things happen.

  1. The information submitted is stored within the WordPress website.
  2. A copy of the message is emailed to [email protected]iz. These emails are stored in Google Apps.
  3. A copy is stored in our HubSpot CRM.

All information shared through our submission form is used for internal purposes only and is not shared with other companies except those stated above.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

I would like a copy of my data

If you would like a copy of the data that Beyond the Chaos, LLC, has relating to yourself please get in touch with [email protected]. Please note that any request may take up to 30 days to process and we will require proof of identification prior to releasing any information.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

I would like you to delete any data you have that relates to me

Please get in touch with [email protected]. Please note that any request may take up to 30 days to process and we will require proof of identification prior to completing the request.

What happens when you work with us?

As a client when you decide to work with Beyond the Chaos, LLC, there will be a relationship put in a place and as part of the process, a large amount of information will flow between parties. We will also require information to sign contracts, which information will be stored in AdobeSign. This information might also be stored in email accounts and Google Drive. Lastly, some information might be stored in Teamwork Projects, which we use for managing our clients’ projects.

You can read more about their terms of services here.

https://www.adobe.com/privacy/general-data-protection-regulation.html

https://www.google.com/drive/terms-of-service/

https://www.teamwork.com/legal/terms-of-service/

Often with projects, there is a requirement to share user information between parties, e.g., access to the client’s project management tool. When this happens it will be the responsibility of the client to make the users aware that this sharing of their information is going to happen. When we are given sensitive data around a client’s users/members, then we ensure this is only shared with the relevant parties within the organization and also is stored only on the client’s project management tool.