TODO XXX:
- Affiliate disclaimer
- Subscriptions
- always clearly marked
- e.g. “€30,00 / month”, meaning you will be billed every month at roughly the same day of the month, or “€150,00 every 6 months”, meaning you are billed every 6 month
- During checkout, you will be presented with a table clearly listing your current total (what you will pay now) and recurring total (what you will pay each payment cycle). It will also state the exact date of your first renewal.
- At any time, in your customer account, you can
- always clearly marked
- Affiliates
- We use affiliate links. On our sites, they are clearly marked with an asterisk (*). Whenever we share an affiliate link on our sites, we include a short disclaimer on the page linking to our full affiliate disclaimer.
- Amazon, and … are our affiliate partners. We use GeniusLink to shorten links and redirect traffic.
- You can learn more by reading the full affiliate disclaimer.
Introduction
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online.
PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our websites.
Who we are
We are Atlantean Renaissance OÜ, an Estonian company. It is run by Marco Rösler.
We run the following websites:
- https://www.authenticgermanlearning.com (called main website)
- https://academy.authenticgermanlearning.com (called Academy subdomain)
Our address and contact information is:
Atlantean Renaissance OÜ
Sepapaja 6
Tallinn, Harju 15551
Estonia
Phone number: +49 30 46726847
E-Mail: info@authenticgermanlearning.com
Personal data
What personal data we collect and why we collect it
We collect personal data to better serve your needs gain insights into our audience. It is always based on your passive or active consent.
Below you will find a breakdown on what personal data we might collect, how and why.
Comments
When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/.
After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
When you register an account on the Academy subdomain using social media such as Facebook, Google+ or Twitter, or the Gravatar service (see above), images such as your profile picture and cover photo may be used for your account on the Academy subdomain.
Contact forms
We use Contact Form 7. You can read their privacy policy here: https://contactform7.com/privacy-policy/
When visitors use a comment form on our sites, we collect the data shown in the contact form, and also the visitor’s IP address and browser user agent string to help spam detection and bug fixing.
Optin forms and e-mail newsletter
We use ConvertKit to collect e-mail adresses and send out emails to subscribers. You can read their privacy policy here: https://convertkit.com/privacy/
If you choose to, you can subscribe the newsletter. After entering your email in an optin form, you will be required to click an additional link in a confirmation email.
We take your privacy and your wish to not be bothered very seriously, so we always make sure we have your consent and stop as soon as we don’t have it any more.
The e-mails we send might come very frequently – daily or even more – but only if you choose to subscribe and only so long as you stay subscribed.
You can unsubscribe at any time by clicking on the unsubscribe link at the bottom of every email and the system will unsubscribe you as fast as technologically possible and you will receive no more automatic emails.
Please be aware that you will continue receiving emails if you subscribed to the emails and do not click the unsubscribe link. Replying to an email asking to be removed from the list adds a human element, so it can take a couple of hours or days until you are removed.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to one of our sites, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on our sites may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
We use Google Tag Manager, Google Analytics and Facebook to get a better understanding of our audience and for retargeting.
We use UTM parameters to increase Google Analytics’ effectiveness.
Google’s policies can be found here:
- Privacy policy: https://policies.google.com/privacy
- Data policy: https://privacy.google.com/your-data.html
Facebook’s policies can be found here:
- Privacy policy: https://www.facebook.com/about/privacy
- Data policy: https://www.facebook.com/full_data_use_policy
Payment processing
When you buy a product, we process your payment via Stripe, PayPal or another service.
Your data is always s XXX
Third parties
xxx
xxx
Amazon
xxx
Akismet (Comment Spam Detection)
Akismet collects information about visitors who comment on our sites.
Akismet may collect the commenter’s IP address, user agent, referrer, and site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
WPML (Website Translation)
WPML uses cookies to identify the visitor’s current language, the last visited language and the language of users who have logged in.
While we use the plugin, WPML will share data regarding the site through Installer. No data from the user itself will be shared.
WPML Translation Management will send the email address and name of each manager and assigned translator as well as the content itself to Advanced Translation Editor and to the translation services which are used.
WPML String Translation will send all strings to WPML’s Advanced Translation Editor and to the translation services which are used.
WooCommerce (Online Store)
We collect information about you during the checkout process on our store on the Academy subdomain.
What we collect and store
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of cart contents while you’re browsing our site. Cookies and our policies regarding them are further explained here.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
What we share with others
In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.
We share information with third parties who help us provide our orders and store services to you; for example —
Payments
In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Please see the PayPal Privacy Policy for more details.
WooCommerce Multilingual
WooCommerce Multilingual will use cookies to understand the basket info when using languages in domains and to transfer data between the domains.
WooCommerce Multilingual will also use cookies to identify the language and currency of each customer’s order as well as the currency of the reports created by WooCommerce. WooCommerce Multilingual extends these reports by adding the currency’s information.
PayPal Checkout
By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.
Stripe
By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.
Credit card, SEPA Direct Debit
WooCommerce Subscriptions
By using WooCommerce Subscriptions, you may be storing personal data and depending on which third-party payment processors you’re using to take subscription payments, you may be sharing personal data with external sources.
What we collect and store
For the purposes of processing recurring subscription payments, we store the customer’s name, billing address, shipping address, email address, phone number and credit card/payment details.
What we share with others
What personal information your store shares with external sources depends on which third-party payment processor plugins you are using to collect subscription payments. We recommend that you consult with their privacy policies to inform this section of your privacy policy.
If you are using PayPal Standard or PayPal Reference transactions please see the PayPal Privacy Policy for more details.
WooCommerce Bookings
By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.
LearnDash LMS (Online Courses)
This sample language includes the basics around what personal data your LMS may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your site will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.
We collect information about you during the course purchase process (PayPal, Stripe, and/or 2Checkout), as well as information relating to your course progression and quiz performance.
What we collect and store
When you purchase from us, we’ll ask you to provide email address. We’ll use this information for purposes, such as, to:
–Send you information about your account and order
–Create your account for our LMS
If you register a free account then we will store your email address.
We store information about you for as long as your account exists.
We store course progress, including completion status, quiz scores, assignments and/or essay submissions (if applicable).
We will also store comments on courses, lessons, topics, assignments, and essays if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Group Leaders can access:
–Order information such as your enrolled courses, course progress and username / email address.
Any additional information added in your WordPress User Profile can also be visible to the administrator(s).
What we share with others
In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics/reporting tools, marketing services (such as email services like MailChimp), payment gateways, gamification programs, and third party embeds.
We share information with third parties who help us provide our orders and store services to you; for example – [insert third party platforms and short description of their purpose]
Payments
In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal below as an example, but you should remove any of these if they are not in use on your site.
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Please see the PayPal Privacy Policy for more details.
Paid Memberships Pro (Data Collected to Manage Your Membership)
We may share your name, email address, username, and password with Paid Memberships Pro. This information is used to setup your account for the Academy subdomain.
When logged in, we use cookies to track some of your activity on our site including logins, visits, and page views.
Who we share your data with
As mentioned above, we may share your data third parties like Google and Facebook, strictly for the purpose of XXX
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
Cookies can last up to a year.
For users that register on our websites, we also store the personal information they provide in their user profile. If they choose to sign up with a third party application like Google+, Facebook or Twitter, we may store the information and images they send us. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on our sites, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
On the Academy subdomain, you can
- edit your profile: https://academy.authenticgermanlearning.com/members/[user name]/profile/
- change your settings: https://academy.authenticgermanlearning.com/members/[user name]/settings/
- download an export of your data: https://academy.authenticgermanlearning.com/members/[user name]/settings/export/
where [user name] in the URL has to be replaced with your user name.
Where we send your data
XXXIn this section you should list all transfers of your site data outside the European Union and describe the means by which that data is safeguarded to European data protection standards. This could include your web hosting, cloud storage, or other third party services.
European data protection law requires data about European residents which is transferred outside the European Union to be safeguarded to the same standards as if the data was in Europe. So in addition to listing where data goes, you should describe how you ensure that these standards are met either by yourself or by your third party providers, whether that is through an agreement such as Privacy Shield, model clauses in your contracts, or binding corporate rules.XXX
Visitor comments may be checked through an automated spam detection service like Akismet.
Your contact information
In this section you should provide a contact method for privacy-specific concerns. If you are required to have a Data Protection Officer, list their name and full contact details here as well.
Additional information
If you use your site for commercial purposes and you engage in more complex collection or processing of personal data, you should note the following information in your privacy policy in addition to the information we have already discussed.
How we protect your data
In this section you should explain what measures you have taken to protect your users’ data. This could include technical measures such as encryption; security measures such as two factor authentication; and measures such as staff training in data protection. If you have carried out a Privacy Impact Assessment, you can mention it here too.
What data breach procedures we have in place
In this section you should explain what procedures you have in place to deal with data breaches, either potential or real, such as internal reporting systems, contact mechanisms, or bug bounties.
What third parties we receive data from
If your web site receives data about users from third parties, including advertisers, this information must be included within the section of your privacy policy dealing with third party data.
What automated decision making and/or profiling we do with user data
If your web site provides a service which includes automated decision making – for example, allowing customers to apply for credit, or aggregating their data into an advertising profile – you must note that this is taking place, and include information about how that information is used, what decisions are made with that aggregated data, and what rights users have over decisions made without human intervention.
Industry regulatory disclosure requirements
If you are a member of a regulated industry, or if you are subject to additional privacy laws, you may be required to disclose that information here.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our sites, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our sites, place an order, subscribe to a newsletter, respond to a survey, fill out a form, use Live Chat, open a support ticket or enter information on our sites.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf our websites, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To administer a contest, promotion, survey or other site feature.
- To quickly process your transactions.
- To ask for ratings and reviews of services or products
- To follow up with them after correspondence (live chat, email or phone inquiries)
How do we protect your information?
We are protected by SiteGuarding.com. Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular malware scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We use Stripe, which is a PCI compliant service.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Cookies
Do we use ‘cookies’?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information.
For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
We use cookies to:
- Help remember and process the items in the shopping cart.
- Understand and save user’s preferences for future visits.
- Keep track of advertisements.
- Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off, some of the features that make your site experience more efficient may not function properly. Some of the features that make your site experience more efficient and may not function properly.
Third parties
Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our websites, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
For example, third parties may use cookies, web beacons, and other storage technologies to collect or receive information from our websites and elsewhere on the internet and use that information to provide measurement services and target ads.
You can opt-out of the collection and use of information for ad targeting, which is explained in this article.
Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our websites. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our sites and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. You can read Google’s Ads policies here.
We may use Google AdSense Advertising on our websites.
Google, as a third-party vendor, uses cookies to serve ads on our sites. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our sites and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.
We may have implemented the following:
- Remarketing with Google AdSense
- Demographics and Interests Reporting
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our websites.
Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
We use Facebook pixel and you can login to the Academy website using Facebook.
Affiliate Links
We use affiliate links. You can read more about our affiliate links here.
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to various Amazon sites.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared.
See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf
According to CalOPPA, we agree to the following:
Users can visit our sites anonymously.
Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our websites.
Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.
You will be notified of any Privacy Policy changes:
- On our Privacy Policy Page
You can change your personal information:
- By emailing us at info@authenticgermanlearning.com
- By logging in to your account
- By chatting with us or by sending us a support ticket
How does our sites handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our sites allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking, including Google Tag Manager and Google Analytics.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email
- Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders.
- Send you additional information related to your product and/or service
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CAN SPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can
- Follow the instructions at the bottom of each email.
- E-mail us at info@authenticgermanlearning.com.
and we will promptly remove you from ALL correspondence.
Contacting Us
If there are any questions regarding this privacy policy, you may contact us using the information below.
Atlantean Renaissance OÜ
Sepapaja 6
Tallinn, Harju 15551
Estonia
info@authenticgermanlearning.com
You can also contact us here: https://www.authenticgermanlearning.com/faq/contact/