While I have helped create, review, and in the process of this document, reviewed other policies... This legal document is still fairly generic. As a consultant/consulting group interested in data engineering, privacy, and security, we take these matters very seriously and I/we will always consider feedback or tailor the document toward best practicies.
Currently(2024), there are 2 weirdo activities on my/our domains:
WE WILL NEVER, NEVER, copy and paste PII or Client Privileged Information into 3rd Party AI platforms, such as OpenAI, without your consent.
and with that, here is what ChatGPT has to say about the wall of text below:
"The privacy policy of Derek D. Burgess LLC is comprehensive, addressing the collection and use of personal data from website users and clients. It includes GDPR compliance for EU residents, details about different types of data handled, and the methods of collection. The policy also outlines users' rights, adheres to specific laws like the California Consumer Privacy Act, and provides information on data retention, security, and third-party data sharing. It's important to read the complete policy on their website for all details."
This privacy notice and policy (this "Privacy Notice") discusses how Burgess collects, maintains, uses, and discloses the information collected from you, our customers, the visitors to our websites, any subdomains thereof, any mobile versions thereof, or by using our available mobile applications (together, our "Sites"), and any individual who contacts us directly (together, "Users" or "you"). The purpose of this Privacy Notice is to provide Users with an understanding of the types of information we collect, how it is stored, why we use it, and the choices Users have relating to this information. We wish to ensure that you understand how we will and will not use the information you entrust to us.
Your use of our Sites constitutes your acceptance of this Privacy Notice and your consent to the practices described herein.
If you are a Burgess customer ("Client"), this Privacy Notice is incorporated into and subject to the Master Services Agreement ("MSA") (available online or as otherwise executed between yourself and Burgess), and should also be read in conjunction with the Acceptable Use Policy ("AUP") (available online at derekburgess.com/privacy).
If you are only visiting one of our websites, you will not be required to identify yourself or reveal any personal information as you browse online. However, if you wish to initiate any communications with Burgess via our websites, such as using an online form to request a sales quote or using any live chat function that may be available to speak with a customer service agent, you may be asked to first provide certain personal information to identify yourself to us. If you do not wish to provide this personal information, you may continue to browse our websites, but we will not be able to contact you. Once you choose to provide us with your personal information or any other information by which you can be identified, you can be assured it will only be used to support your relationship with Burgess as detailed herein this Privacy Notice.
We reserve the right to change this Privacy Notice at any time without notice. To stay updated on our most current Privacy Notice, please visit this page often. If you have a question about how a certain type of information is handled, please e-mail us at: contact@derekburgess.com
Burgess complies with the EU General Data Protection Regulation 2016/679 ("GDPR") in the Processing of all Personal Data received from European Union ("EU") member countries. For the purposes of this section of the Privacy Notice, the terms, "Processing" and "Personal Data" will have the same meaning as in GDPR. The nature and purpose of the Processing will be solely as described in this Privacy Notice. The scope of the Processing will be limited to the Personal Data that you have provided to Burgess. You determine the type and categories of Personal Data that are held by Burgess. We will not collect any Personal Data without your knowledge. Your rights and obligations in relation to the Processing of Personal Data will be as set out in GDPR, this Privacy Notice, and, if you are a customer, your MSA.
If, after a data protection impact assessment, or upon consultation with a supervisory authority, you determine that continuing with our Services would be in breach of GDPR, you must notify Burgess immediately. We will work together with you making commercially reasonable attempts to reach a mutually agreeable solution.
If at any time you have any questions or concerns about Burgess’ GDPR compliance, please contact our Data Protection Officer directly at: contact@derekburgess.com
Notwithstanding the foregoing, you:
However, if you have a good faith belief that the Processing of your Personal Data infringes GDPR, you may have rights which cannot be waived in the EU member country of your place of residence or work, or in which the alleged infringement occurred. If, after a data protection impact assessment or consultation with a supervisory authority, you find this to be so, you should promptly notify Burgess, and we will provide commercially reasonable cooperation with any supervisory authority consultation in efforts to reach a mutually agreeable solution.
Burgess complies with all state/provincial and Federal data privacy laws and regulations of the United States of America and Canada, as applicable, with respect to the collection and storage of personally identifying information in conjunction with our business operations. If you have a good faith belief that your personally identifying information has been collected or disclosed without your authorization, you have the right to register your concerns with the following authorities:
Your local or state consumer protection agency: https://www.usa.gov/privacy
The Office of the Privacy Commission of Canada: https://www.priv.gc.ca/en
The Office of the Information and Privacy Commissioner of British Columbia: https://www.oipc.bc.ca/
Statistical Information. When you visit our Sites, our servers collect basic user information about you such as your Internet Service Provider (ISP)’s domain, your Internet Protocol (IP) address, your operating system and web browser, the date and time you accessed our Sites, and the pages from within our Sites that you visit ("Statistical Information"). This Statistical Information does not include names, contact information, or any other information by which Users can be personally identified.
User Contact Information. When you initiate any communications with Burgess either through our Sites or any other means, we may ask you to provide us with certain personal information such as your name, email address, phone number, company name, job title, and geographical location ("User Contact Information").
User Contact Information contains information by which Users can be personally identified.
Client Information. When you register as a Client, you will be required to provide us with the User Contact Information described above as well as your payment information, such as your credit card number, wire information, or other banking information (altogether, "Client Information").
The term "Client Information" also includes information maintained by Burgess regarding your customer account status, choice of Services, information necessary and required for the successful delivery of the Services contracted for by you, and access logs. In addition, we may store your electronic mail and other communications as a part of the transmission and delivery of those communications as a part of your Client Information.
Client Information contains information by which Users can be personally identified.
If you indicate to us that you would like to receive communications from Burgess, we will ask you to provide us with your User Contact Information. If you register as a Client, we will ask you to provide us with Client Information. You will be provided the opportunity to affirmatively consent to our use of this information to communicate with you, and to consent to the purposes for which Burgess may contact you or otherwise use your information. Subject to your MSA, you may withdraw this consent at any time.
Furthermore, throughout the term of our business relationship with our Clients we may request and access additional information from you regarding both you and your end users in furtherance of the provision of Services. All such information is covered by this Privacy Notice.
We may use software designed to track responses to our advertisements, other promotional activity, and movement throughout our Sites ("Tracking Software"). Tracking Software includes software such as web beacons and software used by our advertising partners. Hubspot for the purpose of LiveChat
Burgess may store or access your personal information from any of our business locations, and therefore your personal information may be transferred, processed, or stored outside the jurisdiction in which it was collected. Where we must transfer your personal information from an EU member country to one of our office locations outside of the EU, Burgess will make commercially reasonable efforts to ensure that the recipient is also GDPR compliant or otherwise certified under an approved alternative mechanism. If your personal information is governed by GDPR, and you wish to obtain further details regarding the physical location of your information, you may contact us at: contact@derekburgess.com
We use Statistical Information automatically collected by our Sites’ servers to help us analyze web traffic, improve the content of our Sites and improve your experience on our Sites. Statistical Information is also used to operate our hardware and software, diagnose problems and administer our Sites. We may use aggregated Statistical Information to modify the products and services we offer based on who is visiting our Sites and what they are purchasing.
We use the information collected by tracking software to determine the effectiveness of our marketing programs, improve the functionality of our Sites, and to collect demographic data about where Users go on our Sites and how they behave. Tracking software may collect information about Users that, when combined with other Statistical Information or User Contact Information we have collected, will enable us to identify Users personally.
We use the User Contact Information provided by you to send you general information about Burgess, details about our products and Services, publications related to our industry, and other promotional materials in which you have indicated an interest. You may opt out of receiving any such promotional communications from us at any time by sending a request to: contact@derekburgess.com
If you are a Client, we use Client Information to establish our Services for you. This includes creating and maintaining your Client account and your choice of Services, contacting you for customer and technical support purposes, and processing payment for the Services. We may also create and maintain Client logs in the regular course of providing Services to you. While you may opt out of receiving promotional communications from Burgess at any time, Clients may not opt out of receiving communications that are essential to your use of the Services, including communications from technical support, security and compliance, billing and account management, and system and network updates.
Burgess uses third (3rd) party providers to provide credit card processing services through our online Client portal. If you choose payment by credit card when you purchase our Services, we will share your Client Information as necessary for the third (3rd0 party processor to provide the payment processing services. Please be assured that these third (3rd) parties are prohibited from using your personal information for any other purpose including their own marketing services. These companies are authorized to use your personal information only as necessary to provide their services to us.
We are required to comply with demands for information as required by state/provincial and Federal law. Examples of these demands include subpoenas, warrants, and civil discovery demands. Information covered by our Privacy Notice may be disclosed following such a request if we determine, in our sole discretion, that such a disclosure is necessary or required. We may also disclose this information if (a) it is a matter of public safety or policy; (b) it is necessary to provide to a law enforcement agency when the contents are inadvertently obtained by Burgess and appear to pertain to the commission of a crime; or (c) it is necessary or required to protect our interests or the interests of our other customers. We may not be able to notify you prior to any such disclosures.
Burgess does not sell products or services for purchase by children. Clients must be at least 18 years of age. If you have reason to believe that a child under the age of 18 has provided personal information to us without the consent of their parent or guardian, please contact us immediately, and we will endeavor to delete that information and terminate the child’s account from our databases.
We offer certain products and services that are provided by third (3rd) party vendors as a part of our Services, and we use certain third (3rd) party providers ourselves in our business operations (such as auditors, communications providers, customer relationship management providers, marketing agencies, and social media providers). This includes third (3rd) party widgets or other interactive "mini programs" that run on our Sites that may set a cookie to enable that feature to function properly. These third (3rd) parties may collect and use your information in ways that differ from those set out in this Privacy Notice. We have no responsibility for how these third (3rd) parties treat your information; however, if we have access to their privacy notices, we will provide them to you upon your request. If you choose to interact directly with any third (3rd) party by clicking on a widget or feature on our website, your interactions will be governed by such third (3rd) party’s privacy policy.
If you are a Client, your Client Information will be shared only with third (3rd) parties where it is necessary to provide the Services to you. Information in the Client Information related to payments, such as a User’s credit card number, is only used to ensure we receive payment for services rendered. We will share your User Contact Information with third (3rd) parties only to the minimum extent necessary for such third (3rd) parties to provide their services, either to you or Burgess, as applicable. The third (3rd) party vendors and providers that are incorporated as a part of our Services are not authorized to use any of your information for purposes beyond those specified by us, and they are required to preserve the confidentiality with which we treat such information.
We may display personal testimonials of our satisfied Clients on our Site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at: contact@derekburgess.com
If you choose to use our referral service to tell a business associate or contact about our Sites, we will ask you for your associate or contact’s name and email address. We will automatically send this party a one-time email inviting him, her, them or it to visit the Sites. Burgess stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program.
Your associate or contact may contact us at: contact@derekburgess.com – to request that we remove this information from our database.
Our Sites may offer publicly accessible blogs. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from these blogs, contact us at: contact@derekburgess.com – In certain cases, we may not be able to remove your personal information, in which case we will inform you of the same and provide available reasoning.
Occasionally, we may provide you the opportunity to participate in contests or surveys on our Sites. If you participate, we will request certain User Contact Information from you. Participation in these surveys or contests is completely voluntary, and you therefore have a choice whether to disclose this information. The requested information typically includes contact information (such as name and shipping address), and demographic information (such as zip code). We use this information to notify contest winners and award prizes, to monitor website traffic or personalize the Sites (in the case of anonymous information collected in surveys), or to send participants an email newsletter. We may use a third (3rd) party service provider to conduct these surveys or contests, and that company will be prohibited from using our Users’ personal information for any other purpose including their own marketing. User Contact Information collected from surveys or contests is not shared with third (3rd) parties in ways that identify Users personally. To the extent we share survey information with third (3rd) parties, it is done in aggregate.
Our Sites may allow for a chat function. Chat functions allow you to participate in "live" online conversations with us on our Sites. Although the transcripts from the chats may be stored internally on servers for our records only, we collect no personal information about you when you participate unless you choose to provide that information to us.
If you have consented to our processing of your personal information by signing up for our newsletter or requesting a sales quote, but you are not a Client, you can withdraw your consent and request the deletion of your data at any time by emailing: contact@derekburgess.com
Upon receipt of a written request, Burgess will provide you with information about whether we hold, or process on behalf of a third (3rd) party, any of your personal information. To request this information please contact us at: contact@derekburgess.com
Information collected by the technologies described in this Privacy Notice is protected by SSL 256 bit encryption technology during transmission. Information kept by us is protected using industry standard security measures. Though we reserve the right to keep the information covered in this Privacy Notice indefinitely, our employees and agents are required to keep this information confidential unless disclosure is authorized in this Privacy Notice, your MSA or by Users. No means of communication, information transmission, or storage is entirely secure. For this reason, we are not responsible for loss corruption or unauthorized acquisition and use of information covered by this Privacy Notice, or for any resulting damages, including unauthorized acquisition and use.
If you have any questions about security on our Sites, you can send email us at: contact@derekburgess.com
If you are a California resident, you have additional rights pursuant to the California Consumer Privacy Act ("CCPA"). Under the CCPA, you have the following rights:
To exercise any of your above rights, please send us an email [hyperlink] request. You may also designate an authorized agent to make these requests on your behalf. In order to do this, we will ask you to verify the request directly via email or through your password-protected account.
Please note that we do not sell Personal Information to third parties. We do allow third parties to collect Personal Information through Name.
We reserve the right to modify this Privacy Notice at any time, so please review it frequently. If we make material changes to this Privacy Notice, we will notify you here, by email, through the Client portal, or by means of a prominent notice on our Sites.
Our Sites provide links to other websites maintained by companies unaffiliated with us. We are not responsible for the privacy practices or the content of such websites, and we encourage you to use caution when interacting with such websites. In particular, we recommend that you view the privacy policy posted on each such website to confirm their policies in respect of your information are acceptable to you. This Privacy Notice applies solely to information collected by our Sites.
If you have questions or concerns regarding this Privacy Notice, you should contact us by email at: contact@derekburgess.com