GDPR/CCPA Compliance Notice
Effective Date: January 5, 2023
At The Business Hack, we are deeply committed to protecting the privacy and data of our users. This GDPR/CCPA Compliance Notice outlines how we collect, process, store, and protect personal data, in accordance with the General Data Protection Regulation (GDPR) applicable to users in the European Economic Area (EEA) and the California Consumer Privacy Act (CCPA) applicable to residents of California, USA. This policy is designed to ensure transparency and compliance with global data privacy regulations, primarily focusing on the EEA, the United Kingdom, and the state of California, USA.
By using our Website, www.thebusinesshack.com, or interacting with our services, you acknowledge that you have read and understood this notice and that you consent to our data practices.
1. GDPR Compliance (European Economic Area and the United Kingdom)
The General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 require businesses to follow strict guidelines regarding the collection and use of personal data for individuals in the European Union (EU), European Economic Area (EEA), and the United Kingdom (UK). This section explains how The Business Hack adheres to these regulations.
1.1 Data We Collect
We collect and process the following types of personal data when you use our services:
Personal Identification Data: Name, email address, contact details, and any other information you provide when signing up for newsletters, purchasing products, or submitting contact forms.
Technical Data: IP address, browser type, device information, and geographic location (if location services are enabled).
Usage Data: Information about how you use our Website, such as page views, time spent on each page, and the links clicked.
1.2 Legal Basis for Processing
Under the GDPR, we must have a lawful basis for processing personal data. The lawful bases we rely on include:
Consent: We process personal data based on the explicit consent you provide when you sign up for newsletters, create an account, or engage in other voluntary activities on our Website.
Contractual Necessity: When you purchase a product or service from us, we process your personal data to fulfill that contract.
Legitimate Interests: We process personal data when necessary to further our legitimate business interests, such as improving our services, analyzing user behavior, and marketing.
Compliance with Legal Obligations: We may be required to process personal data to comply with relevant legal obligations, including tax or law enforcement requests.
1.3 Your Rights Under GDPR
As a data subject under the GDPR, you have specific rights regarding your personal data, including:
Right to Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You have the right to request that inaccurate or incomplete personal data be corrected.
Right to Erasure (Right to Be Forgotten): You can request that your personal data be deleted in certain circumstances, such as if the data is no longer necessary for the purpose it was collected or if you withdraw your consent.
Right to Restrict Processing: You can request that we restrict the processing of your data in specific situations, such as when you contest the accuracy of the data.
Right to Data Portability: You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format and to request that we transfer this data to another data controller where technically feasible.
Right to Object: You have the right to object to our processing of your data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: If we are processing your data based on consent, you can withdraw your consent at any time, though this will not affect the lawfulness of any processing carried out before you withdrew consent.
To exercise any of these rights, please contact us at info@thebusinesshack.com. We will respond to your request within 30 days as required by the GDPR.
1.4 International Data Transfers
The Business Hack is a globally operating website, and your personal data may be transferred outside the EEA or UK, including to the United States. To protect your data, we implement adequate safeguards, such as:
Standard Contractual Clauses (SCCs) approved by the European Commission, which legally bind the recipients of the data to protect it in accordance with GDPR standards.
Privacy Shield Framework (prior to its invalidation), but we now rely on other legally accepted mechanisms.
We ensure that all data transfers are secure and compliant with GDPR requirements.
1.5 Data Retention
We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including complying with legal obligations, resolving disputes, and enforcing agreements. We will delete or anonymize data when it is no longer needed for these purposes, except where we are required to retain it by law (e.g., tax regulations or audits).
2. CCPA Compliance (California Residents)
The California Consumer Privacy Act (CCPA) provides California residents with enhanced rights regarding their personal data. This section explains how The Business Hack complies with CCPA requirements.
2.1 Personal Information We Collect
Under the CCPA, "personal information" includes data that identifies, relates to, describes, or could reasonably be linked to a particular consumer. We collect the following categories of personal information from California residents:
Identifiers: Name, email address, IP address, and online identifiers.
Commercial Information: Records of products or services purchased, obtained, or considered.
Internet or Network Activity: Information on interactions with our Website, including browsing history and clickstream data.
Geolocation Data: Physical location or movements (if applicable).
2.2 Rights of California Consumers
If you are a California resident, you have specific rights under the CCPA, including:
Right to Know: You have the right to request details about the personal information we collect, use, disclose, and sell (if applicable). You may request the specific pieces of personal information we have collected about you.
Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions (e.g., if the information is necessary for completing a transaction or complying with a legal obligation).
Right to Opt-Out: You have the right to opt-out of the sale of your personal information. Please note that we do not sell your personal information.
Right to Non-Discrimination: You will not be discriminated against for exercising any of your CCPA rights. This means that we will not deny services, charge different prices, or provide different levels of quality based on your exercising of your CCPA rights.
2.3 How to Exercise Your CCPA Rights
To exercise your CCPA rights, you may submit a verifiable request by contacting us at:
Email: info@thebusinesshack.com
Phone: (+1866) 957-7239
We will verify your identity before processing your request. You may make up to two requests per 12-month period, and we will respond to your request within 45 days, as mandated by the CCPA.
2.4 Data Sharing and Selling
Under the CCPA, businesses must disclose whether they "sell" personal information. The Business Hack does not sell personal information. However, we may share personal data with third-party service providers for specific business purposes, such as advertising, analytics, and marketing.
2.5 Third-Party Service Providers
We work with third-party service providers, such as payment processors, email marketing platforms, and analytics tools (e.g., Google Analytics). These third parties act as data processors under GDPR or service providers under CCPA, and they are bound by contractual agreements to handle your data securely and in compliance with applicable laws.
3. Security Measures to Protect Your Data
At The Business Hack, we take data security seriously. We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, destruction, or disclosure. These measures include:
Encryption: We use industry-standard encryption technologies (SSL/TLS) to secure data transmitted to and from our Website.
Access Controls: Personal data is accessible only to authorized personnel, and we use strict access controls to prevent unauthorized access.
Data Minimization: We collect and process only the data that is necessary for the specific purpose, and we limit access to that data based on business needs.
Regular Security Audits: We perform regular security audits and assessments to identify vulnerabilities and ensure compliance with legal standards.
While we take significant steps to protect your data, please be aware that no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.
4. Children’s Privacy
Our Website is not intended for individuals under the age of 18, and we do not knowingly collect personal data from children under the age of 18. If we discover that we have inadvertently collected data from a child under 18, we will take immediate steps to delete that data. If you believe we may have collected data from a child under 18, please contact us at info@thebusinesshack.com.
5. Changes to This Policy
We may update or modify this GDPR/CCPA Compliance Notice from time to time in response to evolving legal, technical, or business developments. When we make material changes to this policy, we will post the updated version on this page and update the "Effective Date" at the top of the notice. We encourage you to review this notice periodically to stay informed about how we are protecting your personal data.
6. Contact Information
If you have any questions, concerns, or requests regarding this GDPR/CCPA Compliance Notice, or if you wish to exercise your data protection rights, please contact us using the information below:
The Business Hack
Merril Lynch Building
101 Hudson St, 21st Floor
Jersey City, NJ 07302
United States
Email: info@thebusinesshack.com
Phone: (+1866) 957-7239