Tourpreneur Privacy Policy
COLLECTING PERSONAL INFORMATION
When registering for our sites (tourpreneur.com and community.tourpreneur.com), you are asked to enter your name, email address, mailing address, phone number, credit card information (where applicable), and other details.
Per our privacy policy, we aim to comply with the General Data Protection Regulation (GDPR) and other privacy policy requirements, as outlined below. When processing your personal information, we adhere to the following GDPR points:
- Consent: We may process personal data based on the explicit consent provided by the individual for specific purposes.
- Contract Necessity: Personal data may be processed when necessary for the performance of a contract to which the individual is a party or for pre-contractual measures taken at the individual’s request.
- Legal Obligation: Processing of personal data may occur when it is necessary for compliance with a legal obligation to which we are subject.
- Legitimate Interests: In certain cases, we may process personal data based on legitimate interests pursued by us or a third party, provided that such interests are not overridden by the fundamental rights and freedoms of the individual.
It is our responsibility to ensure that the legal basis for processing personal data is clearly identified and documented for each processing activity. If you have any questions or concerns regarding the legal basis for processing your personal information, please contact us using the information provided in this privacy policy.
INFORMATION USE
We collect your information when signing up for membership, registering for an event, downloading an electronic product, subscribe to our newsletter, or use certain features of our website.
- When Taking a Course: We collect and process personal data to tailor your learning experience, tracking course completion, quiz scores, and engagement metrics to provide personalized recommendations and learning pathways.
- When creatingn an account: We collect personal data such as name, email address, username, and topic and learning preferences to create and manage user accounts. This allows members to access course materials, track their progress, and participate in interactive learning activities.
- When contacting our support: We use personal data to communicate with members regarding important updates, course announcements, and support inquiries. This may include sending email notifications, responding to helpdesk tickets, and facilitating peer-to-peer discussions within the learning community.
- When making a purchase: For members who subscribe to paid memberships, we collect personal data necessary for payment processing, such as billing information and payment history. This ensures a seamless and secure transaction process.
- When registering for an event: We collect personal data from members who register for conferences or events hosted on our platform. This includes information such as name, contact details, business name, business type and size. This data is used to manage conference logistics, facilitate attendee communication, and customize the conference experience.
- When engaging with our website: We may also request and process personal data to fulfill legal obligations, such as complying with tax regulations, or responding to lawful requests from regulatory authorities.
- When subscribing to newsletters and promotions: With explicit consent, we may use personal data to send promotional offers, discounts, and relevant educational content to members via email or targeted advertising campaigns. Members have the option to opt-out of marketing communications at any time.
- When engaging with our Community portal: We facilitate interactions among members by providing features such as discussion forums, chat rooms, and social networking functionalities. Personal data shared within these community spaces is used to foster collaboration, knowledge sharing, and networking opportunities among members.
PROTECTING YOUR DATA
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
- Encryption: Personal data transmitted between your browser and our website is encrypted using SSL/TLS technology, ensuring secure data transfer.
- Access Control: Access to personal data is restricted through strong password policies and role-based access control (RBAC), limiting access only to authorized personnel with necessary permissions.
- Data Minimization: We collect and store only the personal data necessary for the intended purpose, minimizing the risk associated with excessive or irrelevant data storage.
- Regular Software Updates: We regularly update WordPress core, themes, and plugins to patch known security vulnerabilities and protect against emerging threats, ensuring the security of our website.
- Security Plugins: Our website is equipped with a security plugins (FluendAuth), to provide additional layers of protection against malicious activities and unauthorized access.
- Data Backup: We maintain daily backups of our website and associated databases to mitigate the risk of data loss due to security incidents or unforeseen circumstances, ensuring data integrity and availability.
- User Consent and Privacy Policies: We obtain explicit consent from users before collecting or processing their personal data and provide transparent information about our data processing activities in our privacy policy.
- Employee Training: Our team undergoes regular training and awareness programs on GDPR compliance and data protection best practices to ensure they are well-equipped to handle personal data securely.
These security measures are continuously reviewed and updated to adapt to evolving threats and regulatory requirements, reaffirming our commitment to protecting the privacy and security of personal data entrusted to us.
THIRD-PARTY DISCLOSURE
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information (PII) without your express permission.
- Legal Basis for Transfer: When transferring PII to third parties, we ensure that there is a lawful basis for such transfers as defined by the GDPR. This may include:
- Consent: We obtain explicit consent from users before transferring their PII to third parties for specified purposes.
- Contractual Necessity: Transfers may occur when it is necessary for the performance of a contract between the user and our organization, or when taking pre-contractual steps at the user’s request.
- Legal Obligation: PII may be transferred to third parties to comply with legal obligations imposed on our organization.
- Legitimate Interests: Transfers may be based on our legitimate interests or those of third parties, provided that such interests are not overridden by the rights and freedoms of the user.
- Safeguards for Transfers: We implement appropriate safeguards to ensure the security and protection of PII transferred to third parties. Examples of safeguards may include:
- Data Processing Agreements: We enter into data processing agreements with third-party recipients to outline the terms and conditions governing the processing and security of PII.
- Encryption: PII may be encrypted before transfer to mitigate the risk of unauthorized access or interception during transit.
- Compliance Assessments: We conduct regular assessments and audits of third-party recipients to ensure compliance with data protection regulations and contractual obligations.
- Obtaining Copies of Safeguards: Users have the right to request copies of the safeguards implemented for the transfer of their PII to third parties. To exercise this right, users can submit a request using the contact details provided in this privacy policy. Upon receiving a valid request, we will provide users with copies of the relevant safeguards in a timely manner, subject to any legal limitations or exemptions.
By providing transparency about the legal basis for transferring PII to third parties, the safeguards in place for such transfers, and the means for users to obtain copies of these safeguards, we aim to uphold our commitment to data protection and compliance with GDPR requirements.
THIRD-PARTY LINKS
As per the requirements of the General Data Protection Regulation (GDPR), we are committed to ensuring that third parties comply with GDPR standards when accessing or processing personal data through our website. It is essential to verify that any third-party links or integrations on our website adhere to GDPR standards. To ensure third party compliance:
- We review the privacy policies and terms of service of third-party providers to ensure they align with GDPR requirements for data protection and user privacy.
- We assess the data processing practices of third-party providers to determine how they handle personal data, including data storage, security measures, and data retention policies.
- We regularly review and monitor the GDPR compliance status of third-party links and integrations on our website to ensure ongoing adherence to data protection standards. This includes:
- We conduct periodic audits of third-party services and integrations to assess Tourpreneur’s Privacy Policy.
YOUR GDPR RIGHTS
As a Tourpreneur user you have the right to:
- Access your personal data
- Request rectification of inaccurate data
- Request erasure of your data (Right to be Forgotten)
- Restrict processing of your data
- Data portability
- Object to processing
- Not be subject to automated decision-making
To exercise these rights, contact us via the contact form on our website.
Miscellaneous Clauses
NOTIFICATION OF DATA BREACH
In the event of a data breach, we will notify affected individuals and the relevant supervisory authority within 72 hours, where feasible.
INTERNATIONAL DATA TRANSFERS
We use Standard Contractual Clauses (SCCs) and other legal mechanisms to transfer personal data outside the EEA, ensuring GDPR compliance.
COOKIES
We use cookies to enhance your site experience, remember your preferences, and compile aggregate data about site traffic. You can control cookie settings through your browser.
CALIFORNIA ONLINE PRIVACY PROTECTION ACT (CalOPPA)
We comply with CalOPPA by posting a privacy policy and honoring Do Not Track signals.
CHILDREN ONLINE PRIVACY PROTECTION ACT (COPPA)
We do not market to children under 13 years old.
FAIR INFORMATION PRACTICES
In case of a data breach, we will notify you via email within 7 business days of discovery of the breach and uphold your rights to redress.
CAN-SPAM ACT
We collect your email to send information, respond to inquiries, process orders, and market to our mailing list. We comply with CAN-SPAM requirements, including honoring opt-out requests.
CONTACT US
If you have any questions regarding this privacy policy, contact Tourpreneur by email at hello (at) tourpreneur.com.
Our mailing address is:
Tourpreneur LLC
30 Washington St 7K
Brooklyn, NY 11201
USA