Last Updated October 1st, 2021
This statement describes the personal data we collect and/or process (which may include collecting, organizing, structuring, storing, using or disclosing) to provide products and services offered directly by Business Clinic Ltd., including Business Clinic Ltd.’s websites, online courses, meetings, webinars, programmes and learning platform.
Personal data is any information from or about an identified or identifiable person, including information that Business Clinic Ltd. can associate with an individual person. The protection of personal data is a hallmark of Business Clinic Ltd. In a similar manner, Business Clinic Ltd. protects the identity of individuals who access Business Clinic Ltd.’s websites. For the purposes of this Privacy Statement, the terms “Business Clinic, we, us, and our” refer to Business Clinic Ltd.
Business Clinic Ltd.’s data protection officer can be contacted at firstname.lastname@example.org
This statement describes the types of information, including Personal Information, collected and processed through Business Clinic Ltd.’s websites and through the services delivered via Business Clinic Ltd. websites, and how Business Clinic Ltd. treats such information. For questions about this Privacy Statement or your Personal Information, please contact email@example.com
By using the term “Personal Information” in our Privacy Statement, we refer to information that you individually provide to Business Clinic Ltd. either directly or indirectly that on its own or in combination with other information, can be used to identify you or make you identifiable. Personal Information includes for example your name, your mailing address, your telephone number, your e-mail address or other information that identifies you or makes you identifiable.
Information that by itself cannot be used to identify you or make you identifiable does not qualify as Personal Information.
- INFORMATION COLLECTED BY BUSINESS CLINIC LTD. WEBSITES
Business Clinic Ltd.’s websites gather information in two ways: (1) indirectly (for example, through our site’s technology), and (2) directly (for example, when you, the site visitor, voluntarily provide information on various pages).
The information will be transferred to Business Clinic Ltd.’s servers located in Trinidad and Tobago and the United States of America (“USA”).
- Information Collected Indirectly
Business Clinic Ltd. indirectly collects a variety of information through your interaction with and use of Business Clinic Ltd.’s websites. This information may include, but is not limited to, browser and device information, data collected through automated electronic interactions, application usage data, content information based on your individual interests, demographic information, geographic or geo-location information, statistical and aggregated information (“Other Information“).
Statistical or aggregated information does not directly identify a specific person, but it may be derived from Personal Information. For example, we may aggregate Personal Information to calculate the percentage of users in a particular geographic location, community or zip code.
If we combine Other Information with Personal Information, we will treat the combined information as Personal Information.
1.1 Business Clinic Ltd. Cookies
Some types of indirectly collected information are stored in “cookies.” Cookies are small files of electronic information that a website can transfer to a visitor’s hard drive to help that visitor while on the site. There are different types of cookies:
- Essential Cookies are used to provide visitors with basic functions through our websites. Without these cookies, our websites will not work properly.
- Analytics cookies use statistics to collect information anonymously. This information helps us understand how our visitors use our websites.
- Marketing cookies help Business Clinic Ltd. improve the ads we display on third-party websites and allow third parties to gather web-usage information required to determine ad performance.
1.1. a. Tracking Data and Third-Party Analytics Providers
Website traffic volume and patterns, such as the number of visitors to a given website or page on a daily basis is typically referred to as Tracking Data. This type of indirectly collected information is gathered through various means, such as an IP address, which is a number that is automatically assigned to your computer whenever you are surfing the Web. Web servers, the computers that “serve up” Web pages, automatically identify your computer by its IP address. When you visit any of Business Clinic Ltd.’s Websites, our servers log your computer’s IP address.
For the abovementioned purpose Business Clinic Ltd. uses the following Third-Party Analytics Providers: Google Analytics and Mailerlite.
One of our Third-Party Analytic Providers is Google Analytics:
Google Analytics is a service from Google, Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter “Google“) using cookies which are saved on your computer. The information generated by the cookie is transferred to and stored on a Google server (generally) located in the USA. Google uses this information on our behalf in order to analyze the use of our websites. The IP address transferred from your browser through Google Analytics is not merged with other data by Google for profiling purposes.
You can prevent Google Analytics’ collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available here. Business Clinic Ltd. uses IP anonymization, which truncates/anonymizes the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to and shortened by Google servers in the USA.
Further information can be found in the Google Analytics Terms of Service.
Only designated administrators of Business Clinic Ltd. can access the information gathered by Google Analytics, and the information is used only for administrative and planning purposes to meet the needs of our users, such as to improve the content of the site and to customize the content and/or layout of the site for individuals or groups of users.
- Cookies for advertising
- Information Collected Directly
Business Clinic Ltd. also collects Personal Information and other information that users voluntarily provide. It is entirely your decision to provide the requested information.
Business Clinic Ltd. keeps all information directly collected confidential, and will only use the information for the particular purpose stated at the point of collection. Business Clinic Ltd. will seek your specific permission for any additional use. You may choose to have this information removed at any time. Business Clinic Ltd. will never barter, trade, or sell access to your information without your specific consent.
2.1. User Account Data
When setting up an account on one of the Business Clinic Ltd.’s websites (“User Account“), you may be asked to provide Personal Information including, but not limited to, your name, e-mail address, and your phone number. If you choose to purchase any products, services, or other items for sale by Business Clinic Ltd., you will be asked to provide payment details and your full address for billing purposes.
As a customer/user of Business Clinic Ltd., we may obtain Personal Information about you when you register to use one of our websites or services/products or when you provide feedback about our products or services. The processing is necessary to perform the contract with you according to Article 6 (1) 1 lit. b) GDPR. As a customer/user, we will use your Personal Information, unless otherwise prohibited by law, for the following purposes:
- To provide you with the products and services you request.
- To communicate with you about your account or transactions with us and send you changes to our policies.
- To provide support including, but not limited to, product updates, product patches and fixes and other similar communications.
Furthermore, we will use your Personal Information for our legitimate interests according to Article 6 (1) 1 lit. f) GDPR to notify you about information about features on our site, new product releases and service developments and to advertise Business Clinic Ltd.’s products and services in accordance with this Privacy Statement.
Any User Account data will only be stored until you decide to terminate your User Account. In case we are obliged to further store your Personal Information due to statutory retention requirements, your Personal Information will be barred for further use by Business Clinic Ltd. and only be stored until such retention periods expire.
2.2. Other Personal Information Provided Directly
Personal Information provided by you on Business Clinic Ltd.’s websites, e.g. via contact forms will be stored in our service database and retained for the period necessary to fulfil our contractual obligations to you in accordance with Art. 6 (1) 1 lit. b) GDPR unless a longer retention period is required by law.
- DATA COLLECTION
Many Business Clinic Ltd.’s websites offer users the opportunity to participate in surveys or assessments via the internet. Business Clinic Ltd. will provide information about the purpose and process for each survey or assessment as part of the applicable survey or assessment.
- Sharing Your Survey Results With Other People
III. GENERAL INFORMATION ON COLLECTION AND PROCESSING OF INFORMATION
- Correcting and Changing User Information and Preferences; Deletion of User Accounts
If you have given your consent in accordance with Article 6 (1) 1 lit. a) GDPR to receiving e-mail communications from Business Clinic Ltd. but wish to withdraw your consent and discontinue this service, you may do so at any time by contacting us at firstname.lastname@example.org (see also below clause III.7. “Your rights”).
You also have the option at all times to have your User Account deleted for any of the Business Clinic Ltd. websites or to request a revision of your user information at any time. To do so, please contact us at email@example.com.
- Information Security
Business Clinic Ltd.’s employees and contractors understand the need for user privacy, and we maintain reasonable and appropriate security procedures to protect your information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the Personal Information. Access to user data is strictly limited to specific individuals who are trained to respect user privacy. The access given to these individuals is restricted to their need for such information for business purposes.
- Third-Party Information Storage
- Children and Privacy
Business Clinic Ltd. encourages parents and guardians to spend time with their children online and to be fully familiar with the sites visited by their children. Business Clinic Ltd.’s sites do not contain content that is generally considered unsuitable for children.
- Links to Other Sites
Business Clinic Ltd.’s websites may contain links to sites owned and/or operated by other organizations, and the privacy policies of those sites may differ from that of Business Clinic Ltd. These sites may collect data and make use of it in ways that Business Clinic Ltd. does not. We encourage you to review the privacy policies posted on all third-party sites.
- Location of Data Collection and Processing and Storage
In personally accessing Business Clinic Ltd. websites, you may be submitting Personal Information and survey or assessment results that Business Clinic Ltd. will use for business purposes that are consistent with this Privacy Statement. Business Clinic Ltd. collects information that may be processed internationally. Your information may be processed in the United States or any other country in which Business Clinic Ltd. maintains server access or cloud storage facilities.
Business Clinic Ltd. keeps Personal Information gathered and processed for the purposes described in this Privacy Statement for as long as there is a business purpose.
- Your Rights
You have the right to access the Personal Information that we hold about you and to correct, update, amend, suppress, delete or otherwise modify any Personal Information where it is inaccurate. When updating your Personal Information, we may ask you to verify your identity before we can act upon your request.
You may also, if governed by the General Data Protection Regulations, object to the use or processing of your Personal Information or withdraw consent to use your Personal Information at any time.
Under the General Data Protection Regulations, regarding the processing of your Personal Information, you have the following rights:
- the right to require free of charge (i) information whether your Personal Information is retained and (ii) access to and/or (iii) duplicates of the Personal Information retained. However, if the request affects the rights and freedoms of others or is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking the action requested) or refuse to act on the request;
- the right to request proper rectification, removal or restriction of your Personal Information;
- where processing of your Personal Information is either based on your consent or necessary for the performance of a contract with you and processing is carried out by automated means, the right to receive the Personal Information concerning you in a structured, commonly used and machine-readable format or to have your Personal Information transmitted directly to another company, where technically feasible (data portability);
- where the processing of your Personal Information is based on your consent, the right to withdraw your consent at any time without impact to data processing activities that have taken place before such withdrawal or to any other existing legal justification of the processing activity in question; the right not to be subject to any automatic individual decisions which produces legal effects on you or similarly significantly affects you and
- the right to take legal actions in relation to any breach of your rights regarding the processing of the Personal Information, as well as to lodge complaints before the competent data protection regulators.
To exercise the rights referred to above, please contact us at firstname.lastname@example.org
As far as we process your Personal Information on the basis of our legitimate interests pursuant to Art. 6 1) lit. f) GDPR, you may object to processing at any time. You may find the detailed description of our processing activities and the legal basis in the sections before. If you object we will no longer process your Personal Information unless there are compelling and prevailing legitimate grounds for the processing or the data is necessary for the establishment, exercise or defence of legal claims. If you object to such processing, we ask you to state the grounds of you objection in order for us to examine the processing of your Personal Information and decide whether to adjust the processing accordingly.
Please note that the processing of your Personal Information may involve advertising activities as described above. If you do not want that we process your Personal Information for direct marketing activities, you can object free of charge at any time via e-mail at email@example.com
Business Clinic Ltd. will obtain your consent before sharing your Personal Information with any third party that is not acting as an agent or vendor to perform tasks on our behalf or to use the information for a purpose materially different from the purpose for which it was initially collected or subsequently authorized by you. An exception to this will be (among others) where Business Clinic Ltd.’s processing of Personal Information is necessary for compliance with a legal obligation under the applicable law.
- Sensitive Information
For processing of your sensitive information (e.g. Personal Information revealing ethnic or racial origin, religious or philosophical beliefs, the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person or data concerning health), we will obtain your explicit consent to the extent required by law.
Business Clinic Ltd. is among others not required to obtain explicit consent with respect to sensitive information where the processing is (a) necessary to protect the vital interests of the data subject or another natural person where the data subject is physically or legally incapable of giving consent; (b) necessary for the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity; (c) necessary to carry out Business Clinic Ltd.’s obligations in the field of employment law in so far as it is authorized by European Union or Member State Law or a collective agreement pursuant to Member State Law providing for appropriate safeguards for the fundamental rights and the interests of the data subject; or (d) related to information that is manifestly made public by the individual.
- Dispute Resolution
If you have any complaints regarding our compliance with this Policy or a Privacy Shield related or general privacy related complaint, you should first contact us at firstname.lastname@example.org. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with this Policy.
With respect to human resources data, Business Clinic Ltd. will cooperate and comply with the EU DPA’s and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with the advice given by such authorities with respect to human resources data transferred from the EU and Switzerland in the context of the employment relationship. If you do not receive timely acknowledgement of your complaint from Business Clinic Ltd., or if we have not addressed your complaint to your satisfaction, you may contact the EU DPA’s for more information or to file a complaint. The services of the EU DPA’s are provided at no cost to you.
- Business Clinic Ltd. Privacy Notice for California Residents
INFORMATION WE COLLECT
Business Clinic Ltd.’s websites (the “Site”) collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”).
In particular, the Site has collected the following categories of personal information from its consumers within the past 12 months:
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name or other similar identifiers.
B. Internet or other similar network activity
Browsing history, search history, information on a consumer’s interaction with a website, application or advertisement.
C. Geolocation data
Physical location or movements.
D. Professional or employment-related information
Current or past job history or performance evaluations.
E. Nonpublic education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))
Education records directly related to a student, maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information or student disciplinary records.
F. Inferences drawn from other personal information
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, abilities and aptitudes.
Personal information does not include:
- Publicly available information from government records
- Deidentified or aggregated consumer information
- Information excluded from the CCPA’s scope such as:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994
Business Clinic Ltd. obtains the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete or products and services you purchase.
- Indirectly from you. For example, from observing your actions on our Site.
- Indirectly from your employer. For example, information required for you to complete a Business Clinic Ltd. survey, assessment or job application.
USE OF PERSONAL INFORMATION
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
- To provide, support, personalize and develop our Site, products and services.
- To create, maintain, customize and secure your account with us.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your Site experience.
- For testing, research, analysis and product development, including to develop and improve our Site, products and services.
- To respond to law enforcement requests and as required by applicable law, court order or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
Business Clinic Ltd. will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated or incompatible purposes without providing you notice.
SHARING PERSONAL INFORMATION
Business Clinic Ltd. may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
We share your personal information with the following categories of third parties:
- Subsidiaries and affiliates
- Contractors and service providers
- Third parties with whom we partner to offer products and services to you
DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE
In the preceding 12 months, Business Clinic Ltd. has disclosed the following categories of personal information for a business purpose to one or more of the parties identified above:
Category A: Identifiers
Category B: Internet or other similar network activity
Category C: Geolocation data
Category D: Professional or employment-related information
YOUR RIGHTS AND CHOICES
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
ACCESS TO SPECIFIC INFORMATION AND DATA PORTABILITY RIGHTS
You have the right to request that Business Clinic Ltd. disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability and Deletion Rights), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- If we disclosed your personal information for a business purpose, identifying the personal information categories that each category of recipient obtained
DELETION REQUEST RIGHTS
You have the right to request that Business Clinic Ltd. delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
EXERCISING ACCESS, DATA PORTABILITY AND DELETION RIGHTS
To exercise the access, data portability and deletion rights described above, please submit a verifiable consumer request to us by contacting us at:
Only you, or a person registered with the California Secretary of State who you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice in a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
VERFICATION OF IDENTITY
Business Clinic Ltd.’s Client Support Team is tasked with verifying a person’s identity prior to taking any action on an individual’s account with Business Clinic Ltd. Our Client Support Team will endeavor to use information that you have previously provided in order to verify your identity.
Business Clinic Ltd. may request any of the following information in order to verify your identity:
- First and Last name
- Email address or username
- Security questions and answers
- Access code
- Purchase order number
- Other uniquely identifiable variables
- Unique 6-digit code sent to the individual’s verified email address
RESPONSE TIMING AND FORMAT
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account.
If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
PERSONAL INFORMATION SALES OPT-OUT AND OPT-IN RIGHTS
If you are 16 years of age or older, you have the right to direct us not to sell your personal information at any time (the “right to opt out”). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt in”) from either the consumer who is at least 13 but not yet 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt into personal information sales may opt out of future sales at any time.
To exercise the right to opt out, you (or your authorized representative) may submit a request to us by emailing us at email@example.com.
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, if you have previously opted out of the sale of your personal information under the CCPA and would like to opt back into the sale of your personal information, please send an email to firstname.lastname@example.org. In order for Business Clinic Ltd. to process your opt-in request, we will need your first name, last name and the email address associated with your information. Once we receive this information, an email will be sent to the email address associated with the account, to confirm your request.
You do not need to create an account with us to exercise your opt-out rights. We will use only personal information provided in an opt-out request to review and comply with the request.
Consumers who opt in to personal information sales may opt out of future sales at any time.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the programme’s material aspects. Participation in a financial incentive programme requires your prior opt-in consent, which you may revoke at any time.
Under the CCPA, individuals are allowed to appoint an authorized agent to exercise their rights to access or delete their data for them. In order to do so, Business Clinic Ltd. requires that you email us at email@example.com.
OTHER CALIFORNIA PRIVACY RIGHTS
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please email us at:
- Policy Updates
This Privacy Statement is Business Clinic Ltd.’s promise to its websites users and Users with a registered User Account. Additional information that is particular to specific Business Clinic Ltd. sites may exist, and updates to this policy may be posted. For these reasons, we suggest that users who may have specific concerns about the information being gathered and use of that information, regularly view the Privacy Statement on each site. Business Clinic Ltd. reserves the right to change the policy on use of information collected at any time.
- Additional Questions or Comments