PRIVACY STATEMENT (CA)

This privacy statement was last changed on 17th June 2021, last checked on 17th June 2021, and applies to citizens and legal permanent residents of Canada.

In this privacy statement, we explain what we do with the data we obtain about you via https://www.rightnotesmusictuition.com. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose and categories of data

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

2. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

3. How we respond to Do Not Track signals & Global Privacy Control

Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.

4. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Cookie Policy CA webpage. We have concluded a data Processing Agreement with Google.Google may not use the data for any other Google services.The inclusion of full IP addresses is blocked by us.

5. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

6. Third party websites

This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

7. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

8. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below.

8.1 You have the following rights with respect to your personal data

  1. You may submit a request for access to the data we process about you.
  2. You may request an overview, in a commonly used format, of the data we process about you.
  3. You may request correction or deletion of the data if it is incorrect or not or no longer relevant. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question.
  4. You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. You will be informed of the implications of such withdrawal.
  5. You have the right to address a challenge concerning non-compliance with PIPEDA to our organisation and, if the issue is not resolved, to the Office of the Privacy Commissioner of Canada.
  6. We shall give access to personal information in an alternative format to an individual with a sensory disability who has a right of access to personal information under PIPEDA and who requests that it be transmitted in the alternative format if (a) a version of the information already exists in that format; or (b) its conversion into that format is reasonable and necessary in order for the individual to be able to exercise rights.

9. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

10. Contact details

Leigh Fuge
3a Lon Enfys, Llansamlet, Swansea, Wales, SA7 9XQ
United Kingdom
Website: https://www.rightnotesmusictuition.com
Email: privacy@rightnotesmusictuition.com

Phone number: +447412301647

We have appointed a contact person for the organisation's policies and practices and to whom complaints or inquiries can be forwarded:
Leigh Fuge
[email protected]

Annex

WordPress

Who we are

Our website address is: https://www.rightnotesmusictuition.com.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Snapshot

Third parties

This site may be using a third-party to store backups of its files and database where personal information is collected. These services include Google Drive, Dropbox, Amazon S3, FTP/SFTP for other servers and WPMU DEV cloud storage.

Additional data

This site gives the option to its administrators to set up third-party destinations for sending and receiving backups. To create these destinations, personal data is stored. This data includes the administrator's name, email, UID and country for Dropbox accounts and credentials for FTP accounts.

Cookies

This site might be using cookies on the admin side for establishing connections with third-party vendors for sending and receiving backups. These vendors include Google Drive, Dropbox, Amazon S3 and phpseclib for FTP accounts. Additionally, cookies may be set for potentially fixing cron requests at erratic servers. These cookies will last for 14 days.

BuddyPress

What personal data we collect and why we collect it

Sites powered by BuddyPress rely heavily on user-provided data. In this section, you should note what data you collect, from both registered users and anonymous visitors.

Profile Data

When you register for the site, you may be asked to provide certain personal data for display on your profile. The "Name" field is required as well as public, and user profiles are visible to any site visitor. Other profile information may be required or optional, as configured by the site administrator. User information provided during account registration can be modified or removed on the Profile > Edit panel. In most cases, users also have control over who is able to view a particular piece of profile content, limiting visibility on a field-by-field basis to friends, logged-in users, or administrators only. Site administrators can read and edit all profile data for all users.

Activity

This site records certain user actions, in the form of "activity" data. Activity includes updates and comments posted directly to activity streams, as well as descriptions of other actions performed while using the site, such as new friendships, newly joined groups, and profile updates. The content of activity items obey the same privacy rules as the contexts in which the activity items are created. For example, activity updates created in a user's profile is publicly visible, while activity items generated in a private group are visible only to members of that group. Site administrators can view all activity items, regardless of context. Activity items may be deleted at any time by users who created them. Site administrators can edit all activity items.

Messages

The content of private messages is visible only to the sender and the recipients of the message. With the exception of site administrators, who can read all private messages, private message content is never visible to other users or site visitors. Site administrators may delete the content of any message.

Cookies

We use a cookie to show success and failure messages to logged-in users, in response to certain actions, like joining a group. These cookies contain no personal data, and are deleted immediately after the next page load. We use cookies on group, member, and activity directories to keep track of a user's browsing preferences. These preferences include the last-selected values of the sort and filter dropdowns, as well as pagination information. These cookies contain no personal data, and are deleted after 24 hours. When a logged-in user creates a new group, we use a number of cookies to keep track of the group creation process. These cookies contain no personal data, and are deleted either upon the successful creation of the group or after 24 hours.

Forminator Forms

Which forms collect personal data?

If you use Forminator PRO to create and embed any forms on your website, you may need to mention it here to properly distinguish it from other forms.

What personal data do we collect and why?

By default Forminator captures the IP Address for each submission to a Form. Other personal data such as your name and email address may also be captured, depending on the Form Fields.

When visitors or users submit a form, we capture the IP Address for spam protection. We also capture the email address and might capture other personal data included in the Form fields.

How long we retain your data

When visitors or users submit a form we retain the data for 30 days.

Where we send your data

All collected data might be shown publicly and we send it to our workers or contractors to perform necessary actions based on the form submission.

Third Parties

We use Google reCAPTCHA for spam protection. Their privacy policy can be found here : https://policies.google.com/privacy?hl=en. We use Akismet Spam for spam protection. Their privacy policy can be found here : https://automattic.com/privacy/. We use Mailchimp to manage our subscriber list. Their privacy policy can be found here : https://mailchimp.com/legal/privacy/. Forminator Polls

Which polls are collecting personal data?

If you use Forminator PRO to create and embed any polls on your website, you may need to mention it here to properly distinguish it from other polls.

What personal data do we collect and why?

When visitors or users submit a poll, we capture the IP Address for spam protection and to set voter limitations.

How long we retain your data

When visitors or users votes on a poll we retain the IP Address data for 30 days and anonymize it.

Where we send your data

All collected data might be shown publicly and we send it to our workers or contractors to perform necessary actions based on votes.

Third Parties

We use Akismet Spam for spam protection. Their privacy policy can be found here : https://automattic.com/privacy/. Forminator Quizzes

Which quizzes are collecting personal data?

If you use Forminator PRO to create and embed any quizzes on your website, you may need to mention it here to properly distinguish it from other quizzes.

What personal data do we collect and why?

By default Forminator captures NO Personally Identifiable Information for each Quiz submission.

When visitors or users submit a quiz's answer, we capture NO Personally Identifiable Information.

How long we retain your data

When visitors or users answer a quiz we retain the answers data for 30 days and then remove it from our system.

Where we send your data

All collected data might be shown publicly and we send it to our workers or contractors to perform necessary actions based on answers. Hustle

Which modules collect personal data?

If you use Hustle to create and embed any Pop-up, Embed, Slide-in, or Social share module, you may need to mention it here to properly distinguish it from other plugins.

What personal data do we collect and why?

By default, Hustle captures the IP Address for each conversion and for each view only if the "tracking" functionality is enabled. Other personal data such as your name and email address may also be captured, depending on the form fields.

When visitors or users submit a form or view a module, we capture the IP Address for analyisis purposes. We also capture the email address and might capture other personal data included in the form fields.

How long we retain your data

When visitors or users submit a form or view a module we retain the data for 30 days.

Where we send your data

All collected data might be shown publicly and we send it to our workers or contractors to perform necessary actions based on the form submission.

Third Parties

We use Mailchimp to manage our subscriber list. Their privacy policy can be found here : https://mailchimp.com/legal/privacy/. We use reCAPTCHA to protect your website from fraud and abuse. Their privacy policy can be found here : https://policies.google.com/privacy.  

Cookies

By default Hustle uses cookies to count how many times each module is visualized. Cookies might be used to handle other features such as display settings, used when a module should not be displayed for a certain time, whether the user commented before, whether the user has subscribed, among others, if their related settings are enabled.

Hummingbird

Third parties

Hummingbird uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.

WP Smush

Plugin: Smush

Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers. Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath's privacy policy can be found here.

Akismet

We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter's IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

WooCommerce

This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:
  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of basket contents while you’re browsing our site.

Note: you may want to further detail your cookie policy, and link to that section from here.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders. We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses. We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.

We share information with third parties who help us provide our orders and store services to you; for example --

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the PayPal Privacy Policy for more details.

BuddyPress

What personal data we collect and why we collect it

Sites powered by BuddyPress rely heavily on user-provided data. In this section, you should note what data you collect, from both registered users and anonymous visitors.

Profile Data

In this section you should note what information is collected on user profiles. The suggested text gives an overview of the kinds of profile data collected by BuddyPress.

Suggested text: When you register for the site, you may be asked to provide certain personal data for display on your profile. The "Name" field is required as well as public, and user profiles are visible to any site visitor. Other profile information may be required or optional, as configured by the site administrator. User information provided during account registration can be modified or removed on the Profile > Edit panel. In most cases, users also have control over who is able to view a particular piece of profile content, limiting visibility on a field-by-field basis to friends, logged-in users, or administrators only. Site administrators can read and edit all profile data for all users.

Activity

In this section you should describe the kinds of information collected in the activity stream, how and whether it can be edited or deleted, and to whom the activity is visible.

Suggested text: This site records certain user actions, in the form of "activity" data. Activity includes updates and comments posted directly to activity streams, as well as descriptions of other actions performed while using the site, such as new friendships, newly joined groups, and profile updates. The content of activity items obey the same privacy rules as the contexts in which the activity items are created. For example, activity updates created in a user's profile is publicly visible, while activity items generated in a private group are visible only to members of that group. Site administrators can view all activity items, regardless of context. Activity items may be deleted at any time by users who created them. Site administrators can edit all activity items.

Messages

In this section you should describe any personal data related to private messages.

Suggested text: The content of private messages is visible only to the sender and the recipients of the message. With the exception of site administrators, who can read all private messages, private message content is never visible to other users or site visitors. Site administrators may delete the content of any message.

Cookies

In this section you should describe the BuddyPress-specific cookies that your site collects. The suggested text describes the default cookies.

Suggested text: We use a cookie to show success and failure messages to logged-in users, in response to certain actions, like joining a group. These cookies contain no personal data, and are deleted immediately after the next page load. We use cookies on group, member, and activity directories to keep track of a user's browsing preferences. These preferences include the last-selected values of the sort and filter dropdowns, as well as pagination information. These cookies contain no personal data, and are deleted after 24 hours. When a logged-in user creates a new group, we use a number of cookies to keep track of the group creation process. These cookies contain no personal data, and are deleted either upon the successful creation of the group or after 24 hours.

Stripe

By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.

Hummingbird

Third parties

Hummingbird uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.

WP Smush

Plugin: Smush

Note: Smush does not interact with end users on your website. The only input option Smush has is to a newsletter subscription for site admins only. If you would like to notify your users of this in your privacy policy, you can use the information below. Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers. Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath's privacy policy can be found here.

MailChimp for WooCommerce

When shopping, we keep a record of your email and the cart contents for up to 30 days on our server. This record is kept to repopulate the contents of your cart if you switch devices or needed to come back another day. Read our privacy policy here.