General Data Protection Regulation
I have read the guidelines for compliance with the new General Data Protection Regulation (GDPR) rules. This document that follows explains how Comme une Française complies with this new legislation. If you have submitted your email address (by emailing me, purchasing a course, registering for our newsletter) you should read this to reassure yourself that we are looking after your data extremely responsibly. Comme une Française values the security of your information and will never intentionally breach the rules. We will do everything possible to keep your information safe.
Awareness
Comme une Française Team members have been made aware of new data protection changes.
The information we hold
Email addresses of people who have emailed any of the Comme une Française email addresses (ending in @commeunefrancaise.com) or via our contact form – are automatically saved in Gmail and ZenDesk.
Email addresses and first names of people who have signed up to my mailing list via the opt-in link on our website — https://www.commeunefrancaise.com/ or https://www.boutiquefrancaise.fr/ are stored in Infusionsoft, which meets GDPR standards for compliance.
Email addresses, first and last name, telephone number (optional), postal addresses (optional) of people who have purchased something from our website. Orders are processed by Infusionsoft which is securely password-protected. We have placed a message and link to this document at the top our Sales Page.
Comme une Française does not share this information with anyone. Ever.
We have a YouTube account where viewers may comment. We sometimes reply, but hold no data about them. This data is held by YouTube. We use strong passwords on our YouTube channel as well as Two factor authorisation.
Infusionsoft processes data and payments for Comme une Française. Comme une Française has no access to payment information, but does have email and some postal addresses. These have all been given voluntarily.
We have access to databases of followers on Twitter, Facebook and Instagram. We are not the data processor of these databases – we use strong password authentication on these sites.
Comme une Française’s Grav and WordPress websites hold a database of followers, which we believe to be fully compliant. Comme une Française is not the data processor.
Communicating Privacy Information
Comme une Française has taken the following steps:
- We have added this document to our website with a link from the sign up section for new students and on our main about menu.
- We have added the link to our contact page.
- Before the end of May 2018, we will contact our student database, alert them to any changes, and remind them that they can unsubscribe at any time and their data will be deleted. This unsubscribe message will be on all subsequent emails.
- We will post this link on all Comme une Française social media accounts.
Individuals’ Rights
On request, Comme une Française will delete an individual’s data.
If a student would like to see their data, Comme une Française will gladly provide a screenshot of the gathered information.
If a student unsubscribes, their data will be deleted on a monthly basis.
Subject Access Requests
Comme une Française generally responds within 24 hours Monday-Friday, within the business hours of 9am – 4:30pm EST. Requests received after 4:30pm EST and on weekends will receive a response on the next business day.
Lawful basis for processing data
If people have contacted Comme une Française through one of our company email addresses, they have given us their email address. We do not actively add it to a list but Gmail will save it. Comme une Française will not add it to any database or spreadsheet unless someone requests we do so.
If people have opted into our mailing list (by subscribing), they have actively opted in, with the knowledge and expectation that they will receive occasional emails.
If people have purchased something from our site, their first and last name and email address are required. As an option, they can provide physical address, phone number, and birthday. The required information is used to communicate regarding their product purchase and the optional information may be used to send small gifts or “Thank You” notes for their participation in our programs. As our products come with a lifetime membership, this information is stored until the student requests to delete. Followers of Comme une Française’s WordPress Websites have opted in and are given unsubscribe reminders with each email.
No data is gathered on individuals who comment on our Youtube channels.
Consent
Once everyone has received a reminder of Comme une Française’s terms and conditions, we regard this as consent until a student asks for their data to be removed.
We recognize that consent is not indefinite, and will remind subscribers on each email, that they can unsubscribe and have their data deleted at any time.
Children
While young people sometimes contact us, we are often not aware of their ages (unless they state it) and do not collect their data. As we are not processing their data, we are not required to obtain parental consent.
Data Breaches
Comme une Française does everything within our power by using secure password protection and reliable, secure services and programs. Should a breach of one of those programs of services occur, we will take immediate action to follow their recommendations.