We utilize the definition in the GDPR of personal data for the purposes of this policy. In brief, we consider personal data to be information in any format that relates to a living individual who can be identified by that information, either on its own or when it is combined with other information held by us.
Collection and Processing of Personal Data
We will only collect personal data where the data is reasonably necessary for a genuine business-related purpose.
This data is typically collected directly from you for potentially receiving services from you or you receiving services from us, or keeping you informed about Steve Schmida’s work.
The types of personal information we may collect includes but is not limited to:
- Name and gender
- Date of Birth
- Postal address
- Personal contact details (e.g. telephone, email, or facsimile number)
- Occupation, references and previous employment history, qualifications and skills
- Relationship or marital status
- Information provided by you through our website, Facebook or Instagram accounts
- Information provided through other public media forums (e.g. LinkedIn, Devex, etc.)
- Your contractual and performance history with us
We collect personal data in a lawful and fair manner and will only be obtained from you if it is deemed reasonable and practicable. We collect this information in a variety of ways, including but not limited to:
- Inquiries made by you through our websites and comments you make through our websites or social media accounts;
- When you follow our social media accounts, and register or subscribe to our mailing list;
- Through government agencies or third-party reporting services as legally required;
- Applications by you to attend events such as conferences, meetings, and trainings;
- Details of any disabilities and any accommodations we may need to make for you in the workplace; and
- Through direct communication between you and Steve Schmida, such as email, mail, by telephone and direct meetings.
Information Collected by This Website & Web Analysis Tools
Google will not associate your IP address with any other data held by Google.
You can modify your browser setting to decline cookies. However, if you decline cookies you will not be able to use all functions offered on our website. Additionally, you can prevent Google from collecting and processing your data by downloading and installing: http://tools.google.com/dlpage/gaoptout?hl=de.
Once cookies are deleted, you will be presented a cookie usage message each time you visit this website and convenience features will no longer be available.
Our primary goal in collecting this information is to provide the user with the most useful content and services. No personally identifiable information is collected or maintained without the user’s consent.
We do not store personal information on server logs; however, we do store the entries for the “Contact Us” section and the Newsletter sign up forms on the website’s database. This information provided by the user includes and is not limited to name, contact information, IP address, and date of submission.
Use of Personal Data
We use your personal data generally for the following purposes:
- Responding to your inquiries about books or other services;
- Submission of documents;
- Establishing and maintain communications with you (e.g. keeping you informed about Steve’s work);
- Compliance with relevant laws or other legal requirements.
Sharing of Personal Data
We will only share your personal data with others when we are legally permitted to do so. We include contractual language with third-parties regarding data protection, confidentiality, and security guidelines. If your personal data is subject to the EU’s GDPR, we ensure that the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses.
Personal data and information that we hold may be transferred to the following types of organizations:
- Third-party organizations that provide support services (e.g. – payroll, IT, travel, health insurance, retirement accounts);
- Professional advisors, such as lawyers, auditors, and accountants;
- Law enforcement, government, or other regulatory agencies as provided for by law.
We do not sell your personal data to any third-parties nor do we use any information about you for market research or any other research that is shared beyond Steve or his consulting firm, Resonance. However, under the certain circumstances outlined in this Policy, we may provide personal data to a third party as part of a business transaction.
Retention of Personal Information
It is our intent to not keep personal data for longer than reasonably required. The duration depends on the nature of the personal data and the purposes for which it was received. Our business entities maintain a data retention policy informed by:
- Legal or regulatory requirements of the location of the data processing;
- The completion of a contract or employment engagement with you or work you supported with our clients;
- If your personal data is held for reasons other than legal requirement or contractual engagement (i.e. – newsletter, recruitment database), we will maintain that data until you request its removal or correction.
Safeguarding of Personal Data
Our employees, or anyone acting on our behalf, are required to protect the confidentiality of information and to comply with our written procedures and are subject to disciplinary action if they fail to follow these procedures. We have established policies to maintain physical, electronic, and procedural safeguards to maintain the security and privacy of all client data and information. Our employees access information you store with us only upon your request to service and manage your account data and to monitor the information as it relates to your interaction with this website.
We will release personal data to a non-affiliated third party where we are required to by law, or in the good-faith belief that such action is necessary in order to conform to the edicts of the law or comply with an official investigation by a law enforcement organization, including judicial and governmental agencies. We may provide transaction-related information to Government or private auditors for the purpose of inspecting or validating our business practices, accounting records or financial reports.
Your Rights Regarding Your Personal Data
The EU’s GDPR details an individual’s rights regarding their personal data. We respects and support these rights and applies them to personal data held generally. If you are in the EU, you have the right to:
- Access: Subject to certain conditions, you are entitled to have access to your personal data. You may contact us to request a copy of your personal data held by us.
- Data Portability: Subject to certain conditions, you are entitled to receive the personal data which you have provided to us and which is processed by us by automated means, in a structured, commonly-used machine readable format.
- Correction: You may challenge the accuracy or completeness of your personal data and have it corrected or completed, as applicable. You have a responsibility to help us to keep your personal data accurate and up to date.
- Object to or Restrict Processing: Subject to certain conditions, you have the right to object to or ask us to restrict the processing of your personal data.
- Erasure: Subject to certain conditions, you are entitled to have your personal data erased (e.g. where your personal data is no longer needed for the purposes it was collected for, or where the relevant processing is unlawful).
- Withdraw Consent: As stated above, where our processing of your personal data is based on your consent you have the right to withdraw your consent at any time. If you withdraw your consent, this will only take effect for future processing and is subject to certain conditions based on our legal obligations.
- Judicial Remedy: You are entitled to an effective judicial remedy against a legally binding decision of a supervisory authority concerning the data subject as required by Article 78 GDPR.
To act on any of the above rights, requests can be submitted to us by following the instructions in the “How to Contact Us” section below. We will respond to these requests in accordance with regulatory requirements once we confirm the validity of the request. We may need to request additional information regarding the specifics of the request as well as confirm your identity. It is important to note that some of these rights are limited by other’s rights to data protection. For example, if access to your personal data would implicate another individual’s data or our proprietary trade secrets, we may deny your request. Should we deny your request to exercise any right, we will provide you our justification within 30 days of receipt of your request. If you disagree without reasons, you may contact the relevant supervisory authority noted above.
We utilize images collected by the staff of Resonance to demonstrate the nature and impact of our work. We seek consent to the degree practical from the individuals depicted in these images. If your likeness is reproduced in any of the images hosted on our website and you would like these images to be deleted, please contact us and the images will be promptly removed.
Breaches of Personal Data
We apply best business practices and secure systems to protect personal data. If a data breach that included personal data were to occur, we will respond to the breach as required by the relevant regulations. If you are aware of a breach of personal data that involves us, please contact us immediately.
How to Contact Us
An email communication to the above address is the quickest way to receive a response from us. However, you may also submit requests in writing to the contacts below:
1 Mill Street, Suite 201
Burlington, VT 05401