A portrait of Rebecca Herold

Rebecca Herold & Associates, LLC

Your trusted source for effective information security,
privacy and compliance tools, education and consulting.
The Privacy Professor

Privacy Policy

Updated January 1, 2020

Introduction

This is the business website for Rebecca Herold, LLC also known as The Privacy Professor® consulting business, providing information security and privacy governance, risk, compliance, education, writing, special projects and expert witness services for organizations in the United States, and throughout the world.

We do not knowingly attempt to solicit or receive information from children.

We understand that individuals and businesses are aware of and care about personal privacy interests, and we take feasible actions to ensure we address privacy concerns and legal requirements. This Privacy Notice describes The Privacy Professor's policies and practices regarding its collection and use of personal data, and establishes individuals' privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we start new personal data practices or adopt new privacy policies.

⇧ BACK TO TOP

Data Protection Officer

The Privacy Professor is headquartered in Iowa, in the United States. The Privacy Professor has personnel appointed to be responsible for data protection officer responsibilities. Individuals may contact us if they have any questions or concerns about The Privacy Professor's personal data policies or practices. The Privacy Professor's data protection officer's name and contact information are as follows:

The Privacy Professor
Rebecca Herold, CEO
625 42nd Street
Des Moines, Iowa 50312
+1 515-491-1564
rebeccaherold@rebeccaherold.com

⇧ BACK TO TOP

How we collect and use (process) personal information

The Privacy Professor collects personal information about its clients, people sending inquiries and publications subscribers. With a few exceptions this information includes: first name, last name, job title, employer name, work address, email, and phone number. We use this information to provide those communicating with us with goods and services. We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of The Privacy Professor services.

⇧ BACK TO TOP

Use of the PrivacyGuidance.com website

Similar to the practices of most other websites, The Privacy Professor's website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location from where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of The Privacy Professor's website, including a history of the pages viewed on the site. We use this information to help us design our site to better suit our clients' and website visitors' needs. We may also use IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

The Privacy Professor has a genuine interest in understanding how our website is used. This assists The Privacy Professor with providing more relevant content, products and services, with communicating value to our website users, and with providing appropriate staffing to meet client needs.

⇧ BACK TO TOP

When and how we share information with others

Information about The Privacy Professor client purchases are maintained in association with client accounts. The personal information The Privacy Professor collects is stored in one or more databases hosted in The Privacy Professor facilities, or by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than maintaining cloud storage and retrieval. The Privacy Professor may occasionally engage third parties to mail information to you, including items like free monthly tips messages, books, tools and other downloadable or physical mail delivery items you may have purchased, or material from a business partner.

⇧ BACK TO TOP

Transferring personal data from the EU to the US

The Privacy Professor has its headquarters in the United States. Information we collect from individuals will be processed in the United States. The United States has not, at this time, sought nor received a finding of "adequacy" from the European Union under Article 45 of the GDPR. The Privacy Professor relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, The Privacy Professor collects and transfers to the U.S. personal data only:

  • with individual consent;
  • to perform a contract with individuals or organizations; or
  • to fulfill a compelling legitimate interest of The Privacy Professor in a manner that does not outweigh individual rights and freedoms.

The Privacy Professor applies suitable safeguards to protect the privacy and security of personal data and to use it only consistent with your relationship with The Privacy Professor and the practices described in this Privacy Notice. The Privacy Professor also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate.

⇧ BACK TO TOP

Data subject rights

This Privacy Notice is intended to provide you with information about what personal data The Privacy Professor collects about you and how it is used. If you have any questions, please contact us at rebeccaherold@rebeccaherold.com.

If you wish to confirm that The Privacy Professor is processing your personal data, or to have access to the personal data The Privacy Professor may have about you, please contact us at rebeccaherold@rebeccaherold.com.

⇧ BACK TO TOP

Security of your information

To help protect the privacy of data and personally identifiable information transmitted as a result of using this site, we maintain administrative, physical, and technical safeguards. We update and test our security technology on an ongoing basis. We restrict access to personal data to the specific workers who need to know that information to provide benefits or services to individuals and organization clients. We also train our workers about the importance of confidentiality and maintaining the privacy and security of personally identifiable information. We commit to taking appropriate disciplinary measures to enforce our workers' privacy responsibilities.

⇧ BACK TO TOP

Data storage and retention

Personal data is stored on The Privacy Professor's servers, and on the servers of the cloud-based database management services The Privacy Professor engages, located in the United States. The Privacy Professor retains data for the duration of each individual's and organizational client's business relationship with The Privacy Professor, and for a period of time thereafter to allow individuals and organizations to recover accounts if they decide to renew, to analyze the data for The Privacy Professor's own operations, and for historical and archiving purposes associated with The Privacy Professor's history, and as legally required. For more information on where and how long personal data is stored, and for more information about individuals' rights of erasure and portability, please contact The Privacy Professor's data protection officer at rebeccaherold@rebeccaherold.com.

⇧ BACK TO TOP

Changes and updates to the Privacy Notice

As our business changes from time to time, this Privacy Notice will need to change as well. We reserve the right to amend the Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice at this site. We may email periodic reminders of our notices and terms and conditions and will email The Privacy Professor clients when material changes occur, but individuals and clients should check our site frequently to see the current Privacy Notice and Conditions of Use that is in effect and any changes that may have been made to it.

⇧ BACK TO TOP

Questions, concerns or complaints

Please contact The Privacy Professor's data protection officer:

The Privacy Professor
Rebecca Herold, CEO
625 42nd Street
Des Moines, Iowa 50312
+1 515-491-1564
rebeccaherold@rebeccaherold.com

⇧ BACK TO TOP

Last Edited on January 1, 2020