Privacy Policy

Who we are

Our website address is: https://psychofact.com.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.

CPRA Compliance

As of my last knowledge update in September 2021, the California Privacy Rights Act (CPRA) had been passed in California, amending and expanding the California Consumer Privacy Act (CCPA) to enhance privacy rights and protections for California residents. However, specific detailed regulations and compliance guidelines for CPRA might have been developed or updated since then. For the most current and accurate information regarding CPRA compliance, I recommend consulting legal professionals or authorities.

That being said, I can provide a general outline and key considerations for achieving CPRA compliance based on the principles of the law up to 2021:

  1. Understand CPRA Requirements: Familiarize yourself and your team with the key provisions and requirements of CPRA, including its expanded rights for consumers and increased privacy obligations for businesses.

  2. Appoint a Chief Privacy Officer (CPO): Consider appointing a CPO to oversee your organization’s privacy compliance efforts, ensuring alignment with CPRA requirements.

  3. Data Mapping and Inventory: Identify and document all personal data your organization collects, processes, and shares, along with understanding the purposes for which the data is used.

  4. Consent and Opt-Out Mechanisms: Implement clear consent mechanisms for data processing activities, and provide easy-to-use opt-out options to consumers for the sale of their personal information.

  5. Enhanced Consumer Rights: Ensure your processes and systems support the enhanced consumer rights introduced by CPRA, including the right to correct inaccurate information, limit the use of sensitive data, and restrict the sharing of personal information.

  6. Data Security Measures: Strengthen data security measures to comply with CPRA requirements, which mandate additional safeguards for protecting personal information, including security audits and risk assessments.

  7. Third-Party Assessments: Conduct assessments of third-party vendors to ensure they comply with CPRA requirements when handling personal data on your behalf.

  8. Sensitive Data Classification: Implement procedures to classify and handle sensitive personal data, acknowledging the stricter regulations related to such data under CPRA.

  9. Data Subject Access Requests (DSARs): Establish a streamlined process for responding to DSARs within the specified timelines and in compliance with the new CPRA requirements.

  10. Privacy by Design and Default: Integrate privacy into your product or service design and development, ensuring that privacy considerations are a fundamental part of your processes from the beginning.

  11. Record-Keeping and Documentation: Maintain detailed records of data processing activities, risk assessments, consent records, and other relevant documentation to demonstrate compliance with CPRA.

  12. Training and Awareness: Train employees and contractors on CPRA requirements, ensuring they understand their roles and responsibilities in maintaining compliance.

  13. Incident Response Plan: Develop and maintain an incident response plan that complies with CPRA requirements, addressing the reporting and investigation of security breaches involving personal information.

  14. Regular Audits and Monitoring: Conduct regular audits and assessments to ensure ongoing compliance with CPRA, and update your practices in response to any changes in regulations or interpretations.

  15. Data Transfer and International Compliance: Ensure compliance with CPRA requirements related to the transfer of personal data outside of California or the United States.

Again, please consult with legal professionals to ensure that your organization’s compliance efforts align with the latest and most accurate CPRA requirements and guidelines.

 

GDPR Compliance

Sure, I can provide you with an overview of steps and considerations for General Data Protection Regulation (GDPR) compliance. However, please note that GDPR compliance can be a complex and nuanced process that may require legal and/or consulting assistance tailored to your specific organization. Here’s a general guide:

  1. Understanding GDPR Principles: Familiarize yourself and your team with the fundamental principles of GDPR, including data minimization, transparency, accuracy, purpose limitation, integrity, and confidentiality.

  2. Appoint a Data Protection Officer (DPO): If required by GDPR due to the nature and scale of processing activities, appoint a DPO responsible for monitoring compliance, providing advice, and acting as a point of contact for data subjects and supervisory authorities.

  3. Data Mapping and Inventory: Identify and document all the personal data your organization processes, where it’s stored, how it’s used, who has access to it, and where it’s transferred.

  4. Legal Basis for Processing: Ensure that you have a lawful basis for processing personal data. Common bases include consent, contract fulfillment, legal obligations, vital interests, performance of a task carried out in the public interest, and legitimate interests.

  5. Data Subject Rights: Implement processes to honor data subject rights, including the right to access, rectify, erase, restrict processing, data portability, and object to processing.

  6. Consent Management: If relying on consent as a legal basis, obtain clear and explicit consent from data subjects and provide mechanisms for them to withdraw consent easily.

  7. Privacy by Design and Default: Integrate data protection principles into your systems and processes from the outset, ensuring that privacy is considered at every stage of a project.

  8. Data Security Measures: Implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data. This may include encryption, access controls, and regular security assessments.

  9. Data Transfer and International Compliance: If transferring data outside the European Economic Area (EEA), ensure you comply with GDPR requirements for international data transfers.

  10. Data Breach Response Plan: Develop and maintain a data breach response plan to detect, report, and investigate any personal data breaches promptly.

  11. Record-Keeping and Documentation: Maintain detailed records of processing activities, data protection impact assessments, and other relevant documentation to demonstrate compliance with GDPR.

  12. Training and Awareness: Train employees on GDPR principles, their roles and responsibilities, and how to handle personal data in a compliant manner.

  13. Vendor and Third-Party Management: Ensure that any third parties or vendors processing personal data on your behalf are GDPR compliant and have appropriate data processing agreements in place.

  14. Regular Audits and Monitoring: Conduct regular audits to ensure ongoing compliance with GDPR, and monitor changes in regulations or interpretations that may impact your organization.

  15. Incident Response and Reporting: Establish procedures for reporting and responding to breaches within the required timeframes and notify the relevant supervisory authorities and data subjects when necessary.

Remember to consult with legal and privacy professionals to tailor these steps to your organization’s specific needs and circumstances.

Privacy Policy for Psychofact Services like Google Requirments

Effective Date

This Privacy Policy outlines how Psychofact collects, uses, shares, and protects your personal information when you use Psychofact’s services, including but not limited to Psychofact Search, Psychofact Email, Psychofact Drive, Psychofact Maps, PsychofactTube, and all associated products and features (collectively referred to as “Psychofact Services”). By using Psychofact Services, you consent to the practices described in this Privacy Policy. 1. Information We Collect Psychofact collects information to provide and improve its services. This information may include:

  • Personal Information: Information that you provide when you create a Psychofact Account or use specific services, such as your name, email address, phone number, and payment information.
  • Usage Information: Information about your interaction with Psychofact Services, such as your search queries, videos you watch, and interactions with content and ads.
  • Device Information: Information about your device, such as hardware model, operating system, unique device identifiers, and mobile network information.
  • Location Information: Information about your location when you use Psychofact Services, including IP address, GPS, and other sensors that may provide Psychofact with information on nearby devices, Wi-Fi access points, and cell towers.
  • Cookies and Similar Technologies: Psychofact may use cookies and other technologies to collect and store information when you visit websites or use Psychofact Services.

2. How We Use Your Information Psychofact uses the information it collects to:

  • Provide, maintain, and improve Psychofact Services.
  • Customize the content you see, including ads, based on your preferences.
  • Develop new services and features.
  • Measure the effectiveness of ads and services.
  • Send you updates and communication about Psychofact Services.

3. Information Sharing Psychofact may share your personal information with third parties under certain circumstances, including:

  • With your consent.
  • For external processing by trusted service providers.
  • To comply with legal requirements or respond to lawful requests.
  • To protect Psychofact’s rights, privacy, safety, or property, or that of its users or the public.

4. Security Psychofact takes security seriously and employs industry-standard practices to safeguard your personal information. However, no system can guarantee absolute security, and Psychofact cannot guarantee that your information will not be accessed, disclosed, altered, or destroyed by unauthorized means. 5. Choices You can choose to limit how Psychofact collects and uses your information, including opting out of personalized ads and modifying privacy settings in your Psychofact Account. 6. Third-Party Sites and Services Psychofact Services may contain links to third-party websites and services that are not under Psychofact’s control. Psychofact is not responsible for the privacy practices of these third parties, and this Privacy Policy does not apply to them. 7. Children’s Privacy Psychofact Services are not directed to children under the age of 13. If you become aware that a child has provided personal information without parental consent, please contact Psychofact, and the information will be deleted. 8. Changes to this Privacy Policy Psychofact may update this Privacy Policy periodically. When changes are made, the “Effective Date” at the beginning of the policy will be updated accordingly. We encourage you to review this Privacy Policy regularly. 9. Contact Information If you have questions or concerns about this Privacy Policy or your personal information, please contact Psychofact through the appropriate channels provided on the Psychofact website. By using Psychofact Services, you acknowledge that you have read, understood, and agreed to this Privacy Policy.