Who we are
Our website address is: https://psychofact.com.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where your data is sent
Visitor comments may be checked through an automated spam detection service.
As of my last knowledge update in September 2021, the California Privacy Rights Act (CPRA) had been passed in California, amending and expanding the California Consumer Privacy Act (CCPA) to enhance privacy rights and protections for California residents. However, specific detailed regulations and compliance guidelines for CPRA might have been developed or updated since then. For the most current and accurate information regarding CPRA compliance, I recommend consulting legal professionals or authorities.
That being said, I can provide a general outline and key considerations for achieving CPRA compliance based on the principles of the law up to 2021:
Understand CPRA Requirements: Familiarize yourself and your team with the key provisions and requirements of CPRA, including its expanded rights for consumers and increased privacy obligations for businesses.
Appoint a Chief Privacy Officer (CPO): Consider appointing a CPO to oversee your organization’s privacy compliance efforts, ensuring alignment with CPRA requirements.
Data Mapping and Inventory: Identify and document all personal data your organization collects, processes, and shares, along with understanding the purposes for which the data is used.
Consent and Opt-Out Mechanisms: Implement clear consent mechanisms for data processing activities, and provide easy-to-use opt-out options to consumers for the sale of their personal information.
Enhanced Consumer Rights: Ensure your processes and systems support the enhanced consumer rights introduced by CPRA, including the right to correct inaccurate information, limit the use of sensitive data, and restrict the sharing of personal information.
Data Security Measures: Strengthen data security measures to comply with CPRA requirements, which mandate additional safeguards for protecting personal information, including security audits and risk assessments.
Third-Party Assessments: Conduct assessments of third-party vendors to ensure they comply with CPRA requirements when handling personal data on your behalf.
Sensitive Data Classification: Implement procedures to classify and handle sensitive personal data, acknowledging the stricter regulations related to such data under CPRA.
Data Subject Access Requests (DSARs): Establish a streamlined process for responding to DSARs within the specified timelines and in compliance with the new CPRA requirements.
Privacy by Design and Default: Integrate privacy into your product or service design and development, ensuring that privacy considerations are a fundamental part of your processes from the beginning.
Record-Keeping and Documentation: Maintain detailed records of data processing activities, risk assessments, consent records, and other relevant documentation to demonstrate compliance with CPRA.
Training and Awareness: Train employees and contractors on CPRA requirements, ensuring they understand their roles and responsibilities in maintaining compliance.
Incident Response Plan: Develop and maintain an incident response plan that complies with CPRA requirements, addressing the reporting and investigation of security breaches involving personal information.
Regular Audits and Monitoring: Conduct regular audits and assessments to ensure ongoing compliance with CPRA, and update your practices in response to any changes in regulations or interpretations.
Data Transfer and International Compliance: Ensure compliance with CPRA requirements related to the transfer of personal data outside of California or the United States.
Again, please consult with legal professionals to ensure that your organization’s compliance efforts align with the latest and most accurate CPRA requirements and guidelines.
Sure, I can provide you with an overview of steps and considerations for General Data Protection Regulation (GDPR) compliance. However, please note that GDPR compliance can be a complex and nuanced process that may require legal and/or consulting assistance tailored to your specific organization. Here’s a general guide:
Understanding GDPR Principles: Familiarize yourself and your team with the fundamental principles of GDPR, including data minimization, transparency, accuracy, purpose limitation, integrity, and confidentiality.
Appoint a Data Protection Officer (DPO): If required by GDPR due to the nature and scale of processing activities, appoint a DPO responsible for monitoring compliance, providing advice, and acting as a point of contact for data subjects and supervisory authorities.
Data Mapping and Inventory: Identify and document all the personal data your organization processes, where it’s stored, how it’s used, who has access to it, and where it’s transferred.
Legal Basis for Processing: Ensure that you have a lawful basis for processing personal data. Common bases include consent, contract fulfillment, legal obligations, vital interests, performance of a task carried out in the public interest, and legitimate interests.
Data Subject Rights: Implement processes to honor data subject rights, including the right to access, rectify, erase, restrict processing, data portability, and object to processing.
Consent Management: If relying on consent as a legal basis, obtain clear and explicit consent from data subjects and provide mechanisms for them to withdraw consent easily.
Privacy by Design and Default: Integrate data protection principles into your systems and processes from the outset, ensuring that privacy is considered at every stage of a project.
Data Security Measures: Implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data. This may include encryption, access controls, and regular security assessments.
Data Transfer and International Compliance: If transferring data outside the European Economic Area (EEA), ensure you comply with GDPR requirements for international data transfers.
Data Breach Response Plan: Develop and maintain a data breach response plan to detect, report, and investigate any personal data breaches promptly.
Record-Keeping and Documentation: Maintain detailed records of processing activities, data protection impact assessments, and other relevant documentation to demonstrate compliance with GDPR.
Training and Awareness: Train employees on GDPR principles, their roles and responsibilities, and how to handle personal data in a compliant manner.
Vendor and Third-Party Management: Ensure that any third parties or vendors processing personal data on your behalf are GDPR compliant and have appropriate data processing agreements in place.
Regular Audits and Monitoring: Conduct regular audits to ensure ongoing compliance with GDPR, and monitor changes in regulations or interpretations that may impact your organization.
Incident Response and Reporting: Establish procedures for reporting and responding to breaches within the required timeframes and notify the relevant supervisory authorities and data subjects when necessary.
Remember to consult with legal and privacy professionals to tailor these steps to your organization’s specific needs and circumstances.
- Personal Information: Information that you provide when you create a Psychofact Account or use specific services, such as your name, email address, phone number, and payment information.
- Usage Information: Information about your interaction with Psychofact Services, such as your search queries, videos you watch, and interactions with content and ads.
- Device Information: Information about your device, such as hardware model, operating system, unique device identifiers, and mobile network information.
- Location Information: Information about your location when you use Psychofact Services, including IP address, GPS, and other sensors that may provide Psychofact with information on nearby devices, Wi-Fi access points, and cell towers.
2. How We Use Your Information Psychofact uses the information it collects to:
- Provide, maintain, and improve Psychofact Services.
- Customize the content you see, including ads, based on your preferences.
- Develop new services and features.
- Measure the effectiveness of ads and services.
- Send you updates and communication about Psychofact Services.
3. Information Sharing Psychofact may share your personal information with third parties under certain circumstances, including:
- With your consent.
- For external processing by trusted service providers.
- To comply with legal requirements or respond to lawful requests.
- To protect Psychofact’s rights, privacy, safety, or property, or that of its users or the public.