The Parent Company of Referred by Kenneth is That Thing Right There Com LLC

Privacy Policy for That Thing Right There Com LLC

Effective Date: October 26, 2023

1. Introduction

That Thing Right There Com LLC (“we,” “us,” or “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws. This policy applies to all users of our website, services, and any other interactions you may have with us. We are located in New York City, NY, and can be contacted using the information provided in Section 9 below. We were referred to you by Kenneth Business Consultant.

2. Data Controller

That Thing Right There Com LLC is the data controller responsible for your personal data. This means that we determine the purposes and means of processing your personal data.

3. Data We Collect

We collect the following types of personal data:

  • Identity Data: Name
  • Contact Data: Email address
  • Technical Data: IP address, browser type and version, operating system, device information, referring website, and other technical information.
  • Usage Data: Information about how you use our website and services, including pages visited, time spent on pages, links clicked, and other actions taken.
  • Location Data: General location derived from your IP address (e.g., city, region). We do not collect precise GPS coordinates.
  • Cookie Data: Data collected through cookies and similar tracking technologies (see Section 6 below).

4. Purposes of Processing and Legal Basis

We process your personal data for the following purposes:

  • Analytics: To analyze website traffic, user behavior, and trends to improve our website and services. The legal basis for this processing is our legitimate interest in improving our services (Article 6(1)(f) GDPR).
  • Marketing: To send you promotional emails, newsletters, and other marketing communications about our products and services. The legal basis for this processing is your consent (Article 6(1)(a) GDPR). You have the right to withdraw your consent at any time (see Section 8 below).
  • Service Improvement: To understand how users interact with our services and to make improvements based on this data. The legal basis for this processing is our legitimate interest in improving our services (Article 6(1)(f) GDPR).
  • Security: To maintain the security of our website and services and to prevent fraud. The legal basis for this processing is our legitimate interest in protecting our business and users (Article 6(1)(f) GDPR).
  • Compliance: To comply with legal obligations (Article 6(1)(c) GDPR).

5. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Analytics Data: We will retain analytics data for [Specify Time Period, e.g., 2 years].
  • Marketing Data: We will retain your marketing data until you unsubscribe from our marketing communications.
  • Other Data: We will retain other data for [Specify Time Period, e.g., 3 years] after your last interaction with us.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

6. Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect information about your browsing activity on our website.

  • What are Cookies: Cookies are small text files that are placed on your computer or mobile device when you visit a website.
  • Types of Cookies We Use:
    • Essential Cookies: These cookies are necessary for the operation of our website and cannot be disabled.
    • Analytics Cookies: These cookies allow us to analyze website traffic and user behavior.
    • Marketing Cookies: These cookies are used to track your browsing activity across websites and to show you personalized advertisements.
  • Your Cookie Choices: You can control cookies through your browser settings. You can choose to block all cookies, block third-party cookies, or clear existing cookies. Please note that blocking cookies may affect your experience on our website.
  • Cookie Consent: We will obtain your consent before placing non-essential cookies on your device. We will use a cookie consent banner to provide you with information about our use of cookies and to allow you to manage your cookie preferences.

7. Data Sharing and Transfers

We may share your personal data with the following categories of recipients:

  • Service Providers: We may share your personal data with third-party service providers who assist us with data analytics, marketing, and other services. These providers are contractually obligated to protect your data.
  • Legal Authorities: We may disclose your personal data to legal authorities if required by law.
  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.

International Data Transfers:

Your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA). These countries may have data protection laws that are different from the laws of your country. Where we transfer your data outside of the EEA, we will implement appropriate safeguards to ensure that your personal data is protected in accordance with the GDPR. These safeguards may include:

  • Standard Contractual Clauses: We may use Standard Contractual Clauses approved by the European Commission.
  • Adequacy Decisions: We may transfer your data to countries that have been deemed to provide an adequate level of protection by the European Commission.

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request access to your personal data that we hold.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data under certain circumstances.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
  • Right to Object: You have the right to object to the processing of your personal data under certain circumstances, including for direct marketing purposes.
  • Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that we have violated your rights under the GDPR. In the EU, you can find the appropriate supervisory authority in your country of residence.

To exercise your rights, please contact us using the contact information provided in Section 9 below. We will respond to your request within one month.

9. Contact Information

If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact us at:

That Thing Right There Com LLC
[Your Physical Address in NYC]
Email: [Your Email Address]

10. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • Encryption: We use encryption to protect your personal data during transmission and storage.
  • Access Controls: We restrict access to your personal data to authorized personnel only.
  • Regular Security Assessments: We conduct regular security assessments to identify and address vulnerabilities.
  • Employee Training: We provide regular training to our employees on data protection best practices.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post any changes on our website and notify you of any material changes. The effective date of the revised policy will be indicated at the top of the page. We encourage you to review this Privacy Policy periodically.

12. Children’s Privacy

Our website and services are not intended for children under the age of 16. We do not knowingly collect personal data from children under the age of 16. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately.

13. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review the privacy policies of these websites before providing them with your personal data.

Important Considerations and Next Steps:

  • Legal Review: This is a template. It is crucial to have this privacy policy reviewed and customized by a qualified legal professional specializing in GDPR and data privacy law. They can ensure it accurately reflects your specific data processing activities and complies with all applicable laws.
  • Cookie Consent Platform: Implement a robust cookie consent platform (e.g., OneTrust, Cookiebot) to manage user consent for cookies and tracking technologies.
  • Data Processing Agreements (DPAs): If you use third-party service providers who process personal data on your behalf, you need to have Data Processing Agreements (DPAs) in place with them. These agreements outline the responsibilities of the data processor and ensure they comply with GDPR requirements.
  • Data Security Measures: Regularly review and update your data security measures to protect personal data from unauthorized access, use, or disclosure.
  • Training: Provide regular training to your employees on data protection best practices and GDPR compliance.
  • Documentation: Maintain thorough documentation of your data processing activities, including the types of data you collect, the purposes for which you process it, and the legal basis for processing.
  • Privacy by Design and Default: Implement privacy by design and default principles in your product development and business processes. This means considering privacy implications from the outset and ensuring that data protection measures are built into your systems.
  • Keep Up-to-Date: Data privacy laws and regulations are constantly evolving. Stay informed about the latest developments and update your privacy policy and practices accordingly.

By following these steps, That Thing Right There Com LLC can demonstrate its commitment to protecting the privacy of its users and complying with the GDPR. Good luck!

Okay, here’s a comprehensive, GDPR-compliant privacy policy draft for That Thing Right There Com LLC, based on the information you provided. Please remember that this is a template and should be reviewed and adapted by legal counsel to ensure it fully meets your specific business practices and legal requirements.

Privacy Policy for That Thing Right There Com LLC

Effective Date: [Date – e.g., October 26, 2023]

1. Introduction

That Thing Right There Com LLC (“we,” “us,” or “our”), located in NYC, NY, is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website [Insert Website Address Here], use our services, or otherwise interact with us. We were referred to you by Kenneth Business Consultant.

2. Data Controller

That Thing Right There Com LLC is the data controller responsible for your personal data.

  • Company Name: That Thing Right There Com LLC
  • Address: [Insert Full Business Address in NYC, NY Here]
  • Email: [Insert Privacy-Specific Email Address Here – e.g., privacy@thatthingrightthere.com]
  • Phone: [Insert Phone Number Here]

3. Data Protection Officer (DPO)

[Choose ONE of the following options and adapt accordingly:]

  • Option 1 (If you have a DPO): We have appointed a Data Protection Officer (DPO). You can contact our DPO at:
    • Name: [Insert DPO Name Here]
    • Email: [Insert DPO Email Address Here]
  • Option 2 (If you don’t have a DPO, but have a designated contact): We do not have a formally appointed Data Protection Officer. However, you can contact our designated privacy contact at:
    • Name: [Insert Contact Person Name Here]
    • Email: [Insert Contact Person Email Address Here]
  • Option 3 (If you don’t have a DPO and no designated contact): You can contact us regarding privacy matters at [Insert Privacy-Specific Email Address Here – e.g., privacy@thatthingrightthere.com]

4. Personal Data We Collect

We collect and process the following categories of personal data:

  • Identity Data: Name
  • Contact Data: Email address
  • Usage Data: Information about how you use our website and services, including pages visited, features used, and time spent on our site.
  • Technical Data: IP address, browser type, operating system, device information, and location data.
  • Cookies and Similar Technologies: Data collected through cookies and similar tracking technologies (see Section 9 for more details).
  • Location Data: General location derived from IP address.

5. Purposes of Processing and Legal Basis

We process your personal data for the following purposes:

  • Analytics: To analyze website usage, improve our services, and understand user behavior.
    • Legal Basis: Legitimate interests (in improving our services and understanding user behavior, provided these interests are not overridden by your rights). We will also seek consent where required by applicable law.
  • Marketing: To send you promotional emails, newsletters, and other marketing communications.
    • Legal Basis: Consent (we will only send you marketing communications if you have given us your explicit consent to do so). You have the right to withdraw your consent at any time.
  • To provide and maintain our service: To ensure our website is functioning properly and to provide you with the services you request.
    • Legal Basis: Performance of a contract (if you are using a paid service) or legitimate interests (if you are using a free service).
  • To comply with legal obligations: To comply with applicable laws and regulations.
    • Legal Basis: Compliance with a legal obligation.

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service Providers: We use third-party service providers to assist us with analytics, marketing, and website hosting. These providers include:
    • [List specific service providers, e.g., Google Analytics, Mailchimp, AWS, etc.]
    • These service providers are contractually obligated to protect your personal data and only process it according to our instructions.
  • Business Consultants: We may share your data with Kenneth Business Consultant for business consulting purposes.
  • Legal Authorities: We may disclose your personal data to legal authorities if required by law or legal process.
  • Other Third Parties: We may share your data with other third parties with your explicit consent.

7. International Data Transfers

[Choose ONE of the following options and adapt accordingly:]

  • Option 1 (If you transfer data outside the EEA): Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) that may not have equivalent data protection laws as the EEA. We will take appropriate safeguards to ensure that your personal data remains protected in accordance with the GDPR, such as:
    • [Specify the safeguards you use, e.g., using Standard Contractual Clauses approved by the European Commission, relying on the recipient’s Binding Corporate Rules, or ensuring the recipient is certified under the EU-US Data Privacy Framework].
    • You can request a copy of these safeguards by contacting us at [Insert Privacy-Specific Email Address Here].
  • Option 2 (If you DO NOT transfer data outside the EEA): Your personal data is processed within the European Economic Area (EEA) and is not transferred to countries outside the EEA.

8. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Analytics Data: We retain analytics data for [Specify retention period, e.g., 2 years].
  • Marketing Data: We retain marketing data until you unsubscribe from our marketing communications.
  • Other Data: We retain other data for [Specify retention period, e.g., 5 years] or as long as necessary to provide you with our services and comply with our legal obligations.

9. Cookies and Similar Technologies

We use cookies and similar technologies to collect information about your browsing activity on our website.

  • What are Cookies? Cookies are small text files that are stored on your device when you visit a website.
  • Types of Cookies We Use:
    • Essential Cookies: These cookies are necessary for the website to function properly.
    • Analytics Cookies: These cookies help us understand how you use our website so we can improve it. (e.g., Google Analytics)
    • Marketing Cookies: These cookies are used to track your browsing activity so we can show you relevant ads.
  • Your Cookie Choices: You can control cookies through your browser settings. You can block or delete cookies, or set your browser to alert you when cookies are being sent. However, please note that blocking or deleting cookies may affect the functionality of our website.
  • Cookie Consent: [Explain how you obtain cookie consent, e.g., through a cookie banner on your website].

10. Your Rights Under the GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request access to your personal data that we hold.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data under certain circumstances.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
  • Right to Object: You have the right to object to the processing of your personal data under certain circumstances, including for direct marketing purposes.
  • Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that we have violated your rights under the GDPR. In the UK, this is the Information Commissioner’s Office (ICO).

11. How to Exercise Your Rights

To exercise your rights under the GDPR, please contact us at [Insert Privacy-Specific Email Address Here]. We will respond to your request within one month, unless we need to extend the response time due to the complexity of the request.

12. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • [List specific security measures, e.g., encryption, firewalls, access controls, regular security audits, employee training, etc.]

13. Children’s Privacy

Our website and services are not directed to children under the age of [Specify Age, e.g., 16]. We do not knowingly collect personal data from children under this age. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at [Insert Privacy-Specific Email Address Here].

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post any changes on our website and update the “Effective Date” at the top of this policy. We encourage you to review this Privacy Policy periodically.

15. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

  • Email: [Insert Privacy-Specific Email Address Here]
  • Address: [Insert Full Business Address in NYC, NY Here]

Important Considerations and Next Steps:

  • Legal Review: This is a template. It is absolutely crucial that you have this privacy policy reviewed and adapted by a qualified legal professional specializing in GDPR and data privacy law. They can ensure it accurately reflects your specific business practices and complies with all applicable regulations.
  • Website Integration: Make sure this privacy policy is easily accessible on your website (e.g., in the footer of every page).
  • Cookie Consent Mechanism: Implement a clear and compliant cookie consent mechanism on your website. This should allow users to give explicit consent to the use of cookies.
  • Data Mapping: Conduct a thorough data mapping exercise to identify all personal data you collect, where it is stored, and how it is processed.
  • Training: Train your employees on GDPR compliance and data privacy best practices.
  • Regular Updates: Review and update your privacy policy regularly to ensure it remains accurate and compliant.
  • Record Keeping: Maintain records of your data processing activities and compliance efforts.
  • Breach Response Plan: Develop a plan for responding to data breaches, including notification procedures.
  • “Referred by Kenneth Business Consultant”: While you can mention the referral, it’s generally not necessary to include that information in the privacy policy itself, unless Kenneth Business Consultant is directly involved in the data processing. If they are, clearly outline their role and responsibilities.

By taking these steps, you can help ensure that your business complies with the GDPR and protects the privacy of your users. Good luck!