GDPR - Data Protection | Constellation Marketing Solutions
We are committed to our users’ rights to privacy. We promise to share transparently all aspects of how the Constellation Marketing Solutions product and websites work regarding privacy, terms, and personal data, and we fully support efforts to ensure your protection online and offline.
The following is a collection of information and resources to help answer any questions you have about your experience with Constellation Marketing Solutions. We’re grateful for your interest and proud to have you in our community!
The EU’s General Data Protection Regulations (GDPR) take effect May 25, and we fully support the spirit of these regulations for a safe and secure Internet. We aspire to embrace privacy by design and, whenever possible, not collect and store personally identifiable information.
Our Privacy Policy references the few instances where personally identifiable information is required. Typically, this will include an email address for your holiday booking or sales request to Constellation Marketing Solutions. Overall, we aim for privacy by default: if data collection is not integral to how our product works, then we won’t collect it. This approach has felt very much in line with the spirit of GDPR, and we’re fortunate that many of these data-collection practices have been in place at Constellation Marketing Solutions for some time. As such, you may see a few banners or forms requesting consent for us to collect personally identifiable information for tracking or other purposes.
At any time, you may request that your information be exported and sent to you for review, and we promptly honour any requests you make to delete and forget your information.
Status: Complete
We are auditing all areas of Constellation Marketing Solutions to determine what personal data we collect and for what purpose. In a case where collecting personal data is not essential, we are removing that collection process.
Status: Complete
We’re working with a legal consultant to ensure that our policy contains the proper language, is easy to understand, and clearly communicates any instances of personal data collection.
Status: Complete
We have added cookie notices to all marketing pages and blogs to comply with the E-Privacy Directive. Our cookies do collect personally identifiable information; however, with our new cookie tool, you can turn off analytical cookies or simply accept the recommended settings.
MODIFICATION
Status: Complete
If a user asks to change their information, we can do so within our admin portal. If a user has a modification to make, they can reach out to us at chris@constellationmarketingsolutions.com
DATA PROTECTION AGREEMENT
Status: Complete
We have created a legal agreement that users and external parties can receive from us, promising the protection of all personally identifiable information we collect and store.
SUB-PROCESSORS
Under Section 7 of our Data Protection Agreement (DPA), we commit to displaying a list of all current subprocessors in use by Constellation Marketing Solutions. A subprocessor includes any third party with whom we share personally identifiable information.
Here is that list:
Squarespace: Please see Squarespace Data Processing Addendum - https://www.wix.com/about/privacy-dpa-users
Third-Party Data Collection Policies
Google
Data Collected:
-
Analytics Data: Website usage, user behaviour, IP addresses, and cookies.
-
Advertising Data: User interactions with ads, user preferences, and demographic information.
-
User Information: Location, device information, and search history.
Privacy Policy: Google Privacy Policy
Ahrefs
Data Collected:
-
Website Analytics: Backlink profiles, search traffic, and keyword rankings.
-
User Interaction Data: Usage patterns, user feedback, and performance metrics.
Privacy Policy: Ahrefs Privacy Policy
Hotjar
Data Collected:
-
User Interaction Data: Heatmaps, session recordings, clicks, and mouse movements.
-
Feedback Data: Survey responses, form submissions, and user comments.
-
Technical Information: IP addresses (anonymized), device information, and browser type.
Privacy Policy: Hotjar Privacy Policy
Meta (Facebook)
Data Collected:
-
User Activity: Interactions with ads, pages, and content.
-
Personal Information: Profile information, friends list, and contact information.
-
Behavioral Data: Interests, preferences, and demographic data.
Privacy Policy: Meta Privacy Policy
X.com (Twitter)
Data Collected:
-
User Engagement: Tweets, retweets, likes, and follows.
-
Personal Information: Profile data, contact information, and location data.
-
Analytics Data: Device information, log data, and interaction with Twitter content.
Privacy Policy: Twitter Privacy Policy
Data Collected:
-
User Interactions: Pins, boards, comments, and likes.
-
Personal Information: Profile details, preferences, and social connections.
-
Analytics Data: Device information, IP addresses, and browsing behaviour.
Privacy Policy: Pinterest Privacy Policy
Action Items
-
Update Privacy Policy: Ensure that the company's privacy policy includes details about these third-party services and the data types they collect.
-
User Consent: Obtain explicit consent from users for data collection by third-party services.
-
Transparency: Provide clear and accessible information about how and why user data is collected, used, and shared.