Privacy Policy for MBP-RNC Google Site
This privacy notice was last reviewed or revised on October 29th, 2024.
Introduction
I, Matthew Brian Plutschack ("I", "me", or "my"), am committed to safeguarding your personal information and ensuring your right to privacy. This privacy policy outlines the categories of data I collect, when I collect it (e.g., through this site, its subsites, or embedded documents contained in these sites, collectively referred to as "my sites"), and the purposes for which I use this data. Data collection also occurs through my external business activities, such as service offerings, events, surveys, and communications when interacting with you for consulting purposes. By accessing my sites, you agree to the terms outlined in this privacy policy. Depending on your or your employer's relationship with me, additional or different privacy notices may apply. In some cases, I may receive your personal data from your employer, and my use of such data will be governed by my agreement with your employer.
You are not obligated to share your personal data with me. However, choosing not to do so may limit my ability to provide the full range of services or an optimal user experience, including access to my solutions, website services, or newsletters.
Please refer to my Terms and Conditions for more information on other applicable policies regarding the use of my sites.
Data Controller
When I collect and process your personal data in accordance with this Privacy Policy, I do so as authorized under applicable data privacy laws, whether as a data controller or joint controller (as applicable), meaning that I determine and am responsible for how your personal data is collected, used, protected, disclosed, and disposed of.
Depending on your jurisdiction, I may be the sole data controller or share responsibilities with a relevant entity.
How Do I Collect Your Personal Data?
I collect personal data in the course of my business activities directly from you and from third parties:
When you interact with my sites, including when you manage your cookie preferences as described in my Cookie Policy.
When you use any mobile apps or digital services offered by me.
When you create or log into a user profile on my sites.
When you register to receive my newsletters and alerts and when you interact with those newsletters and alerts.
When you sign up for and participate in conferences, webinars, and other events organized by me.
When you participate in public content posting areas, such as bulletin boards, discussion forums, or my social media pages.
When you take part in a survey, panel discussion, or individual consultation conducted by me.
When you interact with me or my employees through my sites, via email, or by telephone to ask questions, request information, or otherwise seek a response.
I may also receive personal data about you from third parties, including service providers and data vendors, in the course of my business activities. When I collect personal information from third parties, it typically consists of publicly available personal information compiled from business websites, public-facing social media platforms, and other widely used public sources. I endeavor to confirm that the third party has lawfully collected the data from appropriate sources and is authorized to share the data with me for its intended use.
Sensitive Personal Data: I may collect sensitive personal data directly from you, for example, when you respond to a survey or participate in a panel discussion and provide demographic or other personal information, or when you provide data that helps me accommodate your specific request at a conference or event. I use sensitive personal data only with your consent unless another legal basis exists. When I collect and use sensitive personal data for applications, research, data analysis, and statistical purposes, it is used to produce drafts, reports, and publications for its authorized intended use.
I may combine personal data that I receive directly from you with personal data that I receive from third parties, provided all such collection and use of personal data is consistent with this Privacy Policy.
How and Why, I Use Your Personal Data
I use your personal data for various purposes, combining data from multiple sources when necessary. Below are the purposes for which I process your personal data, the categories of data used for each purpose, and the legal basis for each processing activity, including who may have access to the data.
Managing My Business Relationship with You
Purpose: To provide information regarding my services and solutions, such as offers, invoices, and updates.
Categories of Personal Data: Name, email, phone number, location, professional or employment-related information like job title or employer.
Legal Basis: Legitimate interest in providing services.
Data Access: Affiliates and third-party service providers, as needed.
Account Management
Purpose: To create and manage user accounts, provide access to newsletters, alerts, and personalized content.
Categories of Personal Data: User ID, password, name, email, affiliation, educational background, nationality.
Legal Basis: Consent when creating a user profile.
Data Access: Affiliates and third-party service providers.
Newsletters and Alerts
Purpose: To provide business, industry-specific information, or updates when you register for newsletters and alerts.
Categories of Personal Data: Name, email address, phone number.
Legal Basis: Legitimate interest in providing requested services.
Data Access: Affiliates and third-party service providers.
Conferences and Events
Purpose: To sign up and process requests for participation in conferences and events, including webcasts.
Categories of Personal Data: Name, email, job information, health-related information for travel and accommodations.
Legal Basis: Legitimate interest and, where applicable, consent for participation in events.
Data Access: Affiliates and third-party service providers.
Public Posts and Surveys
Purpose: To facilitate public content posting, discussion forums, and surveys for business-related purposes.
Categories of Personal Data: Comments, posts, survey responses.
Legal Basis: Consent provided at the time of posting or participating in surveys.
Data Access: Affiliates and third-party service providers.
Benchmarking and Analytics
Purpose: To conduct benchmark analysis, data analytics, and market research.
Categories of Personal Data: Business information, behavioral data, location data.
Legal Basis: Legitimate interest for research purposes.
Data Access: Affiliates and third-party service providers.
Service Provision
Purpose: To provide my services and products, including client communication and benchmarking products.
Categories of Personal Data: Name, email, preferences on site usage.
Legal Basis: Legitimate interest in delivering and promoting services.
Data Access: Affiliates and third-party service providers.
Legal Compliance and Actions
Purpose: To comply with regulations, enforce agreements, and protect against fraud.
Categories of Personal Data: Data as required by specific legal obligations.
Legal Basis: Compliance with applicable laws.
Data Access: Affiliates and third-party service providers.
Application Security and Data Analytics
Purpose: To collect data for analytics, monitor usage, fix errors, and improve application security.
Categories of Personal Data: Aggregated browsing patterns and device data.
Legal Basis: Legitimate interest in ensuring security and performance.
Data Access: Affiliates and third-party service providers.
Analytics Tools: To ensure optimal site performance and security, I leverage analytics tools like Google Analytics. These tools monitor site activity, diagnose errors, and help identify improvement areas. Data collected through these tools is processed with appropriate safeguards and follows applicable data protection regulations.
Aggregation, Anonymization, and Deidentification
Purpose: To anonymize or deidentify your personal data for research and statistical purposes.
Categories of Personal Data: Personal data, aggregated.
Legal Basis: Legitimate interest in providing services while protecting privacy.
Data Access: Affiliates and other business parties as permitted.
Marketing Communications
Purpose: To send newsfeeds or updates about my services and activities based on your preferences.
Categories of Personal Data: Name, email, company information.
Legal Basis: Consent when signing up for communications.
Data Access: Affiliates and third-party service providers.
I use Google Analytics to collect data on user interactions with my sites, such as page views, time spent, and navigation paths. This data helps improve site functionality and content relevance. Data collected may include aggregated behavior patterns without identifying specific users. The legal basis for this processing is my legitimate interest in enhancing user experience and website performance.
Whenever I rely on legitimate interest as the legal basis, I ensure the data processing activity is proportionate and justified. If you withdraw your consent, it may limit my ability to fully deliver services.
I do not use automated decision-making processes that have a legal impact on you or significantly affect your rights. Automated processing is always supervised by human review.
What I Do Not Do When I Collect and Process Your Personal Data
I do not acquire, use, or allow others to use deidentified data with the intent of identifying or reidentifying individuals. When I receive deidentified data or transform personal data into deidentified data, I make the following commitments:
Maintain Deidentified Data: I will ensure that deidentified data remains in deidentified form.
No Reidentification: Except to the extent necessary to confirm that personal data has been deidentified, I will not attempt to reidentify specific individuals within a deidentified dataset or use deidentified data to associate specific individuals with individual characteristics. I also do not permit any entity or individual acting on my behalf to do so.
Restrictions on Sharing: If I provide access to or disclose a deidentified dataset to a non-affiliated recipient, such as a service provider or client, I require that each recipient maintain the data in its deidentified form and not attempt to reidentify individuals or use the data to associate specific individuals with individual characteristics.
Who Has Access to Your Personal Data? Data Recipients and International Data Transfers
Personal data collected in the course of my business activities may be transferred and made available to my service providers, affiliates, and third parties as necessary to fulfill the specific purposes for which the data were collected and to support my interactions with you, as well as to comply with applicable laws. I may provide access to and transfer your data to the following categories of recipients for these purposes:
My Affiliates and Personnel: To affiliates and personnel across my organization as needed.
Service Providers: To service providers assisting in my operations.
Legal and Professional Advisors: To my legal and professional advisors.
Third Parties: In the following circumstances:
If required by law or legal process.
To law enforcement authorities or other government officials as necessary.
When I believe disclosure is necessary to prevent physical harm, financial loss, or to investigate illegal activities.
To protect someone's vital interests.
To enforce my terms and conditions.
To protect my property, services, and legal rights.
To prevent fraud against myself, affiliates, and business partners.
To investigate an actual or suspected security incident.
To support auditing, compliance, and corporate governance functions.
To comply with all applicable laws.
To a successor entity in the event of a reorganization, merger, sale, or other transfer of my business.
To protect personal data that is transferred internationally, I comply with all applicable data transfer laws, including incorporating required data transfer terms into agreements with affiliates, subsidiaries, service providers, and third parties.
Cookies
My sites utilize cookies, including those set by Google Analytics, to gather information on user engagement and behavior. These cookies help understand user interaction, optimize services, and enhance functionality. Users can control cookie settings through their browser or refer to my Cookie Policy for managing preferences.
Data Security
I protect and safeguard your personal data in accordance with applicable law, my privacy and data security policies, and this Privacy Policy. I use generally accepted standards of technical and operational security to protect your personal data against accidental or unlawful loss, misuse, alteration, or destruction, considering the risks associated with the personal data and its processing. I require the same level of protection and safeguarding from my affiliates, service providers, and third parties. Only authorized personnel and service providers are permitted to access personal data, and they are required to treat this information as confidential. Despite these precautions, I cannot guarantee that unauthorized persons will not obtain access to your personal data.
How Long Do I Keep Your Personal Data?
I keep your personal data only as long as necessary to accomplish the business purposes for which it was collected, to meet my legal or contractual obligations, and in compliance with my data-retention policy. I will securely delete your personal data promptly after the purposes described above cease to apply, in accordance with prevailing market practices for such destruction.
If you request that I delete your personal data, I will comply with applicable law and make reasonable attempts to delete all instances of the personal data, subject to my right to keep a copy of such data for the purposes mentioned above. For requests for access, corrections, or deletion, especially where the processing is based on your consent, please refer to the relevant section of this Privacy Policy.
Data Collection from Children
I do not intentionally use my sites and business content to collect or maintain personal data from individuals under the age of 16. To the extent that any of my non-site business activities may involve collecting or maintaining personal data from or about individuals under the age of 16, I would do so only with the required legal consent from the parent, guardian, or individual, and in accordance with applicable law.
What Are Your Data Protection Rights, and How Can You Exercise Them?
Your Data Protection Rights
Subject to applicable law, including exceptions, you have the following rights regarding the personal data that I collect about you:
Right to Request Information: You have the right to request information about the personal data that I hold about you, including information about how I use your personal data, who has access to it, and the terms under which third parties have access to your personal data.
Right to Request a Copy: You have the right to request a copy of the personal data that I hold about you.
Right to Data Portability: You have the right to request portability of your data to permit you to receive a copy of your personal data in a structured, commonly used, and machine-readable format and to transmit that personal data to another controller.
Right to Correction: You have the right to request that I correct or amend your personal data if it is not accurate, complete, or up to date.
Right to Deletion: You have the right to request the deletion of your personal data.
Right to Restriction: You have the right to request that I cease processing or restrict or limit the processing of your personal data.
Right to Withdraw Consent: Where the basis of my processing is your consent, you have the right to withdraw that consent.
Right Against Discrimination: You have the right not to be discriminated against for exercising your individual rights regarding your personal data.
Right to Review: You have the right to request review by me or, if applicable, a designated data protection officer for your jurisdiction, of my response to your request to exercise your individual data protection rights.
Right to Seek Legal Remedies: You have the right to seek additional legal remedies regarding my response to your request to exercise your individual data-protection rights, depending upon your jurisdiction, by lodging a complaint with your data-protection authority or initiating a legal proceeding.
How do you exercise your data protection rights?
For general inquiries you can contact me at Privacy@mbp-rnc.com
If you would like to exercise your data protection rights regarding your personal data, you can do so by:
Completing the data-subject request form.
Emailing your request to me at: DataSubjectRights@mbp-rnc.com
Upon receipt of your request to exercise your data-protection rights, we will acknowledge receipt within the time required by applicable law and provide you with information about the next steps in the process and the timing. To help protect your privacy and security, we may take reasonable steps to verify your identity before acting on certain data protection rights, in accordance with applicable law. If you are using an authorized agent to exercise your data protection rights and that agent does not provide a power of attorney with the initial request, we may request further evidence of the agent’s right to act on your behalf, including valid written authorization or contacting you to verify the request.
Please note that applicable laws include exceptions to assertions of data protection rights that may prevent us from providing access to your personal data or otherwise fully complying with your request. If we believe exceptions apply, we will respond to your request to the extent we are able to do so, and we will provide an explanation of the basis for not complying wholly or partially with your request.
How to unsubscribe from my newsletters and alerts?
If you receive newsletters or alerts from my sites, or if you receive invitations to surveys or events from myself or my associates and if you would prefer not to receive future email communications from me, you may unsubscribe by:
Clicking on the link in an email you have received from me.
If you have an account on my site, edit the communications preferences in your account.
Emailing me at Privacy@mbp-rnc.com with the newsletter of alert that you would like to unsubscribe from.
Amendments to This Privacy Policy
I may revise this privacy policy periodically to reflect changes in my practices or legal requirements. Any modifications will be posted on this page, and I encourage you to review it periodically to remain informed.
Last Updated: 2024-10-29