This page was last updated on the 14th of October 2019.
The privacy of your data — and it is your data, not mine! — is a big deal to me. I’ll only ever access your account to help you with a problem or squash a software bug. I’ll never open any uploaded files unless you ask me to. I log all access to all accounts by IP address, so I can always verify that no unauthorized access has happened for as long as the logs are kept.
When you sign up for PodHeart, I ask for your name and email address. That's just so you can personalize your new account, and I can send you invoices, updates, or other essential information. I’ll never sell your personal info to third parties, and I won’t use your name or company in marketing statements without your permission, either.
When you pay for PodHeart, I ask for your credit card and billing address. That's so I can charge you for service, calculate taxes due, and send you invoices. Your credit card is passed directly to the payment processor and doesn't ever go through my servers. I store a record of the payment transaction, including the last 4 digits of the credit card number, for account history, invoicing, and billing support. I store your billing address to calculate any sales tax due, to detect fraudulent credit card transactions, and to print on your invoices.
When you write PodHeart with a question or to ask for help, I'll keep that correspondence, and the email address, for future reference. When you browse my marketing pages, I'll track that for statistical purposes (like conversion rates and to test new designs). I also store any information you volunteer, like surveys, for as long as it makes sense.
The only times I’ll ever share your info:
You may have heard about the General Data Protection Regulation (“GDPR”) in Europe. GDPR gives people under its protection certain rights with respect to their personal information collected by me on the Site. Accordingly, PodHeart recognizes and will comply with GDPR and those rights, except as limited by applicable law. The rights under GDPR include:
Many of these rights can be exercised by signing in and directly updating your account information. If you have questions about exercising these rights or need assistance, please contact me at email@example.com.
As part of the services I provide, and only to the extent necessary, I may use certain third party processors to process some or all of your personal information. For identification of these processors, and where they are located, please see the Subprocessor listing. I have signed appropriate data processing contracts that comply with GDPR with each processor.
PodHeart won’t hand your data over to law enforcement unless a court order says I have to. I flat-out reject requests from local and federal law enforcement when they seek data without a court order. And unless I'm legally prevented from it, I’ll always inform you when such requests are made.
All data is encrypted via SSL/TLS when transmitted from my servers to your browser. The database backups are also encrypted. Data isn’t encrypted while it's live in the database (since it needs to be ready to send to you when you need it), but I go to great lengths to secure your data at rest.
When you cancel your account, I'll ensure that nothing is stored on my servers past 30 days. Anything you delete on your account while it's active will also be purged within 30 days.
This Site is operated in the European Union. If you are located outside of the European Union, please be aware that any information you provide to me will be transferred to the European Union. By using the Site, participating in any of my services and/or providing me with your information, you consent to this transfer.
PodHeart may update this policy — I’ll notify you about significant changes by emailing the account owner or by placing a prominent notice on the site. You can access, change or delete your personal information at any time by contacting firstname.lastname@example.org.