Who we are
Our website address is: https://beinginbesthealth.com
What personal data we collect and why we collect it
The personal data that may get collected from site users and site visitors include personal data, such as name, email address, personal account preferences; transactional data, such as purchase information; and technical data, such as information about cookies.
Personal data is not just created by a user’s interactions with the site. Personal data is also generated from technical processes such as contact forms, comments, cookies, analytics, and third party embeds.
By default WordPress does not collect any personal data about visitors; it only collects the data shown on the User Profile screen from registered users. However, some of the WordPress plugins may collect personal data.
Comments
When visitors leave comments on the site WordPress collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help with spam detection.
An anonymized string created from visitor’s email address (also called a hash) may be provided to the Gravatar service to see if visitors are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of visitor’s comment, visitor’s profile picture is visible to the public in the context of visitor’s comment.
Media
Some information may be disclosed by users who can upload media files. All uploaded files are usually publicly accessible. If a visitor uploads images to the website, a visitor should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
By default, WordPress does not include a contact form. If a visitor uses a contact form plugin, the personal data is captured when a visitor submits a contact form. The captured personal data can be kept for a certain period of time for customer service purposes but not for marketing purposes.
Cookies
If a visitor leaves a comment on the site, a visitor may opt-in to saving name, email address and website in cookies. These are for a visitor’s convenience so that a visitor does not have to fill in the same details again when leaving another comment. These cookies will last for one year.
If a visitor goes to a login page, a temporary cookie will be set to determine if a visitor’s browser accepts cookies. This cookie contains no personal data and is discarded when a visitor closes the browser.
When a visitor logs in, several cookies will be set up to save a visitor login information and a visitor screen display choices. Login cookies last for two days, and screen options cookies last for a year. If a visitor selects “Remember Me”, a visitor login will persist for two weeks. If a visitor logs out of the account, the login cookies will be removed.
If a visitor edits or publishes an article, an additional cookie will be saved in a visitor’s browser. This cookie includes no personal data and simply indicates the post ID of the article a visitor just edited. It expires after 1 day. Additional cookies can be used by plugins, social media, and analytics.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These other websites may collect data about a visitor, use cookies, embed additional third-party tracking, and monitor a visitor’s interaction with that embedded content, including tracking a visitor’s interaction with the embedded content if a visitor has an account and is logged in to that website.
Analytics
The Jetpack analytics package is used on this website. To find out how users can opt out of analytics tracking, they can visit JetPack website: https://jetpack.com/support/privacy/
By default WordPress does not collect any analytics data. However, many web hosting accounts collect some anonymous analytics data. Some websites may also have installed a WordPress plugin that provides analytics services.
Who we share your data with
By default WordPress does not share any personal data with anyone. All third party providers including partners, cloud-based services, payment processors, and third party service providers, may collect visitor’s data and should have their own privacy policies.
How long we retain your data
If a visitor leaves a comment, the comment and its metadata are retained indefinitely. That way WordPres can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on the website (if any), WordPress also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. For example, the contact form entries can be stored for six months, analytics records – for a year, and customer purchase records – for ten years.
What rights you have over your data
If a visitor has an account on this site, or has left comments, a visitor can request to receive an exported file of the personal data WordPress holds about a visitor, including any data provided to us. A visitor can also request that WordPress erases any personal data WordPress holds about a visitor. This does not include any data the website owners are obliged to keep for administrative, legal, or security purposes.
Where we send your data
European data protection law requires data about European residents which is transferred outside the European Union to be safeguarded to the same standards as if the data was in Europe. Data is safeguarded to European data protection standards by the web hosting, cloud storage, or other third party services. Visitor comments may be checked through an automated spam detection service.
Your contact information
A visitor can provide a contact method for privacy-specific concerns. If a visitor is required to have a Data Protection Officer, a visitor should have their name and full contact details.
Additional information
The sites used for commercial purposes and more complex collection or processing of personal data should add the following information in the privacy policy in addition to the information that has already been discussed above.
How we protect your data
There are several measures that can protect users’ data. This could include technical measures such as encryption; security measures such as two-factor authentication; and measures such as staff training in data protection and a Privacy Impact Assessment.
What data breach procedures we have in place
The following measures can be used to deal with data breaches, either potential or real: internal reporting systems, contact mechanisms, or bug bounties.
What third parties we receive data from
If the web site receives data about users from third parties, including advertisers, this information must be included within the section of the privacy policy dealing with third party data.
What automated decision making and/or profiling we do with user data
If the web site provides a service which includes automated decision making – for example, allowing customers to apply for credit, or aggregating their data into an advertising profile – it should be disclosed to the visitors and include information about how that information is used, what decisions are made with that aggregated data, and what rights users have over decisions made without human intervention.
Industry regulatory disclosure requirements
The members of a regulated industry or the subjects to additional privacy laws have to disclose that information as well.