If you are a Client of The Obsessive Mind, a Marriage & Family Therapy Corporation, there are additional rights to privacy to which you are entitled. You can read more about these in the informed consent form that is reviewed and signed at the beginning of treatment. If you have misplaced your copy of this, please feel free to email and ask for another copy.
Your Rights and Legal Information
The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. This law secures privacy rights for California consumers, including:
- The right to know about the personal information a business collects about them and how it is used and shared.
- The right to delete personal information collected from them (with some exceptions).
- The right to opt-out of the sale of their personal information (Please note: we do no sell personal information to anyone).
- The right to non-discrimination for exercising their CCPA rights. This means that you will not receive discriminatory treatment for exercising your rights under the CCPA.
- The right to be informed about their CCPA rights. This means that businesses must “disclose the consumer’s right to request deletion.”
- The right to request that a business disclose what personal information they have collected on them in the past twelve months.
- The right to lodge a complaint with a supervisory authority (click here to be redirected).
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR’s primary aim is to enhance individuals’ control and rights over their personal data and to simplify the regulatory environment for international business. Under GDPR, individuals have certain rights, including:
- The right to be informed about the collection and use of their personal data.
- The right of access or right to receive a copy of their personal data, and other supplementary information.
- The right to rectification of inaccurate personal data or to completion of incomplete data.
- The right to erasure of one’s personal data.
- The right to restrict processing of or suppress their personal data.
- The right to data portability, i.e. the right to obtain and reuse one’s personal data for their own purposes across different services.
- The right to object to the processing of their personal data in certain circumstances. Individuals have a right to stop their data being used for direct marketing. In some cases, sites may be able to continue processing data after an objection is made if they can show that they have a compelling reason for doing so.
- Rights in relation to automated decision making (making a decision solely by automated means without any human involvement); and profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process. This website does not use either automated individual decision-making or profiling.
The Site is not directed at children under the age of 13. We comply with the Children’s Online Privacy Protection Act (“COPPA”) and do not knowingly permit registration or submission of personally identifiable information by anyone under 13 years of age. This age requirement is posted each time We request personally identifiable information. If You believe information of a child under 13 has been submitted, please advise Us in writing and We will delete it.
What Data and Categories of Data We Collect and How We Collect It
The Data that may be collected by this Site are various types of Personal and Non-personal Identification Information. Personal Identification Information includes any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number. We collect personal information from two main categories: Identifiers and Internet Activity. Identifiers include name, email address and IP address. Internet Activity includes information regarding a consumer’s interaction with the site. Non-Personal Identification Information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
We collect personal data from site visitors who provide data directly to us, including names and email addresses. For example, you provide information when you:
- Submit forms on the Site
- Ask to join our mailing list
- Leave a comment
We also collect personal technical data, such as information about cookies. Such personal data can also be generated from technical processes such as contact forms, comments, cookies, analytics, and third party embeds. We may gather personal data about your visit to the site. For example, we may collect:
- The network you use to access the Internet, like domain information.
- The device that you are using, including the IP address, browser, and operating system.
- Which pages you visit while on our site.
What Do We Use Your Data For?
- To improve our site. We always aim to improve our website offerings based on the information and feedback we receive from you.
- To provide the services you request. If you submit your email through the form on our site so that you can be kept updated on the ongoings of The Obsessive Mind, a Marriage & Family Therapy Corporation you may receive content, surveys or other site features from us. Please note: if you provide us with your email address via our contact form, we will not send out email updates unless you ask for them independently).If at any time you would like to unsubscribe from receiving future emails, we include unsubscribe instructions at the bottom of each email, or the you may contact us via our Site.
- To personalize user experience. We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site. For such purposes Data are collected for traffic optimization and distribution, analytics, and interaction with external social networks and platforms
- To provide authorities or relevant individuals with information related to the site as required by law.
- To protect our Services, our users, and the public. For example, by detecting security incidents; detecting and protecting against malicious, deceptive, fraudulent, or illegal activity; fighting spam; complying with our legal obligations; and protecting the rights and property of our site and others.
- For your convenience. For example, if you leave a comment on our site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
- To fulfill any other purpose for which you provide information.
The collection and transfer of data occurs on one of the following bases, depending on the type of transfer and the surrounding factual situation:
- You explicitly consent to the collection and transfer.
- The transfer is necessary for performance of a contract between you and The Obsessive Mind, a Marriage & Family Therapy Corporation. This will apply when, for example, you are signing up for our mailing list.
- The transfer is necessary for the establishment, exercise, or defense of legal claims. This would apply if there developed a dispute between you and The Obsessive Mind, a Marriage & Family Therapy Corporation.
- The transfer is required to produce personal data to legal authorities upon presentation of a subpoena, court order, search warrant, or other legal process. We will evaluate the legal process and resist such legal demands on your behalf unless it is clearly valid based on the legal opinion of our attorneys.
The use of Data for additional purposes by the Owner, may in some cases, and for legal purposes, require specific consent by the User or the Data Subject.
What Third Parties Process Which Data on Our Behalf?
Function: helps keep spam under control by filtering out spam comments–hundreds of millions, every day!
Data processing information: Akismet collects information about visitors who comment on Sites that use Akismet anti-spam service. The information includes the commenter’s IP address, user agent, referrer, and Site URL, along with other information directly provided by the commenter such as their name, username, email address…oh, and the comment itself, of course.
Function: collects email addresses that users volunteer and is used to send out updates about The Obsessive Mind, a Marriage & Family Therapy Corporation
Data processing information: Creativ.eMail shall Process the Personal Data on behalf of the Developer for the Purpose, which will include the following processing activities: storage, retrieval, use, disclosure, erasure, destruction and access of the Personal Data. The duration of the Processing shall be for the term of the API Terms and Conditions. The category of Data Subject is the Users and the Personal Data Processed by Creativ.eMail includes and shall be limited to the following categories of data: (i) identification and contact information (such as name, email address, address, title and contact details) of Users’ customers and other contacts; (ii) information gathered in connection with enabling the Developer to provide Offerings to Users relating to Users’ contacts, including (a) analytics and information about marketing emails sent by Creativ.eMail on behalf of User (including open rates and similar usage data) and (b) device, browser and information related to Users’ contacts identified through use of the Offerings. The Personal Data Processed by Creativ.eMail may contain special categories of Personal Data.
Function: helps site owners create quizzes, surveys, and polls that fit their brand and vision.
Data processing information: When a visitor completes a poll, quiz, or other type of survey prepared by a User via Crowdsignal.com, Crowdsignal collects the visitor’s responses to those surveys, and other information that the survey owner requires for a poll/quiz/survey response, like an e-mail address. Crowdsignal collects information about visitors who respond to a Crowdsignal survey. The information that they collect includes IP address, browser type, operating system, user agent, and the web page last visited.
Data processing information: Google Analytics collects a lot of data about how people use a website, including:
- Time of visit, pages visited, and time spent on each page of the webpages
- Referring site details (such as the URI a user came through to arrive at this site)
- Type of web browser
- Type of operating system (OS)
- Network location and IP address.
- Document downloads
- Clicks on links leading to external websites
- Errors when users fill out forms
- Clicks on videos
- Scroll depth
- Interactions with site-specific widgets.
Function: security, performance and marketing tools.
Data processing information: Jetpack collects visitor activities related to the management of the Site, such as login attempts/actions and comment submission and management actions. For more information, please see the Jetpack Privacy Center. Jetpack collects information about a visitor’s interactions with a Site, including the “likes” and “ratings” left by visitors to the site. Jetpack may determine the approximate location of a visitor’s device from the IP address. Jetpack collects and uses this information to, for example, tally how many people visit their Sites from certain geographic regions. If you’d like, you can read more about our Site Stats feature for WordPress.com sites and Jetpack sites.
We use a number of plugins by Automattic. While the individual plugins and the data they collect are described above, you can read their overarchingPrivacy Notice here: https://automattic.com/privacy-notice/
Data Removal, Completion or Updating
You have the right to access your information, to update your information and to provide additional information to complete a previous incomplete submission. You also have the right to request complete deletion of your data. If we receive a valid, verified request from a consumer, we will ensure that you are granted access to your data or that your data will be removed, completed or udpated.
If you would like to access, remove, complete or update your data, please send us your full name and email address in an email to firstname.lastname@example.org with the subject DATA ACCESS, DATA REMOVAL, DATA COMPLETION or DATA UPDATING, as applicable. We will use the collected information to verify your request and to allow you to access, remove, complete or update your data. You can also send a physical letter with the information to 34145 Pacific Coast Highway, #210, Dana Point, CA 92629 in order to access, remove, complete or update your data.
We do have the right to deny a request if consumers fail to satisfactorily identify themselves or verify their right to access information on behalf of someone. We will keep these denials on file with a detailed description of the reason for the denial. Some exceptions that would permit us to retain the records after your request include:
- Transactional reasons
- Security reasons
- Identifying and fixing errors
- Free Speech considerations
- CalECPA Compliance
- Research for Public Interest reasons
- Expected Internal Use
- Legal Compliance
- Other Internal Uses
If no exception exists, we will permanently and completely erase the personal information on our existing systems with the exception of archived or back-up systems and we will direct service providers to delete their records of your personal information as well.
As a California resident, you also have the right to designate an agent to exercise these rights on your behalf. We may require proof that you have designated the authorized agent to act on your behalf and to verify your identity directly with us. Please contact us at email@example.com for more information if you wish to submit a request through an authorized agent.
How We Protect Your Information
We use appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information and data stored on our site. In the unfortunate event of a data security breach, we will notify users whose personal information may have been breached.
Sharing Your Personal Information
We do not sell or rent personal data to anyone. That said, we may share your basic demographic information (such as your name, IP address, and physical or email address, etc.) with others, such as our contractors, trusted partners and affiliates as necessary to operate our business, and as permitted by law. As detailed above, we do disclose personal information to third parties through the use of plugins. If we share data to perform statistical analysis, send email or postal mail, provide customer support, or arrange for deliveries, such third parties are required to maintain the confidentiality of your information. We do not share personal information with third parties for their direct marketing purposes.
What About Aggregated Data?
We may aggregate (combine) data about visitors to the site in a non-identifiable manner and use it for Our business purposes in a way that is unrelated to your use of the Site.
- E.g., we might aggregate data for product development and improvement activities and disclose such aggregated data to third parties.
- No personally identifiable information is available or used in this process.
What About Governmental and Legal Disclosures?
Except as described above, we do not disclose the identities of visitors or users of the Site unless we are required to do so by or, or unless we believe, in good faith, that sharing is necessary:
- to protect your safety or the safety of others,
- to protect our rights,
- to investigate fraud, or
- to respond to a government request.
We will respond to any subpoena received from a government agency (i.e., the Securities and Exchange Commission or law enforcement agencies) without prior notice to you. Unless prohibited by law or by a valid court order, we will attempt to notify you of any subpoena received from any other party (i.e., for civil litigation) which requires us to disclose your identity. We will wait ten (10) days, or a lesser amount of time as required by the deadline in the subpoena, before providing the information requested by the subpoena.
What About Do Not Track?
Third Party Websites
There is content on our site that links to other sites and services. We do not control the content or links on these sites and are not responsible for practices employed by websites linked to or from our site. These sites or services, including their content and links, may constantly change. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our site, is subject to those websites’ own terms and policies.
Interaction with External Social Networks and Platforms
Our site includes links to Facebook, Twitter and Instagram. You can interact with social networks or other external platforms directly from our site’s pages. The interaction and information obtained by this site are always subject to the user’s privacy settings for each social network. If a service enabling interaction with social networks is installed it may still collect traffic data for the pages where the service is installed, even when users do not use it.
Depending on your privacy settings, my website may access your social media to post to your profile or share. All of that functionality, however, happens on the external social network or platform side so no personal data is collected on behalf of www.theobsessivemind.com.
How Your Data is Processed
The Data Controller processes the data of users in a lawful and proper manner and takes appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the data. Processing is carried out using computers and devices, with organizational methods and logics strictly related to the stated purposes.
In addition to the owner, in some cases, access to the Data may be available to external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies).
Where Your Data is Processed
The Data are processed at the headquarters of the Data Controller in Dana Point, California, United States of America, unless stated otherwise in the rest of this document.
If you are visiting our websites from outside the United States, please be aware that we are located in the United States and that you may be sending information (including personal data) to the United States. That information may be transferred within the United States or back out of the United States to other countries. It is difficult to determine the precise locations to which the contents that may contain Personal Information are transferred. We have data processing agreements in place with our service providers consistent with applicable privacy and data security laws.
How Long We Retain Your Data
The Data are kept for the time necessary to perform the service requested by the user, and the user can always ask for their suspension or removal (contact information below).
Your Acceptance of These Terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Address: 34145 Pacific Coast Highway, #210, Dana Point, CA 9262