Privacy Statement (CA)

This privacy statement was last changed on March 27, 2020, last checked on March 27, 2020, and applies to citizens of Canada.

In this privacy statement, we explain what we do with the data we obtain about you via https://asweetlife.org. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Sharing with other parties

We only share or disclose this data to other recipients for the following purposes:

Amazon Web Services, Inc.

Purpose of the data transfer: Personalisation, Ad selection, delivery, reporting
Country or state in which this third party is located: United States

Facebook, Inc.

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: United States

Google, Inc.

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: United States

Gourmet Ads Pty. Ltd.

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: Australia

Healthy Ads

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: Australia

Rackspace, Inc.

Purpose of the data transfer: Information storage and access
Country or state in which this third party is located: United States

Pinterest, Inc.

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: United States

Tap Native LLC

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: United States

The Rocket Science Group, LLC

Purpose of the data transfer: Personalisation, Ad selection, delivery, reporting
Country or state in which this third party is located: United States

Twitter, Inc.

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: United States

PulsePoint, Inc.

Purpose of the data transfer: Ad selection, delivery, reporting
Country or state in which this third party is located: United States

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

2. How we respond to Do Not Track signals

Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.

3. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Statement on our Cookie Policy (CA) webpage. 

We have concluded a data processing agreement with Google.

The inclusion of full IP addresses is blocked by us.

4. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

  • Username and Password
  • DNSSEC
  • TLS / SSL
  • DKIM, SPF en DMARC
  • Physical security measures of systems which contain personal data.
  • Security software
  • HTTP Strict Transport Security
  • X-Content-Type-Options
  • X-XSS-Protection
  • X-Frame-Options
  • Expect-CT
  • No Referrer When Downgrade header
  • Content Security Policy
  • STARTTLS and DANE

5. Third party websites

This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

6. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

7. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below.

7.1 You have the following rights with respect to your personal data

  1. You may submit a request for access to the data we process about you.
  2. You may request an overview, in a commonly used format, of the data we process about you.
  3. You may request correction or deletion of the data if it is incorrect or not or no longer relevant. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question.
  4. You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. You will be informed of the implications of such withdrawal.
  5. You have the right to address a challenge concerning non-compliance with PIPEDA to our organization and, if the issue is not resolved, to the Office of the Privacy Commissioner of Canada.
  6. We shall give access to personal information in an alternative format to an individual with a sensory disability who has a right of access to personal information under PIPEDA and who requests that it be transmitted in the alternative format if (a) a version of the information already exists in that format; or (b) its conversion into that format is reasonable and necessary in order for the individual to be able to exercise rights.

8. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

9. Contact details

Diabetes Media Foundation Inc.
PO Box 370
12496 – NY, United States
United States
Website: https://asweetlife.org
Email: privacy@asweetlife.org

We have appointed a contact person for the organization’s policies and practices and to whom complaints or inquiries can be forwarded:
Michael Aviad
Diabetes Media Foundation Inc.
PO Box 370
12496 – NY, United States

Annex

Relevanssi Premium

What personal data we collect and why we collect it

IP address for searches

All searches performed using the internal site search are logged in the database, including the following information: the search query, the number of hits found, user ID for users who are logged in, date and time and the IP address. The IP address is stored for security and auditing purposes.

How long we retain your data

The search logs are stored indefinitely.

iThemes Security

What personal data we collect and why we collect it

Cookies

Visiting the login page sets a temporary cookie that aids compatibility with some alternate login methods. This cookie contains no personal data and expires after 1 hour.

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 180 days.

Who we share your data with

This site is scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

When running Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site’s URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.

In order to ensure file integrity, iThemes Security pulls data from wordpress.org, ithemes.com, and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site’s locale, a list of installed plugins, and a list of each plugin’s version. Requests to ithemes.com and amazonaws.com include the installed iThemes products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For ithemes.com privacy policy details, please see the iThemes Privacy Policy. Requests to amazonaws.com are to content added and managed by iThemes which is covered by the Amazon Web Services Data Privacy policy.

How long we retain your data

Security logs are retained for 180 days.

Where we send your data

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.

Really Simple SSL

Really Simple SSL and Really Simple SSL add-ons do not process any personal identifiable information, so the GDPR does not apply to these plugins or usage of these plugins on your website. You can find our privacy policy here.

Ultimate Member

What personal data we collect and why we collect it

Forms

Ultimate Member provides you with forms for user registration, login and profiles.

Via these forms you are collecting personal data from your users.

You should include in your privacy policy what personal data is captured when someone submits/fills in one of the forms, why you collect it and what you do with this data and how long you keep it.

How long we retain your data

Registered user information is retained in your website’s database indefinitely.

Data can be exported or removed upon users request via the existing WordPress data exporter or eraser.

If syncing data to a 3rd party service (e.g Mailchimp via our MailChimp extension), data is retained there until unsubscribed or deleted.

Where we send your data

Ultimate Member does not send any user data outside of your site by default.

If you have extended the functionality of the plugin (e.g sending registered user data to MailChimp via our MailChimp extension, this user info may be passed to these external services. These services may be located abroad and outwith the EU.

Copyright © 2009-2020 Diabetes Media Foundation, All Rights Reserved.
ASweetLife™ is a trademark of the Diabetes Media Foundation, All Rights Reserved.
DMCA Compliant