We believe you should always know what data we collect from you and how we use it, and that you should have meaningful control over both. We want to empower you to make the best decisions about the information that you share with us. That’s the basic purpose of this Privacy Policy so that you can understand that. Also, we know that when you use our services, you’re trusting us with your information. We understand this is a big responsibility and work hard to protect your information and put you in control. This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export, and delete your information. Protecting your personal information is a high priority for us. You can use our site anonymously, however, in order to obtain services from Luis Garcia Institute, the processing of your personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from you. However, to better protect your privacy we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used. To being we will start with the definition. 

Definitions

The data protection declaration of the Luis Garcia Institute is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used. In this data protection declaration, we use, inter alia, the following terms:

a) Personal data 

Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject

Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.

c) Processing

Processing is any operation or set of operations which are performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

f) Pseudonymisation

Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller or controller responsible for the processing

The controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) Processor

The processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

i) Recipient

The recipient is a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

j) Third party

A Third-party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent

Consent of the data subject is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

l) Personally Identifiable Information

"Personally Identifiable Information" refers to any information that identifies or can be used to identify, contact, or locate the person to whom such information pertains, including, but not limited to, name, address, phone number, fax number, email address, financial profiles, social security number, and credit card information. Personally, Identifiable Information does not include information that is collected anonymously (that is, without identification of the individual user) or demographic information not connected to an identified individual.

m) Cookies

The Internet pages of the Luis Garcia Institute use cookies. Cookies are text files that are stored in a computer system via an Internet browser. Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

Through the use of cookies, the Luis Garcia Institute can provide the users of this website with more user-friendly services that would not be possible without the cookie setting. By means of a cookie, the information and offers on our website can be optimized with the user in mind. Cookies allow us, as previously mentioned, to recognize our website users. The purpose of this recognition is to make it easier for users to utilize our website. The website user that uses cookies - e.g. does not have to enter access data each time the website is accessed, because this is taken over by the website, and the cookie is thus stored on the user’s computer system. Another example is the cookie of a shopping cart in an online shop. The online store remembers the articles or data that a customer has placed in the virtual shopping cart via a cookie.

The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.

Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. We may use cookies to collect, store, and track information for statistical purposes to operate the Website and Services. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. To learn more about cookies and how to manage them, visit internetcookies.org

n) Other Terms

These terms of use apply to your use of all of the sites and services owned, hosted, maintained, operated by, or affiliated with Luis Garcia Institute (collectively “Website” “Website and Services” “we,” “us,” or “our”), including luisgarciainstitute.com, and any other site that we have owned or operated, do own and operate or may own or operate in the future including social media sites (collectively, the “Sites”). Unless stated otherwise, all references to the “Sites”, “Site”, “site”, or “sites” in the terms on this page include all such Sites. All references to “websites” herein, is in reference to unaffiliated and third-party websites. These terms of use do not apply to your use of unaffiliated or third party websites to which any of our Sites may link to or direct you to.

This privacy policy (“Policy”) describes how the personally identifiable information (“Personal Information”) you may provide on the luisgarciainstitute.com website (“Website” or “Service”) and any of its related products and services (collectively, “Services”) is collected, protected and used. It also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. This Policy is a legally binding agreement between you (“User”, “you” or “your”) and this Website operator (“Operator”, “we”, “us” or “our” “Website” or “Service”). By accessing and using the Website and Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Agreement. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

We, luisgarciainstitute.com collect your information and can be contacted anytime at the links you see below this page. You can lodge any complaints with us via that same email, or request to be removed from our email lists, phone lists, or advertising targeting, too. We are committed to protecting your privacy and security and have explained in detail (read below) the steps we take to do so.

We control the Sites from offices in the United States territory. We do not represent that materials on the Sites are appropriate or available for use in other locations. Persons who choose to access these Sites from other locations do so on their own initiative, and are responsible for compliance with local laws, if and to the extent that local laws are applicable. When you submit information to us or visit any of our Sites, we use it in an ongoing nature to ensure you receive the information or purchases you’ve made with us, to deliver relevant future content via our email newsletters to track how much you use our Sites or services, and to make future offers through our company or any other company that is involved in delivering your purchases, bonuses, or content.

By giving us your contact information at any time, you are granting us the right to contact you in the future in any manner necessary, at our discretion, for ongoing personal and professional development. You can unsubscribe from our email newsletters at any time by clicking the unsubscribe link found at the bottom of all of our emails. If you want us to no longer contact you or store your information, just contact us at the emails you will find below this page anytime, with your request and we will begin removing you from our services or content, as appropriate, and as soon as we can.

Collection of Personal Information

When visiting our website, the IP address used to access our website may be logged along with the dates and times of access. This information is purely used to analyze trends, administer our website, track user's movement, and gather broad demographic information for internal use such as statistical assessments and website improvement. Most importantly, any recorded IP addresses are not linked to personally identifiable information.

Other information may be collected as well, which is rather typical of most websites. For instance, the source that referred you to our website is generally known. Likewise, your duration on our website and your destination when you leave our website can also be tracked. Other common data collected includes the type of operating system the computer you are using to access our website has. Similarly, the type of web browser is often noted. Again, this is a common data collection and helps ultimately produce a better end-user experience.

Cookies are another common internet practice. Cookies are a key means of improving user experience by allows us to customize your use of our website. Simple information is transferred to your computer to allow the content and experience to reflect your actions, preferences, and so on. You should simply make the assumption our website uses cookies, and note that you are free to make adjustments in your web browser to disable these or otherwise receive notification of cookies so you can take whatever desired action you so choose. Please understand that refusing cookies may cripple some of our website features and render some aspects useless to you.

At times, you will be fully aware of the information received, as you are the direct source providing it. For instance, you may comment on a blog post, reply to an email (whether broadcast message or autoresponder), provide an email address, complete a survey, requests SMS, or otherwise. Likewise, purchases necessarily involve collecting certain information, such as credit card information, PayPal addresses, your physical address for billing and/or shipping, phone number, and so on. Refusing to provide some of this information may lead to us being unable to provide you with the products or services you’ve requested.

A prime example of limited access to our website is where content may be protected by a username and password. Whether a username and password are generated by our website or created by you, these will almost always be connected with some other information related to or connected with you. This is true since much content that is protected on the internet is subscription based, often paid for. Thus, the username and password must necessarily be tied to your other account data. Usernames and passwords, by their very nature, should be kept private.

You can access and use the Website and Services without telling us who you are or revealing any information by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the features on the Website, you may be asked to provide certain Personal Information (for example, your name and e-mail address). We receive and store any information you knowingly provide to us when you create an account, or fill any online forms on the Website. When required, this information may include the following:

• Personal details such as name, country of residence, etc.
• Contact information such as email address, address, etc.
• Account details such as user name, unique user ID, password, etc.
• Geolocation data such as latitude and longitude.
• Any other materials you willingly submit to us such as articles, images, feedback, etc.

Some of the information we collect is directly from you via the Website and Services. However, we may also collect Personal Information about you from other sources such as public databases and our joint marketing partners. You can choose not to provide us with your Personal Information, but then you may not be able to take advantage of some of the features on the Website. Users who are uncertain about what information is mandatory are welcome to contact us with the contact information you will see below this page.

How and Why We Collect Information

We collect your email address when you submit it, and some limited Site information and behavior, in order to record and support your participation in the activities you select or in order to contact you to give you the content you requested or advertise to you later. If you register for a seminar, for example, the information you give us – your phone number, email, and address – is used to reserve your seat, to track your preferences, and to keep you informed about the seminar and related personal development content, offers, and events that you requested until you unsubscribe or ask for your data to be removed. If you visit our Sites, we may use Facebook, Google, or other tracking tools to understand your behavior on our Sites and to deliver advertising to you in the future. As a visitor to our Sites, you can engage in many activities without providing any personal information. In connection with other activities, such as utilizing registering for a seminar, email newsletters, or participating in a sweepstakes, we may ask you to provide certain information about yourself by filling out and submitting an online form in order to serve you. It is completely optional for you to engage in these activities.

If you elect to engage in these activities, however, we may ask that you provide us with personal information, such as your first and last name, mailing address (including ZIP code), e-mail address, telephone number, credit card information (if any), and any other personal information we feel is applicable. If you do not provide the mandatory data with respect to a particular activity, you will not be able to engage in that activity. In all cases, we will collect personal identification information, like your email or phone number, only if you voluntarily and submit such information to us in order for you to engage and receive the content. We will also tell you how we use your information or if we share it with another party. Except as otherwise provided in this policy, we will never sell any personal identification information about you as an individual user to any third party. If you supply us with your contact information you may receive periodic e-mails, mailings, or calls from us with information on new products and services, important issues, or upcoming events. If you wish to be removed from any postal, email, phone, or other lists, please let us know. You can contact us by the contact links you will see below this page. Please provide us with your exact name, email address, mailing address, and phone number for cancellation. We will be sure your name is removed from the appropriate lists immediately.

When you use our Sites, we or our authorized technology services provider may also collect certain technical and routing information from you to facilitate your use of the Sites and its services or to contact you, or advertise in the future. We use this information to administer the Sites and to understand and measure traffic patterns on the Sites. That way we know which areas of our Sites are favorites of our users, which areas need improvement, and what technologies are being used, so that we may continually improve our Sites for mobile and future technical platforms. This information is collected mostly in aggregate form, without identifying you or any user individually. However, in some cases, we use tools like cookies, web beacons, analytics services, and advertising providers to gather data about you or your computer location. We may use this statistical data for statistical analysis, marketing, advertising, or similar promotional purposes.

This data is often tracked by us and our technology services provider by using “cookies” or “pixels” during your visit. As mentioned above cookie is a small amount of data that is transferred to your browser by a web server and can only be read by the server that gave it to you. It functions as your identification card and enables us to record your passwords, purchases, and preferences and to deliver targeted messages or advertising to you in the future. It cannot be executed as code or deliver viruses. Most browsers are initially set to accept cookies. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether or not to accept it. For some web pages that require an authorization, cookies are not optional. Users choosing not to accept cookies will probably not be able to access those pages. We also use Facebook “pixels” on many of our Sites so that we can understand your digital behavior and potentially later target you with related advertising to serve you better by sharing relevant content that will help you. We also use Google Analytics to understand how long you might spend on our Sites or how you interact with our Sites.

If you wish to be removed from any postal, email, phone, or other lists, please let us know. You can contact us by the contact links you will see below this page. Please provide us with your exact name, email address, mailing address, and phone number. We will be sure your name is removed from the appropriate lists immediately. As always, you can unsubscribe from any of our emails at any time via the unsubscribe link at the bottom of the email you received from us. We do not store any information about you on our servers, other than that which you submit into one of our forms, and in any case, we hold your sensitive information with software that keeps it encrypted. Any other information stored happens via cookies or pixels as described above, and as facilitated via third-party tools (like Facebook, Google, or even PayPal). Below are examples of how we may use any information to better communicate with you:

• Provide and administer the services, including to display customized content and facilitate communication with other users;
• Process your requests and orders for courses, products, specific services, information, or features;
• Communicate with you about your account by:

1. Responding to your questions, concerns, inquiries, and offer support.
2. Sending you administrative messages and information, including messages from instructors and teaching assistants, notifications about changes to our Service, and updates to our agreements.
3. Sending you information and in-app messages about your progress in a course, rewards programs, new services, new features, promotions, newsletters, and other available courses (which you can opt-out of at any time).
4. Sending push notifications to your wireless device to provide updates and other relevant messages (which you can manage from the “options” or “settings” page of a mobile app).

• Manage your account preferences.
• Facilitate the Sites’ technical functioning, including troubleshooting and resolving issues, securing the services, and preventing fraud and abuse.
• Solicit feedback from users.
• Market and administer surveys and promotions.
• Learn more about you by linking your data with additional data through third-party data providers or analyzing the data with the help of analytics service providers.
• Identify unique users across devices.
• Tailor advertisements across devices.
• Improve our Sites and develop new products, services, and features.
• Analyze trends and traffic, track purchases, and track usage data.
• Advertise the services on third-party websites and applications.
• Request user feedback
• Improve user experience
• Administer prize draws and competitions
• Enforce terms and conditions and policies
• Protect from abuse and malicious users
• Respond to legal requests and prevent harm
• Run and operate the Website and Services as a whole
• As required or permitted by law; or
• As we, in our sole discretion, otherwise determine to be necessary to ensure the safety or integrity of our users, employees, third parties, the public, or our services.

When you submit information to us, then, we use it in an ongoing nature to ensure you receive the information or purchases you’ve made with us, to deliver relevant future content via our newsletters, and to make future offers through our company or any other company that is involved in delivering your purchases. As an example, if you purchase certain courses from us, you may receive a bonus coaching session that is delivered from Luis Garcia Institute by a separate system or company that runs that particular program/application to deliver that coaching, we share to those third parties system so they can contact you to schedule that coaching call(s) you received as part of your purchase. Another example lets say using a third part emailing system like MailChimp to send you ongoing training emails that is part of your purchase course. At any time, you can contact us not to have your information shared with such service providers, but you may lose access to certain purchase bonuses or items if you do not allow the delivery from the third-party to contact you.

As most of our programs are for ongoing educational purposes in the field of personal and professional development, you should assume we will continue to contact you in perpetuity via email or via social media in order to deliver our services, serve you related content, make recommendations, learn about your preferences, grant you products, deliver programs to you with or from other platforms or companies, advertise to you or lookalike audiences, send you surveys, and other fulfillment or marketing purposes. By using our Sites and submitting any information with us, you agree to these terms without exception and agree to waive liability and not hold us liable for any use of your information, in perpetuity, under any circumstances, including waiving your right to participate or initiate any class action complaints. Again, if you want us to no longer contact you, just contact us with the email links you see below this page anytime with your request, and we will begin removing you from our services or content, as appropriate, and as soon as we can.

Comments

When visitors leave comments on the site (if the comment feature is turned on) we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Embedded content from other websites 

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Google Analytics

Luis Garcia Institute uses Google Analytics to help analyze how users use the site. The tool uses “cookies,” which are text files placed on your computer, to collect standard Internet log information and visitor behavior information in an anonymous form. The information generated by the cookie about your use of the website (including your IP address) is transmitted to Google. This information is then used to evaluate visitors’ use of this website and to compile statistical reports on website activity.

We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any Personally Identifiable Information of visitors to our site. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Google AdSense and the DoubleClick DART Cookie

Google, as a third party advertisement vendor, may use cookies to serve ads on this website. The use of DART cookies by Google enables them to serve adverts to visitors that are based on their visits to this website, including past visits, as well as other websites on the internet. To opt-out of the DART cookies, you may visit the Google ad and content network privacy policy at the following URL http://www.google.com/privacy_ads.html Tracking of users through the DART cookie mechanisms are subject to Google’s own privacy policies. Other Third Party ad servers or ad networks may also use cookies to track users activities on this website to measure advertisement effectiveness and other reasons that will be provided in their own privacy policies, our website has no access or control over these cookies that may be used by third-party advertisers. However, you can opt-out of some, though likely not all, of these cookies in one easy location at http://ww.networkadvertising.org/managing/opt_out.asp

Contact possibility via the website

The website of Luis Garcia Institute contains information that enables a quick electronic contact to our website, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address and name). If a data subject contacts the controller (Luis Garcia Institute) by e-mail or via a contact form or the support desk, the personal data transmitted by the data subject are automatically stored in our server. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties. We do not share nor sell your information data.

Handling of Personal Information

Note that any personal information you provide to others apart from us or our vendors is wholly optional. As an example, you might disclose something in a blog post comment. That “private” information is now “public,” and we have no control over that. In like fashion, you sharing information with any other third party not functioning as a service provider to us puts that information beyond our control and becomes subject to the policy that the party has in place. Please note that if you give out personal information online through a discussion board or posting site/website, that information can be collected and used by third parties. Although we strive to protect our users’ privacy, we cannot guarantee the security of information you post in these forums. You disclose such information at your own risk.

Our primary intention for collecting personal and private information from you is simply to conduct our business. We can use this internally to better serve you. Accordingly, we see no reason to share or sell your personal information with other parties outside our interests unless you have authorized us to do so. Of course, there are instances where your information is stored with third-party service providers, such as email service providers - payment process like PayPal, as they provide services that are industry-leading in quality and security and are far more beneficial to our end user than attempting such services “in-house.” However, you are never required to deal with any such third party directly, they are limited in how they use your information, and they cannot sell or transfer it to others in any way.

You are able to delete certain Personal Information we have about you. The Personal Information you can delete may change as the Website and Services change. When you delete Personal Information, however, we may maintain a copy of the unrevised Personal Information in our records for the duration necessary to comply with our obligations to our affiliates and partners, and for the purposes described below. If you would like to delete your Personal Information or permanently delete your account, you can do so on the settings page of your account on the Website or simply by contacting us.

However, of course, your information does comprise part of an overall whole. This aggregate of information, by contrast, may be used to understand our overall user base. Further, we may share this information about our website visitors as a whole with third parties for various purposes, in our sole discretion. While we are staunch and loyal privacy advocates, there are times when even we may be forced to abandon these ideals. Just as major search engines face ongoing compulsion to provide data against their will, so too may the same occur with our website. So in saying that, notwithstanding anything to the contrary in this Privacy Policy or controls we may otherwise offer to you, illegal activity or other serious acts or allegations could create legal liability for our website. In those cases, we reserve the right to share your information, or else may simply be compelled to do so by law.

In doing so, we may preserve, use, share, or disclose your personal data or other safety data if we believe that it is reasonably necessary to comply with a law, regulation, legal process, or governmental request; to protect the safety of any person; to protect the safety or integrity of our platform, including to help prevent spam, abuse, or malicious actors on our services, or to explain why we have removed content or accounts from our services; to address fraud, security, or technical issues; or to protect our rights from suspected or alleged copyright infringement or other intellectual property violations, or property or the rights or property of those who use our services. However, nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to a third party’s, including a government’s, request to disclose your personal data, Just keep in mind that for the safety of our platform and for our users it may be necessary to share personal information under these circumstances. 

Security

We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and the Website and Services cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third party, despite best efforts.

This site is scanned for potential malware and vulnerabilities by the iThemes Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan. This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy. Security logs are retained for 30 days. In Addition, the IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 30 days. We also use Https//: encryption to encrypt your data and we do not sell nor share your information with others. Overall this is for the safety of our website and our user. 

Data breach

In the event we become aware that the security of the Website and Services has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website, send you an email.

Retention of information

We will retain and use your Personal Information for the period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements unless a longer retention period is required or permitted by law. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally. Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification, and the right to data portability cannot be enforced after the expiration of the retention period.

Outside of legal matters, the criteria used to determine the period of storage of personal data is the respective statutory retention period. After the expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.

On another note, if you leave a comment, the comment, and its metadata are retained. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register to a membership area course on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see, edit, and delete that information.

Disclosure of information

Depending on the requested Services or as necessary to complete any transaction or provide any service you have requested, we may share your information with your consent with our trusted third parties that work with us, any other affiliates and subsidiaries we rely upon to assist in the operation of the Website and Services available to you. We do not share Personal Information with unaffiliated third parties. These service providers are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. We may share your Personal Information for these purposes only with third parties whose privacy policies are consistent with ours or who agree to abide by our policies with respect to Personal Information. These third parties are given Personal Information they need only in order to perform their designated functions, and we do not authorize them to use or disclose Personal Information for their own marketing or other purposes.

We will disclose any Personal Information we collect, use or receive if required or permitted by law, such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Our Commitment To Children’s Privacy (Parental Permission)

We do not knowingly collect any Personal Information from children under the age of 18. If you are under the age of 18, please do not submit any Personal Information through the Website and Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this Policy by instructing their children never to provide Personal Information through the Website and Services without their permission. If you have reason to believe that a child under the age of 18 has provided Personal Information to us through the Website and Services, please contact us. You must also be at least 16 years of age to consent to the processing of your Personal Information in your country (in some countries we may allow your parent or guardian to do so on your behalf).

State Law & Accompanying Rights

Please understand that you may have additional rights originating from State laws based on where you live. These State-based rights may augment, strengthen, or otherwise somehow compliment any privacy rights you have inherently or under Federal law. Our policy is to comply fully with the privacy policies of every jurisdiction in which we operate. Accordingly, you are free to use our Contact information to reach us at any time to assert any State rights.

The rights of users

You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following: (i) you have the right to withdraw consent where you have previously given your consent to the processing of your information; (ii) you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent; (iii) you have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing; (iv) you have the right to verify the accuracy of your information and ask for it to be updated or corrected; (v) you have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it; (vi) you have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; (vii) you have the right to receive your information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.

The right to object to processing

Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection.

Data protection rights under GDPR

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Luis Garcia Institute website. By means of this data protection declaration, our website would like to inform you of the nature, scope, and purpose of the personal data we collect, used, and process, along with the rights to which you’re entitled. As the data controller, the Luis Garcia Institute website has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us by contacting us with the contact information you will see below this page. 

As mentioned above and to summarize it, the website of the Luis Garcia Institute collects a series of general data and information when a data subject or automated system calls up the website. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, the Luis Garcia Institute website does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the Luis Garcia Institute website analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our website and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

If you are a resident of the European Economic Area (EEA), you have certain data protection rights and the Operator aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. If you wish to be informed of what Personal Information we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:

a) Right of confirmation

Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller.

b) Right of access

Each data subject shall have the right granted by the European legislator to obtain from the controller free information about his or her personal data stored at any time and a copy of this information. Furthermore, the European directives and regulations grant the data subject access to the following information:

• the purposes of the processing;
• the categories of personal data concerned;
• the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
• where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
• the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing;
• the existence of the right to lodge a complaint with a supervisory authority;
• where the personal data are not collected from the data subject, any available information as to their source;
• the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.
• Furthermore, the data subject shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organization. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer. If a data subject wishes to avail himself of this right of access, he or she may, at any time, contact any employee of the controller.

c) Right to rectification

Each data subject shall have the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement. If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the controller.

d) Right to erasure (Right to be forgotten)

Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:

• The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
• The data subject withdraws consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
• The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.
• The personal data have been unlawfully processed.
• The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
• The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
• If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by the Luis Garcia Institute, he or she may, at any time, contact any employee of the controller. An employee of Luis Garcia Institute shall promptly ensure that the erasure request is complied with immediately.

Where the controller has made personal data public and is obliged pursuant to Article 17(1) to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required. An employee of the Luis Garcia Institute will arrange the necessary measures in individual cases.

e) Right of restriction of processing

Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:

• The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
• The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead of the restriction of their use instead.
• The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise, or defense of legal claims.
• The data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification of whether the legitimate grounds of the controller override those of the data subject.
• If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by the Luis Garcia Institute, he or she may at any time contact any employee of the controller. The employee of the Luis Garcia Institute will arrange the restriction of the processing.

f) Right to data portability

Each data subject shall have the right granted by the European legislator, to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used, and machine-readable format. He or she shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others. In order to assert the right to data portability, the data subject may at any time contact any employee of the Luis Garcia Institute.

g) Right to object

Each data subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions. The Luis Garcia Institute shall no longer process the personal data in the event of the objection unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims. If the Luis Garcia Institute website processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to the Luis Garcia Institute to the processing for direct marketing purposes, the Luis Garcia Institute will no longer process the personal data for these purposes. In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to the processing of personal data concerning him or her by the Luis Garcia Institute for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest. In order to exercise the right to object, the data subject may contact any employee of the Luis Garcia Institute. In addition, the data subject is free in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to use his or her right to object by automated means using technical specifications.

h) Automated individual decision-making, including profiling

Each data subject shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) is not authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent. If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) it is based on the data subject’s explicit consent, the Luis Garcia Institute shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and contest the decision. If the data subject wishes to exercise the rights concerning automated individual decision-making, he or she may, at any time, contact any employee of the Luis Garcia Institute.

i) Right to withdraw data protection consent

Each data subject shall have the right granted by the European legislator to withdraw his or her consent to the processing of his or her personal data at any time. If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of the Luis Garcia Institute.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area (EEA).

If you would like to contact us concerning any matter relating to your Personal Information, right below you will see a form where you can request the right to be forgotten, request your data, or even rectification your data.