Privacy Policy

This is our updated Privacy Policy which goes into effect on May 25, 2018.

Who We Are

Laspau brings together a valuable network of individuals, institutions, leaders and organizations devoted to building knowledge-based societies across the Americas. This privacy policy applies to all visitors, customers, and students using or accessing any of the services that we provide on http://laspau.harvard.edu

For any privacy-related questions, please contact us at: support@laspau.desk-mail.com

What Personal Data We Collect and Why We Collect It

Email

We use Desk, a CRM service by Salesforce, to process all internal email and communication with our customers. Customers that email us, or use any of the contact forms on our websites, will have their name, email address, IP address, and any data provided stored in our help desk third-party service provider. Salesforce’s privacy policy is available here.

Analytics

We use Google Analytics for tracking visitors and aggregating information about the traffic to our websites. The Google Analytics privacy policy can be found here. You can learn more about how to opt-out of tracking in Google Analytics here.

Marketing Campaigns

We use Mailchimp email marketing to communicate with customers and potential customers from time to time. All email lists and campaigns are “opt-in” meaning we will not send you these sorts of emails unless you indicated that you wish to receive them during signup or other interactions on our website. All marketing emails sent by us will include an unsubscribe link in the footer of the email. Emails sent to you may also include standard tracking, including open and click activities. Mailchimp’s privacy policy is found here.

We may utilize social media and web advertising campaigns. These service providers use cookies on our sites and/or pixel tracking to serve ads across the different platforms.

Hosting and API Services

All web servers and hosting are managed on the WP Engine platform located in different regions around the world. This includes website hosting, backups, web database, file storage, APIs, and log files. WP Engine’s privacy policy can be found here.

WP Engine uses the MaxCDN Content Delivery Network. MaxCDN may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. MaxCDN’s privacy policy can be found here.

Social Media Widgets

Some parts of our Service may include social media features, such as the Facebook “like” button, and widgets, such as the “share this” button. These social media features are either hosted by a third party or hosted directly on our Service. When you use these tools, the party that provides the tool, the third party that operates the social media services, and/or we may receive Personal Data about you. By using these tools, you acknowledge that some information, including Personal Data, from your social media services will be transmitted to us, and that information is therefore is covered by this Privacy Policy, and some information, including Personal Data, may be shared with the third party services, and that information is therefore governed by their privacy policies.

Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our plugins.

If your browser does not support web fonts, a standard font is used by your computer. Further information about handling user data, can be found in the Google font faq here and in Google’s privacy policy here.

Cookies

What Are Cookies?

A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. We use cookies across our sites to help identify and track visitors, their usage of our services, and their website access preferences. We describe the specific cookies used in the sections below. Visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using our websites, with the drawback that certain features may not function properly without the aid of cookies.

How We Use Cookies

We place cookies on all of Laspau’s pages to perform web analytics with the intention of improving site experience. We use cookies across our site to help identify and track visitors, their usage of our services, and their website access preferences. Visitors can subscribe to newsletters from our blog, download content, or unlock articles we create in collaboration with our partners by providing their contact information which includes email address and name. The collected data is used to send the requested content and/or newsletter and we do not sell this data to any third parties. In the case of unlocking content, you will be given an option to opt in to the communication coming from our partners.

Disabling Cookies

You can disable cookies by changing the settings on your web browser (Chrome, Firefox and Internet Explorer). However disabling cookies will result in disabling certain functionalities on Laspau website, since some of the functionalities require the use of cookies to work

For more information on cookies, including how to control your cookie settings and preferences, visit http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, https://ico.org.uk/for-the-public/online/cookies/ and http://www.allaboutcookies.org/.

Embedded Content from Other Websites

Embeds are pieces from other websites that are shown from time to time on our websites. They behave in the exact same way as if the visitor has visited the other website and may use cookies or capture information. Typically, embedded content is from websites that share videos, images, or other content. These services may collect your IP Address, your User Agent, store and retrieve cookies on your browser, embed additional third-party tracking, and monitor your interaction with that embedded content, including correlating your interaction with the content with your account with that service, if you are logged in to that service.

Links to the privacy policies of the most common services have been included below. Where a general privacy policy is not available, the applicable country is indicated.

Who We Share Your Data With

We use third-party services across our sites. The extent to which your data is shared with these providers depends on your use of our services, and we list the specific third-parties in use (with links to their privacy policies) in the sections below.

Each third-party provider has been vetted to ensure that privacy policies and practices meet or exceed the same levels of compliance and standards that we follow. Where appropriate and available, we hold additional signed Data Privacy Agreements with these companies as an additional layer of accountability in order to help ensure your data is safe and secure.

We disclose potentially personally-identifying and personally-identifying information only to our employees, contractors and affiliated organizations that (i) need to know that information in order to process it on our behalf or to provide services, and (ii) that have agreed, in writing, not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using our websites and services, you consent to the transfer of such information to them. We will not rent or sell potentially personally-identifying and personally-identifying information to anyone.

We may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

If we ever were to engage in any onward transfers of your data with third parties for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.

Visitor

We place cookies on all of Laspau’s pages to perform web analytics with the intention of improving site experience. Visitors can subscribe to newsletters from our blog, download content, or unlock articles we create in collaboration with our partners by providing their contact information which includes email address and name. The collected data is used to send the requested content and we do not sell this data to any third parties. In the case of unlocking content, you will be given an option to opt in to the communication coming from our partners.

Children Under 16

In efforts to comply with the Children’s Online Privacy Protection Act (COPPA) and the European Union’s General Data Protection Regulation (GDPR), Laspau’s products and services are directed only to people who are at least 13 years of age or older.

What Rights You Have Over Your Data

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Laspau aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:

Access

Individuals will have the right to know exactly what information is held about them and how it is processed.

Deletion

You can request “to be forgotten” and we will erase any personally identifiable data we have about you. Of course, this excludes data we need for administrative or security purposes or if we are required by law to retain some of the data.

Object

You have the right to object to our processing of your personal data.

Restriction

You have the right to request that we restrict the processing of your personal information.

Portability

You have the right to be provided with a copy of your personal data in a structured, machine-readable and commonly used format.

Rectification

You have the right to correct, amend, or delete inaccurate data.

Consent

You also have the right to withdraw your consent at any time where Laspau relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

How We Protect Your Data

We take the security of your data seriously and follow best practices and Harvard University guidelines. For details on the security of the WordPress core itself, see wordpress.org/about/security.

Prevention is best when it comes to security, and as a first step, we follow all WordPress Code Standards in the plugins that we build and use. In addition, we have an extensive internal review and Quality Assurance process in place specifically to prevent potential security vulnerabilities in our plugins and services. We only use third-party services that are fully vetted and adhere to the highest levels of privacy and security practices.

What Data Breach Procedures We Have in Place

Should any event occur where customer data has been lost, stolen, or potentially compromised, our policy is to alert our customers via email no later than 48 hours of our team becoming aware of the event. We will also report such incident to any required data protection authority. We will work closely with any customers affected to determine next steps such as any end-user notifications, needed patches, and how to avoid any similar event in the future.

Privacy Policy Changes

Although most changes are likely to be minor, Lspau may change its Privacy Policy from time to time, and in Laspau’s sole discretion. Laspau will notify clients by email when making changes.

Changelog

May 25, 2018 – Updated language of the policy to be more user-friendly, specifically outlining requirements in preparation for meeting the GDPR.