Skip to content Skip to sidebar Skip to footer

PRIVACY POLICY

Introduction to Privacy Policy

Welcome to Sphinx Code, provided by Phi Code LLC (“we”, “our”, or “us”). We are committed to protecting your privacy and ensuring the security of the information you provide to us. This Privacy Policy outlines our practices concerning the collection, use, and disclosure of your information via our website [insert URL here], through the interaction with our products, and when you use our services. By accessing or using our service, you agree to this Privacy Policy and our Terms of Service.

This document is designed to comply with the General Data Protection Regulation (GDPR) for our users in the European Union, alongside other applicable regulations such as the California Consumer Privacy Act (CCPA) in the USA, and similar privacy laws in Australia, New Zealand, South America, and other jurisdictions. We encourage you to read this policy thoroughly to understand our practices regarding your personal information and how we will treat it.

If you have any questions or require more detailed information about our Privacy Policy, please contact us at info@sphinxcode.com.

Data Collection and Storage

Data Storage Location:

We operate with web servers hosted in 

  • Ashburn (Virginia, US)
  • Council Bluffs (Iowa, US)
  • Dallas (Texas, US)
  • Los Angeles (California, US)
  • London (UK)
  • Madrid (Spain)
  • Eemshaven (Netherlands)
  • Frankfurt (Germany)
  • Paris (France)
  • Sydney (Australia)
  • Singapore (Singapore)

, provided by Siteground.com. As a Wisconsin based company, we adhere to the General Data Protection Regulation (GDPR) for our European Union users. SiteGround.com is compliant with the EU/US Privacy Shield framework, ensuring that your data is securely stored and GDPR compliant. For more details, you can view the Siteground Data Privacy Policy.

Registration Data:

When you register on our website, we collect the following information:

  • Username: You choose a username during registration, which is used to identify your profile to other users.
  • Email Address: Used to communicate important information about your account and services.
  • Additional Profile Information: You may also provide additional information such as your name, contact number, and preferences. This information helps us to personalize your experience and provide tailored support.

You can view, edit, or delete your personal information at any time through your account settings, except for changing your username. This data is accessible to website administrators for support and management purposes.

Purchase Data:

If you purchase products from our website, we store your purchase details, which include:

  • Purchase Codes and Support Expiration Dates: Used to validate your purchase and provide customer support.
  • Transaction Records: Including payment amounts, dates, and billing information, required for accounting and legal compliance.

Support Data:

If you register for support services, you can submit tickets via our third-party system, Ticksy. Data sent to Ticksy includes only the information you provide and is subject to their EU/US Privacy Shield compliant privacy policy [insert link here]. Consent is requested each time you initiate a new support ticket.

Comments and Contact Forms:

  • Comments: When you leave comments on our website, we collect the data shown in the comments form, your IP address, and browser user agent string to help spam detection.
  • Contact Forms: Information submitted through contact forms on our site is sent to our company email, hosted by Zoho, which complies with the EU/US Privacy Shield policy. This data is used solely for customer service purposes and is never used for marketing or shared with third parties.

Analytics:

We use Google Analytics to monitor site usage and improve the user experience. This service collects data in an anonymized form. Opt out of Google Analytics tracking by going to your account.

Cases for Using the Personal Data Section

Purposes for Processing Personal Data

We use your personal information for a variety of purposes, which are outlined below:

  1. Verification and Identification:
    • To verify your identity when you access our services, ensuring that only you can access your account and its specific features.
  2. Technical Assistance and Support:
    • To provide ongoing customer support, address your inquiries, and resolve any technical issues you might encounter with our services.
  3. Service Communications:
    • To send you important updates about our services, changes to our terms, conditions, and policies, as well as any other essential administrative information.
  4. Account Activity Monitoring:
    • To monitor the activity within your account to prevent fraudulent transactions and other illicit activities, thereby securing your personal information from unauthorized access.
  5. Personalization:
    • To customize your experience on our website, such as displaying content based on your preferences and previous interactions with us.
  6. Service Improvement and Optimization:
    • To analyze how our services are used, which helps us to improve existing features, design new functionalities, and optimize our user interface for better performance and engagement.
  7. Legal and Regulatory Obligations:
    • To comply with legal requirements, such as tax, compliance, and auditing laws and regulations.

Each of these uses is designed to provide you with a more efficient, secure, and personalized service experience. If specific uses require your explicit consent, we will ask for your agreement before proceeding.

Embedded Content Section

Embedded Content from Other Websites

Pages on our site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction if you are logged in to that website.

Here are some specifics about the third-party services we use that may provide embedded content:

  1. YouTube:
    • We use YouTube to embed videos on our site. YouTube may collect data about your interactions with their content, for instance, when you watch a video. By interacting with YouTube videos on our site, you are agreeing to YouTube’s Privacy Policy. You can view their policy here.
  2. Facebook:
    • Our site utilizes Facebook technologies such as the Facebook page plugin to display content like our Facebook timeline. This plugin may collect your IP address and other browser information. Interaction with Facebook plugins is governed by Facebook’s own privacy policy, which can be found here.
  3. Twitter:
    • We use the Twitter API to display tweets on our website. Similar to other social plugins, Twitter may collect certain information once you interact with these tweets if you are logged in to your Twitter account. For more information, see Twitter’s privacy policy here.

User Consent and Control:

  • Before interacting with embedded content, you may need to give your consent, depending on your browser settings and extensions, as well as the policies of the third-party platforms. We recommend adjusting your privacy settings on these platforms according to your preferences.

Privacy Policies of Third Parties:

  • We advise reviewing the privacy policies of third-party platforms before interacting with embedded content on our site. This will help you understand how they use your data and what controls you have over that information.

Cookies Section

Use of Cookies on Our Site

What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, or mobile) when you visit certain websites. They are used to remember your preferences, record user-specific information on what pages users access or visit, ensure that advertisements are properly displayed, and improve your browsing experience by making interactions faster and more personalized.

How We Use Cookies:

  • Essential Cookies: These are necessary for the operation of our site. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart, or make use of e-billing services.
  • Performance and Analytics Cookies: These help us to understand how visitors interact with our website by providing information about the areas visited, the time spent on the site, and any issues encountered, such as error messages. This helps us improve the performance of our website.
  • Functionality Cookies: These are used to recognize you when you return to our website. This enables us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
  • cookies record your visit to our website, the pages you have visited, and the links you have followed. We use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
  •  
  • Managing Cookies:
  • Cookie Consent: Upon your first visit to our site, you will be greeted with a cookie consent banner where you can customize and control the types of cookies that are active during your visits. This includes the ability to accept all cookies, refuse non-essential cookies, or customize your preferences in detail.
  • Browser Settings: You can choose to disable cookies through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers’ respective websites.
  • Third-Party Tools: You can also opt-out of third-party cookies from Google Analytics and other similar services through their respective opt-out tools or by managing preferences in your browser.
  •  
  • Necessary Cookies (All Site Visitors):
  • cfduid: Used by our CDN provider, CloudFlare, to identify individual clients behind a shared IP address and apply security settings on a per-client basis. For more privacy information, see the CloudFlare Privacy Policy.
  • PHPSESSID: Helps identify your unique session on our website.
  •  
  • Necessary Cookies (Additional for Logged-In Customers):
  • wp-auth: Used by WordPress to authenticate logged-in visitors, manage session and user verification.
  • wordpress_logged_in_{hash}: Maintains user session state across page requests.
  • wordpress_test_cookie: Checks if cookies are enabled to provide appropriate user experience.
  • wp-settings-[UID]: Personalizes your view of the admin interface, and possibly also the main site interface, by storing user settings.
  • wp-settings-time-[UID]: Similarly, helps with the customization of the admin and possibly the site interface by storing user settings over time.

“Who Has Access to Your Data” Section

Who Can Access Your Data

Access within Our Organization:

  • System Administrators: Our system administrators may access your data as part of their role in maintaining the integrity of our services. They handle data management and security, ensuring that your information is protected and securely stored.
  • Customer Support: To provide you with timely and efficient service, our customer support team may access your data when necessary to address your questions, troubleshoot issues, and ensure that you receive optimal use of our services.

External Third Parties:

  • Service Providers: We employ various service providers who perform functions on our behalf. These include hosting services, customer relationship management and support tools, and payment processing. Our service providers are bound by confidentiality agreements and are permitted to use your data only in accordance with our instructions.
  • Legal Requirements: We may disclose your data if required to do so by law or in response to valid requests by public authorities, such as a court or government agency.

Ensuring Your Privacy:

  • Need to Know Basis: Access to your personal data is strictly limited to those who need the information to perform their job functions. We implement strict access controls and monitoring mechanisms to ensure that your data is handled securely and in accordance with this Privacy Policy.
  • Training and Awareness: All employees and third-party service providers who have access to personal data are required to undergo training on privacy and data protection principles.

No Third-Party Access for Marketing:

  • We do not sell, rent, or trade your personal data with third parties for their marketing purposes without your explicit consent.

“Third Party Access to Your Data” Section

Third Party Access to Your Data

We limit third-party access to your data to only those instances where it is necessary to provide our services. Here’s how and when third-party access might occur:

Collaboration with Service Providers:

  • Data Processors: We engage various third parties to process personal data on our behalf. These include cloud hosting services, customer support ticketing systems, and email service providers. For example, we use Envato Pty Ltd for license validation and Ticksy for managing support tickets. These parties are contractually obligated to comply with data protection laws and to ensure the confidentiality and security of your data.
  • Privacy Shield Compliance: Our third-party providers such as Ticksy and Zoho, who are based in or transfer data to countries outside the EU, comply with the EU/US Privacy Shield framework, ensuring an adequate level of data protection.

Legal Disclosures:

  • Compliance with Laws: We may disclose your personal data to third parties if required by law, such as to comply with a subpoena or other legal process. We may also disclose your data in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of service, or as otherwise required by law.
  • Notification: If we are required to disclose your data for legal reasons, we will attempt to notify you unless doing so would violate the law or a court order.

Careful Selection of Partners:

  • Vetting Process: We carefully select and vet third-party service providers who demonstrate compliance with high standards of data protection. We assess their privacy policies and security measures before engaging their services.
  • Data Sharing Agreements: Agreements with third-party service providers include clauses that uphold the protection of your privacy and restrict the use of your data to the purposes for which it is provided.

Use of Anonymized Data:

  • Where possible, we aim to anonymize the data shared with third parties to minimize any potential impact on your privacy.

“How Long We Retain Your Data” Section

Data Retention Policies

General Retention Period:

We retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. The length of time we keep your data depends on various factors, such as the nature of the data and our contractual and legal obligations. Here are specific retention periods for different types of data:

  • Registration Data: We store your registration information for as long as your account is active plus a safety margin of six months following account deactivation, to allow for account reactivation unless you request deletion of your data.
  • Purchase Data: Transactional records, including purchase information, are retained for a minimum of seven years to comply with tax, accounting, and consumer law requirements.
  • Support Data: Data related to customer support interactions is retained for two years to ensure we can address any follow-up issues effectively and maintain service quality.
  • Comments and Interaction Data: Comments left on our website and data from interactive sessions are retained for one year to foster community discussions and enhance user engagement, after which they are permanently deleted unless relevant for ongoing discussions.

Data Deletion:

  • Upon expiry of the retention periods, your data is securely deleted from our systems or anonymized so it can no longer be associated with you. You may request earlier deletion of your personal data, subject to any legal requirements that require us to retain specific information.

User-Requested Deletion:

  • You have the right to request deletion of your data at any time, except in cases where we are legally required to maintain certain types of data, such as transactions for financial reporting. If you wish to delete your account and associated data, you can do so through your account settings or by contacting our support team.

Special Circumstances:

  • In the event of legal disputes or investigations, we may retain your data beyond the standard retention periods until resolution, subject to applicable law.

“Security Measures” Section

Data Security Practices

We are committed to ensuring the security of your personal data. We implement a variety of security measures to maintain the safety of your information when you enter, submit, or access your personal data. Here are some of the key security practices we use:

  • SSL/HTTPS: We use SSL (Secure Socket Layer) technology to encrypt data transmitted between your browser and our servers. This ensures that all data passed between the web server and browsers remain private and integral.
  • Access Controls: Access to personal data is strictly limited to personnel who need access to perform their job functions. We enforce a strict role-based access policy that ensures only authorized personnel have access to your data.
  • Regular Security Audits: Our security measures are regularly reviewed and enhanced as necessary. This includes conducting regular security audits to identify and remedy potential vulnerabilities.
  • Secure Data Storage: Data is stored in secure servers with advanced firewall protection. Our servers are located in secured facilities with restricted access, ensuring physical security.
  • Data Breach Response: In the unlikely event of a data breach, we have procedures in place to mitigate the effects. Our incident response plan includes informing affected users and relevant authorities in accordance with legal requirements and within the timeframe stipulated by applicable laws.
  • Third-Party Service Providers: We ensure that our third-party service providers who have access to personal data are compliant with high security standards. Agreements with these providers include obligations to implement adequate security measures to protect the data they process.
  •  

User Responsibility:

  • Security also depends on you. We urge you to take steps to keep your personal information safe, including choosing a strong password, keeping your login and password private, and logging out of your user account after each session, especially when using public or shared computers.

 “Your Data Rights” Section

Understanding Your Data Rights

We recognize and support your rights regarding your personal data, regardless of where you reside. Here’s an overview of the rights you have over your data when using our services:

  1. Right to Access:
    • You have the right to request a copy of the personal data we hold about you. This helps you understand how and why we use your data, and check we are doing it lawfully.
  2. Right to Correction:
    • You are entitled to have your data corrected if it is inaccurate or incomplete. This ensures any errors in your data can be rectified promptly.
  3. Right to Erasure (“Right to be Forgotten”):
    • You can request the deletion or removal of personal data where there is no compelling reason for its continued processing. This is not absolute and only applies under certain conditions.
  4. Right to Restrict Processing:
    • You have rights to ‘block’ or suppress further use of your data. When processing is restricted, we can still store your data, but may not use it further.
  5. Right to Data Portability:
    • You have the rights to receive and reuse your personal data for your own purposes across different services. This allows you to move, copy, or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
  6. Right to Object:
    • You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing (which we can stop immediately if you opt out).
  7. Right to Withdraw Consent:
    • Where we rely on consent to process your personal data, you have the right to withdraw that consent at any time, though this will not affect the lawfulness of processing based on consent before its withdrawal.
  8. Rights Related to Automated Decision Making and Profiling:
    • You have the right to not be subject to a decision when it is based on automated processing and it produces a legal effect or similarly significantly affects you.

Exercising Your Rights:

To exercise any of these rights, please contact us directly at [provide contact information]. We will respond to your request within a month, but please note that this period may be extended by two further months where necessary, depending on the complexity and number of the requests.

GDPR Specific Rights:

For our users within the European Union, additional rights apply under the General Data Protection Regulation (GDPR). For more information on these rights, please visit the EU GDPR Information Portal [link to GDPR portal].

Complaints:

If you believe that your data protection rights have been breached, you have the right to complain to the relevant supervisory authority or to seek a remedy through the courts.

“Amendments” Section

Amendments to This Privacy Policy

Policy Updates and Changes:

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.

Notification Methods:

  • Direct Communication: For significant changes, we may inform you by sending a direct notification via email or through a notification system on our website.
  • Public Announcements: Less significant changes may be announced through our website’s news section or via our social media pages.

Reviewing Changes:

You are encouraged to review this Privacy Policy periodically to stay informed about how we are protecting your information. The date of the last modification is displayed at the top of this Privacy Policy.

Acceptance of Changes:

Continued use of our services after any changes to this Privacy Policy will constitute your acceptance of such changes. If you do not agree with the changes to the Privacy Policy, you should discontinue using our services and deactivate your account.

Contacting Us:

If you have any questions, concerns, or suggestions about our Privacy Policy or your personal data, please contact us at info@sphinxcode.com