Last updated on 10^th November 2023; effective from 24th November 2023

Introduction

CARE ABOUT LITTLE ONES ltd (“we”, “our”, “us”) understands that your privacy and the security of your personal information is extremely important. Because of that, we take your privacy very seriously and we want to let you know exactly how we use your personal information.

This Privacy and Cookie Policy (“this Policy”) sets out how we collect, process, use and store information about you when you visit, use or interact with our website careaboutlittleones.com and its subpages (“this Website”) and where we otherwise obtain or collect information about you. This Policy applies whenever you visit or use this Website and the products and services which we offer on this Website and whenever you interact with us online, via chat, via e-mail, over the phone, on Social Media or otherwise.

Who Does This Privacy Policy Apply To?

Local laws require us to employ different Privacy Policies depending on the country of your residence! If you are a resident from the USA, please refer to the section “Privacy Policy US” of this Policy! If you are a resident from the European Economic Area (EEA), the United Kingdom or Switzerland, please refer to the section “Privacy Policy EU” of this Policy!

Lastly, if you are a resident from countries outside the USA, EEA, UK or Switzerland, we grant you the same rights as residents from the USA. Therefore, please refer to the section “Privacy Policy US” of this Policy!

Privacy Policy US

1 How Do We Get Your Consent?

Website Visitors:
You can find a link to this Policy as well as to our Cookie Policy for residents from the USA (“Do Not Sell My Personal Information”) on every page of this Website. By doing so, we want to make sure that you can easily access such information. Therefore, by visiting and using this Website, you give us your consent to collect, process, use and store your personal information in accordance with this Policy and to use cookies in accordance with our Cookie Policy (“Do Not Sell My Personal Information”).

Users of our free online courses:
When you sign up for any of our free online courses, we explicitly ask you to give us your consent to collect, process, use and store your personal information in accordance with this Policy and to use cookies in accordance with our Cookie Policy (“Do Not Sell My Personal Information”) by ticking the box next to ” I accept the Privacy Policy and the Terms & Conditions”.

Newsletter subscribers:
When you sign up for our newsletter, you will receive an e-mail from us with a confirmation link. In that e-mail we ask you to give us your consent to collect, process, use and store your personal information in accordance with this Policy and to use cookies in accordance with our Cookie Policy (“Do Not Sell My Personal Information”). By confirming your e-mail address, you give us your consent that we are allowed to collect, process, use and store your personal information in accordance with this Privacy Policy and to use cookies in accordance with our Cookie Policy (“Do Not Sell My Personal Information”).

Customers:
When you place an order on this Website, we explicitly ask you to give us your consent to collect, process, use and store your personal information in accordance with this Policy and to use cookies in accordance with our Cookie Policy (“Do Not Sell My Personal Information”) by ticking the box next to “I accept the Terms & Conditions and the Privacy Policy” on the checkout page.

2 What Kind Of Personal Information Do We Collect?

2.1 Server Log Information

When you visit this Website, it automatically logs your IP address as well as other information about your visit, including your browser version, as well as the operating system which you are using, your Internet Service Provider, your location, the date and time of your website visit and the address of the website which has referred you to this Website.

Why do we collect server log information?
We have implemented technical measures on this Website to ensure that this Website is protected from malware and hackers. Although no website is 100% save, we still do our best to ensure a level of security appropriate to the risk of processing the kind of personal information that we do. Part of these technical measures involves the processing of server log information, as we need to monitor traffic on this Website, for example, in order to be able to avert user actions with malevolent or fraudulent intentions. However, we may also use server log information to compile statistics (see section 2.4 in this Policy).

2.2 Information That You Provide Us With

(i) Contact through e-mail, chat, website forms, Social Media Pages or phone:

Information which we collect from you when you get in touch with us through e-mail, chat, website forms, Social Media Pages or phone can include:

• First and last name
• Physical address and city
• E-mail address
• Social Media accounts
• Telephone number
• Other means that allow us to identify you so that we can get in touch with you

Why do we collect such information?
If you start a conversion with us through e-mail, chat, website forms, Social Media pages or phone, we aim to answer in a timely manner. In order for us to get in touch with you, we make use of the contact details which you have provided us with.

(ii) Signing up for an account on this Website:

Information which we collect from you when you register an account on this Website can include:

• First and last name
• E-mail address
• Username or alias, password and other account-related data
• Social Media accounts (when you sign up with one of your Social Media accounts)

Why do we collect such information?
If you sign up for an account on this Website, it means that you want to get access to our (free or fee-based) products and services. We require the kind of information that we list above so that we can grant you that access (subject to our Terms of Website Use and any product- or service-related Terms and Conditions).

(iii) Order and payment information:

When you place an order on this Website, we process the following personal information:

• First and last name
• Physical address and city
• E-mail address
• Financial data including credit card information or bank account number
• Birthday
• Username or alias, password and other account-related data
• Telephone number

Why do we collect such information?
If you place an order on this Website, we need to be able to fulfill that order and to process your payment. Please note that while we have full access to and store information related to your order, we are not able to see your payment information in full (for example, we only see the last 4 digits of your credit card number). That is because we use a payment processor to process payment information (see section 6 of this Policy).

(iv) Signing up for our newsletters:

When you sign up for and receive our newsletter, we process the following information:

• Name
• E-mail address
• Information about if and how you use our newsletter

Why do we collect such information?
We need to be able to send the newsletter that you requested to your preferred e-mail address. Moreover, we want to personalize that e-mail address. That is why we ask for your name too. Furthermore, we use so-called web beacons (you can find more information on web beacons in our Cookie Policy “Do not sell my personal information”) to track if our newsletter subscribers have opened our newsletters and if they clicked on any links. We do this because we want to improve our communication with our newsletter subscribers.

(v) Signing up for our webinars:

When you sign up for one of our webinars, we process the following information:

• Name
• E-mail address
• Information on if and how you use our webinars, such as:
  – if you watched our webinars at all
  – for how long you have watched a particular webinar
  – if you watched a recording of one of our webinars

Why do we collect such information?
A name and e-mail address are required in order to give you access to our webinars. The remaining information is collected so that we can improve our communication with you.

For example: if you have signed up for a live webinar and are not attending, we normally send out a link to a recording of that webinar AFTER it took place. We do this so that you can watch it at a time that is more convenient for you.

2.3 Information Which We Need To Comply With Legal Obligations

We may process personal information where we are required to comply with legal obligations. Such information can include:

• First and last name
• Physical address and city
• E-mail address
• Financial data including credit card information or bank account number
• Birthday
• IP Address
• Geolocation
• Criminal or legal data
• Telephone number

Why do we collect such information?
We process such information whenever we are required to do so by law. For example, we are required by law to keep track of all of our order transactions for accounting purposes.

2.4 Other Information

(i) Compiling and analysing statistics:

We collect information about website visitors in order to compile and analyse statistics. Such information can include:

• Server Log Information
• Demographic information
• Geolocation
• Information about your online activity, including but not limited to your browsing history on this Website and on other websites, or your interaction with ads

Why do we collect such information?
We use aggregated data about user behavior and other data about our website users in order to understand the visitors of this Website, where they come from, what their demographics are (for example, what is the typical age range of people visiting this Website), what they are interested in, which blog posts they find most helpful, which parts of our courses need improvement, and so forth, so that the information on this Website can become even more helpful. Such data is anonymised. We are neither able to attribute such data to a person nor do we have an interest in doing so.

(ii) Promotional and non-promotional communication following your website visit:

We would like to stay in touch with you after you have visited and used this Website and our products and services. Because of that, we may collect the following information about you:

• First and last name
• E-mail address
• Geolocation
• Information about your online activity, including but not limited to your browsing history on this Website and on other websites, or your interaction with ads

Why do we collect such information?
When people visit this Website, we analyse what they do on this Website. Such data is anonymised. We are neither able to attribute such data to a person nor do we have an interest in doing so. We analyse traffic behaviour in order to stay in touch with that traffic by means of promotional and non-promotional communication after they have left this Website. Moreover, we want to make sure that such communication is not only relevant, but also useful for you. For example, if you check out information on baby constipation, it would be pointless for you when we tell you that we run a special promotion on our baby colic course.

3 How Do We Collect Personal Information?

• By asking you to provide us with your personal information, for example, when you place an order on this Website or when you sign up for our newsletter or for an account on this Website.
• By collecting information when you interact with us, for example online, on Social Media, via e-mail or through telephone.
• By placing cookies on your device when you access this Website from that device. Please read more about the way we use cookies here: Do not sell my personal information!
• By placing cookies on your device when you use certain services on our website, such as when you watch one of our webinars.

4 Cookies

This Website uses cookies and other related technologies. Please refer to our Cookie Policy (“Do not sell my personal information”). By visiting and using this Website, you agree that we use the cookies that we lay out in our Cookie Policy (“Do not sell my personal information”).

5 Where Do We Store Your Personal Information?

Although our company is based in the United Kingdom, your (personal) information which we collect ourselves may be stored on servers outside the United Kingdom. That’s because we use a third-party service called “Siteground” to host this Website. Their servers are located in several countries across the globe, including but not limited to London (UK), Iowa (Utah), Frankfurt (Germany) and Sydney (Australia).

In addition, we may also use other third parties who may store personal information when they provide services to us. Such personal information may be collected by ourselves and then processed and stored by such third parties (for example, your e-mail address, when you sign up for our newsletter or when you sign up for one of our webinars). Alternatively, such personal information may also be collected directly by third parties themselves (for example, your payment details, when you place an order on this Website).

6 Who Do We Regularly Share Your Personal Information With?

Please note, that we neither sell nor rent any of your personal information to third parties! However, we may disclose some of the information collected from you to third parties, where we are required to do so by law or where these third parties provide services to us

• which we are not able to fulfil ourselves
• which we need to improve this Website, as well as the communication with you
• or which we need to ensure that your data is stored using appropriate safety standards.

Where we share your personal data with third parties, we do so for the following purposes:

• Website hosting (country of third party: UK)
• Video hosting (country of third party: USA)
• Newsletter management (country of third party: France)
• Offering you our webinars (country of third party: The Netherlands)
• Offering you our online courses (country of third party: Canada)
• Display of web fonts (country of third party: USA)
• Processing of payment information (country of third parties: USA)
• Facilitation of data transfers between plugins (country of third party: USA)
• Compiling and analyzing website traffic information (country of third parties: USA)
• Remarketing (country of third parties: USA)
• Conversion tracking (country of third parties: USA)
• Creation of online campaigns (country of third parties: USA)
• Protection of Website and Users (country of third party: USA)
• Analysis of traffic behavior to identify a user as either a person or a bot (country of third party: USA)
• Inclusion of Social Media buttons on this Website (country of third parties: USA)

7 How Do We Respond To DO NOT TRACK signals?

This Website neither responds to nor supports the Do Not Track (DNT) header request field.

8 What Do We Do To Protect Your Personal Information?

We take appropriate technical and organizational measures to secure your personal information and to protect it against unauthorized or unlawful use. Such measures include but are not limited to:

• Using secure servers from experts whose business model is hosting websites and who therefore have the knowhow and capacities to secure their servers
• Employing a web application firewall to identify and block malicious website traffic
• Using Secure Sockets Layer (SSL) software to encrypt any payment transactions you make on or via this Website
• Using third-party services where we do not have the abilities or capacities ourselves to secure your personal information at an appropriate level of security (for example, using payment providers to process credit card information)
• Verifying the identity of users who request access to our content before we grant them access

9 Your Rights With Respect To Your Personal Information

Residents of California have special rights in regard to our use of their personal information. Since we welcome and support legislation to protect personal information of users, we grant the same rights not only to residents of California but to all residents of the United States of America. However, granting these rights to US residents outside of California does not mean that we impose any obligation on us with respect to anything related to granting these rights.

These rights are (California Consumer Protection Act of 2018):

9.1 The Right To Be Informed About Information We Hold About You

A consumer shall have the right to request that a business that collects personal information about the consumer disclose to the consumer the following (1798.100 (a) and 1798.110 (a) CCPA):

(1) The categories of personal information it has collected about that consumer.

(2) The categories of sources from which the personal information is collected.

(3) The business or commercial purpose for collecting or selling personal information.

(4) The categories of third parties with whom the business shares personal information.

(5) The specific pieces of personal information it has collected about that consumer.

9.2 The Right To Be Informed About Any Personal Information We Sell Or Disclose To Third Parties

A consumer shall have the right to request that a business that sells the consumer’s personal information, or that discloses it for a business purpose, disclose to that consumer (1798.115 (a) CCPA):

(1) The categories of personal information that the business collected about the consumer.

(2) The categories of personal information that the business sold about the consumer and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold.

(3) The categories of personal information that the business disclosed about the consumer for a business purpose.

Please note: we do not sell any personal information that we hold about you! However, we may disclose personal information that we hold about you to third parties, where we are required to do so by law or where these third parties provide services to us (see section 6 of this Policy).

9.3 The right to deny a business to sell your personal information

A consumer shall have the right, at any time, to direct a business that sells personal information about the consumer to third parties not to sell the consumer’s personal information. This right may be referred to as the right to opt out (1798.120 (a) CCPA).

9.4 The Right Not To Be Discriminated Against

A business shall not discriminate against a consumer because the consumer exercised any of the consumer’s rights under this title, including, but not limited to, by (1798.125 a (1) CCPA):

(A) Denying goods or services to the consumer.

(B) Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.

(C) Providing a different level or quality of goods or services to the consumer, if the consumer exercises the consumer’s rights under this title.

(D) Suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services.

9.5 The Right To Have Your Personal Information Deleted

A consumer shall have the right to request that a business delete any personal information about the consumer which the business has collected from the consumer (1798.105 (a) CCPA).

(b) A business that collects personal information about consumers shall disclose, pursuant to subparagraph (A) of paragraph (5) of subdivision (a) of Section 1798.130, the consumer’s rights to request the deletion of the consumer’s personal information.

(c) A business that receives a verifiable request from a consumer to delete the consumer’s personal information pursuant to subdivision (a) of this section shall delete the consumer’s personal information from its records and direct any service providers to delete the consumer’s personal information from their records.

(d) A business or a service provider shall not be required to comply with a consumer’s request to delete the consumer’s personal information if it is necessary for the business or service provider to maintain the consumer’s personal information in order to:

1. Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
3. Debug to identify and repair errors that impair existing intended functionality.
4. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
5. Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
7. To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
8. Comply with a legal obligation.
9. Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

If you want to exercise any of your rights, please get in touch with us (you can find our contact details below)! Please make sure that you include sufficient information so that we can identify you. This is important to make sure that we only disclose information to you which really is related to your person and no to any other person. We can only provide the requested information upon receipt of verifiable user information.

10 Have We Sold Or Disclosed Any Information To Third Parties Recently

We have not sold any personal information of consumers in the past 12 months. However, we have disclosed for a business purpose the following kind of information in the past 12 months to third parties so that they can provide services to us:

• First and last name
• Physical address and city
• E-mail address
• Financial data including credit card information or bank account number
• Birthday
• Telephone number
• Information about user’s online activity, including but not limited to their browsing history on this Website and on other websites, or their interaction with ads (such data is anonymous to us)

11 We Do Not Collect Personal Information From Children

This Website is neither intended to attract children nor to collect personal information from children under the age of 18. Children under the age of 18 shall not submit any personal data to us!

If you are aware of a person under the age of 18 who has shared their personal information with us, please get in touch with us (you can find our contact details below)!

12 Changes To This Privacy Policy

We reserve the right to make changes to this Policy periodically. We do this by updating the terms of this Policy on this Website and by stating the effective date of the revised version (see right below the header at the top of this page). Your continued use of this Website following an update constitutes your acceptance of any such update. Therefore, we recommend that you review this Policy whenever you visit this Website.

If you are a registered website user, we will keep you informed about any changes to this Policy by e-mail.

13 How To Contact Us

If you would like to exercise one of your rights as set out in this Policy, or if you have a question or a complaint about this Policy or the way we collect, process, use or store your personal information, please contact us

by e-mail: mathias@careaboutlittleones.com

or by mail to

Care About Little Ones ltd
40 Hampden House, 53 St Andrews Road
UB10 0WF
Uxbridge
United Kingdom

or via our website http://careabouttlittleones.com!

Alternatively, you may contact our Data Protection Officer, Mr. Mathias Ritter, directly by sending an e-mail to mathias@careaboutlittleones.com!

Finally, since we do not provide a toll free number at this point, we are happy to call you back at no cost for you! Please use the contact form on this website and send us your name and telephone number, as well as your city of residence so that we can call you back!

Privacy Policy EU

1 How Do We Get Your Consent?

Website visitors:
When you visit this Website, we show you a pop-up window in which we ask you to give us your consent to the way we collect, process, use and store your personal information in accordance with this Policy, by clicking the “Accept” Button in the pop-up window. When you click on the “Accept” Button, you allow us to use the cookies which we list in this Policy (see section 4 of this Policy) and to use your personal information in accordance with this Policy.

Alternatively, you can restrict the use of cookies on this Website by adjusting the cookie settings for this Website to fit your personal preferences in that same pop-up window (simply click on “read policy” and adjust the cookie settings) or by clicking on the button which we provide at the end of this Policy. You can also adjust your browser settings to block or restrict certain cookies. However, please note that some functions of this Website may not be working if you do so.

Users of our free online courses:
When you sign up for any of our free online courses, we ask you to give us your consent to collect, process, use and store your personal information in accordance with this Policy by ticking the box next to ” I accept the Privacy Policy and the Terms & Conditions”.

Newsletter subscribers:
When you sign up for our newsletter, you will receive an e-mail from us with a confirmation link. In that e-mail we ask you to give us your consent to collect, process, use and store your personal information in accordance with this Policy. By confirming your e-mail address, you give us your consent that we are allowed to collect, process, use and store your personal information in accordance with this Privacy Policy.

Customers:
When you place an order on this Website, we ask you to give us your consent to collect, process, use and store your personal information in accordance with this Policy by ticking the box next to “I accept the Terms & Conditions and the Privacy Policy” on the checkout page.

2 What Kind Of Information Do We Collect?

2.1 Server Log Information

When you visit this Website, it automatically logs your IP address as well as other information about your visit, including your browser version, as well as the operating system which you are using, your Internet Service Provider, location, the date and time of your website visit and the address of the website which has referred you to this Website.

Why do we collect server log information?
We have implemented technical measures on this Website to ensure that this Website is protected from malware and hackers. Although no website is 100% save, we still do our best to ensure a level of security appropriate to the risk of processing the kind of personal information that we do. Part of these technical measures involves the processing of server log information, as we need to monitor traffic on this Website, for example, in order to be able to avert user actions with malevolent or fraudulent intentions.

The legal bases for us to process such kind of personal information are the following:

• Processing is necessary for the compliance with legal obligation (article 6(1)(c) of the GDPR):
  We have a legal obligation to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing personal information. In order for us to maintain such a level of security, we have implemented technical measures which make use of server log data.
• Processing is necessary for the purposes of our legitimate interest (article 6(1)(f) of the GDPR):
  We have a legitimate interest in using server log information of this Website visitors to maintain the security of all personal information that we collect (for example, account information of our registered users), as well as of this Website and databases as a whole. Nothing less than our reputation is at risk should any of the personal information which we aim to protect be disclosed to the general public by users with malevolent or fraudulent intentions.

Retention period:
Server log information is stored for a period of 365 days.

2.2 Information You Provide Us With

(i) Contact through e-mail, chat, website forms, Social Media Pages or phone:

Information which we collect from you when you get in touch with us through e-mail, chat, website forms, Social Media Pages or phone can include:

• Name
• Address and City
• E-mail address
• Social Media accounts
• Telephone number

Why do we collect such information?
If you start a conversion with us through e-mail, chat, website forms, Social Media pages or phone, we aim to answer in a timely manner. In order for us to get in touch with you, we make use of the contact details which you have provided us with.

The legal basis for us to process such kind of personal information is the following:
Processing is necessary for the purposes of our legitimate interest (article 6(1)(f) of the GDPR): Whenever you communicate with us in any form (e-mail, telephone, chat, on social media etc.), it is our legitimate interest to answer your questions and requests in a timely manner. We need your personal information (for example, your e-mail address or telephone number) to do so.

Retention period:
The retention period of such kind of information is based on a set of criteria which we have defined. These criteria include:

• Do we have a legal obligation to continue processing your information?
• Do we have a legal basis to continue processing your information (like your consent)?
• What is the purpose why we have collected your information and is that purpose likely to exist in the future?
• What is the risk (in terms of our liability and costs) of continuing to process your information?

(ii) Signing up for an account on this Website:

Information which we collect from you when you register an account on this Website can include:

• Name
• E-mail address
• Username, password and other account-related data
• Social Media accounts (when you sign up with one of your Social Media accounts)

Why do we collect such information?
If you sign up for an account on this Website, it means that you want to get access to our (free or fee-based) products and services. We require the kind of information that we list above so that we can grant you that access (subject to our Terms of Website Use and any product- or service-related Terms and Conditions).

The legal bases for us to process such kind of personal information are the following:

• Processing is necessary for the performance of a contract (article 6(1)(b) of the GDPR): Whenever you have entered a legally binding agreement with us which is related to a product or service which requires the registration of an account, we need to ask you to provide us with the kind of personal information listed above so that we are able to fulfill the contract.
• Processing is necessary for the purposes of our legitimate interest (article 6(1)(f) of the GDPR):
  By granting you access to our free products and services, we give you access to copyrighted materials and information. It is our legitimate interest to make sure that you comply with the laws protecting our intellectual property rights, even when your account will be deleted at some point.
• You have given us your consent to process your personal information (article 6(1)(a) of the GDPR):
  When you sign up for an account with us, we actively ask for your consent to collect, process, use and store the information which you provide us with according to this Policy.

Retention period:
In general, we do not process your information for longer than required. In other words, as soon as you delete your account with us, your personal information will usually be deleted from our servers. However, where we have a legitimate interest to make sure that you comply with the laws protecting our intellectual property rights, we may store account-related information based on the following set of criteria:

• Do we have a legal obligation to continue processing your information?
• Do we have a legal basis to continue processing your information (like your consent)?
• What is the purpose why we have collected your information and is that purpose likely to exist in the future?
• What is the risk (in terms of our liability and costs) of continuing to process your information and of not continuing to do so?

(iii) Order and payment information:

When you place an order on this Website, we process the following personal information:

• Name
• Address and city
• E-mail address
• Financial data including credit card information
• Birthday
• Username, password and other account-related data
• Telephone number

Why do we collect such information?
If you place an order on this Website, we need to be able to fulfill that order and to process your payment. Please note that while we have full access to and store information related to your order, we are not able to see your payment information in full (for example, we only see the last 4 digits of your credit card number). That is because we use a payment processor to process payment information (see section 6.5 of this Policy).

The legal bases for us to process such kind of personal information are the following:

• Processing is necessary for the performance of a contract (article 6(1)(b) of the GDPR): Whenever you have entered a legally binding agreement with us, we need the kind of personal information listed above so that we are able to fulfill the contract.
• Processing is necessary for the compliance with legal obligation (article 6(1)(c) of the GDPR): We have a legal obligation to issue an invoice for anything that you have purchased from us where you are VAT registered. Because of that, we need to ask you to provide us with personal information at the checkout. Moreover, we are required by law to keep accounting records which include records of any online transactions.

Retention period:
We store such information for 7 years in compliance with the law.

(iv) Signing up for our newsletters:

When you sign up for and receive our newsletter, we process the following information:

• Name
• E-mail address
• User behaviour information

Why do we collect such information?
We need to be able to send the newsletter that you requested to your preferred e-mail address. Moreover, we want to personalize our newsletters. That is why we ask for your name too. Furthermore, we use so-called web beacons (see section 4.1 of this Policy) to track if our newsletter subscribers have opened our newsletters and if they clicked on any links. We do this because we want to improve our communication with our newsletter subscribers.

Legal basis:
The legal basis for us to process such kind of personal information is your consent (article 6(1)(a) of the GDPR), which we actively ask for when you sign up for our newsletter.

Retention period:
We only process your information for as long as you keep subscribed to our newsletter.

2.3 Information Which We Need To Comply With Legal Obligations

We may collect personal information where we are required to comply with legal obligations. Such information can include:

• Name, address and city
• E-mail address
• Financial data
• Birthday
• IP Address
• Location
• Criminal or legal data
• Telephone number
• Data on your consent to this Policy

Why do we collect such information?
We collect such information whenever we are required to do so by law. For example, we are required by law to keep track of your consent to this Policy.

Legal basis:
Processing is necessary for the compliance with legal obligation (article 6(1)(c) of the GDPR).

Retention period:
The retention period of such kind of information depends on a defined set of criteria, which include the following:

• Do we have a legal obligation to continue processing your information?
• Do we have a legal basis to continue processing your information (like your consent)?
• What is the purpose why we have collected your information and is that purpose likely to exist in the future?
• What is the risk (in terms of our liability and costs) of continuing to process your information and of not continuing to do so?

2.4 Other Information

(i) Compiling and analysing statistics:

We collect information about website visitors in order to compile and analyse statistics. Such information can include:

• Server Log Information
• Demographic information
• Location
• Visitor behaviour

Why do we collect such information?
We use aggregated data about user behavior and other data about our Website users in order to understand the visitors of this Website, where they come from, what their demographics are (for example, what is the typical age range of people visiting this Website), what they are interested in, which blog posts they find most helpful, which parts of our courses need improvement, and so forth, so that the information on this Website can become even more helpful. Such data is anonymised. We are neither able to attribute such data to a person nor do we have an interest in doing so.

Legal basis:
The legal basis for us to process such kind of personal information is your consent (article 6(1)(a) of the GDPR), which we ask for when you enter this Website. If you do not want to give us your consent or if you have changed your mind after you have given us your consent already, you can adjust the cookie settings for this session to meet your personal preferences by clicking on the button which we provide at the end of this Policy.

Retention period: 36 months

(ii) Promotional and non-promotional communication following your website visit:

We would like to stay in touch with you after you have visited and used this Website and our products and services. Because of that, we may collect the following information about you:

• Location
• Visitor behaviour

Why do we collect such information?
When people visit this Website, we analyse what they do on this Website. Such data is anonymised. We are neither able to attribute such data to a person nor do we have an interest in doing so. We analyse traffic behaviour in order to stay in touch with that traffic by means of promotional and non-promotional communication after they have left this Website. Moreover, we want to make sure that such communication is not only relevant, but also useful for you. For example, if you check out information on baby constipation, it would be pointless for you when we tell you that we run a special promotion on our baby colic course.

Legal basis:
The legal basis for us to process such kind of personal information is your consent (article 6(1)(a) of the GDPR), which we ask for when you enter this Website. If you do not want to give us your consent or if you have changed your mind after you have given us your consent already, you can adjust the cookie settings for this session to meet your personal preferences by clicking on the button which we provide at the end of this Policy.

Retention period: 12 months

3 How Do We Collect Personal Information?

• By asking you to provide us with your personal information, for example, when you place an order on this Website or when you sign up for our newsletter or for an account on this Website.
• By collecting information when you interact with us, for example online, on Social Media, via e-mail or through telephone.
• By placing cookies on your device when you access this Website from that device. Please read more about the way we use cookies in section 4 of this Policy!
• By placing cookies on your device when we use third-party services to provide certain (free or fee-based) services, such as when we offer you webinars.

4 Cookies

4.1 What Are Cookies?

This Website uses cookies and other related technologies, which are placed on the device which you are using to access this Website. These cookies are either placed by us or by third parties whose services we may use (these third parties are all listed in this Policy). Such technologies include:

(i) Cookies: Cookies are small data files which are stored by your browser which you are using to access a website. The information which is stored in such cookies may then be returned to our servers or to the servers of the third parties which are listed in this Policy.

(ii) Web beacons: Web beacons or pixel tags are small pieces of text or an image which store information about you. They are mostly used to monitor traffic and traffic behavior on a website.

(iii) Scripts: Scripts are essentially pieces of programming code which may be executed on our server, or on the device which you are using to access a website. They help to provide certain (interactive) functions on a website.

For the reasons of simplicity, we refer to all of these technologies as “cookies”.

4.2 Why Do We Use Cookies?

We use cookies to

• provide certain functions on this Website
• analyze how our website visitors are using this Website. For example, we want to know which ones of our blog posts are the most popular ones.
• personalize your experience on this Website. For example, once you have read a blogpost on this Website, we would like to make suggestions to you which other blog posts may be useful for you too.
• simplify your experience on this Website. For example, when you have added any of our products and services to the shopping cart, but now you are being interrupted and cannot finish your order, the shopping cart will remember your products and services so that you will find it easier to check-out the next time you visit this Website.
• follow up on your Website visit with personalized and relevant promotional and non-promotional communication on our and on third-party websites. For example, if we learn that you are looking for ways to help your baby with constipation, we may inform you about new ways to help your baby with constipation by means of an ad presented by Google.
• measure the effectiveness of our promotional and non-promotional communication with you. For example, if we run an online ad but we learn that no one clicks on it, then we learn that we need to improve our ad.

4.3 What Kind Of Cookies Do We Use?

(i) Functional cookies:
Such cookies allow this Website to remember the choices you have made (such as your username, language or the region you are in) and provide enhanced, more personal features. In other words, they enable us to personalize your experience on this Website by recognizing you when you return to this Website (although we cannot identify as the person you are). This way, you do not have to enter the same information again and again when you access this Website. We may place such cookies without asking for your consent.

(ii) Analytical cookies:
We use such cookies in order to improve this Website and your experience on this Website, because they allow us to learn how website visitors use this Website. Please note that data from analytical cookies is anonymized and aggregated, so it is not possible to identify you as an individual. We ask for your consent to use analytical cookies.

(iii) Targeting cookies:
We (and the third parties that we list in this Policy) use targeting cookies because they allow us to follow up on your Website visit with personalized communication (both, promotional and non-promotional). Such communication is based on your browsing habits (both on this Website and on other websites). They are also used to limit the number of times you see an advertisement as well as to help measure the effectiveness of the advertising campaign. Finally, they help us to understand the effectiveness of our marketing communication and give us insights into areas where we need to improve our communication with you. We ask for your consent to use targeting cookies.

(iv) Social Media buttons:
This Website includes buttons for Social Media like Facebook and Instagram which allow you to like, pin or share our content on these Social Media. These buttons provide such functions by using code directly from these Social Media. This code makes use of cookies. Such cookies can process and store information which allows us and other advertisers to show you personalized ads on their platforms based on your browsing habits.

Please read more about the kind of Social Media which we integrate on this Website in section 6 of this Policy.

The following is a detailed list of all cookies which we use on this Website:

4.4 Cookies Used By Third Parties

Cookies on this Website may be placed by us or by third parties, whose services we may use. Section 6 of this Policy lists all third parties whose services we may use on this Website.

Please note: Where we share your personal information with third parties, we ask for your consent first!

4.5 How Can You Restrict Our Use Of Cookies?

In general, you can adjust your browser settings on your device to either reject or restrict the use of cookies. However, please keep in mind that some functions on this Website may not be working if you do so. You can also adjust the cookie settings for this Website only, by clicking on the button that we provide at the end of this Policy!

5 Where Do We Store Your Personal Information?

Although our company is based in the United Kingdom, your (personal) information which we collect ourselves may be stored on servers outside the United Kingdom. That’s because we use a third-party service called “Siteground” to host this Website. Their servers are located in several countries across the globe, including but not limited to London (UK), Iowa (Utah), Frankfurt (Germany) and Sydney (Australia).

We have a legitimate interest in using SiteGround as a hosting provider, because we neither have the server capacities nor the technical knowledge to safely host this Website on own servers.

In addition, we may also use services from other third parties, who may store personal information. Such personal information may be collected by ourselves and then processed and stored by such third parties (for example, your e-mail address, when you sign up for our newsletter). Alternatively, such personal information may also be collected directly by third parties themselves (for example, your payment details, when you place an order on this Website). Any third-party service that we may use, which involves the collection, processing and/or storage of personal information is listed in section 6 of this Policy.

Where we share your personal information with third parties, we are committed to only work with third parties, who fulfill either one of the following criteria:

1. Third parties which are privacy-shield certified when they collect, process or store your (personal) information. The Privacy Shield is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States. You can find more information by visiting the following website: https://www.privacyshield.gov/welcome
2. And third parties who are not privacy-shield certified but who we have a written agreement with that they comply with the regulations of the General Data Protection Regulations (GDPR) by the European Union whenever they collect, process and/or store personal information.

There is only one service which we use which is neither privacy shield certified, nor do we have a written agreement with them that they comply with the regulations of the GDPR: PayPal. There is only one reason why offer PayPal to pay for our services on this Website: our customers have requested it. If you want to pay for our services using PayPal, please read chapter 6.5 in this Privacy Policy before you pay for our products and services using PayPal!

6 Who Do We Regularly Share Information With?

Please note, that we neither sell nor rent any of your personal information to third parties!

However, we may disclose some of the information collected from you to third parties, where we are required to do so by law or in response to law enforcement entities, but only to the extent permitted by law.

Moreover, we may share your personal information with third parties, when they provide services to us

• which we are not able to fulfil ourselves
• which we need to improve this Website, as well as the communication with you
• or which we need to ensure that your data is stored using appropriate safety standards.

The following is a list of third parties whose services we are regularly using and who we may share your information with:

6.1 Google

This website makes use of several online services which are provided by

Google Inc. (“Google”)
www.google.com
1600 Amphitheatre Parkway
Mountain View, CA 94043

The Google services that we use on this Website include the following:

(i) Google Analytics
This Website uses Google Analytics, which is a web analysis tool. Google Analytics makes use of cookies to compile aggregated statistics (including statistics on demographic data like age range and gender) to analyze how our site is used and what kind of people are interested in our content.

Using Google Analytics allows us to analyze website traffic. However, please note that we are not able to attribute the collected data to you as a person!

We analyze website traffic, because we want to optimize our services and efforts to create even better content for our website visitors and to improve our offers as well as our follow-up communication with you after you have visited this Website. In particular, we

• analyze which ones of our blog posts are the most popular ones (because they attract the most people and have the highest retention rate) so that we can create more posts like these.
• analyze where our website visitors come from so that we can create more content which is tailored to our target group (for example, it would be pointless to write about services offered by the NHS – the English health care system – if most of our website visitors come from the USA).
• create online marketing campaigns based on that information (for example, if we learn that most of our website visitors are female between 25 and 40, we may create tailored marketing campaigns only for this target group).
• develop better products based on that information (for example, if we see that the most popular content on this Website is related to baby constipation, we may develop courses which specifically address that issue).

(ii) Google Analytics Remarketing
This Website uses Google Analytics Remarketing in combination with the cross-device capabilities of Google AdWords. Google will associate your internet browsing history with your Google Account. By doing so, Google can show you the same personalized messages (i.e. online ads) across different devices which you are using.

However, please note that we are not able to attribute the collected data to you as a person!

We use Google Analytics Remarketing, because we would like to follow-up on your visit on this Website with personalized communication on different devices which you are using. In particular, we would like to

• suggest to you blog posts, videos, courses and other things which we think you might find useful based on the blog posts which you have read on this Website (non-promotional communication)
• follow up with special offers and promotions based on your interests (promotional communication)

(iii) Google Adwords and Google Conversion Tracking
This Website uses Google Adwords which is an online advertising service by Google. It also uses Google Conversion Tracking which provides us with statistical data on the success rate of our ads.

When you click on an ad which is served by Google, a conversion tracking cookie is stored on the device which you are using to enter this Website. If you visit certain pages on this Website, we can tell that you clicked on our ad and viewed that page.

Google can then provide us with information on conversion statistics, including information like

• how many people have clicked on our ad(s)
• how many people have been redirected to our page(s) once they clicked on our ad(s)
• how many people who have clicked on our ad(s) signed up for our courses

Please note that we are not able to attribute the collected data to you as a person!

We are using Google Adwords, because it allows us to run ads online and by doing so, reach even more people and convert them into users of this Website. For example, if you are looking for baby massage courses, we may show you an ad for our free baby massage courses in the hopes that you become an attendee of our course and that you find it helpful.

Moreover, we are using Google Conversion Tracking, because it helps us to analyze the success rate of our online campaigns. For example, it gives us statistical insights into such things like how many people have clicked on our ad and how many of those have eventually signed up for our free baby massage course. Such an event, i.e. the fact that someone has signed up for our course, is an example of a so-called “conversion”, hence the name “Conversion Tracking”.

(iv) Google Fonts
We use the service “Google Fonts” to be able to display fonts on this Website. Google Fonts requests your IP address when you access this website.

(v) Google Recaptcha
Google Recaptcha checks if a website visitor is human or a bot. It does so by actively monitoring user actions across the entire Website and returning a score which represents the probability for the user to be either human or a bot.

(vi) What does Google do with your data?
The information about how you use this Website is transmitted to and stored on servers of Google which are located all over the world. Moreover, to support the Remarketing feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotions.

Google may also transfer this information to third parties where required to do so by law or where such third parties process data on Google’s behalf. However, Google have declared that they will never associate your IP address with other data of you held by Google.

Please note that Google operates an own Privacy Policy which you can read here: https://policies.google.com/privacy?hl=en

If you want to know more about how Google uses cookies, please visit the following website: https://www.google.com/policies/technologies/ads

(vii) Google’s compliance with GDPR
Please note that since the servers of Google are located all around the world, your personal information may be transferred outside the European Economic Area (EEA), UK or Switzerland, where it is processed and stored.

However, Google have declared that they comply with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from European Union member countries and Switzerland, respectively. Google, including Google LLC and their wholly owned US subsidiaries, have certified that they adhere to the Privacy Shield Principles. You can find more information on Google’s compliance with the Privacy Shield Framework in their Privacy Policy: https://policies.google.com/privacy?hl=en

(viii) Opting out from cookies from Google
If you still want to prevent this Website from using cookies from Google, there are several options:

(1) You can disable cookies for this Website by adjusting the cookie settings for this Website. Simply click on the button that we provide at the end of this Policy to adjust the cookie settings so that they fit your personal preferences!

(2) You can adjust the cookie settings of your browser to fit your personal preferences. By telling your browser to reject cookies, you can opt out from Google’s cookies. For example, you can

• have your browser reject cookies in general
• decide on a case-by-case basis whether or not you want to accept or reject cookies

Please note that by rejecting or restricting cookies in your browser settings, you may not be able to use all of our functions on this Website!

(3) You can prevent the data generated by cookies about your use of this Website from being passed on to and processed by Google by downloading and installing the browser plugin available here: https://tools.google.com/dlpage/gaoptout?hl=en.

(4) If you do not want Google to use cookies and device identifiers (used in Google Remarketing), simply visit https://adssettings.google.com/authenticated and adjust the settings so that they fit your personal preferences.

6.2 Facebook

This Website makes use of online services which are provided by

Facebook Inc. (“Facebook”)
1601 S. California Ave
Palo Alto, CA 94304
USA

This Website uses the Facebook Pixel, which places tracking cookies on the device which you are using to enter this Website and triggers cookies based on your behavior on this Website. With its help, we can keep track of what users do after they see or click on an ad which we may run on Facebook or Instagram.

To learn more about the kind of cookies which Facebook is using, please visit https://www.facebook.com/policies/cookies!

We use the Facebook Pixel, because we want to analyze anonymous user behavior for marketing communication purposes, because we would like to follow-up on your website visit with personalized communication on different devices which you are using. In particular, we use the data which is being collected because we would like to

• suggest to you blog posts, videos, courses and other things which we think you might find useful based on the blog posts which you have read on this Website (non-promotional communication).
• follow up with special offers and promotions based on your interests (promotional communication).
• find and communicate with people with similar characteristics and interests as our website visitors in our online marketing campaigns.

Moreover, Facebook aggregates the data which the Facebook Pixel collects in order to provide us with a statistical analysis of our website visitors and their actions on this Website. For example, it tells us

• how many website visitors which have clicked on our ads eventually sign up for our online courses.
• demographics of our website visitors, including age and gender.

We use this data to improve our online marketing campaigns, including

• measuring the effectiveness of our online marketing campaigns on Facebook.
• defining new target groups based on the demographics of our website visitors.
• creating new marketing campaigns based on the typical interests of our website visitors.

Data collected in this way is anonymous to us, which means we can neither see the personal data of individual users nor can we draw any conclusions about our users’ identities.

(i) What does Facebook do with your data?
While we cannot attribute the collected data to you as a person, that data is stored and processed by Facebook (on severs which are located all around the world) and Facebook can connect that data with your Facebook and/or Instagram account. Facebook can then use it for its own advertising purposes. Moreover, it can use that data to help other advertisers reach their target group.

For example, let’s say you have visited this Website and viewed our blog posts which are related to baby constipation. Facebook may now conclude that you are interested in helping your baby with constipation, so it may show you ads from other Facebook or Instagram advertisers who are selling remedies for baby constipation.

Please note that Facebook operates an own Privacy Policy! You can find it here: https://www.facebook.com/policy.php

(ii) Facebook’s compliance with GDPR:
Please note that since the servers of Facebook are located all around the world, your personal information may be transferred outside the European Economic Area (EEA), UK or Switzerland, where it is processed and stored.

However, Facebook Inc. (“Facebook”) has declared that it has certified to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework with the US Department of Commerce regarding the collection and processing of personal data from their advertisers, customers or business partners in the European Union and, where a Swiss data controller uses Facebook as a data processor, Switzerland in connection with the products and services described under the following link: https://www.facebook.com/about/privacyshield.

(iii) How can you opt-out from Facebook tracking?
To prevent Facebook from placing any tracking cookies on your device, please visit the following website where you can adjust the settings of your Facebook account to fit your personal preferences. Please note that you will need to log into your Facebook account first to change the settings: https://www.facebook.com/ads/preferences.

Alternatively, you can disable cookies for this Website by adjusting the cookie settings for this Website. Simply click on the button that we provide at the end of this Policy to adjust the cookie settings so that they fit your personal preferences!

6.3 VooPlayer

VooPlayer is a service provided by

Zimmplify LLC (“VooPlayesr”)
d/b/a VooPlayer

3001 N. Rocky Point Dr. East, Ste. 200
Tampa FL 33607
USA

Some of our pages on this Website, and all of our courses, contain videos. Our videos are hosted by VooPlayer. VooPlayer collects data about its users (i.e. visitors and users of this Website who are watching our videos).

We are using VooPlayer, because we neither have the capacities nor can we provide the safety requirements to host our videos on our own servers. Moreover, we want to make sure that our videos are accessible to you at any time. That is why we rely on experts who have implemented the technical measures required to maintain an appropriate level of security and uptime of their servers.

(i) What kind of data does VooPlayer collect and how do they use it?

VooPlayer collects and stores usage data as well as tracking data on their web servers which may be based outside the European Economic Area Such data includes:

• Information collected through tracking technologies.
• Browser type and version.
• User’s Internet Protocol (IP) address.
• Unique identifiers set by tracking technologies to identify video players, users, and video sessions.
• If a user is accessing the VooPlayer Technology through a mobile phone, tablet, connected TV, set-top box, kiosk, virtual reality hardware, or other device: the type of device, unique device ID, device IP address, device operating system, and diagnostic data.
• Information about how a user interacts with the VooPlayer Technology, such as the date and time of a user’s visit, the videos watched, and the time spent watching those videos.
• Other aggregated information.

VooPlayer may share information which it collects with other parties, where required to do so by law or when these parties provide services to VooPlayer.

In order to learn more about what kind of data VooPlayer collects, how it is processed and what choices you have as a user, please read VooPlayer’s Privacy Policy by visiting the following website: https://blog.vooplayer.com/privacy.

(ii) VooPlayer’s compliance with GDPR

Please note that since VooPlayer is located in the USA, your personal information may be transferred outside the European Economic Area (EEA), UK or Switzerland, where it may be processed and stored.

However, we have a Data Processing Agreement with VooPlayer to make sure that VooPlayer processes information in accordance with the requirements set out by the GDPR.

(iii) How can you opt-out from cookies of VooPlayer?

If you still want to prevent VooPlayer from using cookies, you have two options:

(1) You can disable cookies for this Website by adjusting the cookie settings for this Website. Simply click on the button that we provide at the end of this Policy to adjust the cookie settings so that they fit your personal preferences! However, please note that by disabling cookies by VooPlayer, you will not be able to watch any videos on this Website.

(2) You can adjust the cookie settings of your browser to reflect your personal preferences. By telling your browser to reject cookies, you can opt out from Google’s cookies. For example, you can

• have your browser reject cookies in general
• decide on a case-by-case basis whether or not you want to accept or reject cookies

Please note that by rejecting or restricting cookies in your browser settings, you will not be able to watch any videos on this Website!

• have your browser reject cookies in general
• decide on a case-by-case basis whether or not you want to accept or reject cookies

Please note that by rejecting or restricting cookies in your browser settings, you will not be able to watch videos on this Website!

6.4 SendinBlue

This Website uses services offered by SendinBlue:

SendinBlue SAS – Politique de confidentialité (“SendinBlue”)
55, rue d’Amsterdam
75008 Paris, France

We are using SendinBlue, because they allow us to manage and organize all non-promotional (i.e. our newsletter or information that we need to send out when people have signed up for our products and services) and promotional communication (i.e. our marketing communication) with our website users and our customers via the medium e-mail. Moreover, it allows us to analyze and improve the communication with the recipients of our e-mails.

(i) How does SendinBlue process personal information?
If you sign up for our newsletter or our free or fee-based products and services, your personal information (including your name and e-mail address) will be transferred to and stored on servers of SendinBlue. The hosting servers on which SendinBlue processes and stores data are all located within the European Union, either on own servers (which are based in France), on the servers of Google Cloud (based in Belgium) or servers of Amazon Webhosting Services (located in Ireland).

When you open our e-mails that we may send to you, a web beacon (more information on web beacons in section 4.2 of this Policy) connects to the servers of SendinBlue. This allows us to determine if you have opened our e-mails and if you have clicked on any links and/or buttons. On top of that, SendinBlue collects technical information (like for example, your IP address, your browser type, the operating system which you are using, as well as the time of retrieval).

Sendinblue may share information which it collects with other parties, where required to do so by law or when these parties provide services to Sendinblue.

Please note that Sendinblue employs an own privacy policy. It can be found here: https://www.sendinblue.com/legal/privacypolicy/

(ii) SendinBlue’s Compliance with GDPR:
Please note that since SendinBlue themselves are based in the European Union, they do not need to be certified under the EU-US Privacy Shield. Moreover, where SendinBlue relies on sub-processors to provide services for SendinBlue, they have taken steps to ensure that each one of these sub-processors are compliant under the European GDPR requirements.

(iii) How can you unsubscribe from our e-mail communication?
You can unsubscribe at any time from our promotional and non-promotional e-mail communication by clicking on the unsubscribe link which you can find in our e-mails that we send to you!

Please note: if you have signed up for any of our services, like for example online courses (both free and fee-based), you may still receive e-mails from us in related important matters, although you have successfully unsubscribed from our promotional and non-promotional communication.

For example, we may let you know when we update our servers and you therefore temporarily do not have access to our services which you have paid for. If you do not want to receive any of such e-mails either, please cancel your account with us by sending an e-mail to support@careaboutlittleones.com!

6.5 Payment Providers

When you place an order on this Website you will need to make a payment for the goods or services you are ordering. In order to process your payment, we currently use two third party payment processors: Stripe and Paypal.

STRIPE:

Stripe is a payment processor which is based in the USA:

Stripe Inc. (“Stripe”)
510 Townsend St
San Francisco
CA 94103

If you do not use PayPal when you place an order on this Website, then the payment details of your credit card will be processed by Stripe who collect, use and process your information, including payment information such as credit card numbers, in accordance with their privacy policy.

You can access their privacy policy here: https://stripe.com/privacy

Please note that for reasons of safety and security, Stripe only shares part of the information which they collect with us. For example, we can only see the last 4 digits of your credit card number, however, we can see the name and the address that you have used for billing purposes so that we are able to verify that you paid for the fee-based services that you wish to use.

(i) What does Stripe do with your information?
Stripe uses the information which you provide them with (such as your name, address and credit card details) to process the payment for the order you are placing on this Website. Moreover, Stripe may share your personal information with third parties in accordance with their Privacy Policy. Finally, they may collect additional information about you based on the information you have provided them with, for example, from financial service providers, in order to prevent fraud.

(ii) Stripe’s compliance with GDPR
If you are a resident of the European Economic Area (EEA), UK and Switzerland, please note that the entity responsible for the collection and processing of your personal data is

Stripe Payments Europe ltd
1 Grand Canal Street Lower
Grand Canal Dock
Dublin, Ireland

Your information may still be transferred to and stored outside the European Economic Area in accordance with the Privacy Policy of Stripe.

However, please note that Stripe is certified under the EU-US Privacy Shield.

PAYPAL:

PayPal is a payment processor which is based in the USA:

PayPal Inc. (“Paypal”)

2211 North First Street
San Jose, California 95131

If you click on the PayPal sign during checkout, then your payment will be processed by PayPal who collect, use and process your information, including payment information such as credit card numbers, in accordance with their privacy policy.

You can access their privacy policy here: https://www.paypal.com/us/webapps/mpp/ua/privacy-full

(i) What does PayPal do with your information?
PayPal uses the information which you provide them with (such as your name, address and credit card details) to process the payment for the order you are placing on this Website. Your information may be transferred to and stored outside the European Economic Area in accordance with the Privacy Policy of PayPal. Moreover, PayPal may share your personal information with third parties in accordance with their Privacy Policy. Finally, they may collect additional information about you, for example, from financial service providers, in order to prevent fraud.

(ii) PayPal’s compliance with GDPR
Please note that to date (please find the effective date of this Policy right below the header at the top of this page!), PayPal is not certified under the EU-US Privacy Shield. In fact, we have not been able to verify that PayPal complies with the regulations of the GDPR. Because of that, we cannot recommend any of our customers from the European Economic Area, UK and Switzerland to use PayPal to pay for any products and services which they intend to order on this Website. If you still want to do so, you accept the risk that PayPal may not be GDPR compliant when it comes to handling your personal information!

We only offer PayPal as a payment processor per multiple request of our customers!

6.6 Zapier

Zapier is a service offered by

Zapier, Inc. (“Zapier”)
548 Market St. #62411.
San Francisco, CA 94104-5401.
USA

Zapier allows us to connect multiple online services which we are using and to transfer data between these services.

Example:
When you sign up for our newsletter, your e-mail address is being stored in our main database. However, we use a third-party service, called SendinBlue (see 5.4), to create and send our newsletters. Because of that, we need to transfer your e-mail address to SendinBlue. We do this by using Zapier, which allows us to connect our database with SendinBlue.

(i) What kind of data do we transfer using Zapier and what does Zapier do with it?
Any information, including personally identifiable information, which we collect may be transferred to and saved on Zapier’s servers, which are based in the United States. Zapier may share this information with other third parties, where required to do so by law or when these third parties provide services to Zapier.

Please note that Zapier employs an own privacy policy. You can find it here: https://zapier.com/privacy/

(ii) Zapier’s compliance with GDPR
Please note that Zapier is certified under the EU-US Privacy Shield. Moreover, Zapier has taken steps to ensure that each one of their sub-processors are compliant under the European GDPR requirements.

6.7 Thinkific

Thinkific is a service offered by

Thinkific Labs Inc. (“Thinkific”)
#400 – 369 Terminal Ave
Vancouver, BC
V6A 4C4

We are using Thinkific is a third-party service because they allow us to host our online courses on their website. So, whenever you access our Care About Little Ones Learning Platform (which you can see because of the altered logo on the top left corner), and, in particularl, when you access one of our online courses, you are being redirected to the website of Thinkific even though for you, it may not even look like you are leaving our website.

(i) What kind of data does Thinkific collect and what does Thinkific do with it?
When you sign up for one of our courses (both free and fee-based), Thinkific collects the information that you type in as part of the sign-up process, such as your name and e-mail address.

When you access our courses, Thinkific collects information on how you use that course. For example, they collect information on how long you have watched certain videos and if you have completed certain lessons.

Thinkific uses that data in order to provide us with analytics on how our students use our courses. This allows us to identify topics which are relevant for our users in order to create more related content.

Please note that Thinkific employs an own privacy policy. You can find it here: https://www.thinkific.com/privacy-policy/

(ii) Thinkific’s compliance with GDPR

Please note that since Thinkific is located in Canada, your personal information may be transferred outside the European Economic Area (EEA), UK or Switzerland, where it may be processed and stored.

However, we have a Data Processing Agreement with Thinkific to make sure that Thinkific processes information in accordance with the requirements set out by the GDPR.

6.8 WebinarGeek

WebinarGeek is a service offered by

WebinarGeek (“WebinarGeek”)
Chroomstraat 12
2718 RR Zoetermeer
The Netherlands

We are using WebinarGeek as a third-party service because they allow us to host our webinars on their website. So, whenever you watch one of our webinars, you use their services to access those webinars.

(i) What kind of data does WebinarGeek collect and what does WebinarGeek do with it?
When you sign up for one of our webinars, WebinarGeek collects the information that you type in as part of the sign-up process, such as your name and e-mail address.

When you watch our webinars, WebinarGeek collects information on how you watch them. For example, they collect information on how long you have watched certain webinars, if you participated in any polls, if you left a comment in the chatbox, if you asked a question during the webinar, if you finished a webinar and if you took any action during the webinar (f.e. if you downloaded our any documents that we have offered during the webinar).

WebinarGeek uses that data in order to provide us with analytics on how our students watch our webinars. This allows us to improve our communication with our webinar visitors. For example, it would be pointless to ask you if you liked our webinar handouts if you have never had the chance to download them beacuse you left the webinar early.

Please note that WebinarGeek employs an own privacy policy. You can find it here: https://www.webinargeek.com/privacy

(ii) WebinarGeek’s compliance with GDPR

Please note that WebinarGeek is located in the Netherlands. Neverheless, part of your personal information may be transferred outside the European Economic Area (EEA), UK or Switzerland, where it may be processed and stored.

However, we have a Data Processing Agreement with WebinarGeek to make sure that WebinarGeek processes information in accordance with the requirements set out by the GDPR.

6.9 Third-Party Services Which We Use To Protect This Website

We use the services offered by

Defiant, Inc. (“Defiant”)
800 5th Ave Ste 4100,
Seattle, WA 98104

Defiant provides us with technical measures to protect this Website from malware and hackers.

(i) What cookies does Defiant currently use?

1 wfwaf-authcookie-(hash)

What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.

Who gets this cookie: This is only set for users that are able to log into WordPress.

How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.

2 wf_loginalerted_(hash)

What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.

Who gets this cookie: This is only set for administrators.

How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.

3 wfCBLBypass

What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.

Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.

How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.

(ii) Defiant’s compliance with GDPR
Please note that we have a Data Processing Agreement with Defiant which certifies that Defiant processes information in accordance with the requirements set out by the GDPR.

7 Your Rights With Respect To Your Personal Information

As a resident from the European Economic Area (EEA), the UK or Switzerland, you have a number of rights under the General Data Protecting Regulations (GDPR), which you may exercise in relation to the personal information we hold about you:

These rights are:

• The right to be informed about the way we use your personal information and how long it will be retained for.
• The right to access a copy of the personal information which we hold about you.
• The right to have inaccurate personal information we hold about you corrected.
• The right to restrict the way we use your personal information.
• The right to object to the processing of your personal information.
• The right to be forgotten.
• The right of data portability.

Finally, where we rely on consent as the legal basis on which we process your personal information, you may withdraw that consent at any time.

If you wish to exercise any of these rights, please send an e-mail to privacy@careaboutlittleones.com!

Moreover, if you have a complaint about the way we handle your data, we would love to hear from you! Please send an e-mail to privacy@careaboutlittleones.com!

Finally, you also have the right to file a complaint with the relevant data protection authority in your country. The following website contains a list of relevant data protection authorities in Europe: https://edpb.europa.eu/about-edpb/board/members_en

8 What Do We Do To Protect Your Personal Information?

We take appropriate technical and organizational measures to secure your personal information and to protect it against unauthorized or unlawful use. Such measures include but are not limited to:

• Using secure servers from experts whose business model is hosting websites and who therefore have the knowhow and capacities to secure their servers.
• Employing a web application firewall to identify and block malicious website traffic.
• Using Secure Sockets Layer (SSL) software to encrypt any payment transactions you make on or via this Website.
• Using third-party services where we do not have the abilities or capacities ourselves to secure your personal information at an appropriate level of security (for example, using payment providers to process credit card information).
• Verifying the identity of users who request access to our content before we grant them access.

9 How Do We Inform About Changes In Our Privacy Policy

Whenever we make changes to our Privacy Policy which include using your personal information for a new purpose or using your personal information for a different purpose than the purposes for which we originally collected it, we will notify you about these changes via e-mail or on this Website before we start using your personal information for a new or a different purpose. Moreover, we will obtain your consent prior to using your personal information for a new or a different purpose where we are obliged to do so.

10 How To Contact Us

If you would like to exercise one of your rights as set out in this Privacy Policy, or of you have a question or a complaint about this Privacy Policy or the way we collect, process, use or store your personal information, please contact us

by e-mail to mathias@careaboutlittleones.com

or by mail to

CARE ABOUT LITTLE ONES ltd
40 Hampden House, 53 St Andrews Rd
UB10 0WF, London
United Kingdom

Alternatively, you may contact our Data Protection Officer, Mr. Mathias Ritter, directly by sending an e-mail to mathias@careaboutlittleones.com!

11 Cookie Settings For This Website

Please click on the following button to change the cookie settings for this Website, if you wish to do so!