Rev. April 4, 2020
General Data Protection Regulation (GDPR)
We are a Data Controller of your information.
- CORR Concepts needs to perform a contract with you
- You have given CORR Concepts permission to do so
- Processing your personal information is in CORR Concepts legitimate interests
- CORR Concepts needs to comply with the law
Types of Personal Information that may be collected, either by you providing it directly to CORR Concepts or through third-party platforms like social media accounts, include but are not limited to:
- First and last names
- Email address
- Phone number
- Location (city, state and/or country)
- Email or messages sent directly to CORR Concepts
This Personal Information may be used so that CORR Concepts may continue correspondence with its followers and provide better online content, products and services through, but not limited to, the following: email group lists, newsletter lists, or future product or service offering lists.
Outside the European Economic Area (EEA)
If you are outside of the EEA and enter your information to receive a freebie, make a purchase, respond to survey, register for a free training, or participate in a webinar, then we will automatically enroll you to receive our newsletter and updates.
If you do not wish to receive any communications from us, you can opt out by clicking on the unsubscribe link located at the bottom of the emails.
Within the European Economic Area (EEA)
If you are in the EEA and opt to receive a freebie or participate in a free training, register for a webinar or live event, or purchase a product, your email address will not be added to the email list to receive our newsletter and updates unless you affirmatively consent to it.
If you change your mind at any point and do not want to receive electronic communication, simply unsubscribe. If you have trouble unsubscribing by clicking the link at the bottom of the email, simply email us at [email protected] and request to be unsubscribed from future emails.
As someone who resides in the EEA, you are entitled to exercise certain rights that you are given under the General Data Protection Regulation (GDPR).
Any information or data that you chose to provide us will be kept with CORR Concepts until one of these happens: (1) you ask CORR Concepts to DELETE the information and/or data; (2) CORR Concepts decides to STOP USING the existing data processors, or (3) CORR Concepts decides that the cost of retaining the data outweighs the value in retaining it.
As a consumer and/or visitor on our Site who is located in the EEA, you have the right to request access to your data that CORR Concepts collected on you and stores it.
You are within your rights to demand to know exactly what data and information CORR Concepts has collected on you. Keep in mind that some parts of this data was provided by you personally, while others were gathered through cookies and pixels.
You have the right to withdraw consent on a data that you previously gave us consent to collect and process. The right to withdraw consent applies to any future processing of that data. However, any data that has been collected and processed previously based on valid consent is lawful and not subject to liability based on any legal grounds.
You also have the right to request erasure of your data and all your information from CORR Concepts’ data storage. Once you request that your data be erased from CORR Concepts’ databases, we have thirty (30) days to comply with your request. If it’s impossible to comply within 30 days, then CORR Concepts will respond to the Visitor’s request and let them know about the issue and also give them a reasonable time as to when their request for deletion will be honored.
Aside from rights such as request to access, request to delete and rectify, an EEA user also has the right to place restrictions on the data processing itself. This means a user can limit certain things that CORR Concepts can and cannot do with their data. You can choose to limit transfer of your data to third-party businesses (unless it’s essential for CORR Concepts’ basic functions).
You further have the right to file a complaint with a supervisory authority who oversees and handles issues related to the GDPR.
Lastly, it is CORR Concepts’ duty to inform you that we only require information that is reasonably necessary to enter into a contract with you. We do not collect any unnecessary data, and any information we acquire is used for legitimate business purposes such as growing and scaling our business or being able to provide satisfactory customer service to you and other users.
Please know that CORR Concepts does not, and will not, sell user Personal Information at any time.
Brazilian Data Protection Law (LGPD)
The Brazilian Data Protection Law (LGPD), which is derived from its Portuguese name. The LGPD is Brazil’s law on online privacy requirements and certain rights and privileges given to data subjects.
Under the LGPD, “processing” is defined as collection, production, reproduction, transmission, receipt, use, classification, filing, storage, control or evaluation of data, deletion, dissemination, extraction, modification, and communication. The LGPD applies to “personal data” that is defined as any information related to an identified or identifiable natural person. Moreover, sensitive data such as political opinion, racial or ethnic origin, religion, health, sex and more as they relate to a natural person.
Under the LGDP, the data subjects are given the following rights relating to their personal data:
- Awareness and confirmation of the existence of data processing;
- Anonymization or pseudonymization or removal of pieces of data that have been collected or processed without compliance with the LGPD;
- Access to personal data;
- Correction of inaccurate data;
- Right to request deletion;
- Right to revocation of consent;
- Right to request disclosure of any third parties with whom personal data is shared;
- Access to the customer policy information and consent revocation terms and conditions.
The data subject has the right to exercise these rights with our business, CORR Concepts anytime free of charge.
As a business, we can only process personal data if there are any legal basis for processing that data. The LGPD provides approximately ten (10) legal basis for processing data. The ten grounds are:
- The data subject gives express consent to process the data.
- Data processing is necessary to comply with a legal obligation.
- Processing is essential to protect the life or physical safety of the data subject or another third party.
- Necessary to execute a contract or contract related procedures that the data subject is a party of at the request of the data subject.
- Necessary to process to fulfill the legitimate interests of the controller or of the third-party, except when data subject’s fundamental rights prevail.
- Necessary to process in order to protect credit (refers to a credit score).
- You need to process to protect the health in relation to activities of health professionals or health entities.
- Necessary to process to carry out studies by research entities that ensure, when possible, the anonymization of personal data.
- Necessary to process to exercise rights in judicial, arbitration and administrative procedures.
- Necessary to process to execute public policies provided in laws or regulations, or those that are based on contracts, policies, agreements or similar binding instruments.
CORR Concepts mostly uses legal basis #1 and #5 above, which are that the data subject gives express consent to process the data, and that processing is necessary to fulfill the legitimate interests of the controller or of the third-party, except when data subject’s fundamental rights prevail to process personal and sensitive data collected from you.
Please know that CORR Concepts does not, and will not, sell user Personal Information at any time.
CORR Concepts follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
Cookies and Web Beacons
Like any other website, CORR Concepts uses ‘cookies’. These cookies are used to store information including visitors’ preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users’ experience by customizing our web page content based on visitors’ browser type and/or other information.
Google DoubleClick DART Cookie
Affiliate and Advertising Partners
- Google: https://policies.google.com/technologies/partner-sites
- CJ Affiliates: https://junction.cj.com/article/cj-affiliates-approach-general-data-protection-regulation-gdpr
- Amazon.com Associates: https://www.websitepolicies.com/blog/amazon-affiliate-disclaimer-privacy-requirements
- Fiverr Affiliates: https://www.fiverr.com/privacy-policy
- HotelsCombined.com: https://www.hotelscombined.com/AboutUs/Privacy
- VigLink (Sovrn): https://www.sovrn.com/privacy-policy/
- Skimlinks: https://skimlinks.com/privacy-policies/
- Awin: https://www.awin.com/gb/legal/privacy-policy-gb
- ShareASale: https://www.awin.com/us/privacy
- Rakuten Affiliate Network https://rakutenadvertising.com/legal-notices/website-privacy-policy/
- SiteGround: https://www.siteground.com/privacy.htm
- Tailwind: https://www.tailwindapp.com/about/privacy
Should any other ads through other third-parties or affiliate programs, be placed on this CORR Travel blog site, please be advised:
- Clicks on all ads, including Google ads, must result from genuine user interest. Any method that artificially generates clicks or impressions on any posted ads, including Google ads, is strictly prohibited. These prohibited methods include, but are not limited to, repeated manual clicks or impressions, automated click and impression generating tools and the use of robots or deceptive software.
- By clicking on any ads on this site you acknowledge you do so of your own accord and are not asked to do so, for any reason, by CORR Travel.
- You acknowledge that you do not receive any compensation from CORR Travel in any way shape or form by clicking on any ads placed on this CORR Travel site.
- Third parties may be placing and reading cookies on your users’ browsers, or using web beacons to collect information as a result of ad serving on your website.
- This CORR Travel site does not pass any information to Google or other third-party ad or affiliate ad program that Google or said other ad programs could use or recognize as personally identifiable information; or that permanently identifies a particular device (such as a mobile phone’s unique device identifier if such an identifier cannot be reset).
- Any data collection, sharing and usage that takes place on this CORR Travel site has already been noted. For more information on Google, please see How Google uses data when you use our partners’ sites or apps.
- Google’s use of advertising cookies enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.
Note that CORR Concepts has no access to or control over these cookies that are used by third-party advertisers.
Third Party Privacy Policies
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites. What Are Cookies?
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
CORR Concepts does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
California users’ Privacy Rights*
*Effective January 1, 2020, the CCPA was created as consumer rights for California residents.
Any user or visitor of CORR Concepts who is a California resident, or resides temporarily in California, has additional rights afforded to them under the California Consumer Privacy Act (CCPA).
For more details about the Personal Information collected or how it is used by CORR Concepts, please refer to the “General Data Protection Regulation (GDPR)”section as this also applies to users in California. Again, please know that CORR Concepts does “sell” (as defined in the CCPA) the Personal Information of its users.
The CCPA gives California consumers various rights with respect to the personal information we collect, including the right to (subject to certain limitations):
- Request to access the Personal Information CORR Concepts has about you; and
- Request that your Personal Information be deleted in its entirety by CORR Concepts.
California users may make such requests by contacting CORR Concepts at [email protected]