Privacy Policy - MJPtaque

Introduction

Welcome to the Privacy Policy for MJPtaque. We respect your privacy and are committed to protecting your personal data. This policy explains how we collect, use, and safeguard information when you visit our website www.mjptaque.com. Because our site is accessible to visitors from the European Union, we adhere to the EU General Data Protection Regulation (GDPR) and other applicable data protection laws. We use clear language so you can easily understand our practices.

Key Note: We only collect a minimal amount of personal information that is submitted (like your name and email address) that you knowingly provide via our contact form. We do not require user account registration and do not allow public commenting on our site. This means we do not collect any data associated with user accounts or blog comments.

By using our website or contacting us, you acknowledge that you have read this Privacy Policy. If you do not agree with the practices described, please do not use our site. For any questions or concerns about your personal data, feel free to contact us at mjptaque@mjptaque.com.

No User Accounts or Public Comments

We do not offer any user login or account creation on our website, and we do not have commenting features on our pages or posts. As a result, we do not collect any personal information through user accounts or comment submissions. There are no profile pages, comment forms, or account settings on our site. This limits the data we collect to only what you explicitly provide (for example, via our contact form) or what is automatically collected for basic site functionality, as described below.

Personal Data We Collect

We collect personal data from you in two ways: (1) information you voluntarily provide, and (2) information collected automatically as you use our site.

Contact Form Submissions: If you choose to get in touch with us through our contact form, we will ask for your name and email address so we can respond. You will also provide whatever information you include in the message field of the form, which may include additional personal data. Providing this information is completely voluntary, and you control what details to share. We will use these details only to communicate with you about your inquiry. Please do not include sensitive personal information in your message. In addition, when you submit a contact form, our website may log your IP address and the date/time of submission. We use this information for security (for example, to prevent spam or abuse) and to help troubleshoot any technical issues.
Automatically Collected Data (Log and Usage Data): When you visit www.mjptaque.com, certain data gets collected by our web server and through your browser automatically. This includes your device’s IP address, the type of browser and operating system you are using, the pages you visit on our site, and the date and time of each page request. We do not actively use this information to identify you. It is collected primarily for legitimate interests such as ensuring site security and performance (for instance, to detect and block malicious activity) and to learn how visitors navigate our site (so we can improve the user experience). This automatically collected data is generally stored in server logs and is not linked to any specific individual unless required for security analysis. We do not collect any precise location data, sensitive personal data, or any information about your browsing on other websites.
Cookies (Basic Information): Like most websites, we use cookies to ensure our site functions properly and to provide a better browsing experience. Cookies are small text files placed on your device that help the website remember your preferences and recognize you on return visits. For example, a cookie may remember that you closed a notification banner so it doesn’t pop up again. All cookies used are generally necessary for the operation of the site or are optional analytics cookies as described in this policy. We do not use any cookies for advertising or profiling purposes. You can control or delete cookies through your browser settings at any time. However, be aware that disabling certain essential cookies may affect the functionality of our website.

How We Use Your Information

We only use your personal information for specific, limited purposes. In plain terms, we use the data we collect from you to run and improve our website and to communicate with you when you reach out. Below is a summary of the purposes for which we process your data:

To Respond to Your Inquiries: The primary use of your name, email address, and message from our contact form is to respond to you. If you ask us a question or request information, we will use your provided contact details to reply and address your needs. We will not use this information for any unrelated purpose.
To Ensure Security and Prevent Misuse: We may use automatically collected technical data (like IP addresses and browser user-agent information) and any other relevant information to protect the security of our website, our users, and our business. This includes using such data to prevent fraudulent activity, debug and fix errors, defend against cyberattacks (e.g., blocking IPs that appear malicious), and otherwise protect the integrity of our digital systems. This is a standard practice to keep the website safe for all visitors.
To Comply with Legal Obligations: In certain cases, we may need to use or disclose your information to comply with laws, regulations, or court orders. For example, if required by tax law, we might retain invoicing information; or if required by a law enforcement request, we might have to provide data that we have (though this is rare and would be assessed carefully). We will only use or share the minimum data necessary to meet our legal requirements.

We do not use your personal data for any kind of automated decision-making or profiling that produces legal or similarly significant effects on you. For example, we don't do credit scoring, behavioral profiling, or automated hiring decisions with your data.

Sharing of Personal Data

We treat your personal data with care and confidentiality. We do not sell your personal information to anyone, and we do not share it with third parties for their own independent marketing or business purposes. However, we do share certain data with trusted third parties in order to run our website and provide our services to you. In all cases, we share only the minimum information necessary and ensure it’s protected. Here are the situations in which your data may be shared:

Service Providers and Partners: We use a few third-party services to help operate our website and communicate with you. These service providers act on our behalf (as “processors” under GDPR) and are contractually obligated to keep your information secure and use it only for the specific service they provide to us. Key examples include:
Website Hosting Provider: Our website is hosted by a third-party hosting company, which means any data you submit (such as contact form details) is stored on their servers. Our host may process server logs and store data backups. We have chosen a reputable hosting provider that aintains strong security measures.
Email Service: We use standard email services to receive the messages you send through our contact form (which typically get delivered to our business email inbox at mjptaque@mjptaque.com). Thus, your inquiry and email address will pass through email servers (for example, if we use Gmail or another email host) in order for us to receive it.
Legal Compliance: We may disclose personal information to third parties (such as attorneys, courts, or law enforcement agencies) if we determine that such disclosure is necessary to:
- Comply with the law or a legal process, such as a court order or subpoena.
- Protect the rights, property, or safety of mjptaque.com, our users, or the public. For instance, if someone attempted to hack our site or threatened us with harm, we might provide information to investigators to address that risk.
- Enforce our site’s terms of use or investigate potential violations.

Aside from the purposes and third parties described above, we will not share your information with any third party. Whenever we do share data, we strive to do so in a way that either does not directly identify you (for example, sharing aggregated or anonymized usage statistics) or, if identifying data is involved, only with parties that have agreed to proper confidentiality and data protection commitments.

Lawful Basis for Processing

Under GDPR, we must have a valid legal basis to process your personal data. We ensure that each instance of data processing has a lawful ground. Depending on the context, we rely on one or more of the following bases:

Contact Form & Communications: When you contact us via our contact form or by email, we process the personal data you provide (like your name, email, and message) in order to respond to you. The lawful basis for this is our legitimate interest in communicating with you and addressing your questions or requests. In situations where applicable law interprets your submission of the form as consent, then your consent could also be the basis (you are willingly providing your information expecting a reply, which implies consent for us to use it for that purpose). We do not require an explicit “I agree” checkbox for the contact form, as contacting us is considered a voluntary request by you, and using your data to reply is within your reasonable expectations. We will not use the contact form information for any other purpose unless you give us permission.

Website Functionality & Security: For any data that is collected automatically (like IP addresses in server logs or necessary cookies), we rely on legitimate interests as our legal basis. Our legitimate interests in this context include: ensuring the security of our website, preventing fraud and malicious activity, and making sure the site works properly for users. For example, it is in our legitimate interest (and yours as a visitor) that we are able to detect and mitigate hacking attempts or spam by analyzing logs, and that we can provide a functional website that loads quickly and remembers basic preferences. These activities typically do not override your privacy rights because they are expected aspects of using any website, are minimally intrusive, and are necessary for the service to work.

Legal Obligations: Sometimes we might need to process or retain certain personal data to comply with a legal obligation (for example, bookkeeping laws, or compliance with a court order). In those cases, the lawful basis is compliance with a legal obligation. We will clearly state when this applies (usually in rare scenarios, not in the ordinary operation of the site).

If we ever need to process your personal data for a purpose that is different from the ones listed in this policy, we will only do so if we have a lawful basis to cover it, and we will inform you about the new purpose and basis. Generally, you will find that consent and legitimate interest are the primary grounds for our data processing on this site, with consent used for anything optional or marketing-related, and legitimate interests for routine website operations.

Data Retention

We keep your personal data only for as long as necessary to fulfill the purposes we collected it for, including for satisfying any legal, accounting, or reporting requirements. Different types of data may have different retention periods, which we outline below:

Contact Form Submissions: When you send us a message via the contact form (or directly by email), we will retain that communication and your contact details for as long as needed to respond to you and handle your request. After we have resolved your inquiry or provided the requested service, we do not indefinitely keep your personal information. Typically, we may retain contact form entries for approximately [TIME PERIOD] (for example, 6 months to 1 year) in our email system or databases. This allows us to refer back to previous communications if you contact us again, and to have a record in case of any follow-up issues. After that period, we regularly review and delete old inquiries that are no longer needed. In some cases, we might need to keep a particular correspondence for a longer time – for instance, if your inquiry leads to further business dealings or if needed for legal reasons – but we will not keep communications for longer than necessary. All retained communications remain confidential and are accessible only to authorized personnel.
Server Logs: Our web server logs, which may include visitors’ IP addresses and visit timestamps, are generally retained for a short duration by our hosting provider. This could be a few weeks or months (commonly 2-4 weeks) as a rolling log for debugging and security. We do not store these logs long-term unless needed for investigation of security incidents. When logs are rotated or older entries are removed, they are securely deleted.
Legal and Backup Retention: We maintain backups of our website data which might incidentally include personal data (for example, a backup copy of our database that contains contact form entries). These backups are kept securely and are typically retained for a limited time (such as a few months) before being overwritten or deleted, unless they need to be retained longer for disaster recovery purposes. If a specific piece of data is required to be kept for legal compliance or to resolve disputes, we will retain it for the period required by law (for example, records of transactions may be kept for several years as required by financial regulations).

After the applicable retention period has elapsed, or upon your valid request to delete your data (see Your GDPR Rights below), we will ensure that your personal data is either safely deleted, anonymized (so it’s no longer associated with you), or securely archived (when required for legal reasons). We take care to prevent any unintended use of data after its retention period ends.

Data Security

We take data security seriously and have implemented measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. While no website or electronic system can ever be 100% secure, we strive to follow best practices to safeguard your data. Here are some of the security steps we take:

Encrypted Connections: Our website uses HTTPS encryption (SSL/TLS) on all pages. This means that any data transmitted between your browser and our website (for example, the information you enter into the contact form) is encrypted in transit and cannot be easily intercepted by third parties.
Secure Hosting: [BUSINESS NAME] is hosted with a reputable hosting provider that provides security features such as firewalls, intrusion detection, and regular security updates. Our servers are located in secure data centers with controlled access. We ensure that our content management system (e.g., WordPress) and any plugins or software are kept up-to-date to patch security vulnerabilities.
Access Controls: The personal data we store (such as contact form entries or mailing list information) is accessible only to authorized individuals who need to use it for the purposes described in this policy (for example, our customer support or management team). We limit access to databases and accounts through secure passwords and, where possible, two-factor authentication. Our team is educated about the importance of confidentiality and we treat user data with care.
Third-Party Security: When we use third-party service providers (like email services, hosting, Google Analytics, Mailchimp, etc.), we choose companies that are reputable and have strong security practices. We also have agreements in place (such as Data Processing Addendums) that require these providers to protect your data according to strict standards. For example, Mailchimp and Google both maintain robust security certifications and compliance measures.
Monitoring and Prevention: We monitor our website for potential vulnerabilities and attacks. For instance, we may use security plugins or services that scan for malware or unauthorized access attempts. If we detect any security issue (like a data breach or hack attempt), we act promptly to contain and investigate it. In the unlikely event of a data breach involving your personal data, we will notify you and the appropriate authorities as required by law.

Despite all these efforts, it's important to understand that no method of electronic transmission or storage is foolproof. We cannot guarantee absolute security of information. For example, email communications with us might traverse third-party networks that we don’t control. However, we continually update and improve our security measures to meet or exceed industry standards.

Your Responsibility: To help keep your data secure, we encourage you to also take precautions. When you communicate with us, ensure you’re using a secure network. If we ever give you access to any resource (though we currently don’t have user accounts), keep your access credentials private. If you suspect any unauthorized access to your personal data related to mjptaque.com, please notify us immediately at mjptaque@mjptaque.com so we can investigate.

International Data Transfers

mjptaque.com is headquartered in Switzerland, and our website is operated from Switzerland. However, the nature of the internet and the services we use may involve transferring your personal data across international borders, including outside the European Economic Area (EEA). We want to be transparent about how and where your data may be transferred and the safeguards we use in such cases:

Visitors from the EU/EEA: If you are accessing our site from within the EU/EEA, please be aware that the personal information you provide (or that we collect, such as via cookies) will likely be transferred to and processed in countries outside of the EEA. In particular, Switzerland (our base of operations) may not be your home country, and we also use service providers in the United States and possibly other countries. For example, data collected by Google Analytics or handled by Mailchimp will be transferred to the United States for processing by those companies. The U.S. is considered a jurisdiction that does not have the same level of data protection laws as the EU, but we take steps to ensure any transfers have adequate safeguards.

Adequacy and Safeguards: Whenever we transfer personal data from the EU/EEA to a country that the European Commission has not deemed to have “adequate” data protection (such as the U.S.), we ensure one or more of the following safeguards are in place:

Standard Contractual Clauses (SCCs): We have agreements in place with our service providers (like Mailchimp and potentially Google) that incorporate the European Commission’s Standard Contractual Clauses. SCCs are legal contracts that oblige the recipient of the data to protect it to EU standards, even outside the EU.

EU-U.S. Data Privacy Framework: Some of our U.S. service providers might be certified under the new EU-U.S. Data Privacy Framework (or were previously under Privacy Shield). This framework (as of 2023/2024) is an arrangement recognized by the EU that allows compliant companies to receive EU personal data under certain protections. For instance, Google has committed to comply with the EU-U.S. framework for relevant services.

Your Consent: In some cases, we may rely on your explicit consent for a transfer. For example, if you subscribe to a newsletter knowing we use a U.S.-based email service, you are consenting to that transfer. We will always inform you and obtain consent where required.

Necessary for Contract: If you, as an EU user, are requesting a service from us that inherently requires your data to be sent to Switzerland (where we operate) or another country (like to send you an email via an email server abroad), that action might be considered necessary for the performance of the contract between you and us, or to implement pre-contractual measures at your request, which is another permissible basis for transfer.

Information for Non-EU Users: If you are visiting from a country outside the EU/EEA, your data will likely be transferred to and stored in Switzerland (and possibly in the U.S. due to our use of certain providers). Many countries have their own data protection laws. We will apply the same level of care and security to your information as described in this policy, regardless of where you are located.

We understand that international transfers can sound concerning due to differing laws. Rest assured, we evaluate the data protection standards of each country and each service provider we use. Our goal is to ensure that your personal data remains protected to the high standard of GDPR no matter where it is processed. If you want more information about our international data transfer practices or the specific safeguards in place, please contact us at mjptaque@mjptaque.com.

Third-Party Links

Our website may contain links to external websites or services that are not operated by mjptaque.com. For example, we might link to our social media profiles (such as Facebook, Twitter, LinkedIn) or to resources/articles on other sites that we think could be helpful. Please be aware that this Privacy Policy applies solely to our website www.mjptaque.com and the services we control. Once you click a third-party link and leave our site, we have no control over how that third party collects or uses your data.

We encourage you to read the privacy policies of any other websites you visit through links on our site. We are not responsible for the content, security, or privacy practices of external sites. If you have any concerns about another site linked on our page, please review that site’s terms and policies or contact its owners.

That being said, we aim to only provide links to reputable and safe websites. If you find any link on our site that you believe is problematic or leads to inappropriate content, feel free to notify us so we can review it.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, ensure ongoing compliance with relevant laws, or for other operational, legal, or regulatory reasons. When we make changes, we will post the updated policy on this page and update the “Last updated” date at the top. If the changes are significant, we may also provide a more prominent notice (such as a banner on our website or an email notification, if appropriate).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website after any changes to this policy constitutes acceptance of those changes. If you do not agree with the changes, you should discontinue use of the site and can always contact us with any concerns.

Historical versions of this policy can be requested from us if you’re interested in seeing how it has changed over time.

Contact Us

mjptaque.com is the “data controller” responsible for the processing of your personal data as described in this policy (in other words, we are the main organization that decides how and why your data is used on www.mjptaque.com).

If you have any questions, comments, or requests regarding this Privacy Policy or your personal data, please reach out to us. We are here to help and address any concerns you might have.

Email: You can contact us by email at mjptaque@mjptaque.com. This is the fastest way to get a response. We check this email regularly and will do our best to reply promptly.

Contact Form: If our website offers a contact form, you may send us a message through that form (which essentially sends us an email). We treat those submissions the same as direct emails.

We value your privacy and will gladly answer any questions or concerns you have about how we handle your data. If you need to exercise any of your rights (as outlined in the Your GDPR Rights section above), please contact us at mjptaque@mjptaque.com with your request.

Thank you for reading our Privacy Policy. We appreciate the trust you place in us when you provide your information, and we are committed to honoring that trust by treating your data with care and respect.