PRIVACY AND COOKIE POLICY

Last updated: 6 February 2021

 

This Policy explains in detail how we collect, use and disclose your personal data. Please read this document carefully before submitting any personal data to us. 

 

1. GENERAL INFORMATION

1.1 About the Policy. This Privacy and Cookie Policy (the “Policy”) governs the processing of personal data collected from natural persons (“you” and “your”) through the website https://www.shaunrabah.com (the “Website”) owned and operated by Shaun Rabah based in the United Sates (“we”, “us”, or “our”). We act in the capacity of a data controller with regard to the personal data collected through the Website. The Policy does not cover any third-party websites, applications, software, products or services. 

1.2 Minors. The Website is not intended for use by children (i.e., persons who are minors in their country of residence). Therefore, we do not knowingly collect minors’ personal data. If you, as a parent or a legal guardian of a child, become aware that the child has submitted his/her personal data to us, please contact us immediately. We will delete your child’s personal data from our systems without undue delay.  

1.3 Term and termination. This Policy enters into force on the effective date indicated at the top of the Policy and remains valid until terminated or updated by us.

1.4 Amendments. The Policy may be changed from time to time to address the changes in laws, regulations, and industry standards. We encourage you to review our Policy to stay informed. For significant material changes in the Policy or, where required by the applicable law, we may seek your consent.

 

2. WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT PURPOSES DO WE USE IT? 

2.1 We respect data minimisation principles. Thus, we collect only a minimal amount of personal data through The Website that is necessary to ensure the proper provision of the Website as described below. We use your personal data for limited, specified and legitimate purposes explicitly mentioned in this Policy. We do not use your personal data for any purposes that are different from the purposes for which it was provided. 

• • Inquiries. When you contact us by email at info@shaunrabah.com or using the contact form available on the Website, we collect your name, email address, and any information that you decide to include in your message. We use such data to respond to your inquiries. The legal bases on which we rely are ‘pursuing our legitimate business interests’ (i.e., to grow and promote our business) and ‘your consent’ (for optional personal data). 

  • IP address. When you visit and browse the Website, we or our third-party analytics service provider (as explained in section 3 below) collect your IP address. We use your IP address to analyse the technical aspects of your use of the Website, prevent fraud and abuse of the Website, ensure the security of the Website, and tailor the Website for your location. The legal basis on which we rely when processing your IP address is ‘pursuing our legitimate business interests’ (i.e., to analyse and protect the Website).

  • Cookies. When you browse the Website, we collect your cookie-related data. For more information about the purposes for which we use cookies, please refer to section  9 “Cookies”. The legal bases on which we rely are ‘pursuing our legitimate business interests’ (i.e., to analyse and promote our business) and ‘your consent’.   

2.2 The videos and other files that you submit. When you participate in our project by submitting a video featuring yourself, that video file may contain your image. Please note that we ask you to film your mouth only - we not intend to have a video featuring your face that would make it possible to identify you. In addition to the video that you submit we ask you to provide us information about your faith/religion, nationality, age, gender, and any other information that you decide, at your sole discretion, to submit. We use such data for creating and maintaining the project only. We will not disclose or share that data to any third parties. 

2.3 Sensitive data. We do not collect or have access to any special categories of personal data (“sensitive data”) from you, unless (i) you specify your religion when submitting a video as explained in section 2.2 or (ii) you decide, at your own discretion, to provide such data to us. Sensitive data is information that relates to your health, genetics, biometrics, religious and political beliefs, racial origins, membership of a professional or trade association, sex life, or sexual orientation. 

2.4 Refusal to provide personal data. If you refuse to provide us with your personal data when we ask to, we may not be able to perform the requested operation and you may not be able to use the full functionality of the Website or get our response. Please contact us immediately if you think that any personal data that we collect is excessive or not necessary for the intended purpose.  

2.5 Sources of personal data. We obtain your personal data from the following categories of sources:

• Directly from you. For example, if you send your enquiry to us.

• Directly or indirectly through your activity on the Website. When you use the Website, we automatically collect technical information about your use of the Website.

• From third parties. We may receive information about your from third parties to whom you have previously provided your personal data (e.g., social media service providers),  if those third parties have a lawful basis for disclosing your personal data to us.

 

3. WHAT TECHNICAL (NON-PERSONAL) DATA DO WE COLLECT?

3.1 Log files and analytics data. In order to analyse your use of the Website, our analytics service provider Google Analytics automatically collects certain technical non-personal data about your use of the Website. Such data does not allow us us to identify you as an individual person in any manner. The non-personal data includes the following information: 

• Your activity on the Website (e.g., what functionalities you use, how much time you spend on the Website, how long it takes for the Website to load and process your requests, and what errors occur);

• Your device type;

• The operating system of your device;

• Your browser type;

• URL addresses that you visit; and

• Your other online behaviour.

3.2 Your feedback. If you contact us, we may keep records of any questions, complaints, recommendations, or compliments made by you and any subsequent responses. Where reasonably possible, we remove all personal data that is not necessary for keeping such records. 

3.3 Purposes of technical (non-personal) data. We use your technical (non-personal) data for the following purposes:

• To analyse what kind of users visit the Website;

• To examine the relevance, popularity, and engagement rate of the Website; 

• To investigate and help prevent bugs, security issues and abuse; 

• To develop and provide additional features to the Website; and

• To personalise the Website for your specific technical needs (e.g., to adjust the design and resolution for your device). 

3.4 Aggregated and de-identified data. If we combine your non-personal data with certain elements of your personal data and such a combination allows us to identify you as a natural person, we will handle such aggregated data as personal data. If your personal data is de-identified in a way that it can no longer be associated with a natural person, it will not be considered personal data and we may use it for any business purpose.

 

4. HOW DO WE COMMUNICATE WITH YOU?

4.1 Newsletters. If we have your email address, we may, from time to time, send you a newsletter informing you about the latest developments related to the Website and our special offers. You will receive our newsletters in the following instances:

• If we receive your express (“opt-in”) consent to receive marketing messages;

• If you voluntarily subscribe for our newsletter; or

• If we decide to send you information closely related to services already used by you.

4.2 Opting-out. You can opt-out from receiving our commercial communication at any time free of charge by clicking on the “unsubscribe” link included in our newsletters, adjusting the settings of your user account, or by contacting us directly.

4.3 Tracking pixels. The newsletters sent by us may contain tracking pixels that allow us to conduct analysis of our marketing campaigns. Tracking pixels allow us to see whether you opened the newsletter and what links you have clicked on. We use such information to conduct analytics and pursue our legitimate business interests. 

 

5. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

5.1 Retention of personal data. Your personal dat is stored in our systems only for as long as such personal data is required for the purposes described in this Policy or until you request us to delete your personal data, whichever comes first. After your personal data is no longer necessary for its primary purposes and we do not have another legal basis for storing it, we securely delete your personal data from our systems.

5.2 Retention of technical (non-personal) data. We retain non-personal data pertaining to you for as long as necessary for the purposes described in this Policy. For example, we can store it for the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.

5.3 Retention as required by law. In certain cases, we are required by law to store your personal data for certain period of time (e.g., for business records or accountancy purposes). Thus, we keep your personal data for the time period stipulated by the applicable law and securely delete it as soon as the required storage period expires.

 

6. HOW DO WE SHARE AND DISCLOSE YOUR DATA?

6.1 Disclosure to data processors. From time to time, your personal data is disclosed to our service providers with whom we cooperate (our data processors). For example, we share your personal and non-personal data with entities that provide certain technical support services to us, such as hosting and email distribution services. We do not sell your personal data to third parties. The disclosure is limited to the situations when your personal data is required for the following purposes:

• Ensuring the proper operation of the Website;

• Providing you with the requested information;

• Pursuing our legitimate business interests;

• Enforcing our rights, preventing fraud, and security purposes; or

• If you provide your prior consent to such a disclosure. 

6.2 List of our data processors. We use a limited number of data processors. We choose them only if they agree to ensure an adequate level of protection of your personal data that is consistent with this Policy and the applicable data protection laws. The data processors that have access to your personal data are: 

• Our hosting service provider Wix located in Israel;

• Our analytics service provider Google Analytics located in the United States; and

• Our independent contractors and consultants.

6.3 Disclosure of technical (non-personal) data. Your technical (non-personal) data may be disclosed to third parties for any purpose. For example, we may share it with prospects or partners for business or research purposes, for improving the Website, responding to lawful requests from public authorities or developing new products and services. 

6.4 Legal requests. If we are contacted by a public authority, we may need to disclose information about you to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.

6.5 Successors. In case the Website is sold partly or fully, we will provide your personal data to a purchaser or successor entity and request the successor to handle your personal data in line with this Policy. We will notify you of any changes of the data controller. 

6.6 Selling personal data. We do not directly sell your personal data to third parties. However, some of your personal data, including online identifiers (e.g., cookie-generated data and IP addresses) may be used for advertising, marketing, and monetisation purposes (e.g., programmatic advertising, retargeting, third-party marketing, profiling, or cross-device tracking). To make sure that you have full transparency and control over your personal data, we provide you with a possibility to manage your personal data used for such purposes as described in section 9 “Cookies”.

6.7 International transfers. Some of our data processors listed above are located outside the country in which you reside. For example, if you reside in the European Economic Area (EEA), we may need to transfer your personal data to jurisdictions outside the EEA. In case it is necessary to make such a transfer, we will make sure that the jurisdiction in which the recipient third party is located guarantees an adequate level of protection for your personal data or we conclude a data processing agreement with the respective third party that ensures such protection. We will not transfer your personal data internationally if no appropriate level of protection can be granted.

 

7. HOW DO WE PROTECT YOUR PERSONAL DATA?

7.1 Our security measures. We implement organisational and technical information security measures to protect your personal data from loss, misuse, unauthorised access, and disclosure. The security measures taken by us include SSL protocol, strong passwords, anonymisation of personal data (when possible), and carefully selected data processors.

7.2 Security breaches. Although we put our best efforts to protect your personal data, given the nature of communications and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data that was caused by circumstances that are beyond our reasonable control. In case a serious breach occurs, we will take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breach will be limited to the highest extent permitted by the applicable law. 

 

8. WHAT RIGHTS DO YOU HAVE WITH REGARD TO YOUR PERSONAL DATA?

8.1 The list of your rights. You can exercise your rights listed below, unless, in very limited cases, the applicable law provides otherwise:

• • Right of access: you can get a copy of your personal data that we store in our systems and a list of purposes for which your personal data is processed;

  • Right to rectification: you can rectify inaccurate personal data that we hold about you;

  • Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data from our systems;

  • Right to restriction: you can ask us to restrict the processing of your personal data;

  • Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format and move that personal data to another processor;

  • Right to object: you can ask us to stop processing your personal data;

  • Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or

  • Right to complaint: you can submit your complaint regarding our processing of your personal data.

8.2 How to exercise your rights? If you would like to exercise any of your rights, please contact us by email at info@shaunrabah.com and explain your request in detail. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information that allows us to identify you in our system. We will answer your request within a reasonable time frame but no later than 30 days.

8.3 Complaints. If you would like to launch a complaint about the way in which we process your personal data, we kindly ask you to contact us first and express your concerns. If we receive your complaint, we will investigate it and provide you with our response as soon as possible. If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.

8.4 Non-discrimination. We do not discriminate you if you decide to exercise your rights. It means that we will not (i) deny any goods and services, (ii) charge you different prices, (iii) deny any discounts or benefits, (iv) impose penalties, or (v) provide you with a lower quality services.

 

9. COOKIES

9.1 About cookies. A cookie is a small piece of data typically consisting of letters and numbers. When you visit a website, the website may send a cookie to your browser. Subsequently, the browser may store the cookie on your computer or mobile device for certain period of time. Cookies are designed to allow the recognition of your device and collection of certain information about your use of a website. Thus, over time, cookies allow websites to “remember” your actions and preferences. There are several types of cookies, namely, (i) persistent cookies, which remain valid until deleted by you, (ii) cookies that remain valid until their expiration date, and (iii) session cookies that are stored on a web browser and remain valid until the moment the browser is closed. Cookies may also be (i) first-party cookies (set by the website itself) and (ii) third-party cookies (placed by third-party websites).

9.2 The cookie that we use. We may use different types of cookies on the Website, including: 

• Essential technical (strictly necessary) cookies that are essential to ensure the correct functioning of the Website and to provide the services requested by you; 

• Analytics cookies that allow us to create, implement, and examine our marketing campaigns. Such cookies allow us to reach the right customers, and analyse the productivity of our marketing campaigns; and

• Statistics cookies that allow us to generate statistical reports about how you use the Website.

Below, you can find a list of cookies that we use on the Website, including their purpose and expiration time:

Essential technical cookies

Name

Type

Provider

Expiration

Purpose

XSRF-TOKEN 

First-party HTTP cookie

https://www.shaunrabah.com

1 day

The cookie ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the Website and visitor.

hs

First-party HTTP cookie

https://www.shaunrabah.com

End of session

The cookie is used to prevent cross-site request forgery and ensure the security of the Website. 

ssr-caching

First-party HTTP cookie

https://www.shaunrabah.com

1 day

This cookie is necessary for the cache function to optimize the response time between you and the Website.

bSession

First-party HTTP cookie

https://www.shaunrabah.com

1 day

This cookie is used to register which server-cluster is serving you. This is used in context with load balancing, in order to optimize your experience. 

Preference cookies

Name

Type

Provider

Expiration

Purpose

yt-player-bandaid-host 

yt-player-bandwidth 

Third-party HTML cookie

YouTube.com 

Persistent

The cookie is used to determine the optimal video quality based on your device and video settings.

 

 

 

 

 

Analytics cookies

Name

Type

Provider

Expiration

Purpose

svSession

First-party HTML cookie

https://www.shaunrabah.com

2 years

The cookie is used to track you across all wix.com sites in order to make advertisements more relevant for you.

Statistics cookies

Name

Type

Provider

Expiration

Purpose

_ga

First-party HTTP cookie

https://www.shaunrabah.com

2 years

The cookie is used to register your unique ID to generate statistical data on how you use the Website.

_gat

First-party HTTP cookie

https://www.shaunrabah.com

1 day

The cookie is used by Google Analytics to throttle your request rate.

_gid

First-party HTTP cookie

https://www.shaunrabah.com

1 day

The cookie is used to register your unique ID to generate statistical data on how you use the Website.

fedops.logger.sessionId 

First-party HTML cookie

https://www.shaunrabah.com

Persistent

The cookie is used to register statistical data on your behaviour on the website. It is used for internal analytics by the website.

yt-player-headers-readable 

Third-party HTML cookie

YouTube.com 

Persistent

The cookie is used to determine the optimal video quality based on your device and video settings.

Marketing cookies

Name

Type

Provider

Expiration

Purpose

ads/ga-audiences 

 

Third-party Pixel cookie

google.com

End of session

The cookie is used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor 's online behaviour across websites. 

IDE

Third-party HTTP cookie

doubleclick.net 

1 year

The cookie is used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user. 

test_cookie 

 

Third-party HTTP cookie

doubleclick.net 

1 day

The cookie is used to check if your browser supports cookies.

VISITOR_INFO1_LIVE 

Third-party HTTP cookie

YouTube.com 

179 days

The cookie tries to estimate your bandwidth on pages with integrated YouTube videos. 

YSC 

Third-party HTTP cookie

YouTube.com 

End of session

The cookie is used to register a unique ID to keep statistics of what videos from YouTube you have seen. 

yt.innertube::nextId 

yt.innertube::requests 

Third-party HTML cookie

YouTube.com 

Persistent

The cookies are used to register a unique ID to keep statistics of what videos from YouTube you have seen. 

yt-remote-cast-installed 

yt-remote-fast-check-period 

yt-remote-session-app 

yt-remote-session-name 

Third-party HTML cookie

YouTube.com 

End of session

The cookies are used to store your video player preferences using embedded YouTube video.

yt-remote-connected-devices 

yt-remote-device-id 

Third-party HTML cookie

YouTube.com 

Persistent

The cookies are used to store your video player preferences using embedded YouTube video.

9.3 Cookie consent. When you visit the Website for the first time, we will ask you to provide us with your consent to our use of all cookies via a cookie consent banner. If you do not provide your consent, we will not serve you our non-essential cookies. Please note that we may not be able to provide you with the best possible user experience if not all cookies are enabled.

9.4 Disabling cookies. When we ask you to provide your consent to our use of non-essential cookies, you have the freedom not to provide such consent. If you would like to refuse our use of non-essential cookies later, you can do it at any time by declining cookies in your browser or device. For more information, you can consult the cookie management instructions of your browser:

• Apple Safari: https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac

• Google Chrome: https://support.google.com/chrome/answer/95647 

• Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences 

• Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies 

• Microsoft Edge: https://support.microsoft.com/en-us/help/4468242/microsoft-edge-browsing-data-and-privacy-microsoft-privacy

 

10. CCPA DISCLOSURE

10.1 If you are based in the state of California (US), you are protected as a consumer by the California Consumer Privacy Act of 2018 (CCPA) with respect to your personal data (the CCPA uses the term ‘personal information’ which is equivalent to the term ‘personal data’ used in this Policy). In addition to the disclosures made in this Policy, we are hereby providing you with additional disclosures about our data processing practices and your consumer rights, as required by the CCPA and regulations of the California Attorney General (including §999.308).

10.2 What is personal information under the CCPA? Under the CCPA, the term ‘personal information’ refers to information that identifies, relates to, or could reasonably be linked directly or indirectly with a particular consumer or household based in California. The term does not cover certain types of personal information (e.g., information subject to the Gramm-Leach-Bliley Act).

10.3 Types of personal information that we collect. In the past 12 months, we have collected and disclosed to third parties for our legitimate business purposes, the following categories of personal information relating to California residents (please refer to section 2.1 for more detailed information):

• Identifiers and any categories of personal information described in subdivision (e) of section 1798.80: 

  1. Contact form and email enquiries: your name, email address, and any information that you decide to include in your message; and

  2. Browsing the Website: your IP address and cookies.

• Characteristics of protected classifications under California or federal law: none. 

• Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies: none.

• Biometric information: none.

• Internet or other electronic network activity information: cookie-related data and analytics data.

• Geolocation data: IP address only.

• Audio, electronic, visual, thermal, olfactory, or similar information: none.

• Professional or employment- related information: none.

• Education information: none.

• Inferences drawn from other personal information: none.

10.4 The categories of sources from whom we collect your personal information. We obtain your personal data from the following categories of sources:

• • Directly from you. For example, if you submit personal data when contacting us.

  • Directly or indirectly through your activity on the Website. When you use the Website, we automatically collect technical information about your use of the Website.

  • From third parties. We may receive information about your from third parties to whom you have previously provided your personal data,  if those third parties have a lawful basis for disclosing your personal data to us.

10.5 The categories of third parties to whom we disclose your personal information. If necessary for our legitimate business purposes, we disclose the relevant personal information to the following third parties (please refer to section 6 for more information):

• • Our hosting service provider Wix located in Israel;

  • Our analytics service provider Google Analytics located in the United States; and

  • Our independent contractors and consultants.

10.6 Use of personal information. In the past 12 months, we have used your personal information for the following purposes (please refer to section 2.1 for more information):

• • Maintaining and improving the Platform; 

  • Conducting research about the Platform and our business activities;

  • Replying to your enquiries;

  • Ensuring security of the Platform;

  • Preventing fraud; and

  • Complying with the applicable laws.

10.7 Sale of personal information. In the past 12 months, we have not sold your personal information. The term ‘sold’ refers to the disclosure of your personal information to a third-party for monetary or other valuable consideration.

10.8 Your rights regarding your personal information. As a California resident, you have certain rights granted by the CCPA with regard to your personal information. Such rights are:

I. To receive information about, within the last 12 months:  

• • The categories of personal information that we collected from you;

  • The categories of sources from which we collected your personal information;

  • The purposes for which we collected your personal information; 

  • The categories of third parties to which your personal information was disclosed and the personal information that was disclosed; and

  • The specific pieces of personal information that we collected about you;

II. To request us to delete your personal information that we hold about you, unless there is an exception under the CCPA; and

III. Remain free from unlawful discrimination for exercising your rights.

10.9 Making requests under the CCPA. If you have not found sufficient information in this Policy, you can submit your requests for exercising your rights to us by email at info@shaunrabah.com with “CCPA request” in the subject line. We will reply to you as soon as possible but no later than 30 days. Please note that we may need to verify your identity by requesting you to submit certain identifying details.

10.10 Authorised agent. You can exercise your rights through an authorised agent. To do so, you will need to (i) provide us with a copy of your written permission for the authorised agent to act on your behalf; and (ii) verify your identity with us. Alternatively, you can (i) provide your authorised agent with a power of attorney under the California Probate Code sections 4000 to 4465 and (ii) submit a copy of the power of attorney to us. 

10.11 Declining your requests. In some instances, we may not honour your request. Such instances include: (i) the failure to verify your identity; (ii) if you do not have authority to exercise the rights on behalf of another person; (iii) if there is an exception under the CCPA; or (iv) where the personal information that we hold about you is not subject to the CCPA.

10.12 Filing a formal complaint. If you are not satisfied with our response to your request, you have the right to file a formal complaint with the Attorney General’s Office (see https://oag.ca.gov/contact/consumer-complaint-against-business-or-company for more information). 

 

11. CONTACT

If you have any questions about this Policy or our data protection practices, please contact us by email at info@shaunrabah.com.

 

***