Information We Collect
When you visit our website, we may collect certain information from you, which includes:
This includes your name, email address, and any other information voluntarily submitted by you through our contact forms or registration processes.
We automatically collect information that your browser sends whenever you visit our website. This may include your IP address, browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other statistics.
How We Use Your Information
The Chant News uses the information we collect for various purposes, including:
Improvement of Services:
To enhance and improve the user experience on our website based on the feedback and information we receive from you.
To respond to your inquiries, comments, or questions submitted through our contact forms.
Analytics: To analyze and track user behavior on our website, understand trends, and gather statistical information to improve our content and services.
With your consent, we may send you promotional emails about our latest articles, news, and updates.
Cookies and Similar Technologies
We may use third-party services, such as analytics tools and advertising partners, to gather and analyze data about our website’s usage. These third-party services have their own privacy policies governing the use of your information.
The Chant News takes reasonable measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. However, no data transmission over the internet or electronic storage system can be guaranteed to be 100% secure.
You have the right to access, update, correct, or delete your personal information. If you wish to exercise any of these rights, please contact us using the information provided below.
The General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a comprehensive privacy regulation that came into effect on May 25, 2018, in the European Union (EU) and the European Economic Area (EEA). It is designed to protect the personal data and privacy of EU and EEA residents and applies to organizations that process or handle such data, regardless of their location, if they offer goods or services to EU/EEA residents or monitor their behavior.
Below is an overview of the key principles and elements of the GDPR:
Lawful Basis for Processing:
Organizations must have a lawful basis for processing personal data, such as consent, performance of a contract, compliance with legal obligations, protection of vital interests, performance of a task carried out in the public interest, or legitimate interests pursued by the data controller or a third party.
Data Subject Rights:
The GDPR grants data subjects various rights, including the right to access their personal data, the right to rectify inaccuracies, the right to erasure (right to be forgotten), the right to restrict processing, the right to data portability, the right to object to processing, and the right not to be subject to automated decision-making.
Transparency and Data Collection:
Organizations must provide clear and concise information about the purposes and legal basis for data processing, the retention periods, and any third parties involved. Data subjects must be informed about their rights and the right to lodge complaints with the relevant data protection authority.
Consent must be freely given, specific, informed, and unambiguous. Organizations must obtain explicit consent for processing sensitive data. Data subjects have the right to withdraw consent at any time.
Data Breach Notification:
Organizations are required to notify the relevant supervisory authority and affected data subjects within 72 hours of becoming aware of a data breach that poses a risk to individuals’ rights and freedoms.
Data Protection Impact Assessments (DPIAs):
Organizations must conduct DPIAs for high-risk processing activities to assess and mitigate privacy risks.
Data Protection Officer (DPO):
Certain organizations must appoint a Data Protection Officer responsible for ensuring compliance with the GDPR.
Cross-Border Data Transfers:
Personal data can only be transferred to countries outside the EU/EEA that offer an adequate level of data protection or under specific safeguards, such as Standard Contractual Clauses or Binding Corporate Rules.
Accountability and Records:
Organizations must demonstrate compliance with the GDPR’s principles and maintain records of data processing activities.
Non-compliance with the GDPR can lead to significant fines of up to 4% of the organization’s global annual turnover or €20 million, whichever is higher.
It is essential for organizations that process personal data of EU/EEA residents to fully understand and comply with the GDPR’s requirements to ensure the protection of individuals’ privacy rights and avoid potential penalties for non-compliance. Organizations should review their data processing practices, update their privacy policies, and implement appropriate technical and organizational measures to safeguard personal data effectively. Additionally, seeking legal advice can help ensure full compliance with the GDPR’s complex regulations.
California Privacy Rights Act (CPRA)
CPRA stands for the California Privacy Rights Act, which is also known as Proposition 24. It is a privacy law that was approved by California voters in November 2020 and became effective on January 1, 2023.
The California Privacy Rights Act (CPRA) builds upon the California Consumer Privacy Act (CCPA) and introduces additional rights and protections for California residents concerning the collection, use, and disclosure of their personal information. Below is an overview of the key points of the CPRA:
Expanded Definition of Personal Information:
The CPRA broadens the definition of personal information to include new categories of data, such as precise geolocation data, sensitive personal information, and information related to health.
Sensitive Personal Information:
The CPRA introduces a new category of data called “sensitive personal information,” which includes details like Social Security numbers, driver’s license numbers, financial account information, precise geolocation data, racial or ethnic origin, religious beliefs, and other similar data. The CPRA gives consumers the right to limit the use and disclosure of sensitive personal information.
New Consumer Rights:
The CPRA enhances the rights granted under the CCPA and introduces new rights, including the right to correct inaccurate personal information, the right to limit the use of sensitive personal information, and the right to opt-out of the sharing of personal information for cross-context behavioral advertising.
Increased Penalties for Data Breaches:
The CPRA imposes higher penalties for data breaches involving consumers’ personal information, especially in cases where the information includes Social Security numbers, driver’s license numbers, or financial account information.
Establishment of the California Privacy Protection Agency (CPPA):
The CPRA creates the CPPA, an independent agency responsible for enforcing and implementing the CPRA and protecting consumer privacy rights.
The CPRA imposes new contractual obligations on businesses when sharing consumers’ personal information with third parties.
Extension of CCPA to Businesses:
The CPRA extends the application of the CCPA to certain businesses outside California that process personal information of California residents.
It’s important for businesses that process personal information of California residents to comply with the CPRA’s requirements to ensure they are respecting the privacy rights of their users. Businesses should update their privacy policies, implement mechanisms for consumers to exercise their rights, and take necessary measures to secure and protect personal information.
Please note that this information serves as an overview of the CPRA, and businesses should seek legal advice to fully understand and comply with the specific requirements of the California Privacy Rights Act.