Privacy Policy
At Walk in the Woods, LLC, we are dedicated to not only providing an engaging and dynamic platform in Surfey (https://surfey.me) but also ensuring that our users' privacy is respected and protected. We encourage open dialogue with our users and welcome your feedback on how we can continue to improve our privacy practices. Your confidence in our platform is essential to us, and we are here to support you in navigating your privacy rights and choices.
Thank you for choosing Surfey and being part of the community. Your trust and safety are the foundation of everything we do. Let's dive into a world of immersive video experiences together, with privacy and respect at the forefront of every interaction.
Last Modified March 26th, 2024
Initial document creation, reviewed by Neil C. Obremski (n@walkinthewoods.llc)
I. Introduction
Welcome to Surfey (https://surfey.me), a dynamic and innovative application designed to foster interactive video engagement, brought to you by Walk in the Woods, LLC. At Surfey, we are committed to maintaining the trust and confidence of our users. This privacy policy aims to inform you about how we collect, use, manage, and protect your personal information across our website, mobile application, and any associated services.
Surfey offers a unique platform where users can create, share, and engage with video content in a manner that respects privacy and promotes meaningful interactions. Whether you're signing in to create a new Surfey page, responding to content through our video feedback feature, or simply exploring the content created by others, your privacy is our top priority.
We understand the importance of your personal information and are dedicated to handling it responsibly. This policy outlines the types of information we collect, how it's used within our ecosystem, and the measures we take to safeguard it. By using Surfey, you consent to the practices described in this policy.
II. Information Collection
We collect information to offer and improve our services, ensuring a personalized and efficient experience for our users. This section details the types of information we collect, how it's gathered, and the purpose behind its collection: to offer you a seamless and safe experience on our platform.
Types of Information Collected
Email Address: When you create an account with Surfey, we require your email address to authenticate your identity and provide a means for communication. This email address facilitates alerts and messages from us or interactions within the system, ensuring your email remains private from other users.
Demographic Information: You may choose to provide demographic information voluntarily, such as age, gender, or interests. This information is not mandatory but helps us tailor your experience and make informed analytical decisions about the content displayed to you. This information is kept confidential and is not shared with other users.
Video Content: As part of the Surfey page creation process, users can upload video content. This feature is central to our service, allowing for the sharing and viewing of videos within our community, subject to privacy settings and consent.
Methods of Information Collection
Sign-In Options: To simplify the sign-in process, Surfey offers options to use Apple Sign In or Google Sign In. Although these services facilitate access, we still require your email address to ensure a consistent and secure user experience.
Voluntary Submission: Any demographic information shared with us is provided at your discretion. We appreciate your trust in sharing this information and commit to using it responsibly to enhance your Surfey experience.
Video Uploads and Interactions: By uploading videos and engaging with content, you provide us with content that is integral to the social and interactive aspects of Surfey. This includes any responses or feedback provided through our platform's features.
Information Collected Through Technical Means
In addition to the information you directly provide, we may also collect certain types of data automatically, such as:
Usage Data: Information on how the services are accessed and used, which may include dates and times of access, app features or pages viewed, app crashes and other system activity, and the third-party sites or services you were using before interacting with our services.
Device Information: We may collect information about the devices accessing our services, including the types of devices, operating systems, device settings, application IDs, unique device identifiers, and error data.
This automatically collected information helps us understand user behavior, improve our services, and diagnose problems.
Use of Cookies and Tracking Technologies
We utilize cookies and similar tracking technologies to enhance your experience on our platform. This section aims to provide a clear understanding of how we use these technologies and how you can manage your preferences.
Purpose of Cookies
Authentication: Our primary use of cookies is to authenticate users, ensuring that once you log in, you remain logged in across all pages of the website version of Surfey. This is essential for providing a seamless and user-friendly experience.
User Preferences: We also use first-party cookies to store user preferences on our platform. This allows us to customize and improve your Surfey experience based on your choices and settings.
No Third-Party Cookies for Tracking: It's important to note that we do not use third-party cookies for tracking purposes. The only exception to this is the necessary use of cookies from our authentication providers, Apple and Google, which are essential for their sign-in services to function properly on our platform.
Managing Your Cookie Preferences
Understanding and managing your cookie preferences is crucial for maintaining control over your personal information and browsing experience.
Browser Settings: You can manage your cookie preferences directly through your web browser. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. Please refer to your browser's help documentation for more information on how to manage your cookie settings.
Implications of Cookie Disabling: Please be aware that disabling cookies may impact the functionality of Surfey, particularly authentication features. While our platform remains accessible without cookies, certain functionalities, like staying logged in across sessions, may be affected.
We strive to use cookies and tracking technologies responsibly and transparently.
III. Use of Information
The information we collect serves as the backbone for delivering a personalized, secure, and efficient user experience. Our primary goal in collecting information is to provide and improve our services, facilitate communication, and enable a rich user interaction within our ecosystem. Below, we outline the specific purposes for which we use the information collected from our users:
Account Management and User Authentication: Your email address facilitates not only the creation and management of your Surfey account but also enables a secure sign-in process. Whether you choose to sign in directly or through third-party services like Apple Sign In or Google Sign In, we ensure your authentication is handled securely and seamlessly.
Communication: We use your email address to send important notifications about our services, including updates, security alerts, and support messages. This direct line of communication ensures you stay informed about aspects of Surfey that matter most to you. Please note, while other users can send messages within the system, your email address is not disclosed to them, safeguarding your privacy.
Enhanced User Experience and Service Improvement: The voluntary demographic information you provide allows us to tailor your Surfey experience. By understanding our user base better, we can make informed decisions on feature developments, content recommendations, and overall service improvements that resonate with our diverse community.
Content Interaction and Feedback: When you create a new Surfey page by uploading a video, or respond to content through our unique webcam video feedback feature, we process this content to facilitate interaction between users. This includes enabling page creators to receive feedback while protecting respondent privacy—video responses are shared based on the explicit permission of the respondent, with measures like face and voice obscuring in place to maintain privacy.
Analytical Decisions: The information and content you provide are crucial for our analytical models. These models help us understand user preferences, engagement patterns, and system performance. No personally identifiable information (PII) is ever sent to external services or exposed to other users without explicit consent. Our analysis is designed to respect your privacy while enhancing your experience on Surfey.
Safety and Security: We utilize the information collected to protect against fraud, abuse, and unauthorized access to our services. Ensuring the security of your account and the overall platform is paramount, as we strive to offer a safe environment for all users.
IV. Information Sharing and Disclosure
The information you entrust to us is used to enhance your experience and is not shared with third parties without your explicit consent, except as outlined below. This section details the circumstances under which your information may be shared or disclosed.
No Sale of Personal Information: We firmly believe in the sanctity of your privacy. Therefore, we do not sell your personal information to any third parties for their marketing or advertising purposes.
Service Providers and Partners: To facilitate our service, we may share your information with third-party service providers and partners who perform services on our behalf. This includes, but is not limited to, cloud hosting services, analytics providers, and customer service platforms. These partners are obligated to protect your information and are restricted from using it for any purpose other than delivering the contracted services.
Legal Requirements and Law Enforcement: We may disclose your information if required by law, regulation, or legal process, such as in response to a court order or a subpoena. Additionally, we may share your information if we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation in which we are involved.
Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or other similar event, your information may be transferred or shared as part of the transaction, subject to the promises made in this privacy policy.
With Your Consent: Apart from the scenarios mentioned above, we will seek your explicit consent before sharing your personal information with any other third parties. This includes sharing information for purposes not covered by this privacy policy.
Anonymized and Aggregated Data: We may share anonymized or aggregated information that cannot reasonably be used to identify you with partners or for public reports. This data may be used for research, analytics, and to improve our services.
Protection of Your Information
To ensure the confidentiality and integrity of your information, we implement stringent security measures. However, no system can be entirely secure, and we cannot guarantee the absolute security of your information. We encourage you to use strong passwords and to be vigilant about protecting your personal information.
User Permission for Video Content
Regarding video content you create or interact with on Surfey, privacy controls are in place to ensure that such content is shared only with your consent. Video responses to content are shared based on explicit permissions from the respondents, with options to obscure faces and voices to maintain privacy.
V. Third-Party Services
In our commitment to providing a secure, efficient, and personalized experience on Surfey, we leverage various third-party services. These services not only enhance the functionality of our platform but also contribute to the security and analysis of user interactions. Below, we detail the third-party services involved, their role in our ecosystem, and the measures we take to ensure your data remains protected.
Apple Sign In and Google Sign In
Surfey offers users the option to sign in using Apple Sign In or Google Sign In. These services provide a convenient and secure way for users to access our platform without creating a new set of login credentials. When you choose to sign in through these platforms, the only piece of personal information we receive is your email address. This process is governed by the privacy policies of Apple and Google, respectively, and is designed to minimize the amount of personal information shared.
Safeguarding Measures:
We do not store any passwords or other sensitive login information from these services.
Access is strictly limited to the email address, which is used solely for account management and communication purposes within Surfey.
AI Services for Analysis
Surfey utilizes artificial intelligence (AI) services for analyzing content and enhancing user experience. This includes, but is not limited to, video analysis, content recommendation algorithms, and user interaction analytics. These services are critical in helping us understand usage patterns, improve content delivery, and develop new features that meet our users’ needs.
Safeguarding Measures:
No personally identifiable information (PII) is sent to AI services. Data processed by AI is anonymized to ensure privacy.
We implement strict data handling and processing agreements with our AI service providers, ensuring they adhere to high standards of data protection and privacy.
Data Privacy and Security with Third-Party Services
Commitment to Data Protection: We carefully select third-party services that share our commitment to data protection and privacy. Before integrating any third-party service, we conduct thorough assessments to ensure their practices align with our privacy standards and legal obligations.
Data Transmission Security: When your data is shared with third-party services, it is always transmitted securely, using encryption protocols to safeguard against unauthorized access or interception.
Privacy by Design: We incorporate privacy by design principles when implementing third-party services, ensuring that user privacy is considered at every stage of service development and integration.
User Control and Transparency: Surfey provides users with clear information about the use of third-party services and the data shared with them. Users have the option to manage their privacy settings and decide the extent of their data interaction with these services.
Control Over Third-Party Data Sharing
While Surfey currently does not share your data with third parties that do not provide critical fulfillment for our product, we understand the importance of maintaining flexibility and transparency in how your information is handled.
User Consent and Data Sharing
User Consent: We pledge that any future sharing of data with third parties for purposes beyond critical service fulfillment will be subject to your explicit consent. This means you will always have the choice to opt-in or opt-out of data sharing with non-essential third parties.
Notification and Control: Should we partner with third parties that enhance your Surfey experience but are not essential to the product's core functionality, we will:
Notify you via your registered email address about this partnership, the nature of the data being shared, and the benefits you might gain from this sharing.
Provide clear instructions on how you can control this data sharing option, including how to opt-in or opt-out, directly within the Surfey application settings.
Default Settings: Any new data sharing options will be introduced with clear information on the default setting, ensuring you make an informed decision about your participation.
Types of Third-Party Partnerships
While we have no non-essential third-party data sharing at this time, any future partnerships will be categorized and disclosed to you, including:
Analytical Services: Aimed at improving product features and user experience.
Marketing Partners: Selected to offer you tailored promotions or opportunities, should you choose to engage with them.
VI. Data Security
We are deeply committed to safeguarding the personal information of our users. Understanding the critical importance of data security in today’s digital landscape, we implement a comprehensive suite of security measures designed to protect your information against unauthorized access, disclosure, alteration, and destruction. Below, we outline the key aspects of our data security approach.
Encryption and Secure Data Transmission
Encryption in Transit: All data transmitted between your device and our servers is encrypted using industry-standard protocols such as TLS (Transport Layer Security). This ensures that any information you send or receive through our platform is protected against eavesdropping and tampering.
Encryption at Rest: Personal information stored on our servers is encrypted using advanced encryption technologies. This means that even in the unlikely event of unauthorized access to our storage systems, the data would remain inaccessible and unreadable without the proper decryption keys.
Secure Servers and Data Centers
Cloud-Based Infrastructure: Surfey utilizes Google Cloud services, including Cloud Storage and Firestore, for the storage and management of user data. Google Cloud is renowned for its robust security measures, compliance certifications, and commitment to data protection. By leveraging Google's infrastructure, we benefit from their secure-by-design framework, regular security audits, and advanced data protection technologies.
Data Storage and Encryption: Data stored on Google Cloud servers is encrypted at rest, ensuring that personal information is securely stored using state-of-the-art encryption technologies. This encryption safeguards your data against unauthorized access and ensures that it remains confidential and intact.
Secure Data Transmission: In addition to secure storage, we ensure that all data transmitted to and from Google Cloud services is encrypted using TLS (Transport Layer Security), providing a secure channel for data exchange and protecting against interception and tampering.
Compliance and Certifications: Google Cloud complies with a wide range of international and industry-specific security standards, including GDPR, HIPAA, and ISO/IEC 27001. This compliance demonstrates their commitment to maintaining the highest levels of data security and privacy.
Access Controls and Monitoring: Access to data stored in Google Cloud is strictly controlled, with rigorous authentication and authorization mechanisms in place to ensure only authorized personnel have access based on their roles. Continuous monitoring and logging of access and activities provide an additional layer of security, enabling prompt detection and response to potential security incidents.
Integrating Cloud-Based Infrastructure Security
Our decision to use Google Cloud services reflects our commitment to leveraging cutting-edge technology for data security and reliability. By entrusting our infrastructure needs to a leader in cloud security, we can focus on delivering a seamless and secure experience to our users on Surfey.
We remain vigilant in our security practices, continuously reviewing and enhancing our measures in partnership with Google Cloud to ensure the protection of your data. For more information about Google Cloud’s security practices, we encourage users to review their security documentation.
Security of Communications
Email Communications: While we use your email address to communicate important information regarding our services, we are aware of the limitations of email security. To protect sensitive information, we avoid sending personal or confidential information via email whenever possible. We encourage users to be cautious with the information they share via email and to use secure channels when discussing sensitive matters.
Secure Notifications: For communications within the Surfey platform, such as alerts and messages, we employ secure, encrypted channels to ensure the privacy and integrity of your interactions.
Ongoing Security Monitoring and Assessment
We conduct regular security assessments and monitoring to detect and respond to potential threats promptly. Our dedicated security team is committed to identifying vulnerabilities and implementing the necessary measures to mitigate risks.
In addition to our internal efforts, we engage with external security experts to conduct audits and penetration tests, ensuring an unbiased evaluation of our security posture.
Commitment to Data Security
Our commitment to data security is unwavering. We recognize that the trust our users place in us is paramount, and we strive to uphold this trust by implementing rigorous security measures and continuously enhancing our security practices.
VII. Data Retention Policy
We are committed to responsible data management practices. This section outlines our policies regarding the retention and deletion of user data to ensure transparency and user control over personal information.
Data Retention:
Indefinite Retention: User data, including email addresses, demographic information, and video content created by users, is retained indefinitely to support a continuous and personalized user experience. This approach allows users to return to our platform and access their data without disruption.
Account Closure: Should you choose to close your account, your data will remain accessible for up to 90 days following account closure. This grace period is designed to give you the flexibility to reconsider your decision and restore your account if desired.
Data Deletion:
User-Initiated Deletion: Users have the option to delete their data or close their accounts at any time. Upon closure, video pages created by the user will be marked for deletion and permanently removed after the 90-day grace period.
Exclusions: Responses made to other users' content will not be deleted as part of your account closure. This ensures the continuity of the platform's content and interaction history.
Reactivation: If you choose to reactivate your account within the 90-day grace period, you can regain control of your data and prevent its deletion.
VIII. Data Breach Notification Procedure
While we are committed to protecting your personal information, in the unlikely event of a data breach, we have established a clear and efficient procedure to manage and communicate the breach to affected parties.
Notification Process
Timely Notification: Should any breach of data security occur, we pledge to notify all affected users via their registered email addresses within 72 hours of becoming aware of the breach. This commitment aligns with our dedication to transparency and the trust you place in our platform.
Authorities Notification: In addition to user notification, we will inform relevant local authorities about the breach, fulfilling our legal obligations and contributing to the broader efforts of data protection.
Content of Notification
The notification sent to users will include the following information:
Nature of the Breach: A detailed description of what happened, including the type of data that was compromised.
Timing of the Breach: Information on when the breach occurred, if known, to provide users with a timeframe of the data exposure.
Identifying Information: Details on any personal identifying information that may have been affected, allowing users to understand the potential impact on their privacy.
Method of Breach: Where possible, we will share how the breach occurred, offering transparency into the incident's specifics.
Future Safeguards: An explanation of the measures we are implementing to prevent future breaches, ensuring users that steps are being taken to enhance security.
Commitment to Security
We understand that the protection of your data is fundamental to your trust in our service. The outlined procedure reflects our commitment to not only safeguarding your information but also ensuring you are informed and supported in the unlikely event of a data breach. We continually evaluate and upgrade our security measures to protect against future threats.
IX. User Rights and Choices
We recognize and respect your rights over your personal information. Our commitment to your privacy includes ensuring you have full control over your data and understanding how it can be accessed, managed, and removed. Below are the rights you have regarding your information and the options available to you for managing your privacy on our platform.
Access to Your Information
Viewing Your Data: You have the right to access the personal information we hold about you at any time. This includes your email address, any demographic information you have chosen to share, and the content you have created or interacted with on Surfey.
Data Portability: Upon request, we can provide your data in a structured, commonly used, and machine-readable format, allowing you to transfer your information to another service if you wish.
Correction of Your Information
Updating Your Information: If you find that any personal information we hold about you is inaccurate or incomplete, you have the right to ask us to correct or complete it. This can typically be done through your account settings on the Surfey platform.
Deletion of Your Information
Deleting Your Account and Data: You have the right to request the deletion of your account and your personal information. Once requested, we will take steps to remove your information from our servers and any third-party services where applicable, subject to any legal obligations to retain certain data.
Managing Privacy Settings
Account Settings: Surfey provides users with privacy settings that can be adjusted to control the visibility of their information and content. Through your account settings, you can manage permissions related to the sharing and visibility of your videos, demographic information, and email notifications.
Permissions for Video Responses: You have control over who can respond to your videos and under what conditions. This includes setting permissions for video responses to ensure your privacy preferences are respected. For videos that receive responses, you can choose whether these are public, private, or require explicit consent to view, ensuring the privacy of both content creators and respondents.
Opting Out of Data Processing
Analytical and Promotional Communications: You have the option to opt out of certain uses of your information, such as for analytical purposes or receiving promotional communications from us. These preferences can be managed through your account settings or by contacting our support team.
Exercising Your Rights
To exercise any of your rights or if you have questions about managing your privacy settings, please contact us at privacy@walkinthewoods.llc or call us at (206) 590-0662. We are committed to responding to your requests promptly and ensuring your rights are fully respected.
Rights of Users Under Different Jurisdictions
We recognize that our users come from various jurisdictions, each with its own set of data protection laws and regulations. We are committed to complying with these laws and empowering our users by providing them with the necessary information on their rights regarding personal data. Below, we highlight specific rights under two major data protection regulations: the General Data Protection Regulation (GDPR) for residents of the European Union (EU) and the California Consumer Privacy Act (CCPA) for residents of California, USA.
GDPR Rights for EU Residents
If you are a resident of the European Union, you are granted specific rights under the GDPR, including:
Right to Access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data.
Right to Rectification: The right to have inaccurate personal data corrected or completed if it is incomplete.
Right to Erasure ("Right to be Forgotten"): The right to have your data erased under certain circumstances.
Right to Restriction of Processing: The right to restrict processing of your personal data in specific cases.
Right to Data Portability: The right to receive the personal data concerning you in a structured, commonly used format, and the right to transmit that data to another controller.
Right to Object: The right to object to the processing of your personal data in certain circumstances, including for direct marketing.
To exercise any of these rights, please contact us directly at privacy@walkinthewoods.llc. We are dedicated to facilitating your requests in accordance with GDPR requirements.
CCPA Rights for California Residents
For residents of California, the CCPA provides you with the following rights regarding your personal information:
Right to Know: You can request information about the collection, use, and sharing of your personal data over the past 12 months.
Right to Delete: You have the right to request the deletion of personal information about you, with certain exceptions.
Right to Opt-Out: You have the right to opt-out of the sale of your personal information to third parties.
Right to Non-Discrimination: You have the right not to receive discriminatory treatment by us for the exercise of the privacy rights conferred by the CCPA.
California residents wishing to exercise their CCPA rights can reach us at privacy@walkinthewoods.llc.
Other Jurisdictions
We strive to respect and protect the privacy rights of all our users, regardless of their location. If your jurisdiction has specific data protection laws not mentioned here, and you wish to inquire about your rights or exercise them, please contact us.
X. International Data Transfers
In the global and interconnected world of Surfey, operated by Walk in the Woods, LLC, our services are designed to provide users around the globe with a seamless and efficient experience. This necessitates certain international transfers of data, which are conducted with utmost consideration for your privacy and data protection. Here’s how we handle international data transfers:
Data Processing Regions
The primary processing of Surfey's data occurs in the central United States, where our Google Cloud servers are located (us-central1 region). This central location ensures efficient access and high performance for users across the United States.
Content Delivery Network (CDN)
To speed up the delivery of content to users worldwide, we utilize Cloudflare’s Content Delivery Network (CDN). This network may cache content in local international regions closer to the end user, thereby improving load times and overall user experience.
Encryption and Security Measures
Fully Encrypted Transmissions: All data transmitted between the end user, Cloudflare, and our main servers is fully encrypted using the latest Transport Layer Security (TLS) protocols. This encryption ensures that any data transferred over the internet remains secure and private, regardless of the geographical location of the user or the servers.
Compliance with International Standards: We adhere to internationally recognized standards and frameworks for data protection, ensuring that our practices meet or exceed the requirements for data security and privacy. This includes compliance with the General Data Protection Regulation (GDPR) for users in the European Union and other relevant laws governing data transfers outside the United States.
Safeguards for International Transfers
Data Protection Agreements: When partnering with third-party services like Cloudflare, we ensure that data protection agreements are in place. These agreements obligate our partners to maintain a level of data security that meets or exceeds our own standards.
Continuous Monitoring and Assessment: We continuously monitor the effectiveness of our encryption and security measures, especially concerning international data transfers. This proactive approach allows us to adapt to new threats and maintain the integrity of user data.
Commitment to Data Protection
We are committed to safeguarding your personal information and ensuring that international data transfers are conducted securely and responsibly. We recognize the importance of protecting your data across borders and are dedicated to implementing the highest standards of data security and privacy, no matter where you are located.
XI. Children’s Privacy
At Surfey, operated by Walk in the Woods, LLC, we take the privacy and safety of our users very seriously, especially when it comes to children. We understand the internet can be a complex space for young individuals, and as such, we have specific policies in place regarding children's privacy.
Age Restrictions
Surfey is not designed for, targeted at, or condoned for use by individuals under the age of 13 years old. In alignment with our commitment to provide a responsible and safe online environment, we require all users to be adults according to the jurisdiction of their residence. Our User Agreement clearly stipulates this age restriction, and we do not knowingly collect or solicit personal information from anyone under the age of 13.
Content and Safety Measures
While we strive to ensure that Surfey remains free of adult content and safe for general audiences, we acknowledge that we cannot guarantee a perfectly safe environment for children. Therefore, we:
Proactively Monitor and Moderate Content: Actively monitor and review content uploaded to our platform. We have measures in place to remove, shut down, or block any content that either directly portrays minors inappropriately or is deemed harmful to minors. This includes, but is not limited to, selfie videos made by children, which are not acceptable on our platform.
Allow Certain Types of Content Involving Minors: Recognize that some content involving minors, such as public sporting events like little league baseball, may be deemed acceptable. Our goal is to be firm yet fair in our moderation, understanding the sensitivity of this issue and the varying contexts in which minors may appear.
Parental Consent and Involvement
We encourage parents and guardians to take an active role in their children's online activities and interests. If it comes to our attention that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to remove that information promptly.
Reporting and Compliance
Reporting Inappropriate Content: We urge users and guardians to report any instance of content that violates our children’s privacy policy. Our team is committed to taking swift action in compliance with our policies and applicable laws.
Compliance with COPPA: We comply with the requirements of the Children's Online Privacy Protection Act (COPPA) and other relevant laws concerning the collection of personal information from individuals under the age of 13.
XII. Changes to the Privacy Policy
We are committed to continuously improving our services and ensuring that our practices evolve in line with technological advancements, legal requirements, and our users' needs. As such, our Privacy Policy is subject to change over time. Below we detail our approach to updating this policy and how we will communicate changes to our users.
Policy Updates
Review and Amendments: Our Privacy Policy may be amended periodically to reflect changes in our operations, legal landscape, or user feedback. We strive to maintain the highest standards of privacy and data protection, and these updates are part of our commitment to transparency and accountability.
Prominent Notification of Changes: The latest modification date will be prominently displayed at the top of the document. This date indicates the last time the policy was updated, allowing users to easily ascertain the currency of our privacy practices.
User Notification
Email Notifications: The primary method of communicating changes to our Privacy Policy will be through email notifications sent to the primary email address provided by users at the time of sign-in. These notifications will outline the nature of the changes and provide a link to the updated policy.
Recommendation to Review Changes: Upon receiving notification of changes to our Privacy Policy, we encourage users to review the updated document thoroughly to understand how their personal information will be handled going forward.
Transparency and Access
Accessibility of the Policy: The updated Privacy Policy will always be accessible on our platform, allowing users to review it at any time. We are committed to ensuring that our users are fully informed about how their information is collected, used, and protected.
User Queries and Concerns: We understand that changes to our Privacy Policy may prompt questions or concerns. We welcome any inquiries regarding updates to the policy and are committed to providing clear, comprehensive responses. Users can reach out to us at privacy@walkinthewoods.llc or call us at (206) 590-0662 for further clarification.
XIII. Contact Information
Should you have any questions, concerns, or comments about this Privacy Policy, or if you need to inquire about your personal information and how it is handled, please do not hesitate to reach out to us.
For Privacy Concerns and Inquiries
Email: privacy@walkinthewoods.llc
Phone: (206) 590-0662
For formal communications, legal notices, or if you prefer to contact us in writing, please use the following address. Note that responses may be slower via postal mail compared to electronic communications.
Walk in the Woods, LLC
ATTN: Privacy Office
15209 72nd Ave NE
Kenmore, WA 98028
Process for Submitting Privacy-Related Requests
To ensure the integrity and confidentiality of your personal information, all privacy-related requests must be submitted via email. This process helps us verify your identity and protects your data from unauthorized access or changes.
Submitting Your Request
Via Email: Please send your privacy-related requests, including data access, correction, or deletion, directly to privacy@walkinthewoods.llc from the email address associated with your Surfey account. This is crucial as it serves as the primary method of verifying your identity.
Verification Process: Upon receiving your request, we will reply to your email to confirm that you intend to make the request and control the email address. This step is necessary to prevent unauthorized access to your information.
For Phone Calls or Physical Mail: If you contact us by phone or physical mail for privacy-related concerns, we will ask for your email address associated with your Surfey account and send a verification email. This ensures that we are interacting with the actual account holder.
Lost Email
If you no longer have control over the email address associated with your Surfey account, you must provide us with sufficient verification information that we can deem your request is authentic. To prevent fraudulent impersonation we will always send messages to the email address on file prior to taking any requested actions.
What Happens Next
Response Time: You can expect a response to your email within 72 hours. If you've left a voicemail due to not reaching a representative, we will also aim to respond within this timeframe after email verification.
Action on Privacy Violations: In cases where callers report potential privacy violations without requiring verification of their identity, we will promptly investigate the matter. Protecting user privacy and taking swift action against any violations is a priority for us.
Guidance for Your Request
To help us process your request efficiently, please include the following in your email:
The type of request (access, correction, deletion, etc.).
Any specific details about the data or information in question.
Remember, the security of your personal information is paramount. By adhering to this process, we ensure that your privacy rights are respected and protected.