At Maui Plumeria Gardens we regard your privacy as important.

We may collect information about you via our website, www.mauiplumeriagardens.com

 

The information we collect about you, if you agree to provide it, will allow us to contact you and send information to you about products and/or services where you have registered an interest.

  • In providing us your information you thereby consent to us processing it for this purpose.

  • We will not pass your information on to any third party without your express permission, except as defined herein for the provision of services that you have requested, other than authorities and the police in the event of any investigation.

  • Email addresses and contact details are not shared with any other user of the site unless you have explicitly chosen to do so.

 

By visiting our website and completing any of the consent processes (i.e. subscribing to a service and/or providing your contact information), you accept and consent to the practices defined in this privacy policy.

For the purposes of the General Data Protection Regulation (GDPR);

  • the data controller is mauiplumeriagardens.com.

  • Maui Plumeria Gardens uses third-party processors to deliver specific services (see Processors below).

 

Information that we may collect from you

 

We may collect and/or process the following data about you:

  • Information you provide to us – by filling in forms on our website www.mauiplumeriagardens.com or by entering into a contract with us, or by correspondence with us by email, letter, phone or other methods, which includes data provided by you by registering to use our website, or by subscribing for newsletters or other information services, or by joining our online learning platform, or by placing an order for products or services, and when reporting a problem with our site, or otherwise contacting us.

  • Personally Identifiable Information (PII) – the information you give us may include; your name, address, email address, IP address, phone number, together with financial and credit card information. All of which is PII and subject to the GDPR.

  • When do we collect your data: Members?

  • If you register as a Member, we collect data when you:

    • register as a Member;

    • update your details or settings, complete our skills benchmark, access our content, make purchases and fill in contact forms.

    • When do we collect your data: Non-Members?

    • If you otherwise use the site (whether or not you are a Member), we collect data from you:

    • when you make a complaint or enquiry or provide other feedback to us;

    • in monitoring your communications sent via and use of the site ensure and check compliance with the Terms of Use or otherwise as required by law; and

    • when you disclose your data to us or otherwise through the site at any other point.

    • data protection – all PII data we hold is protected by us in accordance with the Principles (Article 5) of the GDPR.

    • data security – We endeavour to take all reasonable steps to protect your data. All the data collected by us is stored on a secure server in a secure hosting facility and we take all reasonable steps to ensure all accesses are pre-authorised and recorded.

    • data encryption – We utilize a secure server for all financial transactions

    • Information we collect about you – with regard to your use of our website data may be automatically collected and comprises the following:

    • technical information – such as your; internet protocol (IP) address, login information, time zone, browser type/version with plug-in types/versions, device information (operating system and platform);

    • information about your visit – such as your; Uniform Resource Locators (URL), including the date and time, products viewed/searched, site statistics, interaction (scrolling, clicks, mouse-overs), exit methods away from pages, phone numbers (if used to call our customer service number), route to/from our site or from search engine links to our site including search engine address and search term used, elearning interacted with, scores and questions completed within elearning, answers to our skills benchmark questions, webinars attended and interactions within those webinars.

    • Our website will not store any identifying information of your visit on your computer apart from a small text file called a cookie, which in itself does not contain any identifying information and does not mean that you entered the site. See the cookies policy link at the end of this document for more detail on cookies.

    Third-parties may also provide information to us about you, specifically from any of the following; our business partners and/or sub-contractors or credit reference agencies for payment and delivery services, or advertising and marketing
    • services, or our technical and analytics providers, or our search engine and search information providers.

     

    How your information is used

     

    • The information we hold about you is used as followings:

    • Information that you provide to us – this information is used to meet our obligations within any contracts between you and us, and,

    • to meet your requests for information, and/or products and services, or

    • to notify you of changes to our products or services, or make suggestions/recommendations that may interest you, or

    • to improve content of our site and ensure it is presented effectively for you and your device.

    • Information that we collect about you – we use this information:

    • to manage our website as well as for our efficient operations, which includes analysis, research, statistical and survey uses, together with testing and troubleshooting;

    • to improve our website and content for users and their devices;

    • to allow you to interact with our website and take advantage of our online services, whenever you may elect to do so;

    • to ensure our site is safe and secure by monitoring activities within the context of continual process improvement, which is a best practice requirement of the GDPR;

    • to monitor advertising and marketing effectiveness for users, and/or to fine-tune advertising by relevance to users;

    • to enable targeted suggestions/recommendations to users about products and services that may be of interest.

    • to compile anonymised analysis of digital skills, objectives and plans.

    • Information we receive from other sources – we may use third-party information, which may be combined with information you provided to us and/or information collected by us, which may be used for the purposes we have defined above.

     

    Know your rights

     

    Under the GDPR all individuals, who are the owners of their personally identifiable information (PII), have specific and clear rights, which are;

  • GDPR: Individual Rights

    Description

    Right to Erasure

    Every individual has the right the right to be forgotten upon request. The data controller must remove your PII data from its systems and request the same of any third-party systems of that controller.

    Right to Access

    Every individual has the right to access the PII data held about them upon request.

    Right to Portability

    Every individual has the right to request their PII data and use it for other parties they wish to engage with.

    Right to be Informed

    Every individual has the right to be informed about how their PII data is being used, which may be provided upon request of the individual, or before the controller changes any use of that data, giving the individual the right to consent or object.

    Right to Objection

    Every individual has the right to object to the use of their PII data for any purpose proposed by a controller.

    Right to Rectification

    Every individual has the right to have errors in their PII data to be corrected.

    Right to Restrict

    Every individual has the right to restrict the uses of their PII data for any specific type of processing.

    Rights on automated decisions & profiling

    Every individual has the right to restrict or object to automated decision making processes or profiling based on their PII data. 

    • Revoke your consent – in accordance with the GDPR, to the revoke consent for processing of your data send an email with the word “Revoke” in the subject field to plumeria@mauiplumeriagardens.com.

    • Data Subject Access Request (D-SAR) – in accordance with the GDPR,

    • you may request us to send you details about any PII data that we may hold about you, or

      • you may request that we correct any errors, or

      • you may request us to delete any/all PII data about you.

      • D-SAR Fee – In accordance with the GDPR, any D-SAR is provided free of charge within 30 days, unless a particular D-SAR is subject to other regulatory requirements as defined within the GDPR, in which case we will inform you as required by those specific regulations.

       

      Do we pass your information on to third-parties?

       

      We may pass your data to other parties as follows:

      • Where relevant, we may pass your data to our merchant account for billing purposes only.  We never sell your personal data.  It is only used in the transaction.

      • We may disclose your data to the police, regulatory bodies or legal advisers in connection with any alleged criminal offence or suspected breach of these Terms of Use by you or otherwise where required by law.

       

      Third-Party Processors

       

      We use the following third-parties to process your data and deliver services for the purposes shown. All of these processors have access to some of your personally identifiable information (PII) as appropriate for the delivery of the purpose specified.

      Processor ID

      Purpose

      Mailchimp (USA)

      Contact Information for announcements & newsletters

      PayPal (USA)

      Contact and payment information for accounting

      FedEx (USA)

      Contact information for shipping

       

      USPS (USA

      Contact information for shipping


      Links to other sites

       

      Please be aware that our site may link to other web sites that may be accessed by you through our site. We are not responsible for the data policies, content or security of these linked web sites. We do not have any control over the use to which third parties may put your data where you choose to purchase products or services or otherwise to contact them via our site.

       

      Transfer outside the EU/EEA

       

      We transfer your information outside of the European Economic Area, including to the following countries: USA. Where we do so, we will ensure appropriate safeguards are in place. The third parties we use who transfer your information outside the European Economic Area have self-certified themselves as compliant with the EU-U.S. Privacy Shield.

       

       

      Data Retention Policy

       

      User data is retained indefinitely while the user account is active to meet our legal obligations.


      We never store financial data on our server.  Financial data is sent to our merchant account via secure server at the time of payment.

      We reserve the right to delete inactive user data older than 2 years.

      • E&OE: If you notice any errors (spelling, grammar or other) in this policy document please feel free to notify us via our contact details below.

       

      For any questions relating to your PII data, or to submit a D-SAR, please contact our Data Protection Officer (DPO):

      Doug Brunner

      480 N. Holokai Pl

      Haiku HI  96708

      plumeria@mauiplumeriagardens.com