Privacy Policy

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

• "Account" means a unique account created for you to access our Service or parts of our Service.
• "Business", for the purpose of the CCPA (California Consumer Privacy Act), refers to the Company as the legal entity that collects Consumers' personal information and determines the purposes and means of the processing of Consumers' personal information.
• "Company" (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to JL Shaw Consulting, located in the United States. For the purpose of the GDPR, the Company is the Data Controller.
• "Country" refers to the United States.
• "Consumer", for the purpose of the CCPA, means a natural person who is a California resident.
• "Cookies" are small files placed on your computer, mobile device, or any other device by a website, containing details of your browsing history on that website among its many uses.
• "Data Controller", for the purposes of the GDPR, refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.
• "Device" means any device that can access the Service such as a computer, a cell phone, or a digital tablet.
• "Do Not Track" (DNT) is a concept promoted by US regulatory authorities for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.
• "Personal Data" is any information that relates to an identified or identifiable individual. For the purposes of GDPR, Personal Data means any information relating to you such as a name, an identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity.
• "Sale", for the purpose of the CCPA, means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating a Consumer's personal information to another business or a third party for monetary or other valuable consideration.
• "Service" refers to the Website.
• "Service Provider" means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service.
• "Usage Data" refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
• "Website" refers to JL Shaw Consulting, accessible from https://jlshaw.link
• "You" means the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service.

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:

• Email address
• First name and last name
• Phone number
• Address, State, Province, ZIP/Postal code, City
• Usage Data

Usage Data

Usage Data is collected automatically when using the Service. Usage Data may include information such as your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

When you access the Service by or through a mobile device, we may collect certain information automatically, including the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, and other diagnostic data.

Types of Cookies We Use:

• Necessary / Essential Cookies: These Cookies are essential to provide you with services available through the Website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts.
• Cookies Policy / Notice Acceptance Cookies: These Cookies identify if users have accepted the use of cookies on the Website.
• Functionality Cookies: These Cookies allow us to remember choices you make when you use the Website, such as remembering your login details or language preference.
• Tracking and Performance Cookies: These Cookies are used to track information about traffic to the Website and how users use the Website.

Business Transactions

If the Company is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law Enforcement

Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other Legal Requirements

The Company may disclose your Personal Data in the good faith belief that such action is necessary to:

• Comply with a legal obligation
• Protect and defend the rights or property of the Company
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of Users of the Service or the public
• Protect against legal liability

Analytics

We use third-party Service providers to monitor and analyze the use of our Service:

• Plausible Analytics: Plausible is a privacy-friendly web analytics service. It does not use cookies and is fully compliant with GDPR, CCPA, and PECR. For more information, please visit the Plausible Privacy Policy.

Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council.

• Stripe: Stripe is a payment processor. For more information, please visit the Stripe Privacy Policy.

Google Sign-In

We offer "Sign in with Google" as an authentication option. When you choose to sign in with Google, we receive the following data from Google solely for the purpose of authenticating your identity and creating or accessing your account:

• Your email address
• Your name
• Your Google profile information (such as profile picture)

We use this data only to authenticate you and populate your account profile. We do not use Google user data for advertising, share it with data brokers, or transfer it to any third party for purposes beyond operating our Service. You may revoke our access to your Google account at any time via your Google Account permissions. For more information, please visit the Google Privacy Policy.

Consent and Opt-In

By providing your mobile phone number and opting into our SMS/text messaging services, you expressly consent to receive text messages from us for the purposes you selected during signup. This includes informational messages, service updates, appointment reminders, and promotional messages (if you opted in for marketing).

Message Types and Frequency

• Service messages: Account updates, security alerts, appointment confirmations
• Promotional messages: Special offers, new services, company updates (requires separate opt-in)
• Message frequency varies based on your preferences and account activity

Opt-Out Instructions

You can opt out of receiving text messages at any time by:

• Replying STOP to any text message from us
• Contacting us at contact@jlshawconsulting.com
• Managing your preferences in your account settings

After opting out, you will receive a confirmation message, and no further messages will be sent unless you opt back in.

Data Retention and Security

We maintain records of your consent, opt-in timestamp, phone number, and messaging preferences. This data is stored securely and is not shared with third parties for their marketing purposes.

Carrier Charges and Support

Standard message and data rates may apply. We are not responsible for carrier-specific charges. For support issues, text HELP or contact us directly.

CTIA Compliance

Our text messaging practices comply with CTIA Messaging Principles and Best Practices, the Telephone Consumer Protection Act (TCPA), and CAN-SPAM regulations.

Legal Basis for Processing Personal Data

We may process Personal Data under the following conditions:

• Consent: You have given your consent for processing Personal Data for one or more specific purposes.
• Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with you.
• Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation.
• Vital interests: Processing Personal Data is necessary to protect your vital interests or those of another natural person.
• Public interests: Processing Personal Data is related to a task carried out in the public interest.
• Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.

Your Rights under the GDPR

The Company undertakes to respect the confidentiality of your Personal Data. You have the right under this Privacy Policy, and by law if you are within the EU, to:

• Request access to your Personal Data: The right to access, update, or delete the information we have on you.
• Request correction of Personal Data: You have the right to have any incomplete or inaccurate information we hold about you corrected.
• Object to processing: This right exists where we are relying on a legitimate interest as the legal basis for our processing.
• Request erasure: You have the right to ask us to delete or remove Personal Data when there is no good reason for us to continue processing it.
• Request transfer: We will provide to you, or to a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format.
• Withdraw your consent: You have the right to withdraw your consent on using your Personal Data.

Exercising Your GDPR Data Protection Rights

You may exercise your rights of access, rectification, cancellation, and opposition by contacting us. Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data.

Categories of Personal Information Collected

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked with a particular Consumer or Device. The following categories may be collected:

• Category A: Identifiers — Name, email address, IP address, account name. Collected: Yes.
• Category B: Personal information (Cal. Civ. Code § 1798.80(e)) — Name, address, telephone number. Collected: Yes.
• Category C: Protected classification characteristics — Age, race, gender. Collected: No.
• Category D: Commercial information — Records of products or services purchased. Collected: Yes.
• Category E: Biometric information — Fingerprints, faceprints. Collected: No.
• Category F: Internet or network activity — Browsing history, interaction with our Service. Collected: Yes.
• Category G: Geolocation data — Physical location. Collected: No.
• Category H: Sensory data — Audio, visual information. Collected: No.
• Category I: Professional or employment information — Job history. Collected: No.
• Category J: Non-public education information — Education records. Collected: No.
• Category K: Inferences drawn from other information — Profile reflecting preferences. Collected: No.

Your Rights under the CCPA

The CCPA provides California residents with specific rights regarding their personal information:

• The right to notice: You have the right to be notified which categories of Personal Data are being collected and the purposes for which it is being used.
• The right to request: Under CCPA, you have the right to request that we disclose information about our collection, use, sale, and disclosure of your personal information.
• The right to say no to the sale of Personal Data (opt-out): You have the right to direct us not to sell your personal information.
• The right to delete Personal Data: You have the right to request the deletion of your Personal Data, subject to certain exceptions.
• The right not to be discriminated against: You have the right not to be discriminated against for exercising any of your consumer's rights.

Exercising Your CCPA Data Protection Rights

In order to exercise any of your rights under the CCPA, and if you are a California resident, you can contact us:

• By visiting our contact page: jlshaw.link/contact
• By sending us an email: contact@jlshawconsulting.com

Do Not Sell My Personal Information

You have the right to opt-out of the sale of your personal information. Once we receive and confirm a verifiable consumer request from you, we will stop selling your personal information. To exercise your right to opt-out, please contact us.