This Privacy Policy is effective as of May 25th, 2018.

Off The Range Ventures, LLC  (“The Restaurant Coach”, "we", “our”, “us”) recognizes the importance of your right to privacy and wants you to be familiar with how we collect, use and disclose any personal data that individually identifies you and our commitment to meet our obligations under applicable privacy laws.

This Privacy Policy explains how we collect, use, disclose and protect your personal data when you use our website/mobile site (collectively, the “Site”), our mobile/desktop applications (the “Apps”) and our services (collectively, the “Services”). This Privacy Policy is incorporated into and forms part of our Terms of Service, which outline the terms and conditions you agree to when using our Site, Apps and Services. We will only collect, use and disclose your personal data in accordance with this Privacy Policy.

By using our Site, Apps and Services and supplying your personal data, you acknowledge that you have read and understood this Privacy Policy, and you agree and consent to the collection, use, disclosure and other processing of your personal data as outlined in this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use our Site, Apps or Services or supply your personal data to us.

1. Definitions

Our Privacy Policy should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used. In this Privacy Policy, we use, inter alia, the following terms:

a) “Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) “Data subject” is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.

c) “Processing” is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) “Restriction of processing” is the marking of stored personal data with the aim of limiting their processing in the future.

e) “Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

f) “Pseudonymisation” is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) “Controller or controller responsible for the processing” is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) “Processor” is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) “Recipient” is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

j) “Third party” is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

k) “Consent” of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. What Personal data do we collect?

Personal data means any information about an identifiable individual. Anonymous data means data that is not associated with or linked to any individual’s personal data or will not easily permit the identification of individuals (“Anonymous Data”). Marketcircle does not consider personal data to include Anonymous Data. The types of personal data that we may collect include, but is not limited to:

• your name;
• your email address;
• your payment information;
• your IP address;
• your MAC address;
• the type of device(s) you use to access our Site, Apps or use our Services;
• the version and build of the Apps and operating system you are using;
• unique identifier details of your device, such as model, manufacturer, operating system type and version;
• log information such as details of how you used our Services;
• personal information you give us that we did not request (such as personal information you voluntarily put into an email to us); and
• personal information of third parties that you upload to our Services and the Apps. You must only provide us with the personal information of a third party if you have obtained consent to do so in accordance with applicable privacy laws.

3. Purposes for Collecting Your Personal data

We collect, use and disclose your personal data in order to provide you with our Apps and Services. We also collect, use and disclose your personal data to comply with legal and regulatory requirements and as otherwise may be permitted or required by applicable Canadian and international privacy laws. We will only use the personal data that we collect for the purposes for which it was collected. We collect your personal data for the following purposes and in accordance with applicable Canadian and international privacy laws:

• to provide you access to our Apps and Services;
• to verify your identity;
• to provide you with our Services as requested by you, including our products, training services and technical support;
• to establish and maintain commercial relations with you, including responding to your invoicing questions;
• to respond to questions that you send by email or through our Site;
• to contact you about the Services and the Apps, including notifying you about updates;
• subject to applicable law, to notify you about other services, events and apps provided by Marketcircle, which may be of interest to you;
• subject to applicable law, to provide you with newsletters and articles;
• to customize the appearance of the Site, Apps and Services displayed to you;
• to obtain your feedback regarding our Apps and Services, including our surveys;
• to track behavioural information on the Site and Apps to serve similar content upon future visits;
• to improve the Site, Apps and Services and help us develop new services, apps, tools and Site features;
• to support our business functions such as internal business processes, marketing and advertising; and
• to meet any legal or regulatory requirements.

4. When Do We Collect Personal data?

We may collect your personal data when you voluntarily provide it to us by using our Site, Apps and Services. For example, we may ask you to provide personal data if you:

• use our Site, Apps and our Services;
• register, update or create an account on our Site, Apps and our Services;
• sign into your account;
• purchase our Services;
• send us a question or comment by email or phone;
• post comments or other content on our Site, Apps and our Services;
• register to receive newsletters, articles and updates about our Services; and
• otherwise participate in features of our Site, Apps and our Services that ask for personal information.

Any personal data posted, used or disclosed on an Instagram page, LinkedIn page, Twitter page, YouTube page or other social networking page or site is subject to that website’s privacy policy, and is not subject to this Privacy Policy.

5. Limiting Collection of Personal data

We limit the collection of personal data to that which is necessary to fulfill the purposes identified in this Privacy Policy and we collect, use and disclose your personal data only in accordance with this Privacy Policy.

6. Use, Disclosure and Retention of Personal data

Your personal data will not be used without your consent for purposes other than those for which it was collected or in accordance with applicable Canadian and international privacy laws. From time to time, we may wish to use personal data for new or additional purposes, in which case we will amend the Privacy Policy to include these new or additional purposes and will obtain your consent through your continued use of our Site, Apps and Services. We will also let you know when this Privacy Policy is updated. We may generate Anonymous Data from personal data collected through the Site, Apps and Services by removing information that makes the data personally identifiable to an individual. Such Anonymous Data includes, but is not limited to, information we collect from your use of our Site, Apps and Services, such as the number of records and size of your database stored in our Services, sync information and information about the industry in which you operate. We may use this Anonymous Data and aggregated data for any reasonable purpose subject to applicable Canadian privacy laws.

We retain your personal data only for as long as we need it to fulfill the purposes for which it was collected, to ensure your compliance with our Terms of Service, and to comply with our legal obligations.

We may also use and disclose your personal data to service providers, data processors and other third parties (“Third Parties”) under the following limited circumstances:

• to Third Parties that help with our operations and Site, Apps and Services including, without limitation, for customer services, monitoring and analyzing Site activity, and operating and maintaining the Site. Such Third Parties may only use your personal data for the purposes described in this Privacy Policy;
• when necessary to protect our safety, property or other rights, our representatives, customers and users of the Site, including to detect and prevent fraud;
• if we sell or transfer all or a portion of our business or assets to a related company or a third party. Your personal data will remain subject to our pre-existing Privacy Policy unless you agree to the privacy policy of the company or third party that acquires your personal data;
• with your consent; or
• when otherwise required or permitted by law.

List of subprocessors:

• SurveyMoneky
• Kajabi
• Sumo
• Hello Bar
• Cloze
• Google Analytics
• MailChimp
• TimeTRade
• Zapier
• Zendesk

7. Legal basis for the processing under the GDPR

Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which you are the party, as is the case, for example, when processing operations are necessary to provide any service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Marketcircle is subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by Off The Range Ventures, LLC or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).

8. Account Deletion, Erasure and blocking of personal data

We shall process and store your personal data only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which we are subject. If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements. You may request that we terminate your account with us at any time. We will retain the personal data and database records associated with your account for up to ninety (90) days after we confirm that we have received your request to delete your account and personal data. We will then remove your personal data and database records from our servers, unless there is a legal or regulatory requirement for us to retain your data for a longer period. Your data cannot be recovered once it is removed from our servers.

We retain certain personal data of yours after your account is closed to support our business functions, such as payment details regarding the Site, App or Services. We only keep personal data as required by Canadian law. We may retain Anonymous Data, for our business purposes but none of this information will be in a form that could be used to reasonably identify you, whether alone or in conjunction with any other information.

9. Data Processors in Other Country

As discussed above, we may engage Third Parties to perform certain services on our behalf and to otherwise provide the Services. These Third Parties may store, process and transfer personal data on servers located outside of Canada in jurisdictions whose data protection laws may differ from those of Canada, such as the United States of America. As a result, personal data may be subject to access requests from governments, courts, or law enforcement in those jurisdictions according to the laws in those jurisdictions. For example, information may be shared in response to valid demands or requests from government authorities, courts and law enforcement officials in those countries.

10. Links to Other Sites

Our Site may contain links to other sites that are independently owned and operated by third parties. These other sites may have their own privacy policies and are not governed by this Privacy Policy. We are not responsible for the privacy practices or the content of any sites owned and operated by any third parties. Other sites may collect and treat information collected differently, so we encourage you to carefully read and review the privacy policy of each site you visit.

11. Providing Payment Information

We use Third Parties to process transactions through our Site and Services. At present, when you pay for our Services, your payment will be processed by Stripe, Inc. (“Stripe”), referred to as the “Third Party Processors”). We have used commercially reasonable efforts to select appropriate Third Party Processors who will maintain the confidentiality and security of your payment information. The Third Party Processors will collect payment information from you, such as your credit card numbers and expiration dates, Paypal account information and any other personal data necessary to process your payment.

Off The Range Ventures, LLC  does not save your complete payment information as we use tokenization. Your payment information is encrypted and sent directly from your web browser to the Third Party Processors who then provides us with a token. This token does not contain any personal data and is used to facilitate the payment process. Your payment information is saved by the Third Party Processors. Please note that Off The Range Ventures, LLC  does keep a portion of your credit card number as well as the type of credit card you used to purchase our products and services for verification and refund purposes.

Off The Range Ventures, LLC  and the Third Party Processors will send emails to you regarding the processing of your online payment. Your use of the Third Party Processors is governed by the agreement between you and those third party providers.

If you have any questions or concerns about your payment information or your agreement with Stripe, please contact Stripe at www.stripe.com. 

12. Cookies, Web Beacons and Other Similar Technology

As you interact with this Site, our Apps and Services, we may use automatic data collection technology and services that record and collect information that identifies your computer, tracks your use of this Site and Services and collects certain other information about you and your surfing habits. This data collection technology may include cookies, web beacons and other similar devices on this Site, our Apps and Services to enhance functionality and navigation for our visitors.

A cookie is a small data file that is placed on the hard drive of your computer so that your computer will “remember” information when you visit a site. Web beacons and tags are small strings of code that are used in conjunction with a cookie and allow us to record activity on our Site. Internet tags, graphic tags and similar web beacon type functions allow us to count the number of users who have visited a particular web page or to access certain cookies. We may use web beacons on this Site to count users and to recognize users by accessing our cookies. Being able to access our cookies allows us to personalize this Site and improve your experience at our Site. We may also include web beacons in HTML-formatted e-mail messages that we send to determine which e-mail messages were opened. Information tracked through these mechanisms includes, but is not limited to: (i) your IP address; (ii) the type of web browser and operating system being used; (iii) the pages of the Site a user visits; and (iv) other sites a user visited before visiting our Site. We may also employ cookies and action tags (also known as single pixel gifs or web beacons) to collect information about your use of, and activities on, our Site for our use but also for use by third parties that serve advertisements about Marketcircle on other sites you may visit. For instance, we may use Third Party programs/services, such as AdSense or AdWords run by Google Inc. (“Google”) to serve advertisements on our behalf across the Internet. These Third Party program/services may collect information about your visits to our Site, and your interactions with our Services. In addition to the information about your visits to our Site, Third Parties may also use the information about your visits to other sites to target advertisements for services available from Marketcircle. You can set your internet browser up so that you are notified when cookies are stored, you can decide in each individual case whether you want to accept cookies, or you can refuse to accept any cookies. However, if you do not accept cookies, you may be restricted in how you are able to use our Site. You can delete cookies that are already stored on your hard disk at any time. You will find more details on how to do this in the operating guide for your Internet browser program. 

As described above, you may be able to set your browser to refuse cookies. If you refuse cookies you may still receive online advertising, but it may be less personalized.

13. Third Party Analytics

Our Site uses third party analytics services such as Google Analytics, a web analytics service of Google.

Google Analytics use cookies to analyze how you use our Site and Mixpanel uses cookies to analyze how you use both our Site and App. The information generated by the cookie about your use of our Site or App (including your IP address) is sent to a server in the U.S. and stored there. Google will use this information to evaluate your use of our Site or App, as applicable, to compile reports for our Site and App operators and to provide other site or app activity related internet services. Additionally, Google may transfer this information to a third party when required by law or in the case of a third party processing information on Google's behalf. In no case will Google use your IP address in connection with any other information held by Google. You can set your internet browser to prohibit the installation of cookies, although we must point out that some features and functions of our Site will then be unusable. By using our Site, you consent to the processing of data about you collected by Google in the manner described and for the above-mentioned purpose. The consent for collection and storage of data by Google can be withdrawn at any time. 

Given the debate concerning the use of analytical tools using full IP addresses, we wish to point out that our Site uses the "Anonymize IP" function of Google Analytics that works with a shortened form of IP addresses to avoid direct personal identification. We also use the cookies to carry out frequency assessments, page usage assessments and marketing assessments. For these assessments, we use this cookie information without a link to your personal data, so it is completely anonymous.

14. Subscription Analytics

We use ChartMogul, a subscription intelligence platform of ChartMogul Ltd. (“ChartMogul”) to analyze the subscribers of our Services and provide customer insights and analytics. We send information regarding your subscription to ChartMogul who uses this information to generate subscriber metrics and insights. Additionally, ChartMogul may transfer this information to a third party when required by law or in the case of a third party processing information on ChartMogul’s behalf. By using our Services, you consent to the processing of your data by ChartMogul in the manner described and for the above-mentioned purpose.

15. Security

We maintain reasonable technical, physical and administrative security safeguards to protect your personal data against loss, theft, and unauthorized access. Any personal data that you provide to us is exchanged on a secured server. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we are committed to protecting your personal data, we cannot ensure or warrant the security of any information you provide to us.

We take reasonable steps to verify your identity before granting you access to your account on our Site, however, you are solely responsible for maintaining the secrecy of your username, password and any other account information. We also take reasonable steps to ensure that our employees are aware of the importance of maintaining the confidentiality of personal data and that unauthorized persons do not gain access to personal data that we have disposed of or destroyed.

16. Individual Access and Accuracy of Personal data, Rights of the data subject under GDPR

You may request access to your personal data which we may hold by contacting us at the contact information set forth below, and we will respond within the time periods provided for under applicable Canadian privacy laws. We will need to verify your identity before providing you with the personal data we hold about you. There is no cost for such access request unless you require copies of records. We may not be able to provide you with access to your personal data if the information cannot be separated from the personal data of others, cannot be disclosed for reasons of security or commercial confidentiality, or is protected by legal privilege. If we cannot provide you with access to your personal data, we will advise you of the reasons access is being denied, unless we are prohibited by law from doing so.

You may request to update and change your personal data at the contact information set forth below. We will endeavour to correct or complete any personal data which you advise us is inaccurate or incomplete. Where appropriate, the amended information will be transmitted to third parties having access to such information.

You and other data subjects have the following rights vis-à-vis Marketcircle in relation to personal data:

a) Right to be informed

b) Right of access

b) Right to rectification (correction of data)

c) Right to erasure

d) Right to restrict the processing of data

e) Right to data portability

f) Right to object