Effective: May 25, 2018

This Privacy Policy covers CMX Media, Inc.’s (“CMX”) policies on the collection, use, and disclosure of Personal Data/Personally Identifiable Information (as defined by applicable law and hereinafter collectively referred to as “Personal Data”) when visitors and customers (collectively “Users”) access cmxhub.com (“Site”) and related sites made available by CMX through the Site and/or the CMX mobile applications (collectively the “Platform”).

CMX, Inc. is Delaware corporation with offices in the United States. CMX collects Personal Data from its users around the world and processes, transfers and stores data within the United States. By checking the “I consent to the Privacy Policy” box and subject to your opt-in/opt-out preferences, you consent to the collection, use and disclosure practices identified in this Privacy Policy.

1. What Information Is Collected by CMX And How Is It Used?

Account Creation Information: When you sign up to enroll in a training program, purchase an event ticket, or otherwise sign up for or request access to the services and products offered through the Site, users may be asked to enter your name, email address, mailing address, phone number, company, job title, team size or other company-related details to register the company or otherwise facilitate purchase of the products and/or services. Emails submitted to the Site may also be utilized to (i) provide information regarding our services; and/or (ii) to communicate material changes to our Terms of Service and Privacy Policy.

Email Addresses: Users may optionally provide their email address to subscribe to our newsletters or to obtain additional information regarding our products and services. Users may unsubscribe at any time through the opt-out link contained within those communications.

Cookies: CMX utilizes cookie technology to gather information on Internet use in order to serve users more effectively. As described in Section 2, CMX also utilizes third party analytics services which may also use tracking cookies to provide information about the use of our Platform. Users can set their browser to remove or reject cookies and/or accept or refuse cookies on the cookie consent banner on the Site itself. You can also manage cookies for any online advertising service via the consumer choice tools created under self-regulation programs, such as the US-based aboutads.info choices page or the European Union (“EU”) based Your Online Choices. Please be advised, however, that some Site features/services may not function properly without cookies.

2. Is Information Collected By Or Disclosed To Third Parties?

CMX does not sell, trade, rent, or lease Personal Data to any third parties, unless we provide users with notice before they opt-in. Information is shared with website hosting partners, such as Kajabi, Flywheel, Teachable and WordPress and other parties necessary for the provision of services and operating our website, subject to confidentiality agreements entered into between CMX and such third party service providers. In addition, CMX utilizes the following data processors:

Managed Email Services: CMX utilizes MailChimp to assist in customizing its email marketing campaigns to its customers. Users should review the hyperlink privacy policies for more information about their data collection and use practices.

Credit or Debit Card Information: CMX does not itself store debit or credit card information on its servers. CMX offers Stripe and PayPal as third party payment processors to process purchases on the Site. For more information on the data collection and use practices of these payment processors, please review Stripe’s Privacy Policy and PayPal’s Privacy Policy. CMX also utilizes Zoho to track purchase order and payment information.

Event Ticketing Sales: CMX utilizes Picatic to facilitate the purchase of tickets and registration of events offered on the Site. User’s should review Picatic’s Privacy Policy for more information on their data collection and use practices.

Online Forms: Google Sheets is utilized on the Site to enable users to input pertinent information relating to the registration of events and purchase of tickets, products and services offered through the Site. Users should review Google’s Privacy Policy. Users can review and manage their key Google privacy settings using Google’s Privacy Checkup tool. CMX also uses TypeForm for users to optionally provide information for online surveys and other forms relating to our products and services. Users should click on the TypeForm hyperlink for more information about their data collection and use practices.

Customer Relations & Event Management: CMX utilizes Hubspot to manage its customer relationships based upon the Personal Data provided by its webinar/event registrants, email subscribers, Facebook Group Members, speaker applications, and customers who purchase products and services through the Site. Users should review HubSpot’s Privacy Policy and Instapage’s Privacy Policy for more information on their data collection and use practices. CMX may also use Bevy for event management purposes.

Geolocation Data: CMX has integrated the Google API to incorporate Google Maps and to utilize geolocation of events and users in connection with the services. Users should review Google’s Privacy Policy. Users can review and manage their key Google privacy settings using Google’s Privacy Checkup tool.

Anonymous Data — Analytics: CMX uses Google Analytics as a web analytics tool to collect information anonymously. Google Analytics provides a report to CMX with website trends without identifying individual visitors. Google Analytics collects anonymized information in accordance with their Privacy Policy. However, if you do not want your Personal Data to be used by Google Analytics, you may opt-out by installing Google Analytics Opt-out Browser Add-on.

Sharing Services: Users may follow CMX and/or share information on Facebook, Twitter, and LinkedIn, as well as other additional social media/sharing services/sites Users who follow/share on such third party sites are subject to the data collection and privacy practices of such third party sites. Users should click on the applicable Privacy Policies for each site to review for more detail about information collected from these sites.

Google AdSense: CMX uses Google AdSense Advertising to serve ads on the Site. Users can block or customize ads from their device/browser at Google AdSense Choices. Users can also install Google’s DoubleClick Opt-Out Add On to set your preferences to opt-out of personalized ads.

Third Party Advertising/Re-Targeting Services: When accessing the Platform, third party advertising services may place a cookie on your browser, which may be used to target relevant advertisements to you when you visit third party websites. Users may opt-out from receiving targeted advertisements by visiting the (1) Network Advertising Consumer Opt-Out page, (2) Digital Advertising Alliance Opt-Out page, and/or (3) the opt-out provisions pertaining to the applicable advertising services/retargeting provider.

Other Potential Third Party Disclosures: Personal Data may also be disclosed to third parties to serve our legitimate business interests as follows: (1) as required by law, such as to comply with a subpoena, or similar legal process, (2) if CMX is involved in a merger, acquisition, or sale of all or a portion of its assets, (3) to investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (4) enforce our agreements with you, and/or (5) investigate and defend ourselves against any third-party claims or allegations. We will use commercially reasonable efforts to notify users about law enforcement or court ordered requests for Personal Data unless otherwise prohibited by law.

3. How Does CMX Comply With The Children’s Online Privacy Protection Act and GDPR Regulations Relating to Children?

We do not market our services or knowingly collect Personal Data from children. If a parent or guardian becomes aware that his or her child (a) under the age of 16 in applicable EU Member Countries, or (b) under the age of 13 in the U.S. and applicable EU Member Countries, has provided us with Personal Data without their consent, he or she should contact CMX at [email protected]. We will delete such Personal Data from our files within a commercially reasonable time, but no later than required under the applicable law relating the child’s country of residence.

4. How Long Does CMX Retain Personal Data Collected?

We will retain account and purchase data as long as it is necessary to facilitate services to our customers. When a customer’s account is terminated, Personal Data collected through the Platform will be deleted in accordance with the requirements of applicable law. Personal Data obtained from Site visitors will be maintained as long as it is necessary to provide requested communications and information-based services or until a visitor exercises its right to opt-out of requested communications or information-based services. Anonymized and Pseudo-anonymized data will be retained as long as CMX determines such data is commercially necessary for it legitimate business interests.

5. EU General Data Protection Regulation (“GDPR”) Notices

Data Controller. The information that we collect, process and/or use through the Platform is controlled by CMX, 44 Tehama St, San Francisco, CA 94105. You may contact us at any time by emailing us at [email protected].

We will only collect and process Personal Data about you where we have lawful bases. Lawful bases include consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you, and “legitimate interests.” Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful bases upon which we collect and use your personal data, please contact us at [email protected].

Users within the EU may email CMX at [email protected] in order to exercise their GDPR rights to:

  • Access, review, restrict processing of, or otherwise request erasure of your Personal Data;
  • Obtain the identity of the source of any Personal Data collected;
  • Request correction of any errors contained within your Personal Data;
  • Request transfer your Personal Data to another service provider;
  • Object to the manner in which your Personal Data is processed; or
  • Lodge a complaint with a supervisory authority.

Where we rely on your consent to collect Personal Data, you may withdraw your consent either through the opt-out links provided in this Privacy Policy or through the contact information contained within this Section.

For all GDPR-based requests made pursuant to this section, CMX will (a) respond as required under applicable law, (b) provide a copy of any requested Personal Data in a structured, commonly used and machine-readable format, and (c) transmit such Personal Data to another service provider without restriction in accordance with applicable law.

6. Privacy Shield Notice For Users In The European Union

CMX complies with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively.

Certification. CMX has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. (collectively, the “Privacy Shield Principles”). If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Accountability for Onward Transfer.

CMX requires that its integrated service providers that have access to personal information from EU consumers have either self-certified to the Privacy Shield Principles, are subject to the EU Privacy Directive, or enter into a written agreement with us that requires them to provide at least the same level of privacy protection as is required by the relevant Privacy Shield Principles. CMX is potentially liable if such third party service providers process your personal information in a manner that is inconsistent with the Privacy Shield Principles.

Access. You may ask to review and correct the personal information that we maintain about you by sending a request to [email protected].

Complaints. In compliance with the EU-US Privacy Shield Principles, CMX. commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union with inquiries or complaints regarding our Privacy Shield policy should first contact CMX at [email protected] or by mail to: CMX, Inc. 44 Tehama St, San Francisco, CA 94105.

  • No Cost Dispute Resolution. In the event complaints cannot be resolved by CMX, they will be referred to the Council of Better Business Bureaus (“CBBB”), a non-profit organization based in the United States which provides an alternative dispute resolution mechanism to resolve EU Privacy Shield complaints. CMX will cooperate with the CBBB during the dispute resolution process relating to complaints brought under Privacy Shield. These recourse mechanisms are available at no cost to you. For more information on how EU Consumers may file a complaint, see BBB EU Privacy Shield — https://www.bbb.org/EU-privacy-shield/for-eu-consumers/.
  • FTC Jurisdiction. The Federal Trade Commission has jurisdiction over Event Geek’s compliance with this Privacy Policy and the EU-US Privacy Shield Framework.
  • Privacy Shield Panel — Binding Arbitration. As a last resort, privacy complaints that remain unresolved after pursuing these and other channels may be subject to binding arbitration before the Privacy Shield Panel to be created jointly by the US Department of Commerce and the European Commission and/or the Swiss Government, as applicable to the dispute.

7. Your California Privacy Rights

California law permits California-resident Customers to request and obtain from CMX once a year, free of charge, certain information about their Personally Identifiable Information (“PII”) (as defined by California law) disclosed to third parties for direct marketing purposes in the preceding calendar year (if any). If applicable, this information would include a list of the categories of PII that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year.

8. What Is CMX’s Security Policy?

We have implemented reasonable administrative, technical and physical security measures to protect your personal information against unauthorized access, destruction or alteration. Communications are encrypted pursuant to a Cloudflare and Flywheel generated SSL certificate. However, although we endeavor to provide reasonable security for information we process and maintain, no security system can ever be 100% secure.

In addition, CMX utilizes a PCI-DSS compliant third party payment processor to ensure the security of Subscriber’s Personal Data. Subscribers should review Stripe’s Security Policy for more information on their security practices.

9. How Does The Platform Respond To “Do Not Track” Signals?

“Do Not Track” is a feature enabled on some browsers that sends a signal to request that a website disable its tracking or cross-Platform user tracking. At present, the Platform does not respond to or alter its practices when a Do Not Track signal is received.

10. How Will I Be Notified of Changes to Your Privacy Policy?

If we make material changes to our Privacy Policy, we will notify you by (1) changing the Effective Date at the top of the Privacy Policy, (ii) sending an email to all active account holders, and (iii) add a banner/notification to the Platform itself. Express consent will be obtained when required for any material changes in CMX’s collection and use practices.

11. Contact Us

If you have any questions regarding your Personal Data or about our privacy practices, please contact us at: CMX, Attention: Privacy Department, 44 Tehama St. San Francisco, CA 94110 or at [email protected].

Facebook Comments