Trust

Privacy and Security Contact

support@diontraining.com

Florida, US

Your privacy is our priority. For a prompt response, include "!!!ATTENTION PRIVACY!!!" in the subject line of your email. (This is only for emails—please do not use it on the data request form below.)

The following is a list of third-party partners who assist us in processing the data we collect. Rest assured, we only collect the minimum data required to fulfill the services you purchased from us.

Data Processing Partners

Amazon DynamoDB

  • URL: AWS DynamoDB
  • Location/Region: us-east-1
  • Data Shared: Email, First Name, Last Name, Business Details, Transaction Details
  • Purpose: Our data is being stored in AWS DynamoDB. All data stored in this manner is encrypted when at rest.

Amazon S3 Bucket Services

  • URL: AWS S3 Bucket
  • Location/Region: us-east-1
  • Data Shared: Email, First Name, Last Name, Business Business Details.
  • Purpose: AWS S3 buckets are used as an additional method for storing data. All data stored in this manner is encrypted when at rest.

Endorsal

  • URL: Endorsal
  • Location/Region: United States
  • Data Shared: Email, First Name, Last Name.
  • Purpose: A platform for collecting, managing, and displaying customer testimonials to enhance social proof and credibility.

Facebook Pixel

  • URL: Meta Pixel
  • Location/Region: United States
  • Data Shared: IP Address.
  • Purpose: Used as a tracking tool that allows us to measure, optimize, and build targeted advertising campaigns by collecting data on user interactions with our website.

Google Analytics

  • URL: Tag Manager
  • Location/Region: United States
  • Data Shared: IP Address.
  • Purpose: A service that tracks and reports website traffic, user behavior, and conversions to help us optimize our online presence.

Facebook Conversion Tracking

  • URL: Conversion Tracking
  • Location/Region: United States
  • Data Shared: IP Address.
  • Purpose: Helps us track user actions on our website after interacting with Facebook ads, enabling performance measurement and ad optimization.

Shopify

  • URL: Shopify GDPR
  • Location/Region: United States
  • Data Shared: Email, Phone Number, First Name, Last Name, Business Information, Payment Information, IP Address.
  • Purpose: Shopify is an e-commerce platform that enables us to create, manage, and optimize our online stores for selling products and services.

Klaviyo

  • URL: Klaviyo
  • Location/Region: United States
  • Data Shared: Email, First Name, Last Name, Business Information.
  • Purpose: A marketing automation platform that helps us personalize email and SMS campaigns based on customer behavior and data insights.

Freshworks

  • URL: Freshdesk
  • Location/Region: United States
  • Data Shared: Email, First Name, Last Name, Business Information.
  • Purpose: A customer support software that helps us manage and resolve customer inquiries efficiently through ticketing, automation, and multichannel support.

Avalara

  • URL: Avalara
  • Location/Region: United States
  • Data Shared: Payment Information.
  • Purpose: A tax compliance automation platform that helps us calculate, collect, and remit sales tax, VAT, and other transaction taxes accurately across different jurisdictions.

Stripe

  • URL: Stripe
  • Location/Region: United States
  • Data Shared: Payment Information, Email, IP Address, First Name, Last Name.
  • Purpose: A payment processing platform that enables us to accept online payments, manage subscriptions, and handle financial transactions securely.

WebinarNinja

  • URL: WebinarNinja
  • Location/Region: United States
  • Data Shared: Email, First Name, Last Name, IP Address.
  • Purpose: An all-in-one webinar platform that allows us to host live, automated, hybrid, and series-based webinars for engagement and lead generation.

PandaDoc

  • URL: PandaDoc
  • Location/Region: United States
  • Data Shared: Email, First Name, Last Name, Business Information, Payment Information, Phone Number.
  • Purpose: A document automation platform that enables us to create, send, track, and eSign proposals, contracts, and other agreements efficiently.

MongoDB

  • URL: MongoDB
  • Location/Region: United States
  • Data Shared: Email, First Name, Last Name.
  • Purpose: A NoSQL database platform that enables us to store, manage, and retrieve large volumes of unstructured data with high scalability and flexibility.

Below is a list of ongoing tasks we work on to ensure that we are, and remain GDPR compliant.

Compliance Tasks

Application Site Security

  • Enable SSL/TLS Encryption for Secure Website Access
  • Enforce HSTS for Secure HTTPS Connections
  • Implement Encryption for Database-Stored Personal Data
  • Implement Approved Third-Party Data Scripts
  • Enforce Data Minimization for User Signups
  • Enable Explicit User Consent Across Website
  • Implement Data Retention and Inactive User Policies
  • Implement Secure Data Handling Practices for Development Environments
  • Implement Intrusion Detection for Threat Monitoring
  • Encrypt and Secure Backup Storage
  • Restrict Backup Access to Authorized Users
  • Validate and Maintain Secure Database Backups
  • Communicate GDPR Compliance Information to Users
  • Record and Enforce Personal Data Handling Policies for Staff
  • Restrict Logging of Personal and Sensitive Data

Data Mapping

  • Implement Helpdesk Service with Authorized Partners
  • Enable Web Analytics with Approved Data Partners
  • Implement Secure File Collaboration with Data Partners
  • Enable Secure Error Monitoring with Data Partners
  • Implement Secure Internal Email Service with Data Partners
  • Implement Web Font Services with Approved Data Partners
  • Enable Secure Transactional Email Service with Partners
  • Implement Secure Email Newsletter Service with Partners
  • Enable Secure CDN Services with Data Partners
  • Establish Secure Database Partnership
  • Enable Secure Performance Monitoring with Data Providers

Marketing Site Security

  • Enable SSL/TLS Encryption for Secure Marketing Site Access
  • Audit and Manage Site Access Permissions
  • Enable HSTS for Secure HTTPS Enforcement on Marketing Site

Privacy Procedures

  • Designate a Data Protection Officer (DPO) for Compliance Oversight
  • Secure Management Approval for GDPR Compliance Plan
  • Implement Process for Managing Data Subject Access Requests
  • Implement Process for Handling Data Correction Requests
  • Review and Revise Privacy Policy for Compliance
  • Developed and Secured Management Approval for Data Protection Policy
  • Formalized Data Processing Agreement

Security Procedures

  • Provide Public Access to Security and Data Issue Reporting
  • Developed Data Breach Notification and Response Policy

Frequently Asked Questions

What is GDPR?
GDPR (General Data Protection Regulation) is a European Union regulation designed to protect the privacy and personal data of EU citizens, setting guidelines for data collection, processing, storage, and transfer.

What is CCPA?

CCPA (California Consumer Privacy Act) is a California state law that grants residents the right to access, delete, and opt-out of the sale of their personal data, enhancing privacy and consumer protection.

What is PIPEDA?

PIPEDA (Personal Information Protection and Electronic Documents Act) is a Canadian federal law that governs how private sector organizations collect, use, and disclose personal information in the course of commercial activities.

How do I report a security issue?

To report a security issue, email Support with "!!! ATTENTION PRIVACY !!!" in the subject line for a faster response.

How can I request a Data Protection Agreement/Addendum?

To request a Data Protection Agreement/Addendum, email Support with "!!!ATTENTION PRIVACY!!!" in the subject line for a faster response.