This privacy notice provides you with details of how we collect and process your personal data through your use of our sites: www.shandatrofe.com; www.shandatrofe.co; www.jumpstartyourbook.com.
By providing us with your data, you warrant to us that you are over 13 years of age.
Write from the Heart LLC is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice)
Full name of legal entity: Write from the Heart LLC
Owner: Shanda Trofe
Email address: firstname.lastname@example.org
Address: PO Box 66202 St. Pete Beach, FL 33736
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at email@example.com.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Open a Support Ticket or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
• To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
• To improve our website in order to better serve you.
• To allow us to better service you in responding to your customer service requests.
• To quickly process your transactions.
• To send periodic emails regarding your order or other products and services.
• To follow up with them after correspondence (live chat, email or phone inquiries)
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use 'cookies'?
• Help remember and process the items in the shopping cart.
• Understand and save user's preferences for future visits.
• Keep track of advertisements.
• Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off it will turn off some of the features of the site.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it's release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.
We have implemented the following:
• Remarketing with Google AdSense
• Google Display Network Impression Reporting
• Demographics and Interests Reporting
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Can change your personal information:
• By emailing us
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It's also important to note that we allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email
• Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
• Send information, respond to inquiries, and/or other requests or questions
• Process orders and to send information and updates pertaining to orders.
• Send you additional information related to your product and/or service
• Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at
• Follow the instructions at the bottom of each email.
and we will promptly remove you from ALL correspondence.
EU General Data Protection Regulation (GDPR) Protection Law
The GDPR (General Data Protection Regulation) protection law describes how organizations who conduct business with individuals or entities located in EU (European Union) nations — including Write from the Heart LLC — must collect, handle, and store personal information. These rules apply regardless of whether data is stored electronically, on paper, or in any other manner. To comply with the law, personal information must be collected and used fairly, stored safely, and not disclosed unlawfully.
The EU GDPR is underpinned by eight core principles. These state that personal data must:
Be processed fairly and lawfully
Be obtained only for specific, lawful purposes
Be adequate, relevant, and not excessive
Be accurate and kept up to date
Not be held for any longer than necessary
Processed in accordance with the rights of data subjects
Be protected in appropriate ways
Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection
Every day our business will receive, use, and store personal information about our customers, affiliates, partners, and colleagues. It is important that this information is handled lawfully and appropriately, in line with the requirements of the Data Protection Act 2018 and the General Data Protection Regulation (collectively referred to as the ‘Data Protection Requirements’). We take our data protection duties seriously, because we respect the trust that is being placed in us to use personal information appropriately and responsibly.
About This Policy
This policy and any other documents referred to in it, sets out the basis on which we will process any personal data that we collect or process. This policy does not form part of any employee’s contract of employment and may be amended at any time. The company as a whole is responsible for ensuring compliance with the Data Protection Requirements and with this policy. Any questions about the operation of this policy or any concerns that the policy has not been followed should be referred in the first instance to the Data Protection Officer.
What is Personal Data?
Personal data is defined as data, (whether stored electronically or paper based) relating to a living individual who can be identified directly or indirectly from that data, (or from that data and other information in our possession). Processing is any activity that involves use of personal data. It includes obtaining, recording, or holding the data, organizing, amending, retrieving, using, disclosing, erasing, or destroying it. Processing also includes transferring personal data to third parties under privacy control conditions. Sensitive personal data includes contact info, address, session activity on the platform, IP location etc. Sensitive personal data can only be processed under strict conditions, and used for express purpose that it was collected for.
Data Protection Principles
Anyone processing personal data, must ensure that data is: Processed fairly, lawfully and in a transparent manner. Collected for specified, explicit, and legitimate purposes and any further processing is completed for a compatible purpose. Adequate, relevant and limited to what is necessary for the intended purposes. Accurate and where necessary, kept up to date. Kept in a form which permits identification for no longer than necessary for the intended purposes. Processed in line with the individual’s rights and in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures. Not transferred to people or organizations situated in countries without adequate protection and without firstly having advised the individual.
Fair and Lawful Processing
The Data Protection Requirements are not intended to prevent the processing of personal data, but to ensure that it is done fairly and without adversely affecting the rights of the individual. In accordance with the General Data Protection Regulation (GDPR), we will only process personal data where it is required for a lawful purpose. The lawful purposes include (amongst others): whether the individual has given their consent, the processing is necessary for performing a contract with the individual, for compliance with a legal obligation, or for the legitimate interest of the business. When sensitive personal data is being processed, additional conditions must be met.
Your Legal Rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
You can see more about these rights at:
If you wish to exercise any of the rights set out above, please email us at firstname.lastname@example.org.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one week. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
PO Box 66202
St Pete Beach, FL 33736
Last Edited on 05/03/2022