Privacy Policy

Updated: May 21, 2018

Hi there! I'm Echo Rivera, the owner of Creative Research Communications LLC I'm actually kind of excited that you're here. A privacy Policy is of those things that's really important, but like 99% of people don't actually read (myself included). So, my goal is to make this as interesting and straightforward as possible.

If you have any questions or concerns, or ever want to act on your right to be forgotten, don't hesitate to email me at echo@echorivera.com.

OK, Let's get one thing out of the way: 

I don't do creepy or gross things with your data. And I do NOT sell your data to ANYONE. 

I'm sure you've noticed that when you search for something online or visit some websites, all of a sudden a magical thing happens: their ads follow you everywhere on the internet, sometimes even across your devices. 

That, to me, is super creepy and super annoying. So guess what: I don't do that. I don't have code on my website so I can follow you around and throw ads in your face nonstop. Why? Because I personally hate that and I refuse to use your data in ways that I personally would object to. 

You can always unsubscribe from all emails, or opt out of specific emails.

At the bottom of EVERY email you get from me (unless I'm sending you a personal, 1:1 email) you can click unsubscribe. It's just a 1 click unsubscribe -- no tricks -- and you'll get unsubscribed from ALL emails that get sent from my email list. 

Also, when I'm sending several emails about a paid professional development opportunity, I'll have an option for you to opt out of just those, so you can stay on my email list if you want. 

I do collect and use your information for some stuff. Here's how, when, and why. 

>> What personal information I collect when you: visit my website.

My website is hosted on Squarespace, and they place cookies on your browser. That's so I can have cool stats to look at about what blog posts get the most views and when I need to get my act together to write a new blog posts because my unique visitor count has plummeted. So, that means they know you're an individual and unique person -- but when I look at it, it's all pooled together and I don't go in there looking for individual people. 

Beyond cookies, I don't collect anything or have information about people who visit my website. Like I just said above, I don't have tracking code to follow you around the internet or anything like that.

>> What personal information I collect when you: submit your email address to sign up for the Communication Cafe. 

Ok, yes. Let's talk about this. So, the Communication Cafe is my email list. When you sign up, you'll often get instant access to a welcome gift, such as a mini online course. Your information will be shared with my email hosting service, ConvertKit. 

Through ConvertKit, I will have the following information:

  • Your name (if provided) 
  • Your email address
  • Whether you confirmed your subscription (also called "double opt in") feature 
  • Your IP address 
  • Which emails you open
  • Which links you clicked 
  • Which online course or other resource of mine you've purchased (by connecting Teachable with ConvertKit)

What do I do with this information? 

Well, simply put, ConvertKit is how I send you emails and send you resources. If you don't confirm your subscription, then you aren't fully added to my list, so you aren't bothered with emails you didn't confirm that you wanted. 

If you do confirm, then I also have information about what emails you opened and which links you clicked. This is so I can have an accurate count on my open rates (so I can write better subject lines). I use the information about which links you clicked (or didn't) so I can send more tailored emails. For example, if you click a link that sends "Stop sending me emails about Blast Off to Stellar Slides" then you'll be automatically excluded from those emails." Sweet, right? Less emails for you! On the other hand, if you click on links related to a particular offer or service, then I'll send you emails about that. As one more example, if you're already a student of one of my courses, then I'll use this information to exclude from emails telling you about it. It's all about trying to send emails that are relevant to you, and temporarily excluding you from emails that won't be relevant to you.

This is also so every quarter I can send a re-engagement email to folks who have not opened an email from me in the last few months. A re-engagement email is one that says you're going to be deleted from my list unless you opt back in. That way, if you haven't been enjoying my emails, I'll go ahead an unsubscribe you and you don't even have to do anything. No hard feelings!

I don't use your IP address for anything, that's just something ConvertKit collects and you can learn more about that in their privacy policy. That isn't something I can disable. 

Ok. Now this is important: unless noted otherwise, I use this information to send you emails based on "legitimate interests." That means when you sign up for my email list -- the Communication Cafe -- I believe that it is entirely reasonable and expected to also send you information about both free and paid professional development opportunities related to effective and creative communication. In other words, I will send you "marketing" emails that share information about my paid training, mentoring, or custom design services. 

The reason I think this is reasonable and expected is because:

  • In our field (academia, science, evaluation, research), professional development opportunities are common and it is expected that many of these are for-cost opportunities. 
  • I've spent about 60 hours putting together EACH of the free online courses on my website. My free workshops and other live events are also about 20-40 hours of effort. These were unsponsored and unpaid, and I made them as awesome as I could so that if you wanted to invest in your professional development, you would think of me. It requires both a ConvertKit and Teachable subscription to host these. I don't use ads on my website -- or any ads at all, actually -- so the only way to sustain my resources is by offering these paid opportunities. This, to me, demonstrates a fair balance between your interests and my interests.
  • The impact of using this data to send another email with some information about an optional paid professional development opportunity is minimal. 
  • There is no other way to achieve this same result in a less intrusive way. Emails are already unintrusive, and part of this audience's everyday lives. Plus, you can literally unsubscribe (opt out), with one click, at any time. That's one reason I love ConvertKit: It's automatic at the bottom of every single email and takes just one click. Often, I will add an extra chance to temporarily exclude yourself from marketing emails without removing yourself from my list. That's two opportunities to opt out after you've heard my offer. 

Finally, if you purchase an online course from me you are automatically added to the Communication Cafe and may receive additional emails about other professional development opportunities. 

>> What personal information I collect when you: Purchase one of my online courses or sign up for my school on Teachable

My online school is hosted through Teachable. Through Teachable, I will have the following information:

  • Your name
  • Your email address
  • Whether you confirmed your subscription
  • Exactly when you signed up 
  • When you log in 
  • Your IP address 
  • Which lessons you've watched, and how many times 
  • Your overall progress in the course 
  • Whether your credit card payment fails (if applicable) 

Mostly, I just use this information to connect with ConvertKit so I can send you relevant emails. My courses all come with a satisfaction guarantee and a full refund within a time period, so I use this information to know when you signed up and, therefore, when the refund period ended. Otherwise, I personally don't really use this information to do anything specific. I don't look at individual students' individual activity. This isn't for a grade, it's entirely self-paced, so I really have no need. If a credit card payment fails, I get notified but after a few failed attempts Teachable will remove students from the course automatically, so I don't worry about it (or email students about it). 

>> What personal information I collect when you: Opt in to learn about a special bundle offer through one of my free online courses. 

Ok, so there is one situation where I only process your data in a certain way under the legal grounds of "consent." That's because it works a little differently than most of my other processes. 

Specifically, some of my online/email courses will mention an opportunity to learn about a special bundle offer. The last email of the course will mention how to get access to the special link and informational page about the bundle offer. You will be asked to provide affirmative, explicit consent to receive those emails because I use a third party to coordinate this bundle. 

Right now, this third party is Deadline Funnel. When you click on the link to give consent, it's a Deadline Funnel generated link that will collect your email address and create an enrollment deadline specific to when you clicked that link. Through Deadline Funnel, you will be directed to a temporary hidden informational page with special hidden links. Deadline Funnel will automatically delete the hidden page within the set timeframe. In order to do this, Deadline Funnel keeps your email address, IP address, and cookies for 2 years. 

That sounds complicated, so you might be wondering why I even do that? Well, my background is in psychology and I personally know how unlikely it is to do anything if there isn't a deadline attached to it. You can sign up for my courses or services 24/7, so to help you get over the fence and avoid procrastinating, I create a time-limited special offer. And, per GDPR regulations, if you request to have your tracking information deleted from Deadline Funnel, you can. Just email me and we'll get it sorted.

>> What personal information I collect when you: Donate to or send money my PayPal account (including Ko-fi) 

Omigosh you are the best if you've donated to my Ko-fi/PayPal account! Every donation helps. Truly. I get a notification when a payment comes in, and I get an email that has your PayPal email address. That's it, and I only use that to see if you follow me on Twitter (or elsewhere) so I can personally thank you :) 

>> What personal information I collect when you: Talk to or about me publicly on social media

When people say nice things about me or my website online, I may take a screenshot and share it in my emails to the Communication Cafe members or members of my Facebook Group. I will only do this if it doesn't share anything too personal, and if it's publicly available. So, for example, if your Twitter account is set to "private" or you've DM'ed me a story I will NOT share a screenshot. On the other hand, if you share something along the lines of "I really enjoyed @EchoechoR's email course" in your public account, then it is reasonable for me to assume that it is okay to share widely with others. If, however, you ask me not to (or to stop) then I will respect that. 


Legal Notices

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. I do not specifically market to children under the age of 13 years old. 

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices I will take the following responsive action, should a data breach occur:

I will notify you via email within 7 business days. I also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.


To be in accordance with CANSPAM, I agree to the following:

      • Not use false or misleading subjects or email addresses.

      • Identify the message as an advertisement in some reasonable way.

      • Include the physical address of our business or site headquarters.

      • Monitor third-party email marketing services for compliance, if one is used.

      • Honor opt-out/unsubscribe requests quickly.

      • Allow users to unsubscribe by using the link at the bottom of each email.