Last Updated: June 29, 2020
What this policy covers
Your privacy and maintaining the privacy of your information is very important to us. This policy is intended to help you understand the following:
- What information we collect about you
- How we use the information we collect
- How we share the information we collect
- How we store and secure the information we collect
- How to access and control your information
- How we make changes to this policy
- How to contact us with questions about privacy
This policy covers all websites, products and services offered by Economic Security Planning, Inc., under the following brands (hereafter referred to as “we,” “our services,” or “our sites”):
- Maximize My Social Security
- MaxiFi Planner
- Analyze My Divorce Settlement
- Economic Security Planning, Inc. (this site)
- We do not sell your personal information to any third party in any form.
- We encourage you to only enter required information into online forms and to be cautious sharing personal information via email. We don't require your real name, so you can run our programs with any name you want, or even with no name. We don't require Social Security Number or any account numbers in any of our programs.
- None of our services are intended for children under 16 years of age. If you are under 16, do not access our services or provide any personal information to us whatsoever.
What information we collect about you
Information we collect about you falls into three broad categories: information you provide to us, information we collect automatically, and information from other sources.
Information you provide to us
You provide information to us by using our programs, filling out website forms, or contacting support staff. This information falls into the following categories:
- Contact Information: Entered through a contact form, support ticket, or emailed during interactions with support staff, this is your email address or other contact information and the contents of your message, email, or question.
- Account Information: Username, email address, password, and optionally picture, time zone, phone number for two-factor authentication, and (for professionals) basic contact information about your business.
- Order Information: Information associated with an order for our products or services, which includes full name, billing address, country, email, product purchased, purchase price, and sales tax. We do not store credit card information.
- Demographic and Financial Data: Demographic and financial information collected via forms in our services, emailed to support staff, or discussed during phone consultations with support staff.
Information we collect automatically
As you browse our websites we use automatic tracking technologies to record limited information. The information we gather is:
- Page Information: Which pages you enter and exit on and visit in between, how long you stay on pages, and also occasionally interactions with pages such as buttons or links clicked or videos watched.
- System Information: Operating system, web browser version, and information about your device such as phone or tablet.
- Visit Information: Approximate geographic location (using the first three segments of the IP address, not your specific IP address), whether you are a return visitor or not.
Information from other sources
Third party services we use provide supplemental information as part of their services.
- Google Analytics Supplemental Data: Our web traffic analytics provider, Google Analytics, includes information about the demographics and interests of visitors to our public websites. They derive this information based on a unique “cookie” or tag placed in your web browser. The data is not otherwise associated with personal information such as name, address, etc., and is only reported in aggregate, depersonalized fashion.
- Constant Contact Supplemental Data: Our marketing email provider, Constant Contact, provides information about responses to emails we send out, such as whether emails were opened and links clicked, or whether emails were blocked or bounced.
How we use the information we collect
We use Account and Order Information to process your orders, provide you with access to the services you have purchased, prevent fraud, and ensure data security. We also use this information to send Account-Based (non-marketing) emails such as new account information, renewal notices, receipts, invoices, and critical service alerts; you cannot opt out of receiving Account-Based emails.
We use Demographic and Financial Data to produce the deliverables of the products and services you have purchased, which are typically reports based on your Demographic and Financial Data.
If you contact us for support in your use of our services (including our extended support services sometimes known as “Expert Reviews”), we use, as needed, Demographic and Financial Data along with Order, Contact, and System Information to fulfill your support request. We only examine Demographic and Financial Data of a customer upon their explicit request for customer support in their use of our services.
We use Page, System, and Visit Information and Google Analytics Supplemental Data to perform research and analysis to better understand our customers’ needs, to appropriately price and promote our services, to develop new services and features, and to troubleshoot errors in delivery of our services.
We use Constant Contact Supplemental Data, at an aggregate level, to better understand our customers’ preferences regarding marketing content so we can provide relevant content to customers such as information regarding improvements to the services they have purchased.
How we share the information we collect
We do not sell your personal information to any third party in any form. We share your information in the following ways:
Amazon Web Services
Our services store your Contact, Account, and Order Information as well as Demographic and Financial Data in Amazon Web Services managed databases. Data is transmitted and stored in encrypted format and is only accessible by our application servers.
We share Order Information with Avalara for purposes of calculating state sales tax for purchases billed to U.S. addresses.
When you opt in to receiving marketing emails, we share your email address with Constant Contact, which is the service we use for managing our marketing email lists. The email address is only accessible in our account at Constant Contact.
We use Freshdesk for customer support. When you contact us via a Help widget or Contact form or via our product email addresses, your email address and any other information you send to us and that is contained in subsequent communications between you and our support staff is processed and stored by the Freshdesk service.
We share Page, System, and Visit Information with Google Analytics, who aggregates the data for our use in analytical reporting to improve our services. No personal information is included in the data sent to Google Analytics and Google Analytics only stores the first 3 segments (octets) of your IP address which is used for approximate location reporting.
Similar to Google Analytics, Hotjar collects Page, System, and Visit Information, including detailed information about time spent on a page, mouse movements and clicks that provides us with analytical reporting to improve our services. Note that we do not use Hotjar on any page where you are entering any data into a form so no personally identifiable information is shared with Hotjar.
We use the MailChimp service to reliably send Account-Based emails (new account information, renewal notices, receipts, etc.). Therefore, we share some Account and Order Information with MailChimp within content of the emails. The email data is retained in MailChimp logs for approximately 30 days.
We share Order Information with Stripe for the purposes of processing your payments. In addition to the Order Information we retain, Stripe also receives your credit card information.
In order to send validation codes to your phone if you set up optional two-factor authentication, your phone number, but no other personal data, is shared with the Twilio service.
On some of our sites we embed YouTube videos to explain or showcase our software. If you click on a video to watch it, YouTube collects Page, System, and Visit information.
How we store and secure the information we collect
We follow best practices in the financial software industry to keep your data safe and secure.
- All communication between your browser and our servers uses up to 256-bit encryption.
- Any data stored in our application database at Amazon Web Services is secured using industry-standard AES-256 encryption.
- If using the Maximize My Social Security or MaxiFi Planner applications, you can optionally set up Two-Factor Authentication (TFA) for your account to require log in verification by a code sent to your mobile phone.
- All data is stored in data centers that are protected 24/7 with biometric checkpoints, video surveillance and other industry-standard techniques.
- All data resides in data centers within the United States.
- We regularly engage third parties to review and test our application and server security.
Currently we retain all data indefinitely, with the exception of Demographic and Financial Data which we retain in a customer account for 6 years from the last time the account was accessed.
How to access and control your information
We strive to allow you to easily view, modify, and delete information we collect except where we need to retain that information for legitimate business purposes. In addition, we provide straightforward ways to opt out of any automated data capture or marketing programs.
- Contact Information: Contacts made via our contact forms or email and any responses will be available in your own email account if you choose to retain the information. Support tickets and any responses can be viewed in the system in which they were entered and can be deleted upon request.
- Account Information: You can view your account information by logging into your account. Accounts are typically accessible even if your subscription has expired. You can modify certain information for your account, such as your email address. You can request deletion of your account by our support staff but you must first log in to your account in order to confirm your identity.
- Order Information: You can view past orders by logging in to your account. We retain order information indefinitely.
- Demographic and Financial Data: You can log into your account for the appropriate service and view, modify or delete all information. If your subscription is no longer active you can request deletion of your Demographic and Financial Data by our support staff but you will need to first log in to your account in order to confirm your identity.
- Constant Contact Supplemental Data: You can manage your Constant Contact preferences, including opting out of all marketing email communication from us, by simply clicking the link in the footer of any email you’ve received from us through Constant Contact. If for some reason you cannot do that, see the contact information below and send us a request to remove your email address from our lists.
How we make changes to this policy
May 22, 2018: Initial version
May 26, 2018: Clarified Constant Contact opt in and opt out information
May 2, 2019: Removed references to ESPlannerBASIC Canada
March 2, 2020: Removed reference to ESPlannerBASIC. Removed references to non-AWS data centers that are no longer used. Updated statement on encryption bit strength.
April 6, 2020: Changed payment processor info from PayPal to Stripe.
June 29, 2020: Alphabetized third party services list, added Freshdesk.
How to contact us with questions about privacy