← Back to SiteLast updated: June 3, 2025

Legal · Privacy

Privacy Policy

This Privacy Policy describes how Dr. Mark Campbell, PhD ("we," "us," or "our") collects, uses, stores, and protects personal information obtained through https://markcampbellphd.com. It is governed by applicable United States federal and state privacy, cybersecurity, and consumer protection laws.

Effective Date: June 3, 2025  ·  This policy applies to all visitors, customers, and users who access or interact with our website and services.

Information We Collect

We collect personal information in the following ways when you use our website:

A. Information You Provide Directly

  • Contact & Booking Form: Full name, organisation, email address, event date, and message content.
  • Book Purchases: Full name, email address, phone number, and billing address (collected by Stripe at checkout).

B. Information Collected Automatically

  • Log Data: IP address, browser type, operating system, referring URLs, and pages visited, collected automatically by our hosting provider (Vercel).
  • Device Information: Screen resolution, browser version, and language preference.

C. Payment Information

We do not store credit or debit card numbers on our servers. All payment data is collected and processed directly by Stripe, Inc., a PCI DSS Level 1 certified payment processor. We receive only a confirmation of payment and basic order details.

How We Use Your Information

We use the personal information we collect for the following purposes:

  • To process and fulfil book orders and provide purchase confirmations
  • To respond to speaking engagement and booking inquiries
  • To send transactional emails (order confirmations, booking acknowledgements)
  • To communicate follow-up information related to purchased products or requested services
  • To maintain and improve the security and performance of our website
  • To comply with legal obligations under applicable US federal and state law
  • To detect and prevent fraudulent transactions and abuse

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

Legal Basis (US Applicability): Our processing of personal information is based on contractual necessity (fulfilling your order or inquiry), legitimate business interests (security, fraud prevention), legal compliance, and — where required — your consent.

Payment Processing (Stripe)

Book purchases on this website are processed by Stripe, Inc. (185 Berry St, Suite 550, San Francisco, CA 94107). When you complete a purchase:

  • You are redirected to Stripe's secure, hosted checkout page
  • Your payment card details are entered directly into Stripe's encrypted environment
  • We receive a payment confirmation, your name, email, phone number, and billing address
  • Card numbers, CVV codes, and full financial account details are never transmitted to or stored on our servers

Stripe's data practices are governed by the Stripe Privacy Policy. Stripe is certified as a PCI Service Provider Level 1 — the highest level of payment security certification available under the Payment Card Industry Data Security Standard (PCI DSS).

CRM & Email Communications (GoHighLevel)

When you purchase a book or submit a booking inquiry, your contact information is transmitted to GoHighLevel (HighLevel, Inc.), a customer relationship management (CRM) platform we use to:

  • Store your contact record (name, email, phone, address)
  • Send you transactional and follow-up emails
  • Manage speaking engagement inquiries and responses
  • Track communication history for service delivery purposes

GoHighLevel's data practices are governed by the GoHighLevel Privacy Policy. Your data is only used to deliver the services you have requested.

Data Sharing & Disclosure

We share personal information only in the following circumstances:

  • Service Providers: Stripe (payments), GoHighLevel (CRM/email), and Vercel (website hosting) receive data solely to perform services on our behalf and under confidentiality obligations.
  • Legal Compliance: We may disclose information when required by law, court order, subpoena, or government authority, including under the Electronic Communications Privacy Act (ECPA) and applicable state laws.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction, subject to equivalent privacy protections.
  • Safety & Fraud Prevention: We may share information to protect the rights, property, or safety of Dr. Mark Campbell, our users, or the public — including reporting suspected violations under the Computer Fraud and Abuse Act (CFAA).

We do not sell personal information under any circumstances.

Your Privacy Rights (CCPA & State Laws)

Depending on your state of residence, you may have specific legal rights regarding your personal information. We honour the rights provided under:

  • California (CCPA/CPRA): Right to know, right to delete, right to correct, right to opt out of sale (we do not sell data), right to non-discrimination.
  • Virginia (CDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA): Right to access, correct, delete, and opt out of targeted advertising.

To exercise your rights:

Submit a verifiable request to info@markcampbellphd.com with the subject line "Privacy Rights Request". We will respond within 45 days as required by law. We do not discriminate against users who exercise their privacy rights.

Note for California Residents: Under the CCPA, you have the right to request a list of the categories of personal information we have collected about you in the past 12 months and the purposes for which it was used. Contact us at the email above to make this request.

Data Retention

We retain personal information only as long as necessary for the purposes described in this policy:

  • Purchase Records: Retained for 7 years to comply with IRS recordkeeping requirements and applicable financial regulations.
  • Booking Inquiries: Retained for up to 2 years, or until the relationship is concluded, whichever is later.
  • Server Log Data: Automatically purged by Vercel in accordance with their data retention policy (typically 30 days).
  • CRM Records: Retained in GoHighLevel until you request deletion or until the data is no longer needed for service delivery.

You may request deletion of your personal data at any time by contacting us at info@markcampbellphd.com. Deletion requests are subject to legal retention obligations (e.g., tax records).

Security Measures

We implement commercially reasonable technical and organisational security measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction:

  • HTTPS & TLS Encryption: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).
  • HTTP Strict Transport Security (HSTS): Enforces HTTPS-only connections for a minimum of 2 years.
  • Security Headers: Content Security Policy (CSP), X-Frame-Options, X-Content-Type-Options, and Referrer-Policy headers are applied to all pages.
  • Rate Limiting: API endpoints are protected against brute-force and denial-of-service abuse.
  • Input Sanitisation: All user-supplied form inputs are sanitised server-side before processing.
  • Stripe Webhook Verification: All payment event notifications are cryptographically verified before processing.
  • Environment Isolation: All API keys and secrets are stored as encrypted environment variables — never in source code.

While we take security seriously, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but commit to promptly notifying affected users of any breach as required by applicable US state data breach notification laws.

Cookies & Tracking Technologies

Our website uses only essential technical cookies necessary for the website to function. We do not currently use:

  • Advertising or tracking cookies
  • Third-party analytics platforms (Google Analytics, Facebook Pixel, etc.)
  • Cross-site tracking technologies

Stripe may set cookies on their hosted checkout pages as described in their Cookie Policy. These are subject to Stripe's own privacy practices and are only active on Stripe-hosted payment pages.

Children's Privacy (COPPA)

This website is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 years of age in compliance with the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq.

If you believe we have inadvertently collected information from a child under 13, please contact us immediately at info@markcampbellphd.com and we will take prompt steps to delete such information.

Third-Party Services

Our website integrates with the following third-party services. Each operates under its own privacy policy:

Stripe, Inc.

Payment processing · San Francisco, CA

View Privacy Policy →

GoHighLevel (HighLevel, Inc.)

CRM & email automation · Dallas, TX

View Privacy Policy →

Vercel, Inc.

Website hosting & infrastructure · San Francisco, CA

View Privacy Policy →

Email Communications (CAN-SPAM Act)

All commercial email communications sent from our platform comply with the Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act, 15 U.S.C. § 7701 et seq.:

  • We clearly identify ourselves as the sender in all emails
  • We include a valid physical mailing address in commercial emails
  • We honour opt-out and unsubscribe requests promptly (within 10 business days)
  • We do not use deceptive subject lines or misleading header information
  • Transactional emails (order confirmations, booking acknowledgements) are sent only to users who have initiated a transaction

To opt out of marketing communications, reply to any email with "Unsubscribe" in the subject line or contact us at info@markcampbellphd.com.

Changes to This Policy

We reserve the right to update this Privacy Policy at any time. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.

Continued use of our website after changes are posted constitutes your acceptance of the revised policy. For significant changes that affect your rights, we will make reasonable efforts to notify users via the contact information we have on file.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Dr. Mark Campbell, PhD

Privacy & Data Inquiries

Email: info@markcampbellphd.com

Website: https://markcampbellphd.com

We will respond to all verifiable privacy requests within 45 days as required by applicable law.

This Privacy Policy was last updated on June 3, 2025. It is intended to comply with applicable US federal privacy laws including COPPA, CAN-SPAM, ECPA, and CFAA, as well as state consumer privacy laws including the California Consumer Privacy Act (CCPA/CPRA), Virginia Consumer Data Protection Act (CDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and Texas Data Privacy and Security Act (TDPSA).

← Return to markcampbellphd.com