Introduction – our approach towards data collection & customer privacy
- Privacy is a human right
- We have a duty of care to our customers to protect their data
- We should only collect and process the minimum of data we need for justifiable business reasons
- We hate spam and don’t do mass email marketing
- We have and will never sell or pass on your personal information
What does the law say about this?
We follow best practices and guidelines on data protection and user privacy as described in the following documents:
What do we actually collect and why?
This website collects and uses personal information for the following reasons:
Site visitation tracking
- Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
- Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 6.0 below).
- Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
- We collect personal information about you to allow us to process your orders at our online shop. We need your name and address details to send you items!
Comments on articles
- If you comment on any post on this site, the name and email address you enter with your comment will be saved to this website’s database, along with your computer’s IP address and the time and date that you made the comment. This information is only used to identify you as a contributor to the comment section of the respective post (and helps us prevent spam comments) and is not passed on to anyone. Only your name (and not your email) will be shown on the website although if the email address you supply is linked to a Gravatar account, your Gravatar photo will also be displayed.
- Your comment and the personal data explained just above will remain on this site until either the comment or the psot is removed. If you want the comment and its associated personal data deleted, please email us with details using the email address that you commented with.
- If you are under 16 years of age you MUST obtain parental consent before posting a comment on our articles.
- NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.
Our contact form
- Should you choose to contact us using the contact form on our Contact page or by emailing us directly, none of the data that you supply will be stored by this website or passed to / be processed by any third party. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our own SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices. However, not all mail servers are secured in such a way. Therefore, we would suggest that you always consider email as an insecure medium and not include personal, confidential or otherwise sensitive information within an email.
- We may occasionally ask for anonymous customer feedback in the form of a poll. The plugin that generates the poll stores a cookie on your computer a) to know that you have already voted so you can’t vote twice, and b) to show you the results once you have voted. We do not capture or store any of this information on our servers and it doesn’t store any personal information about you – it’s just a long random number generated by the plugin when you cast your vote.
Where is this information stored?
- Comments on articles and the information you submit to us with orders on our online shop are stored in the website’s database and is currently not encrypted as its stored, which is a limitation of WordPress, the content management system that this website is build with. No CMS system that we are aware of stores information anonymously but the topic is being widely debated and we take as many steps as we believe we can to prevent unauthorised access to the system.
- All traffic (transferral of information files) between this website and your browser is encrypted and delivered over HTTPS.
What to do if you want your data removed from this website
Simply contact the Data Protection Officer (details just a couple of sections further down this page) and we’ll take you through the process. Please note that for auditing purposes we cannot destroy details of sales.
Third-parties with access to user data of this site
The only third party we use to process personal data on our behalf is Google:
What we will do if we have a data breach
We will report any data breach of this website’s database to the relevant authorities within 72 hours of the breach if personal data has been stolen.
Who is in charge of your data?
The data controller of this website is RPA Publishing limited, a UK Private limited Company with company number and a registered office at:
Edwards Veeder LLP
Alex House, 260/268 Chapel Street
Manchester M3 5JZ
The postal address is:
PO Box 1479
Berkshire SL6 8YX
Data protection officer:
Mrs Anne Smith
Director, RPA Publishing.
Telephone: 01628 783080