This policy was last updated on 11 December 2021.
Latest change = Mailchimp acquired by Intuit.
Do you, the reader…?
If you are about to subscribe to my blog or join my Readers’ Club, comment on a blog post, fill in a ‘contact’ form, or follow me on social media (or if you have already done any of these things), you should read this notice. The general information about website security, links to third party websites and use of Google Analytics (‘Cookies’) applies to all visitors.
New General Data Protection Regulations came into force on 25th May 2018. Although they were designed primarily for large organisations, please be assured that I take your privacy extremely seriously. That’s why I only ever ask you for the information I need and I never sell lists or email addresses.
My website was designed and is managed by The Curved House, whose registered office is Free Word Centre, 60 Farringdon Road, London EC1R 3GA. They also have an office located in Berlin at Oranienburger Str 26, Berlin 10117.
My website has an SSL Certificate. This activates the padlock you see as well as https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions (although I don’t conduct sales from my website), data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites.
Subscribing to my blog or newsletter
By subscribing to my blog you consent to having blog posts delivered to your email address. My list of blog subscribers is managed via a plugin on my website, and information is not exported to a third party provider.
By subscribing to my newsletter you consent to receiving details of newsworthy events and incidental information, which may include but will not be limited to a free eBook, details of new releases, special offers, competitions and giveaways. I do not store your Personal Information. Instead, my list of newsletter subscribers is managed on a third party site called MailChimp. Mailchimp is part of the Intuit group of companies. When you sign up to my newsletter, you consent that I can:
- Transfer your contact information to MailChimp
- Store you contact information in my MailChimp account
- Send you newsletters/emails from my MailChimp account
- Track interactions (e.g., click and open rates) for email marketing purposes.
- Allow The Curved House access to my mailing lists in order to perform certain functions.
All MailChimp forms collect your email address, IP address, and add their own timestamp which serves as evidence that you have provided consent. I do not have access to the Distribution Lists of other MailChimp users and they do not have access to mine. If you subscribe to my newsletter and use the ‘forward to a friend’ (FTF) link, this will allow you to share my email content with individuals who are not on my Distribution List. You can be assured that when you forward an email to a friend, MailChimp doesn’t store your friend’s email address, and it will not be added to my Distribution List. Mailchimp is fully compliant with EU data processing laws.
Alternatively, if you obtain a free book via the third party site Instafreebie, at the point of download you will be given the option of signing up for my newsletter. Past campaigns have included the joint promotional giveaways, Book Club Gold (July 2016) Free Reads For Smart Women (March 2017) and Smart Fiction for Smart Women (August 2017). In all cases signup to my newsletter is optional and separate from the option of taking a free book.
In order to demonstrate that you have elected to sign up to my newsletter, either directly or via Instrafreebie, after you complete your details, you will receive an email asking you to confirm your intention. This process is known as ‘double opt-in.’
If I meet you at an event and you provide me with your name and email address/other contact details on the understanding that I will sign you up to my blog or newsletter, you will receive an email asking you to confirm that you want to join my lists.
How can I unsubscribe?
If you subscribe to my blog, in which case posts will be delivered to you by email, simply respond with the subject-line ‘UNSUBSCRIBE’.
If you subscribe to my newsletter, simply use the unsubscribe button included at the foot of the newsletter.
Beta Readers and Advance Readers
If you have either asked to join or have accepted a personal invitation to join my teams of beta readers or advance readers, I will assume that your email is consent to process your Personal Information. In addition to your name and email address, I will also keep a record of your postal address so that I can send you your first edition book (thank you gift) on publication. If you volunteer any other Personal Information when commenting on or reviewing one of my books, I will assume that I have your consent to process it.
Fulfilment of a contract
If you employ me to provide self-publishing or creative writing mentoring services, I will need to process your Personal Information to fulfil my contract with you. I will retain a greater level of Personal Information, including a record of the advice I give you, but the level of detail will always be appropriate to the service provided. If you volunteer a greater level of Personal Information than I ask for, I will assume that you are happy for me to retain this.
If you ask me to visit your book club or give a talk, I may also store details of the location, even if I do not make a charge for the personal appearance. I will always ask for your permission to photograph the event and to store and make use of those photographs after the event.
If you order physical books from me directly on a one-off basis, I will not retain your postal address. If you pay me via PayPal, a record of that transaction will be stored on PayPal’s website. If you wire money directly to my bank account, my bank will retain a record of that transaction.
Legitimate business interest
If you leave a comment on a blog post, contact me via the contact form on my website or email me directly, I will simply reply, relying on lawful basis of processing (in other words, I will not ask for your consent before replying). I will not transfer your details to any database without your consent, but your Personal Information will be stored on my website. If you email me, your email address will automatically be stored as a ‘contact’ on Outlook. I may also store the email/email chain if it contains details I think I may need to refer back to, especially if it contains a review of my work.
If you comment on my social media accounts or on You Tube, records of those transactions will be held by the relevant social media channels. I have access to databases of followers on Twitter and Facebook. In these instances, I am not the data processor. However, I use strong passwords and two factor authentication on these sites.
I do not knowingly collect or maintain Personal Information from individuals under 16 years of age, and no part of my website is designed or intended to attract people under the age of 16. Protecting the privacy of children is very important to me. If you are under 16, do not use or provide any information on the website or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If I obtain knowledge that a user is under the age of 16, I will take steps to remove that user’s Personal Information from my databases.
How long will you keep my Personal Information for?
The answer is, that depends.
If you have subscribed to my blog or newsletter, but you do not open my emails, I may delete your Personal Information. You can unsubscribe at any time (see above).
If you are a beta reader or advance reader, I will retain your Personal Information until you advise me that you no longer wish to be a beta reader or advance reader.
If I provide you with mentoring or self-publishing consultancy services, I will need to keep a record of the advice I have given to refer back to. I will review whether I need to keep this information three years after advice is given.
Can I ask to see what Personal Data you are holding about me?
You are entitled to ask me what information I hold about you and how I am processing that data. This is called a Subject Access Request. To file a request, simply use the contact form on my website. I aim to respond to all requests within 7 days.
If you ask to see your data, I will usually email you a screenshot/s of your entry/entries and the text from any emails. Information will be provided free of charge, unless your request is excessive or if you ask for duplicate information.
What if my Personal Information is wrong?
You can ask me to correct your Personal Information at any time.
Can I ask you to stop processing my Personal Information?
Absolutely. You can also exercise your right to request to be forgotten.
The right to be forgotten
If you unsubscribe from my blog or newsletter, your data will be automatically deleted.
You have the right to request to be forgotten. If you have used the contact form/emailed me, on receipt of your request, I will consider if it is appropriate for me to delete your data. (See ‘How long will you keep my Personal Information for?’) I will only decline to do so if there is a legitimate reason to retain it, in which case you will still have the right to object to use of your Personal Information, or to ask me to only use it in certain ways.
For social media, you have control of your own accounts and can change the settings so that I will no longer have access to your data. If you are an Instafreebie user, this step will not remove your details from their database and you will also need to contact them. I am happy to assist with this step.
I use strong password-protecting on my computer, website and social media. If my computer, website or social media accounts were compromised, I would notify you at the earliest opportunity, seek advice and take steps to follow that advice immediately.
Links to other websites
My website, blog posts and newsletters contain links to other websites. Once you use these links, you will leave my website. I am not responsible for the protection and privacy of any information which you provide whilst visiting such sites. Please exercise caution and always read the privacy statement applicable to the website in question.
How to make a complaint
If you think your data has been misused or hasn’t been kept secure, please contact me and let me know.
If you’re unhappy with my response or if you need advice relating to the matter and are based in the UK you should contact the Information Commissioner’s Office (ICO).
Telephone: 0303 123 1113
Find out about call charges
You can also chat online with an advisor.
You can also visit their website for information on how to make a data protection complaint.