I will never share your data and will only send you occasional news about my books as well as extracts before publication and competitions
Your privacy and how I protect it
I take your privacy and information security as seriously as I take my own. I never share your data with anyone else, and everyone on my mailing list has opted in fully. I have never bought in email addresses from a third party. You can, of course, unsubscribe at any time.
I use your email address only to send out information about my books.
You can unsubscribe from my mailing list at any time using the link contained in each email I send or by emailing email@example.com
I run my site and email list personally, so if I am travelling or away, it may take me time to respond. But I will try to respond within 72 hours.
If you’re interested, you can find more details below.
In this statement, I’ll explain how I obtained and look after your data.
I run my website and lists alone so I am the only person who needs to be aware of matters relating to my mailing list
Information held by me
All the information has been obtained via the opt-in on my website or when you signed up for free short stories via instafreebie. I never will, and never have, buy email addresses or data from other sources. All email addresses and names are stored in Mailchimp.
Communicating privacy information
- I have put this document on my website, with a link from my sign-up section for new subscribers.
- Before the end of May 2018, I will contact my Mailchimp database and link to this document. I will remind them of what they signed up to, alert them to any changes and remind them that they can unsubscribe at any time and their data will be deleted.
On request, I will delete data.
If someone asks to see their data, I will take a screenshot of their entry/entries.
If they unsubscribe themselves from the Mailchimp list their data is automatically deleted.
Subject access requests
I aim to respond to all requests within 72 hours and usually much sooner (allowing for holiday/travelling, as I am the only person holding/having access to the data).
Lawful basis for processing data
- People have opted into my Mailchimp lists (by subscribing via my website) or have actively opted in after downloading free resources (from instafreebie), in the knowledge that they will receive occasional updates about my books, including links to purchase those books, as well as competitions and news.
- By the end of May (GDPR comes into force on May 25 2018), I will email all subscribers on all lists linking to this statement and also reminding them of unsubscribe options.
Once I’ve contacted everyone with a reminder about the T&C of my holding their data, I regard this consent as confirmed until the person asks me to remove the data.
Consent is not indefinite, so I will make sure that I remind subscribers on every email that they can unsubscribe or ask for their data to be removed.
All my current books and free downloads are aimed at adults, though it’s possible younger people can contact me via my website or register for mailing lists as I don’t ask for proof of age and would have no way to police this. I do reply to any emails but do not store on databases, which means I am not processing data.
I have done everything I can to prevent this, by strongly password-protecting my Mailchimp account. If this website were compromised I would take steps to follow their advice immediately.
Data Protection by Design and Data Protection Impact Assessments
I have familiarised myself with the ICO’s code of practice on Privacy Impact Assessments as well as the latest guidance from the Article 29 Working Party, and believe that I am using best practice.
I have appointed myself as the Data Protection Officer, in the absence of anyone else!
My lead data protection supervisory authority is the UK’s ICO.