Updated: March 13 2018.
This is a working document, I don’t want to turn it into legalese as I want people to easily-understand it, so it may require clarification in the future.
I promise to do everything I can to keep any personal data you give me private.
Personal data means anything that can be used to identify you – your name, your phone number, your email address etc. – that you have provided to me via this web site.
I will not sell or otherwise transfer to anybody else any of the data you provide to me or that which I already hold.
The only exception would be if forced to by law, and there’s not much I can do about that.
2. How I capture data
The data I capture via this web site is of two varieties: that which can identify you (“personal”) and that which cannot (“anonymous”).
The “anonymous” data is collected via tools including Google Analytics, Hotjar and Facebook.
When you visit this web site, Google Analytics – for example – places cookies onto your system to identify you – and show me which pages you visited, which page you left from, how you find me (via Facebook perhaps?). But all I know is ‘someone’ visited, I have no idea who it is.
(For details of cookies and the like, see below).
Similarly with Facebook (the Facebook Pixel is embedded into my web site), this allows me to target advertising on Facebook to people who have visited my web site in the past – for example – 24 hours.
I don’t know who they are, I just know they’ve visited so are, presumably, interested in what I do.
The “personal” data is provided to me when, for example, you complete the contact me form or subscribe to my newsletter. It is information that can identify you – such as a phone number or an email address.
If you provide your details for me to contact you, that’s all I will do with them. I will contact you. If our “relationship” goes past this stage, then I will use the information to conduct our business.
All pretty standard stuff.
If you provide your details to allow me to send you a newsletter, that’s all I will do with them.
Similarly if, in the future, the web site has another method by which I could collect your personal data – you will be asked to confirm that I may collect the data for the purpose outlined on the web site and that is all the information will be used for.
3. How I store data
Any personal data you provide to me will be stored on a computer or computers owned by me. These are password-protected to protect both your data and my own data. Not that I think many people would be interested in photos of my daughter.
As I use a variety of backup services, this data may also be stored on those. This list includes – but is not limited to – Dropbox, One Drive, iCloud and Google Drive. If a better system comes along – that is as secure – then I may well adopt that and amend this policy as appropriate.
In all instances, the data is secured behind passwords or, where appropriate and possible, behind a password and a secondary authorisation step (for example, before I can gain access to iCloud I am sent a one time use code via SMS to use in conjunction with my password).
If, in the future, further security measures are introduced by these cloud-based back-up services to protect my data, then it is likely I will also use these.
I want my data as secure as possible so there’s unlikely to be a reason I won’t use the strongest encryption and security available to me.
The data on my computer/computers may also be synchronised to my smartphone using one or more of the systems outlined above or unknown others I may use in the future. Access to my smartphone is protected by either a password or my fingerprint.
My life’s on that phone, you’d better believe I’m keeping it safe.
4. How I use data
In simple terms, if you’ve signed up for a newsletter, I use your data to send you that newsletter. And nothing else.
I’ll stop sending you the newsletter:
In either case, I will then delete all your personal data from that database.
If I have your data because you provided it to me for general business purposes – for example you gave me your business card, you completed my online contact form etc – then it will be used for those purposes only: making contact, discussing projects, exchanging ideas about work etc. It will not be used to send you junk you didn’t request.
5. How long do I keep data
Essentially, I’ll keep your personal data until:
In essence, I won’t keep personal data in my files for any longer than is necessary, practicable or reasonable.
Again, I’ll reiterate, I will only ever use the data for the purposes it was given for.
If you’re unhappy about the general vagueness of this statement, then please feel free to take advantage of your rights outlined below.
6. Your rights
In the plainest English, your rights in regard to any personal data I hold about you:
In all instances, I may ask for proof of identification before advising what, if any, personal data I hold on you.
In practice, all that will likely be required for me to delete your information is:
7. Cookies etc.
Rather than list every individual cookie this web site might use, please find below links to the relevant pages on the third party services I use which may set cookies on your machine.
They will provide you with all the information you require and, where relevant, show you what agreements I have had to make before being allowed to use their systems.
Lists how Google collects data using Google Analytics and what is done with it.
Lists the cookies set by Hotjar and what is done with the information.
This is the agreement I have made with Facebook to allow me to use their “Facebook Pixel” technology
To opt out of cookies, please visit this web site: http://optout.aboutads.info/
This website is owned and operated by Ross Brown Limited, registered in England & Wales, company number 11251188 with a registered office at Onward Chambers, 34 Market Street, Hyde, United Kingdom, SK14 1AH.
If you need to contact me in regard to any aspect of this policy or any of the data I may hold on you, please do so using firstname.lastname@example.org in the first instance.