HERE AT BCALOU, I UNDERSTAND THAT YOUR PRIVACY IS IMPORTANT TO YOU AND THAT THE WAYS IN WHICH YOUR PERSONAL DATA IS USED WHILST VISITING THE SITE IS OF IMPORTANCE. AS A VIEWER/READER/VISITOR OF BCALOU.COM, EVERY INDIVIDUAL’S PRIVACY IS VALUED AND RESPECTED. IT’S BECAUSE OF THIS THAT YOUR DATA IS COLLECTED AND USED IN A WAY THAT IS NOT ONLY CONSISTENT WITH MY OBLIGATIONS AS THE SITE’S OWNER, BUT ALSO WITHIN YOUR RIGHTS IN THE EYES OF THE LAW.
1.0 Information about me, Becca Louise
This site (bcalou.com) is owned and operated by Becca Louise (full name: Rebecca Cunliffe)
𝗗𝗔𝗧𝗔 𝗣𝗥𝗢𝗧𝗘𝗖𝗧𝗜𝗢𝗡 𝗢𝗙𝗙𝗜𝗖𝗘𝗥: Becca Louise
𝗘𝗠𝗔𝗜𝗟 𝗔𝗗𝗗𝗥𝗘𝗦𝗦: email@example.com
2.0 What does the following policy cover?
3.0 What is considered to be ‘personal data’?
As defined by the General Data Protection Regulation or GDPR (EU Reg 2016/679), ‘Personal Data’ is ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Confused? Don’t worry – in far simper terms, it simply means any information about you that allows you to be identified. As expected, it includes information such as your name and contact details, but also covers other information including ID numbers and electronic location data.
4.0 As a visitor to this site, what are your rights?
As a visitor to this site – and under the GDPR – you have the following rights:
𝗧𝗛𝗘 𝗥𝗜𝗚𝗛𝗧 𝗧𝗢 𝗕𝗘 𝗜𝗡𝗙𝗢𝗥𝗠𝗘𝗗: Individuals have the right to be informed of the collection/use of their personal data (as well as the reasons behind them).
𝗧𝗛𝗘 𝗥𝗜𝗚𝗛𝗧 𝗧𝗢 𝗔𝗖𝗖𝗘𝗦𝗦: Individuals have the right to access the personal data collected as a result of visiting this site.
𝗧𝗛𝗘 𝗥𝗜𝗚𝗛𝗧 𝗧𝗢 𝗥𝗘𝗖𝗧𝗜𝗙𝗜𝗖𝗔𝗧𝗜𝗢𝗡: If you find that any information collected as a result of visiting the site is inaccurate or incomplete, you have the right to get this rectified.
𝗧𝗛𝗘 𝗥𝗜𝗚𝗛𝗧 𝗧𝗢 𝗘𝗥𝗔𝗦𝗨𝗥𝗘: Also known as ‘the right to be forgotten’ Individuals have the right to ask me (the site owner) to delete or otherwise dispose of any personal data collected through your use of the site.
𝗧𝗛𝗘 𝗥𝗜𝗚𝗛𝗧 𝗧𝗢 𝗥𝗘𝗦𝗧𝗥𝗜𝗖𝗧 𝗣𝗥𝗢𝗖𝗘𝗦𝗦𝗜𝗡𝗚: Individuals have the right to request the restriction or suppression of their personal data.
𝗧𝗛𝗘 𝗥𝗜𝗚𝗛𝗧 𝗧𝗢 𝗗𝗔𝗧𝗔 𝗣𝗢𝗥𝗧𝗔𝗕𝗜𝗟𝗜𝗧𝗬: This right allows individuals to obtain and reuse their personal data for their own purposes across different services (allowing them to move, copy or transfer to data easily from one IT environment to another in a safe and secure way, without affecting its usability)
𝗧𝗛𝗘 𝗥𝗜𝗚𝗛𝗧 𝗧𝗢 𝗢𝗕𝗝𝗘𝗖𝗧: The GDPR gives individuals the right to object to the processing of your data in certain circumstances.
𝗥𝗜𝗚𝗛𝗧𝗦 𝗥𝗘𝗟𝗔𝗧𝗘𝗗 𝗧𝗢 𝗔𝗨𝗧𝗢𝗠𝗔𝗧𝗘𝗗 𝗗𝗘𝗖𝗜𝗦𝗜𝗢𝗡 𝗠𝗔𝗞𝗜𝗡𝗚 𝗜𝗡𝗖𝗟𝗨𝗗𝗜𝗡𝗚 𝗣𝗥𝗢𝗙𝗜𝗟𝗜𝗡𝗚: I do not use your data in this way.
Further information regarding the use of your personal data and your rights under the GDPR can be found on the Information Commissioner’s Office website.
5.0 What personal does the site collect? And why is it collected?
When visitors leave comments on the site, data is collected (shown in the comments form) alongside the visitor’s IP address and browser user agent string (collected to aid in spam detection).
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
5.3 COOKIES (AND NO, I’M NOT TALKING ABOUT THE EDIBLE KIND)*
If you leave a comment on this site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to the site, it will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
Upon logging in, the site will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Should you require more information on cookies and the ways in which they are used, you can find it here.
*My site uses analytics (through google analytics and the WordPress website) to collect and analyse site usage statistics, audience usage and ways to better and improve my site.
6.0 How does this site use your personal data?
Under the GDPR and as the site owner of bcalou.com, I must always have a lawful basis for obtaining and using your personal data. This can include the data being necessary for my performance of a contract with you, it is in my business interests to use and obtain it or simply as you have consented to my use of it.
6.1 HOW LONG DO WE RETAIN YOUR DATA?
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on the website (if any), the personal information provided in their user profile is also stored. All users can see, edit, or delete their personal information at any time (except they cannot change their username).
6.2 HOW AND WHERE IS THIS PERSONAL DATA STORED OR TRANSFERRED?
As bcalou.com operates as. UK based site, your personal data will only be stored or transferred within the UK (meaning it will be fully protected under the GDPR).
6.3 WILL THE PERSONAL DATA BE SHARED?
I will not share any of your personal data with any third parties (for any purposes) subject to two important exceptions:
a) Visitors comments may be checked through an automated spam detection service.
b) In some (limited) circumstances, I may be legally required to share certain personal data – which could include yours – if I am involved in legal proceedings or complying with legal obligations.
7.0 How can I access my personal data?
If you should require access to the personal data I have about you, you can ask me for details of that data and for a copy of it. This is undertaken in a ‘subject access request’.
All SA requests should be made in writing and sent to the email or postal address shown in part 1.0. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover myadministrative costs in responding.
Aiming to provide a complete response (including a copy of your personal data), I will respond to your subject access request within 14 working days and, in any case, not more than one month of receiving it. Should a more complex case arrive, more time may be required in order for the request to be completed (this can be up to a maximum of three months from the date your request is received).
8.0 How can I contact you (the site owner)?
If you wish to contact me about anything to do with your personal data and data protection or should you wish to make a subject access request, please do so through the following details:
EMAIL: firstname.lastname@example.org (for the attention of Becca Louise)