HERE AT BCALOU, I UNDERSTAND THAT YOUR PRIVACY IS IMPORTANT TO YOU AND THAT THE WAYS IN WHICH YOUR PERSONAL DATA IS USED WHILST VISITING THE SITE IS OF IMPORTANCE. AS A VIEWER/READER/VISITOR OF BCALOU.COM, EVERY INDIVIDUAL’S PRIVACY IS VALUED AND RESPECTED. IT’S BECAUSE OF THIS THAT YOUR DATA IS COLLECTED AND USED IN A WAY THAT IS NOT ONLY CONSISTENT WITH MY OBLIGATIONS AS THE SITE’S OWNER, BUT ALSO WITHIN YOUR RIGHTS IN THE EYES OF THE LAW.
1.0 INFORMATION ABOUT ME, BECCA LOUISE
This site (bcalou.com) is owned and operated by Becca Louise [full name: Rebecca Cunliffe].
Data Protection Officer: Becca Louise
Email address: email@example.com
2.0 WHAT DOES THE FOLLOWING POLICY COVER?
3.0 WHAT IS CONSIDERED TO BE ‘PERSONAL DATA’?
As defined by the General Data Protection Regulation or GDPR (EU Reg 2016/679), Personal Data is ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Confused? Don’t worry – in far simpler terms it simply means any information about you that allows you to be identified. As expected it includes information such as your name and contact details, but it also covers other information including ID numbers and electronic location data.
4.0 AS A VISITOR TO THIS SITE, WHAT ARE YOUR RIGHTS?
As a visitor to this site – and under the GDPR – you have the following rights:
b) THE RIGHT OF ACCESS: Individuals have the right to access the personal data collected as a result of visiting this site.
c) THE RIGHT TO RECTIFICATION: If you find that any information collected as a result of visiting the site is inaccurate or incomplete, you have the right to get this rectified.
d) THE RIGHT TO ERASURE: Also known as ‘the right to be forgotten’ Individuals have the right to ask me (the site owner) to delete or otherwise dispose of any personal data collected through your use of the site.
e) THE RIGHT TO RESTRICT PROCESSING: Individuals have the right to request the restriction or suppression of their personal data.
f) THE RIGHT TO DATA PORTABILITY: This right allows individuals to obtain and reuse their personal data for their own purposes across different services (allowing them to move, copy or transfer to data easily from one IT environment to another in a safe and secure way, without affecting its usability)
g) THE RIGHT TO OBJECT: The GDPR gives individuals the right to object to the processing of your data in certain circumstances.
h) RIGHTS RELATED TO AUTOMATED DECISION MAKING INCLUDING PROFILING: I do not use your data in this way.
Further information regarding the use of your personal data and your rights under the GDPR can be found on the Information Commissioner’s Office website.
5.0 WHAT PERSONAL DATA THE SITE COLLECTS AND WHY IT’S COLLECTED
When visitors leave comments on the site, data is collected (shown in the comments form) alongside the visitor’s IP address and browser user agent string (collected to aid spam detection).
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
5.3 COOKIES (AND NO, WE AREN’T TALKING ABOUT THE EDIBLE TYPE)
If you leave a comment on this site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to the site, it will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
Upon logging in, the site will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Should you require more information on cookies and the ways in which they are used, you can find it here.
5.3.1 COOKIES AND ANALYTICS
My site uses analytics (through google analytics and the WordPress website) to collect and analyse site usage statistics, audience usage and ways to better and improve my site.
6.0 HOW DOES THE SITE USE YOUR PERSONAL DATA?
Under the GDPR and as the site owner of bcalou.com, I must always have a lawful basis for obtaining and using your personal data. This can include the data being necessary for my performance of a contract with you, it is in my business interests to use and obtain it or simply as you have consented to my use of it.
6.1 HOW DO LONG WE RETAIN YOUR DATA?
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on the website (if any), the personal information provided in their user profile is also stored. All users can see, edit, or delete their personal information at any time (except they cannot change their username).
6.2 HOW AND WHERE IS THE PERSONAL DATA STORED OR TRANSFERRED?
As bcalou.com operates as. UK based site, your personal data will only be stored or transferred within the UK (meaning it will be fully protected under the GDPR).
6.3 WILL THE PERSONAL DATA BE SHARED?
I will not share any of your personal data with any third parties (for any purposes) subject to two important exceptions:
a) Visitors comments may be checked through an automated spam detection service.
b) In some (limited) circumstances, I may be legally required to share certain personal data – which could include yours – if I am involved in legal proceedings or complying with legal obligations.
7.0 HOW CAN I ACCESS MY PERSONAL DATA?
If you should require access to the personal data I have about you, you can ask me for details of that data and for a copy of it. This is undertaken in a ‘subject access request’.
All SA requests should be made in writing and sent to the email or postal address shown in part 1.0. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover my administrative costs in responding.
Aiming to provide a complete response (including a copy of your personal data), I will respond to your subject access request within 14 working days and, in any case, not more than one month of receiving it. Should a more complex case arrive, more time may be required in order for the request to be completed (this can be up to a maximum of three months from the date your request is received).
8.0 HOW CAN I CONTACT YOU?
If you wish to contact me about anything to do with your personal data and data protection or should you wish to make a subject access request, please do so through the following details:
EMAIL: firstname.lastname@example.org (for the attention of Becca Louise)