The thing is, the EU released a regulation called the GDPR (or the EU General Data Protection Regulation ((EU) 2016/679), if you want to get technical). This regulation says that I am a ‘data controller’, which means I need to put in writing the fact I don’t collect, distribute, or otherwise make known your info except in specific ways which are required to run my business. It also says I need to let you know what personal info I do collect, what I do with it, etc. This is fine by me, since 1) I’m happy for you to know that, and 2) I have no intention of sharing/distributing/disseminating your personal info except in cases where I need to do so for my business anyway.
The other thing about the EU’s new GDPR regulation is that the way I inform you about this has to be “concise, transparent, intelligible and easily accessible”. Wicked. Read on for a transparent, easily accessible, and (hopefully) intelligible explanation of what I collect, what I don’t collect, and what I do with it, in as concise of terms as I can possibly manage (while still making myself clear).
Now onward to the policy!
1) Where am I? Who’s running this place?
2) What data do you collect and why do you collect it?
Okay, this part might get a little longer…
When you fill out a contact form, a comment field, or sign up for my email newsletter, I receive your email address.
Contact Form: I will use the email address you provide to reply to you if needed.
Comments: The comment section asks for your email address, but your email address will not be visible to site visitors.
Email Newsletter: In the case of signing up for my newsletter, you provide me with your email address when you sign up for my newsletter, because that is how I send you my newsletter. So then I’ll use that email address, which you gave me, to send you my newsletter (it’s like magic, really). However, if you later decide you don’t want my newsletter, that’s okay too. All you need to do is click the ‘Unsubscribe’ link at the bottom of a newsletter email. Then you’ll no longer receive my email newsletter. If you change your mind later, you’ll need to subscribe again (I cannot and will not manually add you back onto my list).
Giveaways: When you win a giveaway, I may contact you for confirmation of your email address, and for confirmation of where I should send an electronic prize (for example, a gift card). I use this information to send the prize to the correct person and electronic location.
Holiday Cards: When you sign up for my Holiday Mailing List to receive a physical card in the mail from me each winter, you are required to give me your mailing address, because I need that to mail the card to you. In this case, I keep your address on file until you tell me you want to be taken off that list. You can tell me you want to be taken off that list by contacting me via my contact page. Or—for more fun—you can sign up for the Holiday Card Mailing List (yay!) at skyemalone.com/holidaycards and get an awesome holiday card.
Giveaways: When you win a giveaway where a physical prize is involved (for example, a paperback book), I need your mailing address in order to send you the prize.
More About Comments
In the case of the comment field, I may reply to your comment and to information you shared there. I would recommend not sharing personal data in the comment field, as this can be seen by any visitor to my site.
When visitors leave comments on my site, WordPress collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string. What is a user agent or its string, you ask? Basically, it’s info on what web browser you’re using and what operating system you have, which helps with detecting spammy comment submissions. If you’re really curious about these ‘user agent’ things, you can read more about them here: https://en.wikipedia.org/wiki/User_agent.
After approval of your comment, your profile picture (if available) is visible to the public in the context of your comment.
More About Contact Forms
If you use the contact form on my site (found at skyemalone.com/contact), I receive your email address, as described above in the ‘Email Address’ section. I use this to reply to you, if needed. In addition to your email address, I also receive the message you send to me via the contact form and any personal data you include there. I may reply to you in regard to that information or data. The contact form also sends any personal data you input into any other form fields (for example, your website in the ‘website’ field, if you include it), along with your IP address and the user agent info.
If for some reason, you upload images to my website, you should avoid uploading images with embedded location data (EXIF GPS) included. This is because visitors to my website can download and extract any location data stored in images on the website. So be warned. Don’t include location data (really, this is a good policy for any picture you upload anywhere—Facebook, Twitter, wherever. Just saying. Don’t share your location! Did I mention how much authors like privacy?).
Embedded content from other websites
Pages, posts, and other areas of my site may include embedded content (for example: videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if you visited that other website.
I use Google Analytics. The data I receive from Google Analytics is not linked to anything personally identifiable. I use Google Analytics because it lets me know a number of things, including what pages people visit the most, which helps me figure out what people are coming to this site to see (spoiler alert: it’s the books). It also allows me to know how many people are visiting my site, where they are generally located (for example, what country they are in), how these visitors found me (search terms, links, etc.), and to monitor behavior such as how many webpages the average visitor visits. Because data is fun.
I use Sumo (sumo.com) to let me know where users are clicking on my pages, to let me know how far down on my pages/posts most users read, and to provide email signup popups (I know, annoying, but also effective). In the case of most services from Sumo (clicking information, page reads, etc.), data is also not personally identifiable. When it comes to email signup popups, if you input your email address and click the button to send it to me, I receive that email address and your IP address. If you don’t fill out the email signup popup and click that button, I receive neither of those things.
3) Marketing, Marketing
Because I sell things (ahem, books) for a living, I also use affiliate links. These links tell a retailer that you came from my site (via a cookie and a bit of extra code in the URL). Then the retailer gives me a tiny percentage of what you spend as a thanks. The cool thing, though, is that the price you pay for anything doesn’t change. Nothing happens to how much you do pay, would have paid, could have paid, etc. So that’s awesome.
Pretty much the only reason I have an email newsletter is to let you know about things to do with my books. This includes new releases, sales, special events, giveaways, series updates, book updates, and promotion for upcoming books (such as teasers and cover reveals). Since this could all be grouped under the heading of ‘marketing’ to you, I want to make clear that being on my mailing list means that you will get these types of emails.
You should know that MailChimp (my mailing service), tracks the emails I send to you. This includes whether you opened them and what you clicked on. So if you open an email and click a link, I’ll know (and be happy — unless it’s the unsubscribe link, in which case I’ll be sad).
But in any event, if you do not want these email newsletters, you need to unsubscribe using the link at the bottom of my newsletters.
Social Media Marketing
4) What about my data?
I value your privacy
So like I mentioned at the start, I like privacy. I do. And I like you to have yours too, because I’m a nice person without any nefarious schemes in mind (I leave the nefarious schemes to my villains, who thankfully have absolutely zero access to these things). So I only share your personal data with third parties who provide services or functions on my behalf if they absolutely require that personal data in order to provide those services or functions to me. An example of that would be social media advertising platforms (for example, Facebook). I also keep your data protected with technical and procedural safeguards, to shield your data against unauthorized use.
Where I store your data
First, I store data with WordPress, which runs this site. That includes submissions on the contact form and any comments you leave as well, along with the associated metadata, user string agent, and IP address.
Second, I store data with my email service provider, MailChimp, because that is how I send announcements about new releases, book updates, sales, giveaways, special events, you name it. If you are on my mailing list and don’t want me to send you these emails, you’re need to click the ‘Unsubscribe’ link at the bottom of any email you received from me. Then I won’t email you anymore.
How long I keep your data
Well, that depends. If you leave a comment, the comment and its metadata are retained indefinitely. This is so WordPress can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. Same goes for a contact form submission; it’s kept as well. If you join my mailing list, I keep the email address you supplied to me until you update your email address to something else. Pretty straight forward, really.
Where I send your data
5) Right to be Deleted
You have a right under applicable laws to your data. If you want me to delete your info, you need to send me a message via my contact page.
In the case of email newsletters, though, if you don’t want to receive email newsletters from me, you need to unsubscribe. Be aware, after you unsubscribe, MailChimp still holds onto your email address with an ‘Unsubscribed’ flag next to it, as a part of record keeping. If you want me to make sure that even MailChimp doesn’t have a record of your email address, then after you unsubscribe, you need to send me a message via my contact form asking me to delete you fully. Then I’ll go in and delete you from my MailChimp database entirely.
6) Skye Malone’s Contact Info
Questions? Concerns? Here’s how to reach me:
PO Box 129
Savoy, IL 61874
United States of America
7) The End.