Privacy Policy

0. PREAMBLE

I have long been an advocate of digital privacy, often urging people to take their privacy more seriously. Thus, it should not be a surprise that respecting your privacy is more than just an online policy statement for me, it is a principle by which I conduct my online activities (whether for profit or not). However, simply stating that I respect your privacy is not sufficient to meet legal obligations and, realistically, not enough to answer reasonable concerns you may have. Therefore, the following policy outlines the details about how I handle your personally identifiable information ("Personal Data"). If you have questions or other input about this policy, please contact me.

1. THE BASICS

I will only collect and use your Personal Data when:

  1. I have lawful grounds to do so, including to comply with my legal obligations;
  2. I am providing, or reasonably expect to provide in the foreseeable future, a service to you whether that is a paid service or not;
  3. I have legitimate interests in using your Personal Data and your interests and rights do not override those interests.

For the purpose of the EU General Data Protection Regulation (GDPR), I, Stuart J. Whitmore, am the "data controller."

This policy is in effect as of the date shown at the bottom of this document.

2. DATA COLLECTION PRACTICES

A. Automatic Data Collection

I collect some information automatically as a result of the design of the technologies that you and I have chosen to use. Such information typically includes what browser and operating system you are using, what technological capabilities your Web browser supports, a very general (and often inaccurate) location associated with the Internet Protocol (IP) address associated with your online activity, etc. I make no effort to link this information to your Personal Data, but making such links may be technically feasible.

B. Data You Provide

I collect information that you knowingly and willingly provide. Such information could include your email address, your name, how you know or heard about me, and any other information for which you are prompted as well as additional information that you provide without being prompted.

C. Cookie Data

Some information about you may exist in browser "cookies" stored on your computer. This information may include data you provided, data that was collected automatically, and/or data that was created for or about your site visit. You have direct control over the use of the cookie storage mechanism, because it is in your browser on your computer. You can delete the cookies and/or turn off the cookie functionality to prevent them from being stored to begin with. Please be aware that some site features may not work for you if you disable cookies, because cookies are a fundamental technology for certain online processes.

Third-party cookies are those cookies stored by your browser at the request of a third party. For example, if I display ads on my site and those ads are inserted by an ad service, the code from that ad service may request your browser to store information in a cookie for later retrieval. The third-party services and companies that may request information storage in cookies via code included on my sites include, but may not be limited to, the following:

  1. Amazon Associates
  2. Book Promo Coop
  3. Project Wonderful

These and other third parties should be contacted separately if you have questions or concerns about the data they store about you. They may offer tools to help you manage, undo, and/or prevent that storage of personal information.

3. DATA USAGE

I will only use your Personal Data when I believe doing so is lawful. Common uses of your Personal Data include:

  1. managing and customizing your usage of my Web site(s);
  2. responding to your questions or other contacts;
  3. improving my site(s) or other services through data analysis; and,
  4. delivering communications to you according to your preferences.

4. SHARING OF YOUR PERSONAL DATA

The simplest explanation for my policy on sharing your data is that I try to avoid it in all cases. That is the easiest way to respect your privacy. However, there are situations when sharing your data is necessary. It is never necessary to share your information with third parties for the purpose of them contacting you to promote their products, services, or ideologies, and I will never do that.

Situations that require sharing of your personal data include doing so as directed under a valid order from a lawful court with applicable jurisdiction and doing so to complete a service that you have requested from me. Situations that require sharing to complete a legitimate business interest include sharing data with third parties who provide services to me and who require data to provide those services. When such sharing occurs, I ensure (to the extent possible) that the service provider has policies in place that are no less restrictive than my own.

5. DATA SECURITY

I implement technical measures to safeguard your Personal Data. This includes physical, electronic, and procedural safeguards that comply with applicable law to safeguard Personal Data from unauthorized access, disclosure, or use.

6. DATA STORAGE AND RETENTION

Your data will be stored on servers in the United States. The location of those servers within the US may change without notice, but generally will be located in Washington (State, not DC), Oregon, and/or Pennsylvania.

I store and use your Personal Data for as long as it is necessary as described within this policy document. If you request deletion of the data I have collected from you, I will comply with your request within the constraints and requirements of applicable law, the moral obligation to secure and respect your privacy, and technology. In some cases deletion may take the form of anonymization if doing so respects your intent more than actual deletion. Completely deleting all information may be impossible due to technical restraints; for example, deleting every server access log ever generated from your activity, including in all backup files, would likely be impossible due to the difficulty or impossibility of accurately finding those log entries due to insufficient reliable data about you to make the correct association. Put simply, if the only identifying information is an IP address and your IP address has ever changed (which is extremely likely) there is no way to know that a log entry with an IP address you have used is actually you versus another (prior or subsequent) user of that same address.

7. YOUR CONTROL OVER YOUR DATA

You may have the right under applicable laws and/or treaties to ask the following questions or take the following actions by contacting me as described later in this document:

  1. see what Personal Data I hold about you (if any), including why I am holding it and to whom it could be disclosed;
  2. ask to change/correct or delete your Personal Data;
  3. object to the processing of your Personal Data;
  4. ask me to restrict the processing of your Personal Data;
  5. withdraw any consents you have given me for the processing of your Personal Data; and,
  6. express any concerns you have about third parties' use of your Personal Data.

If there is a self-service feature, you are advised to use that instead of asking me to manually process your request, as this will give you the desired result much more quickly. An example of a self-service feature is an "unsubscribe" link in an email newsletter. Note that a self-service tool should not be assumed to do more than it states; continuing the previous example, an "unsubscribe" link should not be assumed to delete your data, only to unsubscribe you from the list. If you are at all concerned that you will not get the desired results from a self-service tool, please contact me for assistance.

8. CHILDREN

Different jurisdictions specify different ages under which Personal Data may not be collected or used, or may only be collected or used in a strictly regulated manner. In the US, this is apparently age 13, while in the EU it is apparently age 16. While I intend to comply with such laws, they are redundant in my view because I do not intend to provide services to children and therefore nothing that I provide online is targeted toward children. If you have not reached the age of 13 (US), 16 (EU), or 18 or the age of majority in your jurisdiction, whichever is higher, please do not provide me with any Personal Data including your email address.

9. CONTACT ME

You may contact me (Stuart J. Whitmore) via:

Email: author {at) just-stuart.com

Postal mail: Stuart J. Whitmore, PO Box 33, Sumner, WA 98390


Policy version: 2.0

Effective: 25 MAY 2018

Prior version: 4 DEC 2017
(versions prior to 4 DEC 2017 were not numbered)