Hi there! Alex here. Data privacy matters a great deal to me when I’m online. So, I’d like to take a moment to tell you how your data is handled in the context of this blog.
Chai Sweet Chai is my design and digital marketing blog.
Should you ever have any concerns with regards to how your data is being handled when you interact with this blog, do not hesitate to drop me a line and I’d be very happy to assist you with your query. I’m reachable on chaisweetchai(at)veryfast(com)biz.
THIRD-PARTY & COOKIES
To run and manage this blog I use the following service providers:
- WordPress.com – blog provider (hosting, operation and security)
- Fastmail.com – email provider (email receipt, response and storing)
- Affiliate Program Providers – Amazon (monetization of blog)
All these third-party service providers operate under their own respective privacy and cookie policies:
Affiliate program providers may use technologies such as cookies to track behavioral data in order to establish when a sale comes from an affiliate link and what blogger brought the merchant a sale. Meaning where I use affiliate links on this blog, this is what’s happening behind the scene, i.e behavioral data is being collected from you by my affiliate providers. If you wish to find out more about these practices, it is best to contact them directly.
I do not, at this stage, use anything else on this blog, meaning no plugins, google analytics, email building list service such as Mailchimp, ads and other third-party service providers.
CHAI SWEET CHAI
WHAT DATA I COLLECT
I collect personal data from my blog visitors when these choose to send me an email, either directly from their personal mailbox or indirectly by using my contact form.
I collect the below data from you:
- IP address (only when you use the blog’s contact form)
- Content of email
- Time and date the email was sent to me
- Whether you’re a WordPress.com account holder (only when you use the blog’s contact form)
WHY I COLLECT THIS DATA
Under the GDPR, my legal basis for collecting and processing the above data are:
- I have a legitimate interest in allowing you to get in touch with me to submit questions so I can provide answers and value to members of my community, which is an important part of what I try to do on this blog.
- Consent – Sometimes, when you email me for instance, you choose to share your basic personal data like name and email address with me, which implies that you are happy with me to not only see these but also use them to respond to your email should it require a response. In a similar fashion, when you leave a comment on the blog, you choose to have your comment public.
Under the new data protection law, the GDPR, you have the right to withdraw your consent for me to collect and process your data any time. Please see below how to.
WHERE I GET THIS DATA FROM
Direct Email: you, the blog visitor.
Indirect Email: WordPress.com, i.e the blog’s contact form. After you’ve sent me a message via the contact form, WordPress.com forwards me your email with all the data mentioned above.
WHAT I DO WITH THIS DATA (HOW LONG I STORE IT & RESPONDING)
Essentially, after you chose to get in touch, I’ll end up with the above data in my mailbox. That’s the collecting and holding part of it.
Then, I read your email and treat it the following way:
- Your email does not require a response. In this case, I will delete it as soon as I’ve read it.
- Your email requires a response. In this case, I will respond first then delete the email.
- Your email is about a potential collaboration and I am interested in your offer. I will respond to you and keep all your emails for the duration of the collaboration because I will need it to communicate with you. Once our collaboration over, I will delete your emails unless you authorize me to keep them in my mailbox should it be useful for us to collaborate again in the future and I am the one initiating it the second time around.
As a WordPress.com user myself, I have access to the list of subsriber emails for those who subscribed to the blog by typing their email in the Subscribe box. WordPress.com allows us to export this list as CSV file. I don’t use use this export functionality at the moment. Meaning this list never gets out of WordPress.com. I only view it to manage and grow the blog from the dashboard.
I do not share your information with anyone. The only third-parties who collect and process your data are listed above and they do so to provide me the necessary services I need to run and manage this blog.
I also do not sell your information.
This blog is hosted and operated by WordPress.com, meaning security is solely the responsibility of WordPress.com. And they are very good at security.
In addition to using a very secure web solution, I also take extra precautions by using an encrypted computer and following good practices when working with technology.
Personal Data is typically collected and processed, as explained above, by WordPress.com, Fastmail and myself when you do one of the following:
- Send me an email – I will see your personal data as stated above.
- Subscribe to the blog – I will see the public information attached to your gravatar OR your email on my dashboard if you elected to follow the blog by putting your email in the subscribe box.
Should you no longer be happy with the above, you have the right to withdraw consent for me to see, collect and process your data as described above any time. Here is how you can withdraw consent:
To withdraw consent for me to store the personal data that comes with your email, email me at chaisweetchai(at)veryfast(com)biz.
If you no longer wish me to see the email you used to subscribe to the blog, if you subscribed from outside WordPress.com, you need to make sure you unsubscribe to the blog from a post email. After subscribing, every time I publish a new blog post, you will be notified in email. Such email will give you the Unsubscribe option.
Gravatar visibility from blog subscription
Should you wish me not to see your gravatar information from the Subscribe panel on WordPress.com, make sure you either unsubscribe or keep your gravatar information as minimal as possible.
Find out more about your rights under the GDPR below.
This blog is targeted at adults. This is not a blog aimed at children and I do not knowingly collect children’s personal data as a result. This said, if you’ve come to learn of a child who shared their personal information with me, do let me know so I can immediately delete it my side (if they sent me an email or subscribed to the blog from outside WordPress.com).
YOUR RIGHTS UNDER THE GDPR
Under the GDPR, the new data protection law, you have the following rights:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing –You have the right to ask us to restrict the processing of your information in certain circumstances.
- Your right to object to processing –You have the the right to object to the processing of your personal data in certain circumstances.
- Your right to data portability –You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, I have one month to respond to you.
Contact me at chaisweetchai(at)veryfast(com)biz if you wish to enquire about the data I hold on you and how I use it.
INFORMATION COMMISSIONER’S OFFICE
You can also contact the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or by phone on 0303 123 1113.