Privacy PolicyFenced off entrance to amphitheatre

Being offered people’s personal information is both a privilege and a responsibility, and I’m keen to treat that information in the same way that I would like my own to be treated – with care and respect. I’ve drafted this Privacy Policy after reading through the new General Data Protection Regulation (GDPR) guidance at
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
If you have any questions please contact me – ruth@ruthdownie.com

Below is an outline of what information I have, what I do with it, and why.
I have the names and email addresses of people who have asked to receive my newsletter. Some of these have been collected on paper from people I’ve met in person, and others have come via my website, http://www.ruthdownie.com, where people have actively opted to be sent the newsletter. Others have come directly from signup forms that people have completed via the website of Mailchimp, the organization I use to process the newsletter. All newsletter emails are stored by Mailchimp, whose privacy policy is at https://mailchimp.com/legal/privacy/

All newsletters have an “unsubscribe” link at the bottom and as soon as somebody clicks this, Mailchimp removes them from the circulation list. I know, because I once did it myself by accident.

The names and email addresses of people who comment or contact me via the website http://www.ruthdownie.com are stored by WordPress.com, whose privacy policy is here – https://automattic.com/privacy/

The names and email addresses of people to whom I’ve replied when they have contacted me are inevitably recorded in my email system and also by the email provider I use to reply (variously over the years: Yahoo, BT, Zoho and Hotmail. All of these have their own privacy policies.). I keep individual emails because I value the content and because it’s nice to be able to refer to previous conversations if someone gets in touch again. If you’d rather be forgotten, please let me know – ruth@ruthdownie.com.

I have the names and physical addresses of people who ask to be sent books or other materials, or who give me their addresses in a “win a free book” draw. These will be deleted after the draw or once it’s clear that whatever was ordered has arrived. Sometimes, though, the info comes via Facebook Messenger or Twitter, and I haven’t figured out how to delete those yet.

My computer is securely passworded and virus-protected and my accounts with Mailchimp and WordPress are protected by two-step authentication, which makes it very hard for anyone else to access them.

Fundamentally – I promise not to use your name/email/address for anything other than the purpose for which you gave it to me.  I never share anyone’s information with anybody else apart from Mailchimp or WordPress as necessary.

Here are my lawful bases for processing data:
a) consent – to send the newsletter to people who have actively asked for it
b) contract – to fulfil orders for books
c) legitimate interest – to reply to readers and others who have made contact.

If you’d like to know exactly what information I’m holding about you, please ask – ruth@ruthdownie.com

If you’d like me to amend or delete it, I’ll be happy to do so.