Privacy Policy
Privacy Policy
Who I am
My website address is: https://tim-thornton.com.
You can find my contact details here.
What Personal Data I Collect and Why I Collect It
Comments
When visitors leave comments on the site I collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here. After approval of your comment, your Gravatar profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact Form
Information that you enter into our contact form is emailed through to my office computer.
Cookies and Web Beacons
Cookies are small text files that your internet browser downloads and stores on your computer, phone or other devices. Web beacons are single pixel images that behave in a similar way. Throughout this page, the term cookies includes web beacons. They may be created directly by our website, or by 3rd party tools that we use.
My website uses cookies to recognize repeat use of my website by the same user/internet connection subscriber. They are used to improve my website and services. In most cases these are session cookies that are deleted once you leave my website.
To an extent, however, these cookies also pass along information used to automatically recognize you. Recognition occurs through an IP address saved to the cookies. The information thereby obtained is used to improve my services and to expedite your access to my website.
You can prevent cookies from being installed by opting out of cookies when you first visit my website, and periodically thereafter, or by adjusting the privacy settings in your web browser software. This does not prevent the use of cookies that are essential to the operation of the website. It is an all or nopthing choice; you cannot opt out of some cookies and not others. You should be aware that by opting out you may not be able to make full use of all the functions of the website.
If you leave a comment on the site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit the login page, I will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, I will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the website that the content came from.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. You need to visit the source website to determine it’s privacy policy.
Analytics
I use services from 3rd party providers such as Google and Facebook to help me to improve the design of the site, and to show visitors information that I believe may be of interest to them.
These tools may use cookies, web beacons and other storage technologies to gather information from this website and elsewhere on the Internet, and use that information to provide measurement services and target ads.
Password Reset
If you request a password reset, your IP address will be included in the reset email.
Who I Share Your Data With
I may share some data with 3rd party tools to enable the site to function and/or to improve services. In general, this does not include full personal information. Details of the tools used, and their statements on data captured and privacy, are given below.
Akismet
Akismet is the anti-spam service I use for visitors who leave comments. Akismet typically collects the commenter’s IP address, user agent, referrer, and site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
ClickMeeting
I use ClickMeeting for webinars and video conferencing purposes, for example in my training courses. ClickMeeting uses cookies that are strictly essential for the operation of the service, e.g. for tracking the webinar session, the user’s language, and the use of images. It may also incorporate Facebook and Google Analytics tracking, described elsewhere here.
This document gives full information on ClickMeeting’s use of cookies.
My website employs components provided by facebook.com. Facebook is a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.
Each time my website receives a request for a page with the Facebook component, the component prompts your browser to download an image of this Facebook component. Through this process, Facebook is informed precisely which page of my website is being visited.
When you access my site while logged into Facebook, Facebook uses information gathered by this component to identify the page you are viewing, and associates this information with your Facebook account.
If you wish to prevent the transfer to and storage of data by Facebook about you and your interaction with my website, you must log out of Facebook before visiting my website. The data protection policies of Facebook provide additional information, in particular about the collection and use of data by Facebook, your rights in this regard as well as the options available to you for protecting your privacy: www.facebook.com/about/privacy/.
Google’s privacy policy and terms of service are available here.
For the purposes of promotion, my website uses the Google Ads tool. If you access my site by way of a Google ad, a cookie is placed on your computer. These “conversion cookies” cease to be active after 30 days and are not used to identify you personally. If you visit certain pages of my website while the cookie is still active, both Google and I know that you, as a user, have clicked on ads placed by Google and were redirected to my site. Google uses the information obtained through “conversion cookies” to compile statistics for my website. These tell me the total number of users who have clicked on my ad as well as which pages of my site were then accessed by each user. However, neither I nor other advertisers who use Google Ads receive any kind of information that can be used to personally identify users.
My website also uses Google Analytics. Google Analytics employs cookies to facilitate an analysis of your use of the site. The information generated by these cookies, such as time, place and frequency of your visits to my site, including your IP address, is transmitted to Google’s location in the US and stored there. I use Google Analytics with an IP anonymization feature on my website. In doing so, Google abbreviates and thereby anonymizes your IP address before transferring it from member states of the European Union or signatory states to the Agreement on the European Economic Area. Google uses this information to evaluate your usage of my site, to compile reports on website activity for me, and to provide other services related to website and internet usage. Google may also transfer this information to third parties if this is required by law or to the extent this data is processed by third parties on Google’s behalf.
It also uses the Google Maps component. This sets a cookie to process the user configuration and data when the page with the integrated Google Maps component is displayed. This cookie is not deleted by closing the browser, instead expires after a period of time.
Google offers a disabling option for the most common browsers, thus providing you with greater control over the data which is collected and processed by Google. If you enable this option, no information regarding your website visit is transmitted to Google. However, the activation does not prevent the transmission of information to me or to any other web analytics services I may use. For more information about the disabling option provided by Google, and how to enable this option, visit tools.google.com/dlpage/gaoptout.
MailPoet
If you have subscribed to my newsletter or if you are a member of my website (you can log in) or if you have purchased from my website, there is a good chance you will receive emails from me.
I will only send you emails which you have signed up to receive, or which pertain to the services I provide to you.
To send you emails, I use the name and email address you provided. The site also logs the IP address you used when you signed up for the service, to prevent abuse of the system.
MailPoet sends emails through the MailPoet Sending Service. This service allows me to track opens and clicks on the emails. I use this information to improve the content of my emails.
No identifiable information is otherwise tracked outside this website except for the email address.
The following cookies may be generated by MailPoet:
| Name | Expiry | Description |
|---|---|---|
| mailpoet_page_view | 3650 days | Tracks the last time a subscriber viewed any page on the site. |
| mailpoet_revenue_tracking | 14 days | Tracks which newsletter sent from your website has acquired a click-through and a subsequent purchase in your WooCommerce store. |
| mailpoet_subscriber | 3650 days | Track subscriber engagement. It is used when the user logs in, signs up in a form, confirms subscription to a newsletter, or places an order through WooCommerce. |
| popup_form_dismissed_{$formId} | Varies according to the form | Tracks if a user has previously dismissed a specific form, preventing the re-display of the form until the cookie’s expiration date. It is applicable for popup, slide-in, or fixed bar forms. |
PayPal
PayPal is used as a payment processing service provider. If you use PayPal on my site, your contact details will be sent to PayPal to process your order. PayPal is a service from PayPal (Europe) S.à.rl & Cie. SCA, 22-24 Boulevard Royal, L-2449 Luxembourg. PayPal assumes the function of an online payment service and trustee, and offers buyer protection services.
The personal data transmitted to PayPal usually includes your first name, last name, address, telephone number, IP address, e-mail address, or other data required to process your order, such as the quantity of articles ordered, the article number, invoice amount, taxes and invoice details, etc.
This information needs to be transferred to process your order using your chosen payment method, mainly in order to confirm your identity and manage your payment and the customer relationship.
Please note the following however: PayPal may also pass on your personal data to subcontractors or other affiliates, to the extent necessary for fulfilling the contractual obligations arising from your order or for processing personal data in your order.
Depending on the payment type you pre-select in your PayPal account, which may include payment by invoice or direct debit, PayPal may transfer the personal data transferred to PayPal to credit agencies. The information transferred serves to identify you and to verify your creditworthiness with regard to the order you have placed. Please refer to the PayPal Privacy Policy for more information on the credit agencies PayPal transfers data to and what data is collected, processed, stored and passed on by PayPal.
PayPal also uses cookies and web beacons. Details of the cookies used, and how to disable non-essential ones, can be viewed here: www.paypal.com/uk/webapps/mpp/ua/cookie-full
Stripe
I use Stripe as a payment service provider. Stripe is a service from Stripe, Inc, 185 Berry Street, Suite 550, San Francisco, CA 94107, USA. Your data will be sent to a server operated by Stripe, Inc in the United States.
You can access the Stripe’s privacy, cookie, EU-US Privacy Shield and other policies at this page and others on its menu. The cookie page also tells you how to opt out of non-essential cookies.
Vimeo
I use Vimeo components on our site to display videos. Vimeo is a service of Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA.
Whenever you visit a page on the website that has a Vimeo component, this component causes your browser to download and display the video hosted by Vimeo. If you are logged in to Vimeo at the time, Vimeo collects data on which page you are visiting and assigns this information to your personal account at Vimeo. If, for example, you click on the “Play” button or make comments, this information will be conveyed to your personal user account at Vimeo and stored there. In addition, the information that you have visited our site will be passed on to Vimeo. This is done regardless of whether you click on the component/comment or not.
If you want to prevent this transmission and storage of data by Vimeo about you and your behaviour on our website, you must log out of Vimeo before you visit our site. Vimeo’s Privacy Policy provides more detailed information about this.
WooCommerce
WooCommerce is the checkout tool used on my website. It collects information about you during the checkout process, tracking:
- Products you’ve viewed: I’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: I’ll use this for purposes like estimating taxes and shipping
- Shipping address: I’ll ask you to enter this so I can, for instance, estimate shipping before you place an order, and send you the order!
I’ll also use cookies to keep track of basket contents while you’re browsing the site.
When you make a purchase, I’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. I’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for the store
- Comply with any legal obligations I have, such as calculating taxes
- Improve the store offerings
- Send you marketing messages, if you choose to receive them
Note that credit card and other payment details are not stored by my website, but are passed directly on to the payment provider for processing.
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders. I will also store comments or reviews, if you choose to leave them.
I have access to the information you provide, for example:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
I have access to this information to help fulfil orders, process refunds and support you.
How Long I Retain Your Data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on the website (if any), I also store the personal information they provide in their user profile. All users can request to see their personal information at any time (except they cannot change their username), and to have it deleted. If your data is deleted this may well affect your ability to use the site and its services, as there will be no record of your prior activities.
I am required by HMRC to keep details of all financial transactions for just under 7 years. This data will not be deleted until the end of the required retention period, even if you delete your account or ask for all your data to be deleted.
What Rights You Have Over Your Data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data I hold about you, including any data you have provided to me. You can also request that I erase any personal data I hold about you. This does not include any data that I am obliged to keep for administrative, legal, or security purposes.
You can opt out of the collection and use of information for ad targeting by adjusting the appropriate settings in your Google and Facebook settings, and in your browser. Information on this can be found at http://www.aboutads.info/choices (for the USA) and http://www.youronlinechoices.eu/ (for the EU).
Additional information
How I Protect Your Data
Your data is stored on servers with InMotion Hosting, with securely restricted access, and key personal data encrypted. Data may also be stored on other GDPR compliant service providers. Data may also be stored on my office computers.
What Data Breach Procedures I Have in Place
If I detect a data breach on my server, or are notifed of one by one of our 3rd party providers, I shall inform my customers within 3 working days of becoming aware of the incident.
Facebook and Instagram
This section applies exclusively to my presence on Facebook and Instagram. It should be read in conjunction with the rest of my privacy policy – only exceptions and additions are covered here. Mention of Facebook in this section applies equally to Instagram, who are owned by Meta and operate in a similar way.
GDPR
I am jointly responsible with Facebook Ireland as regards compliance with GDPR. Facebook may be contacted at the address below:
Facebook Ireland Ltd. (hereinafter “Facebook”)
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland
The agreement on joint responsibility according to GDPR Art. 26 can be found at www.facebook.com/legal/terms/page_controller_addendum. This agreement was provided in this form by Facebook Ireland Ltd. and I as user of Facebook accept it by using Facebook. I cannot assess whether this agreement sufficiently meets the requirements of GDPR Art. 26.
Information About my Facebook Page and Instagram Feed
I use Facebook and Instagram to draw attention to my services and products, and to contact you as a visitor and user of these and of my website.
As the operator of the Facebook page and Instagram feed, I am not interested in the collection and further processing of your individual personal data for analysis or marketing purposes. The operation of the Facebook page and Instagram feed, including the processing of a user’s personal data, is based on my legitimate interests in providing a modern and supportive method to inform and interact with my users and visitors in accordance with GDPR Art. 6 para. 1 lit. (f).
Data Processing through Facebook and Instagram
In its ruling on June 5, 2018, the European Court of Justice (curia.europa.eu/jcms/upload/docs/application/pdf/2018-06/cp180081en.pdf) decided that the operator of a Facebook page is jointly responsible with Facebook for the processing of personal data. I am aware that Facebook processes user data for the following purposes:
- Advertising (analysis, provision of personalized advertising),
- creation of user profiles, and
- market research.
Facebook uses cookies to store and further process this information. If the user has a Facebook profile and is logged in to it, it is also stored and analyzed across devices. Facebook’s privacy policy contains further information on its data processing. It is possible to opt out here: www.facebook.com/settings?tab=ads and here: www.youronlinechoices.com.
Facebook Inc., the US parent company of Facebook Ireland Ltd., is certified under the EU-U.S. Privacy Shield and thus promises to comply with European data protection guidelines. For more information on Facebook’s Privacy Shield status, click here: www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. The transfer and further processing of users’ personal data in third countries, e.g. the USA, as well as the associated possible risks for users cannot be excluded by me as the operator of this page.
Statistical Data
Facebook’s “Insights” provides statistical data of different categories for this page, and these statistics can be accessed by me. They are generated and provided by Facebook. As the operator of this page, I have no influence on their generation and presentation. I cannot disable this function or prevent the generation and processing of data. It is possible to select a certain time range to display statistics for the categories of likes, subscribers, reached persons and interacting persons to receive the following data from Facebook in relation to my Facebook page:
Total number of page views, “Likes”, page activity, post interactions, reach, video views, post reach, comments, shared content, answers, proportion of men and women, origin by country and city, language, visits to and clicks in the shop, clicks on route planners, clicks on telephone numbers. In the same manner, Facebook provides information about Facebook groups connected to my Facebook page. Instagram also offers similar data.
Due to the constant development of Facebook and Instagram, the availability and processing of the data changes all the time, so I once again refer to the link to Facebook’s privacy policy given above for further details.
I use this aggregated data to make my contributions and activities on my Facebook page more attractive to users. For example, I use the ratios regarding age and gender to appropriately address my visitors, and stats on when the most interactions take place to post at the most suitable time. Information about the type of devices used by visitors helps me to create the most suitable visuals. In accordance with the Facebook ToU, which each user has agreed to when creating their Facebook profile, I may identify the subscribers and likers of the page and view their profiles and other shared information about them.
User rights
If you have any questions about your rights, please contact Facebook directly.
You have a right to access information (at no charge) about your personal data stored on Facebook and, if necessary, a right to correction, restriction of processing or deletion of this data. You also have the right to data transfer. Finally, you also have the right to complain about Facebook’s processing of your personal data to the data protection supervisory authority.
If questions on personal data are submitted to me as the site operator, the additional agreement with Facebook obliges me to forward these questions — whether from private individuals or authorities — to Facebook within 7 days.
This is also a result of the Controller Addendum mentioned above.
If you need support or have any other questions, please contact me by this form. If you no longer wish to have your data processed in the future as described here, please cancel the link between your Facebook user profile and my page by using the function “Unlike this Page”, and do not follow me on Instagram.