Who we are
Our website address is: https://tim-thornton.com.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Information that you enter into our contact form is emailed through to our office computer.
Cookies and Web Beacons
Cookies are small text files that your internet browser downloads and stores on your computer, phone or other devices. Web beacons are single pixel images that behave in a similar way. Throughout this page, the term cookies includes web beacons. They may be created directly by our website, or by 3rd party tools that we use.
To an extent, however, these cookies also pass along information used to automatically recognize you. Recognition occurs through an IP address saved to the cookies. The information thereby obtained is used to improve my services and to expedite your access to my website.
You can prevent cookies from being installed by by adjusting the privacy settings in your web browser software. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use services from 3rd party providers such as Google and Facebook to help us to improve the design of the site, and to show visitors information that we believe may be of interest to them.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
We may share some data with 3rd party tools to enable the site to function and/or to improve services. In general, this does not include full personal information. Where necessary, this may include your name, email address etc, for example when processing an order or creating a login to a webinar.
My website employs components provided by facebook.com. Facebook is a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.
Each time my website receives a request for a page with the Facebook component, the component prompts your browser to download an image of this Facebook component. Through this process, Facebook is informed precisely which page of my website is being visited.
When you access my site while logged into Facebook, Facebook uses information gathered by this component to identify the page you are viewing, and associates this information with your Facebook account.
If you wish to prevent the transfer to and storage of data by Facebook about you and your interaction with my website, you must log out of Facebook before visiting my website. The data protection policies of Facebook provide additional information, in particular about the collection and use of data by Facebook, your rights in this regard as well as the options available to you for protecting your privacy: www.facebook.com/about/privacy/.
For the purposes of promotion, my website uses the Google Ads tool. As part of this, the website uses Google’s Conversion Tracking service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google“. If you access my site by way of a Google ad, a cookie is placed on your computer. These “conversion cookies” cease to be active after 30 days and are not used to identify you personally. If you visit certain pages of my website while the cookie is still active, both Google and I know that you, as a user, have clicked on ads placed by Google and were redirected to my site. Google uses the information obtained through “conversion cookies” to compile statistics for my website. These tell me the total number of users who have clicked on my ad as well as which pages of my site were then accessed by each user. However, neither I nor other advertisers who use Google Ads receive any kind of information that can be used to personally identify users. You can prevent the installation of “conversion cookies” by making the appropriate change to your browser settings, for example by setting your browser so that the automatic placement of cookies is deactivated, or by blocking cookies from the domain googleadservices.com.
My website uses Google Analytics, a web analysis service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google“. Google Analytics employs cookies to facilitate an analysis of your use of the site.
The information generated by these cookies, such as time, place and frequency of your visits to my site, including your IP address, is transmitted to Google’s location in the US and stored there.
I use Google Analytics with an IP anonymization feature on my website. In doing so, Google abbreviates and thereby anonymizes your IP address before transferring it from member states of the European Union or signatory states to the Agreement on the European Economic Area.
Google uses this information to evaluate your usage of my site, to compile reports on website activity for me, and to provide other services related to website and internet usage. Google may also transfer this information to third parties if this is required by law or to the extent this data is processed by third parties on Google´s behalf.
Google states that it will never associate your IP address with other data held by Google. You can prevent cookies from being installed by adjusting the settings on your browser software accordingly. You should be aware, however, that by doing so you may not be able to make full use of all the functions of my website.
Google also offers a disabling option for the most common browsers, thus providing you with greater control over the data which is collected and processed by Google. If you enable this option, no information regarding your website visit is transmitted to Google Analytics. However, the activation does not prevent the transmission of information to me or to any other web analytics services I may use. For more information about the disabling option provided by Google, and how to enable this option, visit tools.google.com/dlpage/gaoptout.
I use the Google Maps component of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google.”
Google sets a cookie to process the user configuration and data when the page with the integrated Google Maps component is displayed. This cookie is not deleted by closing the browser, instead expires after a period of time.
If you do not agree with this processing of your data, you may choose to deactivate the Google Maps service and thereby prevent the transfer of data to Google. To do this, you must deactivate the Java Script function in your browser. However this will restrict functionality of Google Maps, and any other web sites that use Java.
PayPal is used as a payment processing service provider. If you use PayPal on my site, your contact details will be sent to PayPal to process your order. PayPal is a service from PayPal (Europe) S.à.rl & Cie. SCA, 22-24 Boulevard Royal, L-2449 Luxembourg. PayPal assumes the function of an online payment service and trustee, and offers buyer protection services.
The personal data transmitted to PayPal usually includes your first name, last name, address, telephone number, IP address, e-mail address, or other data required to process your order, such as the quantity of articles ordered, the article number, invoice amount, taxes and invoice details, etc.
This information needs to be transferred to process your order using your chosen payment method, mainly in order to confirm your identity and manage your payment and the customer relationship.
Please note the following however: PayPal may also pass on your personal data to subcontractors or other affiliates, to the extent necessary for fulfilling the contractual obligations arising from your order or for processing personal data in your order.
I use Stripe as a payment service provider. Stripe is a service from Stripe, Inc, 185 Berry Street, Suite 550, San Francisco, CA 94107, USA. Your data will be sent to a server operated by Stripe, Inc in the United States.
You can access the Stripe’s privacy, cookie, EU-US Privacy Shield and other policies at this page and others on its menu. The cookie page also tells you how to opt out of non-essential cookies.
I use Vimeo components on our site to display videos. Vimeo is a service of Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA.
Whenever you visit a page on the website that has a Vimeo component, this component causes your browser to download and display the video hosted by Vimeo. If you are logged in to Vimeo at the time, Vimeo collects data on which page you are visiting and assigns this information to your personal account at Vimeo. If, for example, you click on the “Play” button or make comments, this information will be conveyed to your personal user account at Vimeo and stored there. In addition, the information that you have visited our site will be passed on to Vimeo. This is done regardless of whether you click on the component/comment or not.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can request to see their personal information at any time (except they cannot change their username), and to have it deleted. Website administrators can also see and edit that information.
If you request us to delete your data, this will probably affect your ability to use the site and its services. Also, some data we are legally required to retain, and this will not be deleted.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You can opt out of the collection and use of information for ad targeting by adjusting the appropriate settings in your Google and Facebook settings, and in your browser. Information on this can be found at http://www.aboutads.info/choices (for the USA) and http://www.youronlinechoices.eu/ (for the EU).
Where we send your data
Visitor comments may be checked through an automated spam detection service. Email addresses may be checked through an email validation service.
Your contact information
You can find our contact details here.
How we protect your data
Your data is stored on our servers with InMotion Hosting, with securely restricted access, and key personal data encrypted. Data may also be stored on other GDPR compliant service providers. Data may also be stored on our office computers.
What data breach procedures we have in place
If we detect a data breach on our server, or are notifed of one by one of our 3rd party providers, we shall inform our customers within 72 hours of becoming aware of the incident.
Facebook and Instagram
We are jointly responsible with Facebook Ireland as regards compliance with GDPR. Facebook may be contacted at the address below:
Facebook Ireland Ltd. (hereinafter “Facebook”)
4 Grand Canal Square
Grand Canal Harbour
The agreement on joint responsibility according to GDPR Art. 26 can be found at www.facebook.com/legal/terms/page_controller_addendum. This agreement was provided in this form by Facebook Ireland Ltd. and I as user of Facebook accept it by using Facebook. I cannot assess whether this agreement sufficiently meets the requirements of GDPR Art. 26.
Information About my Facebook Page and Instagram Feed
I use Facebook and Instagram to draw attention to my services and products, and to contact you as a visitor and user of these and my website.
As the operator of the Facebook page and Instagram feed, I am not interested in the collection and further processing of your individual personal data for analysis or marketing purposes. The operation of the Facebook page and Instagram feed, including the processing of a user’s personal data, is based on my legitimate interests in providing a modern and supportive method to inform and interact with my users and visitors in accordance with GDPR Art. 6 para. 1 lit. (f).
Data processing through Facebook and Instagram
In its ruling on June 5, 2018, the European Court of Justice (curia.europa.eu/jcms/upload/docs/application/pdf/2018-06/cp180081en.pdf) decided that the operator of a Facebook page is jointly responsible with Facebook for the processing of personal data. I am aware that Facebook processes user data for the following purposes:
- Advertising (analysis, provision of personalized advertising),
- creation of user profiles, and
- market research.
Facebook Inc., the US parent company of Facebook Ireland Ltd., is certified under the EU-U.S. Privacy Shield and thus promises to comply with European data protection guidelines. For more information on Facebook’s Privacy Shield status, click here: www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. The transfer and further processing of users’ personal data in third countries, e.g. the USA, as well as the associated possible risks for users cannot be excluded by us/me as the operator of this page.
Facebook’s “Insights” provides statistical data of different categories for this page and these statistics can be accessed by me. They are generated and provided by Facebook. As the operator of this page, I have no influence on their generation and presentation. I cannot disable this function or prevent the generation and processing of data. It is possible to select a certain time range to display statistics for the categories of likes, subscribers, reached persons and interacting persons to receive the following data from Facebook in relation to myFacebook page:
Total number of page views, “Likes”, page activity, post interactions, reach, video views, post reach, comments, shared content, answers, proportion of men and women, origin by country and city, language, visits to and clicks in the shop, clicks on route planners, clicks on telephone numbers. In the same manner, Facebook provides information about Facebook groups connected to my Facebook page.Instagram also offers similar data.
I use this aggregated data to make my contributions and activities on my Facebook page more attractive to users. For example, I use the ratios regarding age and gender to appropriately address my visitors, and stats on when the most interactions take place to post at the most suitable time. Information about the type of devices used by visitors helps me to create the most suitable visuals. In accordance with the Facebook ToU, which each user has agreed to when creating their Facebook profile, I may identify the subscribers and likers of the page and view their profiles and other shared information about them.
If you have any questions about your rights, please contact Facebook directly.
You have a right to access information (at no charge) about your personal data stored on Facebook and, if necessary, a right to correction, restriction of processing or deletion of this data. You also have the right to data transfer. Finally, you also have the right to complain about Facebook’s processing of your personal data to the data protection supervisory authority.
If questions on personal data are submitted to me as the site operator, the additional agreement with Facebook obliges me to forward these questions — whether from private individuals or authorities — to Facebook within 7 days.
This is also a result of the Controller Addendum mentioned above.
If you need support or have any other questions, please contact me by email at this email address. If you no longer wish to have your data processed in the future as described here, please cancel the the link between your Facebook user profile to my page by using the function “Unlike this Page”, and do not follow me on Instagram.