Privacy & Cookies Policy
I may change this policy from time to time by updating this page; therefore, you should check this page from time to time to ensure that you are in agreement with any changes. This policy, version 1.0, is effective from May 24, 2018.
As a writing coach, I love offering lots of helpful input and free training as well as some paid options that can help writers. Content on my website and social media platforms as well as some services are available to anyone who shows up and wants to read and interact. In order to operate this business and provide you with services, I sometimes collect or process information about you here on this website and in other apps, software, and systems. I will go into more detail about the ways I do this, but to give you an overview, I can group the kinds of information I might gather into one or more of the following forms or categories:
- Information you provide directly, such as completing an online form, survey, leaving a comment under an article, scheduling a consultation with me, or sending a message through some method provided on the website;
- Information automatically sent to me by your computer’s internet browser when you visit my website, such as your computer’s technical address (or “IP address”) or information about the internet browser you are using;
- Information about how you use my website or my services, such as which pages you visit and how frequently you visit the site.
My commitment to data privacy
I am committed to maintaining the security and privacy of any information (“personal data”) you provide to me. Because I use systems that provide you with the information and services you seek from me, I rely on these systems to store your personal data securely and to retain it only for as long as is necessary.
The systems and services I have set up are designed to request the minimum amount of information necessary to provide my services to you efficiently; in fact, my intent is to minimize the amount of information I must retain and maintain as a way to simplify my process, while providing you with what you request. In other words, I retain your personal data for as long as necessary to fulfill the purposes for which I collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. (For tax purposes the law requires me to keep basic information about customers for six years after they stop being customers). I intend to comply to the fullest extent possible with applicable data protection regulations, in particular the European Union’s General Data Protection Regulation (“GDPR”) and ePrivacy Directive, where applicable.
I follow generally accepted industry standards, including the use of appropriate administrative, physical and technical safeguards, to protect the personal data submitted to me. However, no method of transmission over the Internet, or method of electronic storage, is 100 percent secure. Therefore, while I strive to use commercially acceptable means to protect your personal information and data, I cannot guarantee its absolute security or confidentiality.
Who am I?
When you use my services or interact with me and my content via my website, “Ann Kroeker, Writing Coach,” and other points of contact (such as social media or calendar scheduling programs), I am personally acting in the capacity of Data Controller. If you have questions or concerns about your personal data and how I am maintaining it, contact me using the form below, which will of course require you to consent to gathering personal data:
What is “personal data”?
“Personal data” is any information that allows me to identify you personally. Most often this would be your name and email address (as in the contact form above), but occasionally you might provide a phone number or physical (postal) address. Any request will be clear and for the purpose of delivering information and services, so that you provide your information with a clear understanding of the reason I am requesting it and, where possible, you will provide it with explicit consent before I collect it from you, although this may not be the only legal basis on which I collect the data.
Much of the information gathered via social media or this website, such as your computer’s “IP address” or broad geographical location usually do not allow me or any system storing that information to identify you directly. However, I will do my best to outline the places even this less personal or specific information may be collected and retained.
With whom do I share data?
To support my work and processes, I rely other companies to help fulfill some tasks, including companies that have created apps and software to process data at my request. I may have to share your personal data with those parties, which are referred to in current EU regulations as the Data Processors (outlined below):
- Service providers who provide IT and system administration and communication services
- Professional advisers including lawyers, bankers, accountants, auditors and insurers
- Financial transaction processors (that process your payments)
- Email service provider
- Government bodies that require me to report processing activities
Also, my website and emails may contain links to other websites of interest. Once you have used these links to leave my site or click through from the email, be aware that I do not have any control over those other websites and how they might track information about you. Therefore, I cannot be responsible for the protection and privacy of any information you provide while visiting such sites, and such sites are not governed by this privacy statement. You should always review the privacy policies and terms applicable to any website in question.
How your data is protected
I take the security of personal data seriously and work to protect it in a number of ways:
- Access control: access to personal data is strictly limited in line with my policy detailed in the “With whom do I share data?” section on this page. Access to this website and all other Data Processors is limited to very few people and in the few instances another person has access, it is controlled by individual user accounts where a strong password policy is enforced.
- Selection of third party service providers: I use a limited number of third party service providers (Data Processors), and some are essential for providing physical hosting environments and cloud services. I have chosen reputable providers who comply with laws and regulations as well as strict privacy practices and policies of their own.
Access to your personal data
In the situation where you have directly provided personal information to me (such as by completing an online form or contacting me for further information), you have a number of rights regarding the personal data that I hold:
- You have the right to obtain from me confirmation about whether any such data is being held;
- You have the right to require that I provide you with whatever data I am holding/processing about you, including the right for that data to be transferred to another data controller;
- Even if you have consented to me processing your personal data, you have the right to withdraw that permission at any time;
- You have the right to require me to rectify any incomplete or incorrect information held about you;
- You have the right to require me to erase the data held about you (the “right to be forgotten”);
In the situation where I collect personal data automatically (such as from your Internet browser or via Internet Cookies or other similar technologies):
- You have the right to object to the legal basis upon which I am collecting this data, and I have an obligation to consider and respond to that objection;
- You have the right to request the prevention of further processing of your data while your objection is considered;
- You have the right to make a complaint to the relevant data protection authority
I may make your personal data anonymous (so that you can no longer be identified from such data) for research or statistical purposes in which case I may use this information indefinitely without further notice to you.
In certain circumstances you can ask me to delete your data. In most circumstances, you can exercise these rights without paying a fee to me; however, I may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive and in fact I may refuse to comply with your request in these circumstances.
I will try to respond to all legitimate requests within one month. Occasionally it may take me longer than a month if your request is particularly complex or you have made a number of requests. In this case, I will notify you.
Types of data collected on this website
General WordPress and Website Information
Website contact forms
When you complete one of the contact forms on our website, I will ask you for a number of pieces of personal information, such as your name, email address and other contact details. This is obviously required for me to respond to your request.
If you do not use or submit an online form on the website, no data will be collected in that regard.
Some forms are related to my email list, and the information you provide will add you to the list. My current email service provider is ConvertKit, and the form information is collected here at the website, but I manage that communication through the ConvertKit app. ConvertKit is one my primary data processors and your rights apply to the information they store on my behalf.
Technical data (such as “IP address”)
When you visit this website, the systems will log a record of your visit, and typically this record will include the technical “IP address” associated with your device and the browser type and version that you are using. These types of server logs are extremely common practice, and are used to monitor technical resources, monitor high-level server activity, and to detect and prevent malicious or fraudulent activity. The storage of IP addresses, allow me to work with a computer expert to identify patterns of behavior (such as repeated malicious attempts to access a system). This data can also be used, if required, to diagnose reports of technical issues.
IP addresses, in and of themselves, do not allow me in any way to identify you as an individual. In fact, it is common for IP addresses to be dynamically allocated by your service provider, and as a result, routinely change, making it even harder to connect to you directly. I do not and will not use the content of server access logs to attempt to determine an identifiable individual. I therefore do not consider that data held within server logs falls within the scope of “personal data,” and as a result, I do not seek your consent to collect it.
Cookies are small data files placed on your browser or computer (or other device) that allow me to tell when you have visited a particular page or moved through my website (such as clicking a button or link); however, no personally identifiable information is included. I would not be able to tell that you in particular have been on my site or performed any action.
There are several types of cookies:
- Session cookies expire at the end of your browser session to link your actions during that particular browser session.
Persistent cookies are stored on your device in between browser sessions, to remember your preferences or actions across multiple sites.
- First-party cookies are set by the site you are visiting.
- Third-party cookies are set by a third party site separate from the site you are visiting.
You can influence how cookies are used on your particular device or block them in a number of ways. Most commercial browsers such as Chrome, Safari, Internet Explorer, and Firefox allow you to set preferences for whether to allow or block website cookies (or remove any cookies that have already been set), so you could adjust those in the browsers you use.
Google Analytics Cookies
I use a few WordPress plugins that collect Cookies, the most notable being Google Analytics, which I use to better understand how visitors navigate this website. Google Analytics collects usage data that I can refer to in order to discover, for example, the most trafficked pages and articles. In general, the information helps me to better understand how to deliver the most useful content to visitors in the future. I have not enabled the advertising features in your Google Analytics account, so your information will not be used to customize or deliver ads to you from me.
The data Google collects via the Cookies on this site does not identify individuals from the data, nor do I collect any personally identifiable information, and because analytics information is not personal, we do not specifically request prior consent.
Other Google Services
In addition to Google Analytics, I may use some industry-standard Google services to provide particular pieces of website content. These may include:
- Google Forms: I may use a Google form to collect information from you for you to apply for something or fill out a survey or evaluation.
- Google Fonts: I may use one or more of Google’s web fonts
- Google Recaptcha: I may use Google’s Recaptcha service (which provides the ‘I Am Not A Robot’ functionality) on my web contact forms—a security measure to prevent the abuse of my contact forms by automated programs.
Each of these services involve my website making a connection to one or more Google servers, and may result in Google placing cookies on your device.
Last edited: May 24, 2018