Privacy Policy

gdpr-compliantWho we are and what we believe

This website is published by a team led by Gary J Byrnes trading as Readathriller, registered in Ireland. The website is operated from Dublin, Ireland, for a global audience. The website address is: http://www.readathriller.com.

The EU General Data Protection regulation – GDPR – came into effect on Friday, May 25, 2018. Readathriller takes our responsibilities under GDPR very seriously, and we understand the importance of trust when personal data is supplied to us. We think that GDPR is an important regulation and we fully support it, in word and in spirit.

In complying with GDPR, our activities include, but are not limited to, the following steps:

We demonstrate that our organisation is making an active effort to become compliant

We keep records of our organization’s efforts, and work with our third-party vendors to help validate this to the Data Protection Authority.

We are aware of our digital presence

Like many organizations, we have multiple website domains that could contain personal data. To best prepare comply with GDPR, our organisation is aware of all the places personal data exists.

We understand our role and that of our vendors

It’s important to know the differences between being a data processor and a data controller—and where we and our third-party vendors fall.

Data Controller – Party that determines what data is collected and how it’s used. This is Readathriller’s Data Controller. A website manager may decide what goes on a landing page form, for instance, but it’s important to remember that those choices ultimately lead back to our data controller.

Data Processor – Person or team that is not an employee of the data controller, but who processes the data on behalf of the data controller. Think third-party vendors that help us organize the personal data we store in the form of email lists, form records, and so on.

We performed a Data Audit

Under GDPR, it’s mandatory for organisations to keep data-processing registries of all personal data that they, along with their third parties, handle—including the lifecycle of that data.

We put our readers and customers first

We worked on our privacy policy to dive deeper into the uses of personal data, following the guidelines set out by GDPR, to include:

    • This Privacy Policy.
    • We continue to make it easy for our users to opt in or out of certain communication. 
    • We make available contact information at our organization so users can request changes or deletions of their personal data (this a clear requirement of GDPR).
  • We are upfront with visitors on all forms, by requesting their consent in a way that is clear, concise, and free of vague wording or confusing jargon.

What personal data we collect and why we collect it

No personal data is collected by us unless it is freely given, for example, in a form entry. We do not track you for the purpose of retargeting advertisements.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

The contact form we use is a Google service. We collect only the information that you submit to us, but Google likely gathers additional data, such as your IP (internet) address. Never send confidential data such as passwords on our, or any other forms.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We use Google Analytics to measure engagement with the content on this site, to see where our traffic originates, and to see where and when our visitors come by.

Who we share your data with

Nobody. We share your data with nobody and never will, without your expressly-granted consent.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

How we protect your data

This website is hosted by Blacknight. Our forms are hosted by Google. Our ecommerce marketplace is hosted by Shopify. We trust that these suppliers have the best possible data security in place, and we promise to monitor their terms and conditions, and their security policies and metrics, to ensure that your data is always held in the highest-possible trust.

What data breach procedures we have in place

This website is hosted by Blacknight. Our forms are hosted by Google. Our ecommerce marketplace is hosted by Shopify. In the event that any of the data submitted by you to us is compromised, we will work with the relevant supplier(s) to identify the data compromised, communicate this to you, and work to ensure that it does not happen again.

What third parties we receive data from

We do not receive PII (personally-identifiable information) from any third parties.

What automated decision making and/or profiling we do with user data

We do not carry out any automated decision making or profiling with user data.

Industry regulatory disclosure requirements

In the event of any changes to our policies, regulatory compliance issues, or data breaches on our, or any of our suppliers’ platforms, we will publish this on our blog at http://www.readathriller.com/thriller/blog/. Minor changes to this Privacy Policy may be made from time to time, but we promise to put our customers’ rights and expectations first, always.

Our contact information

Gary J Byrnes trading as Readathriller.

Email: hello@readathriller.com.

Telephone: 00 353 87 249 3051.


Image credit

Pixabay, Creative Commons: https://pixabay.com/en/gdpr-castle-protection-privacy-3285252/