When you use the website or sign up to receive blog email updates from Kristin Kay, we operate as the “data controller”. We are required by European data protection laws to provide you with the information contained in this privacy notice in respect of the website.
If you have any questions about how we protect your privacy, please drop us a line at firstname.lastname@example.org
The website and blog email updates may include contact details of third parties or links to third party websites. Some of the webpages of the website also contain embedded objects such as YouTube videos and Instagram photographs or Pinterest pins.
Contacting those third parties or clicking on those links or using the embedded objects may allow third parties to collect or share personal data about you. We do not control these third-parties and are not responsible for their privacy statements or processing activities.
We collect, store, and use the following categories of personal data about you:
When you sign up to receive blog email updates we collect your email address.
If you send us an email about the website or blog or this privacy notice.
We do not collect any sensitive personal data (known as special category personal data in the General Data Protection Regulation 2016) or biometric data.
How and why do we use your personal data?
To enable you to use the website and subscribe to the blog, we have to process some limited personal data about you. We will not process your personal data unless we have a legal basis to do so under data protection law and we will not process your personal data in a way you would not expect.
Below we set this out in detail, showing you what we do with your personal data:
To pursue the legitimate interests of maintaining a website we need to use website cookies to improve the experience of visitors to the website, for example letting you navigate through the webpages efficiently. Please read our Cookies Policy for further information.
We also use website analytics to find out things such as the number and geolocation of visitors to the different webpages of the website. This data is aggregated and processed in such a way which does not identify anyone and therefore is not considered to be personal data in law.
Blog Email Updates
When you subscribe to mailing list you are consenting to receiving updates and emails.
When you send an email about the website, blog or this privacy notice, this is your consent for us to consider and respond to your enquiry.
4. Sharing your data
We only share your personal data as an essential part of being able to maintain the website and the blog, as set out in this privacy notice:
MailChimp: this is email delivery provider which we use to collect and store the email addresses of subscribers and to deliver the updates to your email inboxes.
We may also share your personal data with third parties where required by law or where we have another legitimate interest in doing so.
5. Transferring your personal data outside the EEA
We use MailChimp which is based in Lithuania to collect and store the email addresses of subscribers and to deliver the updates to our subscribers’ email inboxes.
6. How do we keep your data secure?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We retain your email address for as long as you are a subscriber.
You can unsubscribe at any time by clicking on the ‘unsubscribe’ link at the bottom of any blog email update or by contacting us.
8. Your rights
Under certain circumstances, by law you have the right to:
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
9. Changes to this Privacy Notice
We reserve the right to update this privacy notice at any time. We may also notify you in other ways from time to time about the processing of your personal data.
If you have any questions about this Privacy Notice, please contact us at email@example.com