• Collecting emails as part of any promotional email marketing
• Collecting shipping information as part of shipping your book
• Collecting non-personal data used to better a users experience such as what device they use, location and what browser they use.
• Personal Data
• Non-Personal Data
• Internet Cookies
• Data Security and Protection
• Email Marketing and Subscriptions
• Third Party
• Acceptance of Terms
You may not need to use all the points above, only the ones relevant to your site.
GDPR applies when Personal Data is processed, controlled or stored and is any information related to an identifiable person. You need to clearly state what Personal Data is collected, how it is collected and how it is stored.
Examples of Personal Data can be:
• Any part of a name (First Name, Middle Name(s), Surname, Initials)
• A personal email address (a registered company email address is not considered Personal Data)
• A home address
• An identification card number
• Location data
• IP address
‘Under the GDPR we control and process information about you electronically. If you voluntarily sign up for Melissa Hawkes’s newsletter or blog, then this site will record your email address, and in some cases first name and last name. You can refuse to supply such information but that will exclude you from having access to email communication such as, but not limited to, blog updates, monthly newsletter and latest news. When subscribers click on any provided links in one of my emails, the site may record this information.’
Under GDPR, Non-Personal Data is any kind of data that doesn’t fall into the Personal Data category. It is any data that doesn’t relate to an identifiable person.
Examples of Non-Personal Data could be:
• Browser name
• Means of connection to the site (such as where the user has been referred from, any links that may have been clicked)
• Phone Device
‘This site may collect non-personal information about visitors when they interact with this site. This information may include browser name, means of connection to the site, and other non-identifying information.’
Data Security and Protection
‘We ensure the security of any personal information we hold by using secure data storage technologies provided by Wix.com in how we store, access and manage that information.’
Email Marketing and Subscriptions
If you collect email addresses and send email marketing then you must state what exact data is collected and what secure provider you use to send these messages with. You must also state ways in how a user can unsubscribe or cancel their subscription.
‘Under the General Data Protection Regulation we use the consent lawful basis for anyone subscribing to our newsletter or marketing email list. We only collect certain data about you as detailed in the "Processing of personal data" section above. Any email marketing messages we send are done so through a website and email marketing service provider. We use Wix.com. You can opt out of receiving emails or ask to see the data we hold for you, or request we remove your data at any time by the following methods;
• Unsubscribe at the bottom of the email sent •Contact us using the contact form provided here’
Third Party counts for any person, public authority, agency or body other than the controller (owner of the author site) who are under direct authority from the controller to process Personal Data.
Example Third Party section
‘Sometimes [Your Name] will include third-party links through email or on the website. These sites have their own policies and you should read those before giving any Personal Data.’
Acceptance of Terms
You must clearly state that by the user visiting and engaging with the site they automatically agree to these terms and conditions. You must also state what the user can do if they do not agree.