In order for us to operate our business and provide our services to You, it is sometimes necessary for us to collect or process information about You. In general terms, this information will take one or more of the following forms:
- Information that you provide to us directly, such as completing an online form, subscribing to an email list, or leaving a comment;
- Information that is automatically sent to us by Your computer’s internet browser when you visit our website, such as your computer’s technical address (or ‘IP address’) or information about which particular internet browser you are using;
- Information about how you use our website or our services, such as which pages you visit, how frequently you visit the site and so forth.
Who we are
Data Controller: andchristina.com
Website address: https://andchristina.com
Email correspondence: firstname.lastname@example.org
Definition of personal data
When we refer to ‘personal data’ we mean any information that allows us to identify you personally. Obvious examples include your name, email address, postal address etc. We will always seek to gain your explicit consent to providing this information before we collect it from you, although this may not be the only legal basis on which we collect the data.
Other types of information, such as your computer’s ‘IP’ address or broad geographical location do not, generally, allow us to identify you directly. However, because in their current form, European data privacy regulations are somewhat vague in this regard, we will cover the use of such data here also.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Who we share data with
The only people/organisations that are granted access to personal data are:
- Members of andchristina.com who provide writing, design, and/or support;
- Our web hosting technology suppliers (currently Siteground and WordPress) who provide the physical server infrastructures that our website(s) operate on.
- Our cloud storage and technology supplier (including Google Cloud Platform and Amazon Web Services) whose services we use for secure backup storage and email relay services.
- Visitor comments may be checked through an automated spam detection service.
How your data is protected
We take the security of all personal data very seriously, and that data is protected in a number of ways:
- Access control: Access to personal data is strictly limited in line with our policy detailed in the ‘who we share data with section’ on this page. Access is controlled by individual user accounts, where a strong password policy is enforced.
- Dedicated security software: We operate dedicated security scanning and access control software. This software is responsible for limiting login attempts to our site, blocking potentially malicious attempts to access our services, and regularly performing full file system scans.
Access to your personal data
In the situation where you have directly provided personal information to us (such as by completing an online form or contacting us for further information), you have a number of rights regarding the personal data that we hold:
- You have the right to obtain from us confirmation about whether any such data is being held;
- You have the right to require that we provide you with whatever data we are holding/processing about you, including the right for that data to be transferred to another data controller;
- Even if you have consented to Us processing your personal data, you have the right to withdraw that permission at any time;
- You have the right to require us to rectify any incomplete or incorrect information held about you;
- You have the right to require us to erase the data held about you (the ‘right to be forgotten’);
In the situation where we collect personal data automatically (such as from your internet browser or via internet Cookies or other similar technologies):
- You have the right to object to the legal basis upon which we are collecting this data, and We have an obligation to consider and respond to that objection;
- You have the right to request the prevention of further processing of your data while your objection is considered;
- In most circumstances, you can exercise these rights without paying a fee to us.
What data we collect and why we collect it
Website contact forms
When you complete a contact form on our website, we may ask you for a number of pieces of personal information, such as your name, email address and other contact details. This is required for us to respond to your request.
If you do not use or submit an online form on the website, no data will be collected in that regard.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Technical data (such as ‘IP address’)
When you visit our website, our systems will log a record of your visit in our server logs, and typically this record will include the technical ‘IP’ address that is associated with your device and the browser type and version that you are using.
Such server logs are extremely common practice, and are used to monitor technical resources, monitor high-level server activity, and importantly to detect and prevent malicious or fraudulent activity on our systems. This data can also be used, if required, to diagnose reports of technical issues. The storage of IP addresses, allow us to identify patterns of behavior (such as repeated malicious attempts to access a system).
IP addresses, in and of themselves, do not allow us in any way to identify you as an individual, especially given that it is very common for IP addresses to be dynamically allocated by your service provider, and will therefore often routinely change.
Furthermore, we do not and will not use the content of server access logs to attempt to determine an identifiable individual. We therefore do not consider that data held within server logs falls within the scope of ‘personal data’, and accordingly we do not seek your consent to collect it.
Cookies and other technologies
These are small data files placed in the memory of your browser or device when you visit a website. Cookies allow a website to recognize a particular device or browser. There are several types of cookies:
- Session cookies expire at the end of your browser session and allow us to link your actions during that particular browser session.
- Persistent cookies are stored on your device in between browser sessions, allowing us to remember your preferences or actions across multiple sites.
- First-party cookies are set by the site you are visiting.
- Third-party cookies are set by a third party site separate from the site you are visiting.
As this site is built on WordPress, WordPress also collects cookies, which are for logged in users and for comments. Comment cookies expire in under 1 year from the time they are set.
A web beacon (or “tracking pixels” or “image tags”) is a small file (most often a transparent, 1×1 GIF file) that loaded on our web pages. These pixels may work with cookies to collect information about your visit, your web browser/device, browsing activity, or onsite behavior and provide that information to service providers. Pixels are most commonly used to collect anonymous traffic metrics (page visits, button clicks, order completion) used to analyze site performance.
All of these technologies allow us to better understand how users are using our website and other related services. They can also be an essential part of providing certain online functionality. They are all essentially small data files placed on your computer (or other device) that allow us to tell when you have visited a particular page, or performed a particular action (such as clicking a particular button) on our website.
We use Google Analytics to better understand what people look at on our website.
When people visit our site, information about their visit (such as which pages they look at, how long they spend on the site and so on) is sent in an anonymous form to Google Analytics (which is controlled by Google).
The data contains information about anyone who uses our website from your computer, and there is no way to identify individuals from the data.
We ensure that no personally identifiable information is ever contained within the data sent to our analytics providers.
As analytics information is not personal data, we do not specifically ask for your prior consent.
Other Google Services
In addition to Google Analytics, we use a number of industry-standard Google services to provide particular pieces of website content. These include:
- Google Fonts: We may use one or more of Google’s web fonts to ensure that our website content is displayed in a clear and consistent fashion across all of the different types of devices and browsers.
- Google Recaptcha: We may use Google’s Recaptcha service (which provides the ‘I Am Not A Robot’ functionality) on our web contact forms. This is a security measure to prevent the abuse of our contact forms by automated programs.
Each of these services involve our website making a connection to one or more Google servers, and may result in Google placing cookies on your device.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How to manage, control and delete these technologies
There are a number of ways that you can influence how cookies are used on your particular device. Most commercial browsers (such as Chrome, Safari, Edge, Internet Explorer, Firefox etc) allow you to set preferences for whether to allow or block website cookies.
Internet browsers allow you to change your cookie settings. These settings are usually found in the ‘options’ or ‘preferences’ menu of your internet browser. In order to understand these settings, the following links may be helpful. Otherwise you should use the ‘Help’ option in your internet browser for more details.
If you wish to withdraw your consent at any time, you will need to delete your cookies using your internet browser settings.