Stuart J. Whitmore, Author

Privacy Policy

0. PREAMBLE

I have long been an advocate of digital privacy, often urging people to take their privacy more seriously. Thus, it should not be a surprise that respecting your privacy is more than just an online policy statement for me, it is a principle by which I conduct my online activities (whether for profit or not). However, simply stating that I respect your privacy is not sufficient to meet legal obligations and, realistically, not enough to answer reasonable concerns you may have. Therefore, the following policy outlines the details about how I handle your personally identifiable information ("Personal Data"). If you have questions or other input about this policy, please contact me.

1. THE BASICS

I will only collect and use your Personal Data when:

  1. I have lawful grounds to do so, including to comply with my legal obligations;
  2. I am providing, or reasonably expect to provide in the foreseeable future, a service to you whether or not that is a paid service;
  3. I have legitimate interests in using your Personal Data and your interests and rights do not override those interests.

For the purpose of the EU General Data Protection Regulation (GDPR), I, Stuart J. Whitmore, am the "data controller" for the data that I collect. I may employ the services of various "data processors" to achieve various purposes, such as using Amazon Web Services to send you my newsletters if you request to receive them. Other data processors that I regularly use, which may or may not be involved in handling data that I collect from or about you, may include (but may not be limited to) pair Networks, IFTTT, Dropbox, Facebook, BookFunnel, and Google.

This policy is in effect as of the date shown at the bottom of this document.

2. DATA COLLECTION PRACTICES

A. Automatic Data Collection

I collect some information automatically as a result of the design of the technologies that you and I have chosen to use. This data collection occurs on every site you visit before you see the site; my site is no different. Such information typically includes what browser and operating system you are using, what technological capabilities your Web browser supports, a very general (and often inaccurate) location associated with the Internet Protocol (IP) address associated with your online activity, etc. I make no effort to link this information to your Personal Data, but making such links may be technically feasible. You may employ technologies to subvert the accuracy of the automatically-collected data, and doing so will rarely (if ever) have a negative effect on your use of my site. I leave to you the research on how to accomplish this.

B. Data You Provide

I collect information that you knowingly and willingly provide. Such information could include your email address, your name, how you know or heard about me, what genre of books you prefer to read, and any other information for which you are prompted as well as additional information that you provide without being prompted.

C. Cookie Data

Some information about you may exist in browser "cookies" stored on your computer. This information may include data you provided, data that was collected automatically, and/or data that was created for or about your site visit. You have direct control over the use of the cookie storage mechanism, because it is in your browser on your computer. You can delete the cookies and/or turn off the cookie functionality to prevent them from being stored to begin with. Please be aware that some site features may not work for you if you disable cookies, because cookies are a fundamental technology for certain online processes.

Third-party cookies are those cookies stored by your browser at the request of a third party, i.e., an entity other than you or me. For example, if I display ads on my site and those ads are inserted by an ad service, the code from that ad service may request your browser to store information in a cookie for later retrieval. The third-party services and companies that may request information storage in cookies via code included on my sites may include, but may not be limited to, the following:

  1. Amazon Associates
  2. Book Promo Coop
  3. Google Analytics
  4. Facebook

These and other third parties have separate privacy policies and should be contacted separately if you have questions or concerns about the data they store about you. They may offer tools to help you manage, undo, and/or prevent that storage of personal information. For GDPR purposes, the role of the third-party services in collecting this data may be "data processor" or "data controller" depending on the context of usage.

3. DATA USAGE

I will only use your Personal Data when I believe doing so is lawful. Common uses of your Personal Data include:

  1. managing and customizing your usage of my Web site(s);
  2. responding to your questions or other contacts;
  3. improving my site(s) or other services through data analysis; and,
  4. delivering communications to you according to your preferences.

4. SHARING OF YOUR PERSONAL DATA

The simplest explanation for my policy on sharing your data is that I try to avoid it in all cases. That is the easiest way to respect your privacy. However, there are situations when sharing your data is necessary. It is never necessary to share your information with third parties for the purpose of them contacting you to promote their products, services, or ideologies, and I will never do that.

Situations that require sharing of your personal data include doing so as directed under a valid order from a lawful court with applicable jurisdiction and doing so to complete a service that you have requested from me. Situations that require sharing to complete a legitimate business interest include sharing data with third parties who provide services to me and who require data to provide those services. When such sharing occurs, I ensure (to the extent possible) that the service provider has policies in place that are no less restrictive than my own.

5. DATA SECURITY

I implement technical measures to safeguard your Personal Data. This includes physical, electronic, and procedural safeguards that comply with applicable law to safeguard Personal Data from unauthorized access, disclosure, or use.

6. DATA STORAGE AND RETENTION

Your data will be stored on servers in the United States. The location of those servers within the US may change without notice.

I store and use your Personal Data for as long as it is necessary as described within this policy document. If you request deletion of the data I have collected from you, I will comply with your request within the constraints and requirements of applicable law, the moral obligation to secure and respect your privacy, and technology. In some cases deletion may take the form of anonymization if doing so respects your intent more than actual deletion. Completely deleting all information may be impossible due to technical restraints; for example, deleting every server access log ever generated from your activity, including in all backup files, would likely be impossible due to the difficulty or impossibility of accurately finding those log entries due to insufficient reliable data about you to make the correct association. Put simply, if the only identifying information is an IP address and your IP address has ever changed (which is extremely likely) there is no way to know that a log entry with an IP address you have used is actually you versus another (prior or subsequent) user of that same address. This is only one example of how technical constraints could prevent me from completely removing every trace of your data.

7. YOUR CONTROL OVER YOUR DATA

You may have the right under applicable laws and/or treaties to ask the following questions or take the following actions by contacting me as described later in this document:

  1. see what Personal Data I hold about you (if any), including why I am holding it and to whom it could be disclosed;
  2. ask to change/correct or delete your Personal Data;
  3. object to the processing of your Personal Data;
  4. ask me to restrict the processing of your Personal Data;
  5. withdraw any consents you have given me for the processing of your Personal Data; and,
  6. express any concerns you have about third parties' use of your Personal Data.

If there is a self-service feature, you are advised to use that instead of asking me to manually process your request, as this will give you the desired result much more quickly. An example of a self-service feature is an "unsubscribe" link in an email newsletter. Note that a self-service tool should not be assumed to do more than it states; continuing the previous example, an "unsubscribe" link should not be assumed to delete your data, only to unsubscribe you from the list. If you are at all concerned that you will not get the desired results from a self-service tool, please contact me for assistance.

8. CHILDREN

Different jurisdictions specify different ages under which Personal Data may not be collected or used, or may only be collected or used in a strictly regulated manner. In the US, this is apparently age 13, while in the EU it is apparently age 16. While I intend to comply with such laws, they are redundant in my view because I do not intend to provide services to children and therefore nothing that I provide online is targeted toward children. If you have not reached the age of 13 (US), 16 (EU), or 18 or the age of majority in your jurisdiction, whichever is higher, please do not provide me with any Personal Data including your email address.

9. CONTACT ME

You may contact me (Stuart J. Whitmore) via:

Email: author /at\ just-stuart.com
Postal mail: Stuart J. Whitmore, 5055 Memorial Dr, Ste A #363, Stone Mountain GA 30083


Policy version: 2.3

Version history:

2.3 - 18 NOV 2023
Removed references to specific US states regarding data storage, because this is fairly fluid and I don't want to update this policy every time I change a service provider or service setting. Federal law and international agreements are presumably more relevant than state law when it comes to matters of privacy. Updated postal mailing address. Corrected and updated the "Policy version" section which is somewhat redundant anyway.
2.2 - 28 SEP 2020
Minor grammar corrections. Removed example of one part of Google as a data processor to avoid implying it is the only part of Google that might be relevant.
2.1 - 18 FEB 2019
Updated the list of example third party services that may request the storage of data in cookies. Clarified when I am the "data controller" for GDPR purposes. Added information about "data processors" for GDPR purposes. Expanded the information about automatically-collected data. Added further information about data retention. Added statement regarding GDPR roles for third-party cookies. Possibly made email address harder to parse for scraper bots.
2.0 - 25 MAY 2018
Updated with information relevant to GDPR.
4 DEC 2017
Original policy...? Version tracking began after this date.