In Accordance with General Data Protection Regulation (GDPR)
- a) Personal data
Personal data means any information relating to an identifiable person, either directly or indirectly. Such information can be a name, email address, an IP address, and location data.
- b) Data subject
Data subject is any identifiable natural person, whose personal data is processed by the controller.
- c) Processing
Processing is an operation which is performed on personal data, such as collecting, recording, organizing, structuring, storing, altering, retrieving, use, restriction, erasure, or destruction.
- d) Controller
Controller is the legal person who determines the purposes and means of the processing of personal data.
- e) Third Party
Third party is a legal person, agency, or body other who, under the direct authority of the controller or processor, are authorized to process personal data.
- f) Consent
Consent of the data subject is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, such as opting-in to a newsletter, signifies agreement to the processing of personal data relating to him or her.
2. Name and Contact Details of the Controller
Cookies are used by Internet pages to ‘remember’ you and your preferences to personalize your experience, which can allow the displaying of advertising from third party networks.
4. Collection of General Data and Information
The website/blog of Elaine Kaye collects general data and information when a data subject or automated system visits her website or blog, which is then stored in the server’s log files (Blogger/Google). The information that may be collected is (1) the browser type, (2) language preference, (3) referring site, (4) the date and time of access to the Internet site, (5) operating system, (6) Internet service provider, (7) other similar data and (8) IP address.
- a) Social Media Buttons
Interaction with external social networks and platforms, such as but not limited to Facebook, Twitter, and Instagram plugins and buttons, and all “share” buttons on Elaine Kaye’s website/blog collect usage data.
If the data subject clicks on one of the social media buttons integrated into Elaine Kaye’s website or blog, such as the “share” buttons, the respective social media site then matches this information with the personal account of the data subject and stores the data.
Elaine Kaye does not have control over these social media components or what data they store, how, or where.
If a data subject is logged into a social media platform (such as Facebook) at the time of visiting Elaine Kaye’s blog or website, the social media network can collect information from the data subject due to the apps that use their services. This information, which includes websites and apps you visit, is collected by the respective social media component, even if you don’t click on these plugins or buttons.
You can prevent transmission of information by social media components by logging off from social media accounts before visiting other websites.
- b) Contact Form
Elaine Kaye ‘s author website contains contact forms created by WordPress. If a data subject sends a message to Elaine Kaye using the contact form, their name, email address, and message will be sent to Elaine Kaye’s email and stored in her inbox.
5. Links to Other Websites
Elaine Kaye’s website/blog and social media platforms may contain links or widgets to other websites of interest. However, once a data subject uses these links or widgets, Elaine Kaye does not have any control over that other website, their cookies, or collection and usage of data.
- a) Affiliate Links
Elaine Kaye’s author website and social media accounts use affiliate links for Bookshop.org, an online marketplace that supports independent bookstores. Elaine Kaye will earn a commission if you click through and make a purchase.
6. Blog Comments
7. Rafflecopter Giveaways
Elaine Kaye may host Rafflecopter giveaways on her blog or author website. Entering one of these giveaways is completely optional and no purchase is necessary. Each Rafflecopter giveaway has a FREE ENTRY option as well as optional entry options for additional points and chances to win. Terms and Conditions are linked within each option for entrants to click on and read more about the giveaway and terms.
By entering, the entrants consent to their data being used for the purposes of the giveaway. All information will be kept 100% private. The only data that will be used will be the winner’s data for the purposes of notification and shipping the prize(s). The Rafflecopter form will display the winner’s first name and last initial.
Winners will be randomly chosen by Rafflecopter’s generator. Elaine Kaye will notify the winner by using the email address provided by the entrant when logging in to enter the giveaway. The prize will be shipped within 24-48 hours after receiving the winner’s mailing address through email contact. Elaine Kaye will not be held liable for prizes that are damaged or lost in transit. All prizes are mailed in excellent condition.
8. Rights of the Data Subject
- a) Right of Confirmation and Access
Each data subject has the right to obtain from the controller confirmation if personal data concerning him or her is being processed, as well as access what personal data is being stored.
- b) Right to Rectification (Correction)
Each data subject has the right obtain from the controller the rectification (i.e. the correction) of inaccurate personal data concerning him or her, such as completing incomplete personal data.
- c) Right to Erasure (Right to Be Forgotten)
Each data subject has the right to obtain from the controller the erasure of personal data concerning him or her, and the controller has the obligation to erase personal data without undue delay.
- d) Right of Restriction of Processing
Each data subject has the right to request restriction of his or her personal information.
- e) Right to Data Portability
Each data subject has the right to obtain and reuse his or her personal data for his or her own purposes across different services. (Your personal data is yours.)
- f) Right to Object
Each data subject has the right to object to the processing of personal data concerning him or her. Once objected, the controller will no longer process the personal data for direct marketing, unless the controller can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.
- g) Right to Withdraw Data Processing Consent
Each data subject has the right to withdraw his or her consent to the processing of his or her personal data at any time by contacting the controller.
9. Legal Basis for the Processing
Art. 6(1) lit. a GDPR states processing shall be lawful only if and to the extent that at least one of the following applies: (1) the data subject has given consent to the processing of his or her personal data for one or more specific purposes; (2) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; (3) processing is necessary for compliance with a legal obligation to which the controller is subject; (4) processing is necessary in order to protect the vital interests of the data subject or of another natural person; (5) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; (6) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
10. Legitimate Interests of the Controller or Third Party
Processing of personal data is based on Article 6(1) lit. f GDPR and necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights, or freedoms of the data subject.
11. Data Retention Period
Personal data processed for any purpose(s) is stored as long as it is necessary for the purpose the data was collected. When necessary, data will be reviewed, updated, or deleted, depending on whether the data needs to be retained, archived, or is no longer needed.
12. Automated Decision-Making
Elaine Kaye does not use automatic decision-making or profiling.
13. Protection of Children
Elaine Kaye does not specifically market to children under 13. She markets to parents and guardians. She does not knowingly collect or process personal data from children under the age of 13. If she discovers she has unknowingly collected or processed personal information from a child under the age of 13 through a mailing list (e.g. author newsletter), she will delete such information as soon as possible.