Hi,
so, have you heard about this GDPR thing..?
The new EU GDPR rules came in to effect today, I'm guessing you've had an email or two about it already... :-)
Basically the EU are trying to make sure companies do what they should be doing anyway, imho.
Note: this is going to be a fairly long email, so here's a quick summary of what's in it:
1. What is GDPR
2. New Privacy Statement
3. What GDPR means for you
4. How it relates to us [i.e. what we data we store and how we use it]
5. Some useful [free] GDPR resources for you...
1. The European Union data protection laws come into effect today, 25th May 2018.
These new rules are called ‘GDPR’ – General Data Protection Regulation.
These laws aim to better protect consumers in terms of how their data is used and processed.
2. It is important to let you know that we have updated our Data Privacy Statement which you can read here -
You’ll see it describes what data we collect from you, how we use it and our justification for processing it.
The page linked to above also contains important information regarding our Cookie Policy, Refund Policy, Terms & Conditions and Earnings Disclaimer.
Whilst these are not directly related to the new GDPR legislation, it is recommended that you carefully read through these too.
3. Your Rights Under GDPR:
In Summary, you have the right to:
i. Ask for access to the information we store about you.
ii. Object to processing (‘Right To Object’)
If you don’t wish us to automatically process your data or to use it for marketing analysis then you can let us know and we will stop using your data for these purposes.
iii. Amend your information (‘Right To Rectification’)
If you think the data we hold is incorrect or needs updating please contact us and we will correct it.
iv. Ask us to delete your data (‘Right To Be Forgotten’)
We can do this upon your request.
v. Request that we restrict the processing of your information
We can do this upon your request.
vi. Request a copy of your data (‘Data Portability’)
If you gave us the data directly or via a contract you have with us you can ask us for a full copy of the data we hold.
4. How GDPR relates to us...
What exactly is personal data?
Personal data is any data (text, audio or video) from which someone may be able to identify the data owner.
i.e. names, addresses, facial pictures and email address (if they refer to the email owner) etc.
Firstly let me cover what personal data is stored.
There are three areas of personal data stored.
A. Login credentials for products
B. A marketing email list
C. Support ticket system
A. Login credentials for products -
these are only ever use by you to login to your products. We DO NOT use that information for any other purpose
These details consist of a username and a password.
The username can be any combination of characters or could be an email address. Please note that only email addresses that refer to the owner are personal data.
i.e.
billsmith@gmail.com would be personal data
horserider22@gmail.com would probably not be considered personal data as you could not directly identify the owner from the name.
The password could be any combination of characters and may have been created by us as a default or by you. In any case the password is never stored by us. A one-way hash of the password only is stored so that even if it was
compromised it could not be used to login to your accounts.
Both username and password are a security requirement to access your purchased product and as such if it is removed you may also lose access to your product.
B. Marketing Email List -
Most purchases and free offers that required you to enter an email address to purchase or download would have been added to a marketing email list. We use these lists to email you about occasional special offers or products we think will be of interest to you and sometimes free information.
Your data is NEVER shared.
Originally we collected a name and an email address but for some time now we have not been collecting names. All existing names will be purged from our systems over the next few weeks. Therefore the only data stored in the
marketing email list is an email address.
Where is this data stored?
The login data will be stored on the server where the product is located. In all cases these are located in the USA
The email marketing list data is stored with third party autoresponder services like GetResponse and Aweber.
These third party services are all adhering to the GDPR regulations see:
https://blog.getresponse.com/getresponse-gdpr-plan.html
C. Support Ticket System
The support ticket system is used to deliver support, pre-sales and general inquiries.
When you raise a support ticket you give me an email address and a name.
In practice the name is only used to respond to you personally . i.e. Dear Fred, However it is not a requirement. Your ticket will generally use the email address to reference your product purchases etc. A history of your tickets is kept so that they can be referenced when support tickets are raised to help us help you better.
What you need to know and what you can do:
We are NOT asking all subscribers to re-subscribe. Therefore your product logins will remain as they are and you will still remain on my marketing mailing list and Support ticket system.
However you have a number of options open to you. I will be acting as the Data Protection Officer so you can contact me with any of the following requests.
1. You can request a copy of all the personal data I hold on you.
2. You can ask me to edit or remove any or all of that data.
3. You can unsubscribe from the marketing email list by using the unsubscribe link in any e-mail.
4. You can contact me if you have any concerns or questions.
Contact
You can contact me via the support ticket system at https://imwb.freshdesk.com or via email at support@imwb.freshdesk.com
You can also “reply” to any email sent to you.
When you do contact me please ensure you clearly state your requirements. i.e. one of 1 to 4 above and any additional information that will help me meet your requirements.
Please include “DATA PROTECTION REQUEST” in the email subject line or in the support ticket title.
5. Some Useful Resources/References:
http://www.wpbeginner.com/beginners-guide/the-ultimate-guide-to-wordpress-and-gdpr-compliance-everything-you-
need-to-know/
https://cookieconsent.insites.com
https://wordpress.org/plugins/cookie-notice/
http://pages.andybrocklehurst.com/legalpagemaker
https://help.aweber.com/hc/en-us/articles/115016056728-The-General-Data-Protection-Regulation-GDPR-What-is-it-
what-is-AWeber-doing-and-what-should-you-do-
https://blog.getresponse.com/getresponse-gdpr-plan.html
| 
