Our business is a people’s business: we want to connect with you. That means we need to collect some of your personal information.
The following privacy notice outlines what, when, how and why we collect data.
Reading it won’t take much of your time (4 minutes, to be exact).
Data privacy and ethics is one of the most important topics of our time. Yet currently it’s nothing more than a footnote, designed to deceive people from its meaning and power. Together, we can change this. Break down barriers, jargon and make it more accessible.
My business and its online presence is built with this in mind.
We believe in data minimisation. So when you visit this website, we don’t collect any personal data. We’re using a privacy preserving analytics service called Plausible. No cookies required.
If you want to learn more about Plausible and the way they approach web analytics, check the company’s data policy.
When you contact us via webform we collect the information you share with us. This will allow us to start a conversation with you about working together or any other enquiries. We only collect the bare minimum:
This data passes through our hosting provider’s servers in the Netherlands, GreenGeeks. Our email service provider is ProtonMail.
Learn more about how they approach data security and privacy:
Our legal grounds for processing your “non sensitive” personal data is contract because we only process personal data to:
We do not use your personal data to automatically evaluate or make inferences about who you are, what you might think and how you might act.
We do not use your personal data to make automated decisions about you.
Much rather, we’d like to start a personal conversation and find mutual value in building a sustainable relationship.
Our operational processes ensure that the data we process is accurate.
You can reach out at any time via firstname.lastname@example.org to:
Your data is not our business. We do not and will never engage in the direct exchange of your data.
The services we use for our business act as data processors, so they have access to your personal data. Let’s use an example. When you choose to contact us via our contact form, our hosting provider would process this data on our behalf. The message is sent to our email address managed by ProtonMail.
In the context of the European General Data Protection Regulation, this means we are a controller (“A controller determines the purposes and means of processing personal data”) and GreenGeeks is a processor (“A processor is responsible for processing personal data on behalf of a controller).
The exact services and data we or they have access to is detailed above, in the second clause of this policy.
The limited personal data we process is secured via role-based access rights. Executing risk-based workflows helps to decrease the likelihood of breaches. However, if we believe a data breach may have occurred, we execute an operational process aligned to what is specified under Art. 33 of the GDPR. If this ever happens, we notify the supervisory authority without undue delay, and at the latest within 72 hours after having become aware of the breach we:
In other words, if we make a mistake, we’ll own it and ensure we don’t make it again.
Your data is yours. You should control it and you should benefit from sharing it, if you choose to do so.
If you’ve shared your data with us directly and want to:
You are more than welcome to do it. Get in touch via email@example.com to request or discuss any matter regarding your data. We’ll need evidence of your identity before we can grant access to information about you. This is to protect the privacy of you and others.
We’re bound by specific jurisdictional regulations. But we’re not going to stop there. We will do whatever we can to make our use of data as safe and human-centric as possible. Our focus first and foremost is doing the right thing by you. With this approach, regulations and requirements will naturally be met.
We plan to grow our business. As it happens, our use of data will evolve as long as it aligns to our core values.
This version is dated 20/09/2021.
If any changes are made to this Privacy Notice affect you as a client directly, we will let you know via email.
If you have read this far, it means Data Privacy is as important to you as to us.