Privacy Policy

It is my policy to respect your privacy regarding any information I may collect from you or which you may provide to me, in the circumstances set out below. Accordingly, I have developed this privacy policy in order for you to understand how I collect, use, communicate, disclose, safeguard and otherwise make use of your personally identifiable information (“Personal Data”).

I have read the Information Commissioner’s Office guidelines for compliance with the new General Data Protection Regulation (GDPR) rules. If you have given me your email address or other Personal Data (by emailing, subscribing to the website, buying something from my website or providing your email at one of my events for example) you should read this to reassure yourself I am looking after your data responsibly. I value the security of your information and will never intentionally breach the rules.

I will only collect and use your Personal Data where:

• I have lawful grounds to do so, including to comply with my legal obligations;

• I am performing a contract with you for my services; and

• I have legitimate interests in using your Personal Data and your interests and fundamental rights do not override those interests.

For the purposes of the EU General Data Protection Regulation ((EU) 2016/679) (“GDPR”), I am the “data controller”. If you have any questions about this policy or about how I use your Personal Data, please contact me via my contact details at the end of this policy.

This policy is effective as of October 2020. I review my privacy practices on an ongoing basis, and as such I may change this privacy policy from time to time. Please check this page frequently to ensure you are familiar with its current content.

  1. (Personal Data I collect via my website: “Website”) or by other means

Personal Data that you provide to me

I only collect Personal Data where you choose to interact with me on the Website, or by other means in the following ways:

ActivityTypes of Personal Data Collected
When you sign up to receive regular email updates on my writing and my booksFirst name Last name Email address
When you choose to get in touch via the contact pageName Email address
When you have given me your email address during written or verbal communication at writers’ eventsName Email address

Data that I collect automatically

I may automatically collect certain information when you visit my Website—such as the type of browser and operating system you are using, and the domain name of your Internet service provider. I do not link this information with any Personal Data.

I may also collect data automatically through my use of cookies on the Website. Please see my cookie policy[MC1]  to find out about the types of cookies I set and why, and how you can adjust your settings to disable cookies.

  • Use of your Personal Data

I will only use your Personal Data when the law allows me to. Most commonly, I use your Personal Data to:

• process and manage your use of my website;

• respond to your questions, comments and requests;

• where you have opted-in to receive marketing from me, deliver communications that are relevant to your preferences / may be of interest to you;

• improve my services and Website through analysis of information.

  • Sharing of your Personal Data

I take your privacy seriously and will not share your Personal Data with others, except as permitted by applicable law or as set out below:

I share Personal Data as necessary with third parties who provide services or functions on my behalf and who require the information to provide those specific services to me. These third parties may include social media advertising platforms such as Facebook and Google Adwords[MC2]  for the purpose of custom audience generation and the development of targeting criteria for other audiences. Please note that we have appropriate data privacy safeguards in place with third parties with whom we share Personal Data[MC3]  as described above and who are providing services or functions on our behalf.

  • Keeping your Personal Data secure

I have implemented security policies and technical measures to safeguard the Personal Data I collect[MC4] . I maintain physical, electronic and procedural safeguards that comply with applicable law, including the GDPR, to safeguard Personal Data from accidental loss, destruction or damage and unauthorised access, use and disclosure.

I have done everything I can to prevent data breaches, by strongly password-protecting the computers used[MC5] , Mailchimp, Google and Dropbox accounts. If any of those organisations were compromised, I would take steps to follow their advice immediately.

  • Retention periods for use of your Personal Data

I will use and store your Personal Data only for as long as necessary, bearing in mind the uses of your Personal Data as described in this privacy policy and otherwise as communicated to you. I review the Personal Data I hold at regular intervals and delete permanently or anonymise any Personal Data which is no longer necessary.

  • Children

This Website and my services are aimed at adults, and I do not knowingly collect any Personal Data relating to children. If you are under the age of 18, please do not provide me with any of your Personal Data, including your email address.

  • Access to and control over your Personal Data

You have legal rights under applicable law in relation to your Personal Data. You can ask the following questions, or take the following actions, at any time by contacting me via email or via my postal address , both of which are given at the end of this document:

• see what Personal Data I hold about you (if any), including why we are holding it and who it could be disclosed to;

• ask me to change/correct your Personal Data;

• ask me to delete your Personal Data;

• object to the processing of your Personal Data;

• ask me to restrict the processing of your Personal Data;

• withdraw any consents you have given me to the processing of your Personal Data; and

• express any concerns you have about third parties’ use of your Personal Data.

If you asked to see your data, I would take a screenshot of their entry/entries.

If you unsubscribe yourself from the Mailchimp list, your data will be deleted within 7 days.

  • Change of purpose

I will only use your Personal Data for the purposes for which I collected it, unless I reasonably consider that I need to use it for another reason and that reason is compatible with the original purpose. If you wish to have an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact me.

If I need to use your Personal Data for an unrelated purpose, I will notify you and will explain the legal basis which allows me to do so.

  • Data protection by design and data protection impact assessments

I have familiarised myself with the ICO’s code of practice on Privacy Impact Assessments as well  as the latest guidance from the Article 29 Working Party, and believe I am using best practice.

  1. Data protection officers

I am not a major organisation, so I do not need to appoint a Data Protection Officer.

  1. International

My lead data protection supervisory authority is the UK’s ICO.

  1. Communicating This Policy

I am taking the following steps:

I have put this document on the website.

I have contacted members of my Mailchimp database and reminded them of what they signed up to, alert[MC9]  them to any changes and remind them they can unsubscribe at any time and their data will be deleted.

Once I have contacted you with a reminder about the T&C of my holding your data, I regard[MC10]  this consent as confirmed for a year, or until you ask me to remove the data. I have never harvested email addresses, nor would I. Anyone on my lists has contacted me either through the website or in person.

Consent is not indefinite, so I will make sure I remind you annually that you can unsubscribe[MC11]  or ask for your data to be removed.

  1. Contact Me My full details are: Marcia Clayton: Author

Email for Privacy Questions: