You Should Read This, Your Data Matters
We are going to explain in this section how we are working to comply with the GDPR (General Data Protection Regulation) which is a new European-wide data privacy law meant to protect individual’s right to limit and have more control over the data that is collected about them by commercial enterprises like ours. Unlike “terms and conditions,” now a relic of the recent past, the GDPR says that businesses have to communicate how they use data to their users in a “concise, transparent and intelligible” way. It is also important that the information be “easily accessible,” which is why we have broken it down in to several short readable sections below.
NebulaHouse Publishing is a small digital App and story development company. We make apps, e-books and high-quality digital stories for adults and children. We also offer additional editorial, design and media services. We use the little bit of data that we collect to make products that are more tailored to our users and to keep in touch with them about new releases and projects.
We collect and store some information from people who visit our site, buy our product or ask us to provide a service. We do this so that we can deliver the products or services our customers and website visitors need. We are going to tell you about that below.
- Visitor Tracking
- Data Storage
- Newsletters and Emails
- Payment Details
- Your Right to Know, to Be Forgotten, to Rectify and to Erase
- Social Media
To figure out what people like and don’t like on our website, we use something called Google Analytics. Google Analytics is an extremely powerful tool that collects information about people who visit websites on the Internet. What we learn from it is information about which country you are accessing our site from, what language you are using, what browser you are using, how long you visit a particular page of our website and how much of our content you click on or engage with or download. We have activated the highest sensitivity options on Google Analytics, including anonymizing IP addresses and exclude tracking for users asking not to be tracked and forced SSL (Secure Socket Layer, an encryption technology that helps secure your browser traffic). We also do not collect demographic information.
We use Google Analytics to decide what to put on our website in order to get more customers. We also use Google Analytics to see which of our e-books and digital products people engaged with the most – so that we can make more of those kinds of digital products.
Our website is runs on WordPress. On WordPress we have a number of plugins installed that collect information about visitors to our site. We have reviewed all of the information relating to the GDPR for each plugin, and we believe the plugins we are using are compliant with GDPR, but we will be constantly monitoring the plugins we use and updating this policy to reflect changes or deleting plugins that don’t comply.
These plugins and our Analytics don’t store what the GDPR calls PII about you or other people. PII stands for Personally Identifiable Information and is information like your name, your date of birth, your computer’s IP address or any other information that could identify you personally. Also, to the best of our knowledge, our Google Analytics tools do not collect information that could be used to determine someone’s identity when combined with other information that we collect.
We collect PII through website contact forms that people fill out on our website, from email and from our newsletters. We aggregate that information on MailChimp for marketing purposes. This is how we create better content and how we design better digital products. The only PII we collect is your email address and if choose to send us your name we will keep and store that.
Your payment details are not held on the site because we don’t process payments on the Nebula House website. If you decide to download an App or other digital product, you will have to enter personal information on iTunes and GooglePlay for the Apps and on Amazon and Kobo for e-Books. We don’t receive any PII back from those services (or any other). They only send us the date and time a purchase was made, the purchase token and the purchase ID number. As far as we know, those services are also GDPR compliant.