In this policy, “RC” and “I” refer to Rowan C. Woodmass, as well as any staff, board members, cooperating attorneys, interns, volunteers, and consultants, all of whom are bound by law or contract to keep confidential information they receive as part of their assistance to RC.
I do not sell or rent customer, subscriber or website visitor information under any circumstances, and I do not share customer, subscriber or website visitor information without prior consent except as compelled by law. This restriction applies to customers and subscribers who join or purchase both online and offline. (See discussion below.)
RC is located within Canada, and therefore will transfer, process, and store your information in Canada, with the exception of third-party tools such a Stripe and Mailchimp, which may store information in the United States or other countries.
Cookies: I do not use persistent ID cookies on this site except where you click “remember me” or are logged in, as you can be if you are a customer. I use session cookies on certain portions of the website. Session cookies expire when you close your browser. You can use Tor if you wish to keep your connection information anonymous, but please note that you can still be identified if you log in.
Voluntarily Submitted Information: In addition, I collect and retain information you voluntarily submit to me. It is up to you whether to submit information to me, and how much information to provide. If you choose to join my email list, purchase something, or send a message through my contact form, I may ask for identifying information such as your name, email address, mailing address and phone number and will retain that information. For online shoppers, I also ask for your credit card number or other payment information. For the email list, I maintain information about your interaction with my email campaigns. If you use the Shop, you are asked to provide personal information, such as a shipping address, necessary to complete your transaction.
I may ask for additional personal information when you provide feedback or comments, or otherwise communicate with me.
From time to time, I may ask for personal information on other portions of the site, such as asking you to sign a petition, or participate in a contest.
Use of Information
Customer and Subscriber Information: I use customer and subscriber information for my legitimate interest in processing and managing your purchases or email subscription. If you agree, I will use your email address to send you new pieces of writing, shop updates, or other information about my work.
Other activities: I may run surveys, contests, or similar activities through this site. Such information will be used for the purposes for which it was collected. I use the information provided through my online shop to fulfill your order, and address any problems that might arise. I also look at technical information to diagnose problems with or consider improvements to my servers or related technologies and to administer rwoodmass.com and other websites I host or provide.
Third-Party Service Providers
Portions of the rwoodmass.com site are operated by third-parties. When necessary and appropriate, I use the following categories of third party services:
- content delivery networks and cloud hosting providers (for example, hosting and handling traffic to our site).
- Financial services and payment processors (for example, your credit card and online payments)
- cloud email providers (for example, sending you email)
- shipping and fulfillment services (for example, shipping you my book)
Where possible, I take steps to limit the ability of third parties to retain data about you. These service providers may place session cookies on your computer. My service providers may also log standard technical information, such as the numerical Internet Protocol (IP) address of the computer you are using; the browser software you use and your operating system; the date and time you access our site; and the Internet address of the website from which you linked directly to our site. Our service providers may also store and organize the personal information collected through this site on our behalf. RWoodmass.com’s third party providers primarily process information in the United States, but may process data in other jurisdictions. Where applicable, we have entered into General Data Protection Regulation(GDPR) compliant Data Protection Addendums with third-parties who process data on my behalf.
In addition, for all of my service providers, hosting providers and credit card processors and any other providers we may use in the future, the information collected from website users remains protected by the terms of our agreements with those providers and we will ensure that the information to be kept confidential and disclosed only to people who require such access in the course of their assigned duties. I also require all of my third-party service providers to notify me if they receive legal process seeking information about visitors to my rwoodmass.com.
I may change the specific third-party providers from time to time, and will transfer stored information to any new provider subject to similar restrictions and agreements. From time to time, I may work with third-party consultants or other service providers who may have access to personally identifiable information. In such cases, I will restrict their use of personally identifiable information in accordance with their assigned tasks.
Third-Party Services and APIs
This website also provides links to or interacts with a wide variety of third-party websites, including interactive links to sites like social media and video hosting websites, often via application programming interfaces (APIs). I am not responsible for, and do not have any control over, the privacy practices or the content of such third parties.
I encourage users to read the privacy policies of any website visited via links from or interactions with this website. Where appropriate, I will provide specific notice of these third-party services at the point of interaction. It is my policy not to include third-party resources when users initially load my web pages, but I may dynamically include them later after giving you a chance to choose to interact with them. If you believe a third-party resource is automatically loading, please let me know so I can address it.
Disclosure of Your Information
While I endeavour to provide the highest level of protection for your information, I may disclose personally identifiable information about you to third parties in limited circumstances, including: (1) with your consent; or (2) when I have a good faith belief it is required by law, such as pursuant to a subpoena or other judicial or administrative order.
If I am required by law to disclose the information that you have submitted, I will attempt to provide you with prior notice (unless I am prohibited or it would be futile) that a request for your information has been made in order to give you an opportunity to object to the disclosure. I will attempt to provide this notice by email, if you have given me an email address, or by postal mail if you have entered a postal address. If you do not challenge the disclosure request, I may be legally required to turn over your information.
In addition, I will independently object to requests for access to information about users of this website that I believe to be improper.
Updating or Removing Your Information
You may choose to correct, update, access, or delete the information you have submitted to me by sending an email requesting changes to firstname.lastname@example.org. If you create an account via my shop, you may correct, update, access, or delete the information provided on the account management page.
Your consent to my use of your information is very important to me. If you would like to withdraw your consent to receive my email newsletter, you may use the link at the bottom of any email I send to unsubscribe. If you would like to otherwise withdraw your consent, restrict or object to my processing of your data, please email email@example.com.
Data Storage and Retention
Email subscriptions information is retained until you unsubscribe from the mailing list(s).
If you communicate with me, such as through firstname.lastname@example.org, I keep records of those communications indefinitely, pursuant to our document retention policy (described below).
Financial records of purchases and other transactions are retained indefinitely, pursuant to our document retention policy. Paper records of purchases, such as event purchase forms and signup sheets, are typically destroyed soon after entry. Check copies and payment distribution details are normally kept up to seven years. Accompanying customer information is kept indefinitely unless the individual requests that it be removed.
Our document retention policy provides that I generally retain documents for the period of their immediate or current use, unless longer retention is necessary to comply with contractual or legal requirements. However, data storage periods are based on my assessment of my needs and might include retaining some documents for historical reference and retaining some documents because I have insufficient organizational resources available to dedicate to their review and destruction, and/or other pertinent factors.
If I inadvertently collect more personal information than intended, I endeavor to delete the extraneous information. When I no longer need to retain information or when deleting information on request, I endeavor to remove all copies. However, please understand that deleted information may continue to persist on backup media.
If you have any questions about my privacy and data protection practices, you can reach me at email@example.com.
If our processing of your personal data is covered by EU law, you may also lodge a complaint with the relevant data protection supervisory authority for your country of residence.
I employ industry standard security measures to protect the loss, misuse, and alteration of the information under my control, including appropriate technical and organizational measures to ensure a level of security appropriate to the risk, such as the pseudonymization and encryption of personal data, data backup systems, and engaging security professionals to evaluate my systems effectiveness. I have turned on HTTPS by default.
Although I make good faith efforts to store information collected by me in a secure operating environment, I cannot guarantee complete security.
Changes to Our Policies