If you have given me your email address by emailing me, buying books from my website or showing an interest in Dinosaur Douglas Books, rest assured that I am looking after your data responsibly and do not share this information with anyone else. If you wish, you can email me at any time to have your details removed.

Re the new General Data Protection Regulation (GDPR) rules, the document that follows explains how I comply. If you have given me your email address (for example, by using the Contact Me link on my website or buying a book form me), please be assured that I am looking after your data responsibly.

If any one understands this compliance issue better than me, and believes there’s something else I should be doing, please let me know. I value the security of your information and will never intentionally breach the rules. However, the rules are designed for large organisations; we author/publishers are sole traders, doing our best to keep up.

1 Awareness

I am a sole trader so there is no one else in my organisation to make aware.

2 The information I hold

Email addresses of people who have emailed me and to whom I have replied – automatically saved in my inbox. Data given voluntarily such as names, postal addresses (for sending physical items like books) and names of contacts in schools, recorded in my inboxes and computer documents. I do not share this information with others.

3 Communicating privacy information

I have put this document on my website.

I have added a link on my “Contact Me” page.

4 Individuals’ rights

On request, I will delete data.

5 Subject access requests

I aim to respond to all requests asap.

6 Lawful basis for processing data

  • If people have emailed me, they have given me their email address and my email account will save it automatically. If people have shown interest in receiving information about my books, I will add their address to my database.
  • If a website visitor has bought something from me, their postal and email addresses are saved in my inbox. I may copy their names and postal addresses to a Word document for the purposes of printing labels, making invoices or informing them about new products.
7. Data breaches

I have done everything I can to prevent these, by strongly password-protecting my computer and email account. If any of those latter organisations were compromised I would take steps to follow their advice immediately.

8 Data Protection Officers

I have appointed myself as the Data Protection Officer, in the absence of anyone else.