This Privacy Policy explains how Stillness in the Storms Ltd (“we”, “us”, or “our”) collects, uses, and protects your personal information when you use our website, https://stillness.stevenwebb.com/, and purchase our courses through MemberPress. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (GDPR).
1. Information We Collect
We collect the following types of personal information:
- Account Information: When you register for an account to purchase courses, we collect your name, email address, username and password.
- Payment Information: When you purchase a course, we do not store your credit card details. These details are processed securely by our payment processors, Stripe and PayPal. Please refer to their individual privacy policies for details of their data handling practices.
- Email Communication: If you sign up for our weekly calm email, we will collect your name and email address through our email provider MailChimp.
- Usage Information: We collect data about how you use our website, such as pages visited, time spent on the site, and user interactions for the improvement of user experience using tools like Google Analytics and Microsoft Clarity.
- Social Login Information: If you choose to log in using your Facebook or Google account, we will receive basic profile information (e.g., name and email address) as permitted by those services.
- Standard Website Data: We collect standard website data that is necessary for website security, maintenance and improvement.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Providing Services: To manage your account, process course purchases, and provide access to our courses through MemberPress.
- Email Communications: To send you our weekly calm email which may include links to other courses and products on our site.
- Improving User Experience: To understand how users engage with our website using Microsoft Clarity and Google Analytics, and use this information to improve the design and functionality.
- Account Security: We need to keep your account information safe, and provide a secure platform for our members.
- Website Maintenance To provide an operational website and make improvements.
3. Legal Basis for Processing
We will only process your personal information where we have a lawful basis to do so. Usually, this will be one of the following:
- Contractual Necessity: The processing is necessary for the performance of a contract (e.g., providing access to your courses).
- Consent: You have given us explicit consent to process your information, such as when you sign up to our weekly email newsletter. You may withdraw your consent at any time, by using the unsubscribe link at the bottom of any email.
- Legitimate Interests: We have a legitimate interest in processing your data, such as for website improvement and security, and these interests are not overridden by your interests or fundamental rights.
- Legal Obligation: We are legally obliged to process your information
4. Data Retention
We will retain your personal data for only as long as is necessary for the purposes for which it was collected, including meeting any legal, accounting, or reporting requirements.
If you purchase a course, we will retain your data while your account is active. Data collected for Google Analytics and Microsoft Clarity is kept for a maximum of 18 months. All data in relation to your email communication will be kept until you unsubscribe from the email list.
5. Data Security
We are committed to protecting your data and employ appropriate technical and organisational measures, including:
- Secure servers provided by our hosting provider, 20i.
- Password hashing in line with WordPress best practice, and not stored in plaintext format.
- Regular backups.
- Regular security checks.
Please be aware that while we take great care to ensure the security of your information, no method of transmission or storage is 100% secure.
6. Sharing Your Data
We do not sell your data to third parties. We do not share your personal data except in the following circumstances:
- Payment Processors: We share your payment information with Stripe and PayPal to process payments.
- Email Provider: We share your name and email address with MailChimp for sending emails.
- Social Login: We share your login information with Facebook or Google to facilitate the use of social login features.
- Legal Obligations: If we are required to by law, we will share your data.
7. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Rectification: You can ask us to correct any inaccurate or incomplete information we hold.
- Right to Erasure: You can request that we delete your personal data under certain conditions (see section 8 below).
- Right to Restriction: You can ask us to restrict the processing of your data in certain circumstances.
- Right to Data Portability: You can ask us to transfer your data to another organisation in a machine-readable format.
- Right to Object: You can object to our processing of your data in certain circumstances.
- Right to Withdraw Consent: You can withdraw your consent to our processing of your data at any time.
- Right to lodge a complaint: You have the right to lodge a complaint with the appropriate supervisory authority (the ICO in the UK).
8. Deletion of Your Information
You may request the deletion of your personal information at any time. To do so, please contact us via our contact form, at https://stevenwebb.com/contact/, including your username. Once we have received your request and verified your identity, we will delete your information from our database within 48 hours. You will be notified once the deletion process is complete.
9. Cookies
Our website uses essential cookies necessary for the operation of WordPress and MemberPress. We do not use any additional tracking or advertising cookies.
10. Changes to this Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page. We encourage you to review this policy periodically.
11. Contact Us
If you have any questions about this Privacy Policy, please contact us through the contact form on https://stevenwebb.com/contact/.
A few Notes on this:
- Accuracy: Please double-check all the details in this policy are correct, especially regarding third-party services you use.
- Placement: Make sure this policy is linked in a prominent place on your website, likely in the footer.
- Transparency: The language aims to be clear and straightforward.
- Regular Review: You should periodically review and update this policy as your business changes and as GDPR guidance evolves.