Privacy Policy - 20180525

Category: Privacy
Author:

This page serves as the GDPR Privacy Notice for www.bentasker.co.uk.

The controller of the data collected is Ben Tasker.

You have the right to object to processing, either by objecting to a specific mechanism as described below, or by Contacting Me. If you feel your objection has not been appropriately handled, or that the processing does not have a lawful basis, you also have the right to complain to a supervisory authority.

As an overall summary of the policy - I collect some data in order to run and improve the site, but will not share that data with third parties unless I'm legally compelled to do so

Where I'm performing a service for you (i.e. you're a customer rather than simply visiting the site), our contract will include sections as needed to cover any additional elements I may encounter whilst working for you.


Compliance with a Legal Obligation

The following data is processed/retained in order to comply with Legal Obligations - GDPR Section 6(1)(c)

Tax Records

If you purchase a product or service for me, then you will have been issued with an invoice containing some or all of the following personal data

  • Your Name
  • Your Address
  • Your Email Address
  • Your Telephone Number

A copy of your invoice will be filed with my Tax records, which in order to fulfil HMRC's requirements must be retained for up to 7 years.

Because this data must be available in order to comply with a legal obligation, the GDPR rights of erasure and objection cannot be exercised for this data.

The data is retained on isolated systems with very strong access controls, and will not routinely be passed to any third party. In the event of an audit by HMRC, however, the data may be provided to them when formally requested.


Legitimate Interests

The following data is processed/retained based upon the Lawful Basis of GDPR Section 6(1)(f) - Legitimate Interests. In accordance with GDPR, all have been subjected to a Legitimate Interest Assessment (LIA) in order to balance your rights with the legitimate needs.

Access Logs

All requests and connections to my network services are written to access logs for the necessary purposes of Network & Information Systems Security, Billing and Account Management Purposes and Network Systems scaling and management.

The data stored which may be considered to contain Personal Data is

  • Connecting IP address
  • Details of the request/connection (i.e. which page and site was requested, or for non HTTP connections, which service was requested)
  • HTTP Referrer string (where available)
  • HTTP User-Agent header (where available)

The data collected in access logs is not passed to any third party, and will not be unless required by a lawful warrant issued by a court whose jurisdiction includes the United Kingdom (and any such warrant, even then, may be contested if it's felt to be overly broad or inappropriate - I have no more interest in allowing the Government to trample over your rights than you do).

Access logs are retained for 90 days from the date of their creation, after which they are automatically removed. However, where log lines are considered potentially relevant to a network incident, they may be retained until the investigation has completed. Those which are assessed to relate directly to the incident will be retained as part of the incident report, but will be anonymised as appropriate to the context in which they are being reported.

Any individual wishing to object to this processing should use the contact method provided within this policy. All requests will be considered upon their own merits (and the feasibility of implementation).

A limited amount of automated processing is used in order to identify "bad actor" IPs and limit their ability to cause harm to my systems. The data is not passed to any third party in order to perform this processing.

The processing of this data is not only essential to the services I provide, but is necessary to help ensure that any other data I may hold on you remains protected. Logs form an essential component of investigations into any suspected breach, and without them it may not be possible to identify (and fix) the method used to achieve a compromise. Ultimately, this limited processing benefits both you and my entire user-base.

Site Behavioural Analytics

I use an analytics program in order to record site and user behaviour on my sites for the purposes of identifying how sites are behaving and where (and how) improvements can be made (for example if a regularly visited URL results in a 404 Not Found). The data is used in order to rectify issues, track site performance and to aid in troubleshooting when issues are reported. It is also utilised in order to help make scaling and deployment decisions within my Content Distribution Network (CDN), as well as identifying cases where a user has been routed to an incorrect server (for example, a US user being sent to an Asian distribution node).

The following personal data is collected and stored

  • IP address (masked to exclude the final 2 bytes - i.e. 192.168.x.x instead of 192.168.1.1)
  • Rough geographic location (based upon the anonymised form of the IP)
  • HTTP Referer (where available)
  • Screen resolution (used to aid design decisions and optimise media for delivery)
  • HTTP user-agent
  • OS and hardware platform (derived from the above)
  • Browser language (from the Accept-Language header)

This granularity of data is retained for 31 days. The data is then used to generate an aggregated data-set (so records are grouped by items they have in common - like geographic location) which is retained for 4 month

The data collected in access logs is not passed to any third party, and will not be unless required by a lawful warrant issued by a court whose jurisdiction includes the United Kingdom (and any such warrant, even then, may be contested if it's felt to be overly broad or inappropriate - I have no more interest in allowing the Government to trample over your rights than you do).

If you wish to object to this processing there are three means of doing so

  • Visit https://piwik.bentasker.co.uk/optout and set appropriately
  • Enable "Do Not Track" in your browser
  • Install an adblocker and enable it

The former will have full effect on all my sites/services. However, it will not protect you from similar processing on other people's sites, so it's strongly recommended that you consider the other options too (particularly the final one)

The data is protected by a variety of strong mechanisms, and access to the data is very tightly restricted.

Cookies

Cookies set by the site are essential in order to operate, or in order to fulfil a request that you have made. They are used only for this purpose and not used in order to track or otherwise profile you.

For a list of the cookies set, please see https://www.bentasker.co.uk/cookies. You can also self-serve on the Your Stored Data page.

Backups

As might be reasonably expected, all my systems generate backups, for the purposes of ensuring Service/Business Continuity. They may also, in extreme cases, be used during investigation of Security Incidents.

This means that my backups may (and likely will) contain any of the Private Data discussed in this privacy policy at any one time.

The data collected within backups is not passed to any third party, and will not be unless required by a lawful warrant issued by a court whose jurisdiction includes the United Kingdom (and any such warrant, even then, may be contested if it's felt to be overly broad or inappropriate - I have no more interest in allowing the Government to trample over your rights than you do).

Backups are generated (at least) daily and retained for 90 days from the date of their creation.

Any individual wishing to object to this processing should use the contact method provided within this policy. All requests will be considered upon their own merits (and the feasibility of implementation). However, you should be aware that it's unlikely to be possible to exclude your data from backups.

Similarly, individuals are unable to exercise their right of erasure against backups. Interfering with a backup may render it entirely unusable, undermining the legitimate purpose of the backups. However, because backups are only retained for a short period before rotating out, your data will cease to exist in a backed up form within 90 days of completion of your erasure request under different sections of this policy.

Data with backups is not accessed nor processed unless a backup restoration is required - which is (and will hopefully remain) a rare occurrence. The existence of the backups therefore doesn't change the way you're data is handled/processed other than that it means it will be stored in an additional location.

Backups are very strongly encrypted, and the necessary decryption keys are stored in an 'offline' format with strong physical security. Backups are not moved outside of the European Economic Area. Systems generating backups have the ability to upload data to the storage area, but not the ability to read it back - so even with the decryption key, compromise of a backed up host should not be sufficient to grant access to the backup contents.

The generation of backups is essential to providing and maintaining any digital service, and in some cases (such as for Tax records) may also be necessary in order to ensure compliance with a legal obligation (GDPR Section 6(1)(c)). Ensuring the continuity of service can be maintained benefits the both of us.


Consent

The following items are processed based upon a lawful basis of Consent - Section 6 (1)(c)

Social Media Icons

Various pages within this site display Social Media icons allowing you to quickly and easily share content onto various social networks.

By default, these are disabled, so no requests are made to social media sites as the result of loading a page.

If you wish to utilise these buttons, you will need to consent to the activation of these links, and can do so in one of the two following ways

  • Per page: You can simply click the social media icons to enable them (and then click the relevant icon to share the content). On the next page load/refresh, the icons will once again be disabled.
  • Site wide: In the privacy options pane on the left of this site is the option "Unblock Social icons". Clicking this will set a locally stored object in your browser, and the icons will be active on every page. If you wish to withdraw that consent, you may simply click "Block social icons" in the same location and your preference will be reverted.

When you enable social icons, be aware that your browser will place a request to the social media network in order to generate the share button (and ultimately, to share/like the content if you click again). The privacy policies of each of the social networks applies to those requests, but as a guide, each of the social networks will likely do the following if you allow the icon to load

  • Record your IP address and time of request
  • Set a cookie (and check for existing cookies)
  • Record the address of the page you're on
  • Record your username (if you're currently logged into that social media network)

They will also likely process the above in order to update an advertising profile.

The social media icons are provided for convenience purposes only, and out of principle I advise against enabling them globally. You may also want to consider configuring an ad-blocker to block social media icons for networks that you either don't use, or don't commonly share content to (for example, I block Facebook like buttons and LinkedIn Share buttons as I primarily share content on Twitter).

 
 Share