Privacy policy

Our privacy policy

Our website address is https://davidjcmorris.com. This started life as a WordPress blog with capability to leave comments on an individual post and to subscribe for updates. In 2018, it evolved to selling courses and books as well. This has increased the level and type of personally identifiable information collected and stored. In light of recent changes in regulation and good practice, we wanted to explain our attitude and approach to privacy (the ‘policy’). This is a l-o-o-o-ng page, but we need to be explicit about all the ways we handle your personally identifiable information.

What personal data we collect and why we collect it

WordPress and its plugins do not collect personally identifiable information from visitors, unless you explicitly agree to provide it. Each example is described below, along with what information is retained, what it is used for, and for how long we keep it.

Comments and product reviews

When visitors leave comments or product reviews on the site we collect the data shown in the form, and retain this with your IP address and browser information indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

Your email address may be passed through to the Gravatar service — via an anonymized string known as a ‘hash’ — to confirm whether you are signed up and to make your profile picture available to show alongside your comment if you are. Please see the Gravitar privacy policy for more details:
https://automattic.com/privacy.

Your IP address and browser information may also be passed through to the Akismet service to help spam detection.

Subscriptions and registered users

This website uses contact forms that enable visitors to subscribe for updates, amongst other things. This will collect and store your name and email address so that we can send you emails. We will retain this until you unsubscribe.

For visitors that register as users on our website, we also store your personal information provided in your profile. You can see, edit, or delete your personal information at any time (except you cannot change your username). Website administrators can also see and edit that information.

We will never make this available to third parties for marketing purposes.

Shopping

When visitors are browsing our courses and books, we will track:

  • The products you’ve viewed: to improve your shopping experience
  • Your IP address and browser information: to estimate taxes and shipping costs
  • Your shipping address: to estimate shipping costs and deliver you the order

When visitors purchase from us, we will ask you to provide your name, billing address, shipping address, email address, phone number, payment details, and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

We are legally required to retain information on financial transactions (i.e., sales and refunds) for seven years, for tax and accounting purposes.

Payments

We accept payments through Direct Bank Transfer, Stripe (secure credit card gateway), and PayPal.

  • For direct bank transfers, no payment information is retained. You simply login to your bank and use the order reference provided to transfer the funds to us. When we see funds arrive in our account, we use this reference to look up your order in our system to update and show it is has been paid.
  • For payments through our secure credit card gateway, Stripe, we will pass through information required to process or support the payment, such as the purchase total and billing information. Stripe will ask you for your payment card number, CVC code and expiration date — this is securely held by Stripe and not our website. Please see the Stripe privacy policy for more details: https://stripe.com/gb/privacy
  • For payments through PayPal, we will pass through information required to process or support the payment, such as the purchase total and billing information. PayPal will ask you for additional payment information — this is held securely by PayPal not our website. Please see the PayPal privacy policy for more details. https://www.paypal.com/us/webapps/mpp/ua/privacy-full

Login attempts

Attempts to login are checked through an automated protection service, to protect against brute force attacks.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

If you are browsing our courses and books, we will use temporary cookies to keep track of cart contents .

When you log in, we set cookies with your username and screen preferences. Login cookies last for two days, unless you select ‘Remember Me‘ in which case they last for two weeks. When you explicitly log out of your account, the login cookies will be removed. Screen preference cookies last for a year.

If you publish or edit an article, the post ID of the article is saved in a cookie. It expires after 1 day.

Analytics

This site uses Google analytics to report on which pages of the site are the most popular. This information is not personally identifiable, but it associated with an IP address to improve reporting with activities, first and last page, etc.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, etc.) from other websites. This material will behave in the exact same way as if the visitor was on the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

How we protect your data

We take many steps to protect your data, including: putting everything behind a security wall (the ‘s’ in https); validating and blocking invalid login attempts; screening for and blocking the submission of inappropriate content; constant surveillance of content, plugins, and themes for malware; strong physical security in our hosting environment; and multiple failover redundancies.

Contacting us about data protection and our privacy policy

Any enquiries or requests for data protection and our privacy policy should be addressed to:
privacy@sophorum.com