Privacy Policy

[Last updated: 07 January 2019]

1. Introduction

1.1 We are committed to safeguarding the privacy of our website visitors and service users.

1.2 We use cookies on our website. Insofar as these cookies are not strictly necessary for the provision of our website and services, we will ask you to consent to our use of cookies when you first visit our website.

1.3 Our website incorporates privacy controls which affect how we will process your personal data. By using the privacy controls, you can specify whether you would like to participate in improving our website by collecting and reporting information on your use of the website. You can access the privacy controls via the Cookie Consent button located at the bottom right-hand corner of every website page.

1.4 In this policy, “we”, “us” and “our” refer to SusanneFromme.com. For more information about us, see Section 13.

2. Credit

2.1 This document was created using a template from SEQ Legal (https://seqlegal.com).

3. How we use your personal data

3.1 In this Section 3 we have set out:

(a) the general categories of personal data that we may process;

(b) in the case of personal data that we did not obtain directly from you (if any), the source and specific categories of that data;

(d) the legal bases of the processing.

3.2 We may process data about the ways you access our website (“access data”). The access data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the access data is our server log files. This anonymised access data may be processed for the purposes of analysing the use of our website, detecting and preventing fraud and unauthorised system access, and ensuring the security of our systems. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services and providing security.

3.3 We may process data about your use of our website (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is consent.

3.4 We may process information that you submit for publication on our website or through our services (“publication data”). The publication data may be processed for the purposes of enabling such publication and administering our website and services. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business.

3.5 We may process information that you post as comments on blog posts on our website (“comments data”). When you leave comments on the site we collect the data shown in the comments form, and your IP address and browser user agent string to help spam detection through our anti-spam software Akismet. An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Aksimet and Gravatar services privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture, if available, is visible to the public in the context of your comment. The publication data may be processed for the purposes of enabling publication of comments and administering our website and services. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business.

3.6 We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data received through our online ‘Contact Us’ page may include your name, email address, IP address and the communication content. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users or to fulfil a contractual obligation.

3.7 We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

3.8 We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.

3.9 In addition to the specific purposes for which we may process your personal data set out in this Section 3, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

3.10 Please do not supply any other person’s personal data to us, unless we prompt you to do so.

3.11 If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

4. Providing your personal data to others

4.1 We do not sell your personal data. We share information about you in the limited circumstances set out in this Section 4 and with appropriate safeguards on your privacy.

4.2 We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

4.3 In addition to the specific disclosures of personal data set out in this Section 4, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

4.4 We may share information that has been aggregated or reasonably de‑identified, so that the information could not reasonably be used to identify you. For example, we may publish aggregate statistics about the use of our website or services.

4.5 Our hosting provider is Strato AG, de. The company has access to our server access logs and error logs which are compiled using anonymised data for the purposes of analysing the use of our website, detecting and preventing fraud and unauthorised system access, and ensuring the security of our systems. Their privacy policy is available here: https://www.strato.com/privacy-policy/

5. International transfers of your personal data

5.1 You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

6. Retaining and deleting personal data

6.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

6.2 We will retain your personal data as follows:

(a) anonymised access data will be retained for a minimum period of 24 hours following your access of our website, and for a maximum period of 31 days following your access of our website. Raw server log files containing anonymised access data may only contain a few hours’ worth of data because they are discarded once they have been processed. As we have enabled automatic archiving, the raw log data is archived before it is discarded. The previous month’s archived logs are automatically deleted at the end of each month;

(b) anonymised usage data will be retained indefinitely following your consent to use Google Analytics to track your use of our website. If you withdraw consent to use Google Analytics to track your use of our website no further anonymised data will be collected;

6.3 In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria:

(a) the period of retention of correspondence data will be determined based on the length of time it takes to satisfactorily answer or otherwise deal with your enquiry or reason for correspondence.

6.4 Notwithstanding the other provisions of this Section 6, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

7. Amendments

7.1 We may update this policy from time to time by publishing a new version on our website.

7.2 You should check this Privacy Policy page occasionally to ensure you agree with any changes to this policy.

8. Your rights

8.1 In this Section 8, we have summarised the rights that you have under data protection law. Some of the rights are complex, and not all the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

8.2 Your principal rights under data protection law are:

(a) the right to access;

(b) the right to rectification;

(d) the right to restrict processing;

(e) the right to object to processing;

(f) the right to data portability;

(g) the right to complain to a supervisory authority; and

(h) the right to withdraw consent.

8.3 If you have posted comments on this website, you can request that we send you an exported file of the personal data we hold about you, including any data you have provided to us. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee. Please make your request to Susanne Fromme, email privacy@susannefromme.com

8.4 In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims Please make your request to Susanne Fromme, email privacy@susannefromme.com.

8.5 If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

8.6 To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal. You can amend your consent to the use of Google Analytics by clicking on the Cookie Consent button located at the bottom right-hand corner of every website page.

8.7 You may exercise any of your rights in relation to your personal data by written notice to Susanne Fromme, email privacy@susannefromme.com

9. About cookies

9.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

9.2 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

9.3 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

10. Cookies we use

10.1 WordPress: This website uses the WordPress (a Content Management System used by just over 30% of the Web https://w3techs.com/). However, while we do allow comments we do not store any of the standard WordPress cookies (e.g. comment_author_{HASH}, comment_author_email_{HASH}, comment_author_url_{HASH}). This means that each time you post a comment on our website you will have to re-enter your details. Similarly, we do not offer user accounts and so we do not store any of the standard WordPress cookies associated with user accounts (e.g. wordpress_{hash}, wordpress_logged_in_{hash}, wordpress_logged_in_{hash}).

10.2 Cookie Consent: We use the Civic UK Cookie Consent plugin to remember your cookie preferences. Two essential cookies are set: civicAllowCookies, civicShowCookieIcon.

11. Cookies used by our service providers

11.1 Our service providers use cookies and those cookies may be stored on your computer when you visit our website

11.2 Google Analytics: With your consent, we use Google Analytics to collect usage data to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy/. The relevant cookies are:

cookie	purpose	duration
_ga	Used to distinguish users.	24 months
_gid	Used to distinguish users.	24 months
_gat	Used to throttle request rate.	1 minute
__utma	Used to distinguish users and sessions	24 months
__utmt	Used to throttle request rate.	10 minutes
__utmb	Used to determine new sessions/visits.	30 minutes
__utmz	Stores the traffic source or campaign that explains how the user reached your site.	6 months

11.3 Youtube: We may use Youtube to integrate videos within webpages. Google place several cookies on any webpage that displays a Youtube video. We have no control over the cookies set by Google. The cookies set may include: __utma, __utmz, APISID, demographics, HSID, HSID, LOGIN_INFO, NID, PREF, PREFSID, SAPISID, SID, SSID, SSID, use_hotbox, VISITOR_INFO1_LIVE, watched_video_id_list. The cookies appear to include information about the number and behaviour of Youtube users. Most of the cookies expire after 10 years. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.

11.4 Google Maps: We may use Google Maps to render maps on the website. Google place several cookies on any webpage that includes a Google Map. We have no control over the cookies set by Google. The cookies set may include: SID, SAPISID, APISID, SSID, HSID, NID, PREF. The cookies appear to include information about the number and behaviour of Google Maps users. Most of the cookies expire after 10 years. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.

11.5 Google Calendar: We may use Google Calendar to display a calendar on a webpage. Google place several cookies on any webpage that includes a Google Map. We have no control over the cookies set by Google. The cookies set may include: __utma, __utmb, __utmz, GAPS, N_T, NID, PP_TOS_ACK, PREF, S, SNID. The cookies appear to include information about the number and behaviour of Google Calendar users. Most of the cookies expire within 4 months, PREF and GAPS expire after 2 years. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.

12. Managing cookies

12.1 You can change your cookie preferences for this website by clicking on the Cookie Consent icon displayed in the bottom right-hand corner of every website page.

12.1 Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);

(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);

(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);

(e) https://support.apple.com/kb/PH21411 (Safari); and

(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

12.2 Blocking all cookies will have a negative impact upon the usability of many websites.

12.3 If you block cookies, you will not be able to use all the features on our website.

13. Our details

13.1 This website is owned and operated by Susanne Fromme.

13.2 You can contact us:

(a) by post, using the postal address: Susanne Fromme, von-Sandt Straße 7, 53225 Bonn-Beuel, Bundesrepublik Deutschland;

(b) by email, privacy@susannefromme.com