We are working to incorporate the European Union’s General Data Protection Regulation (GDPR) that goes into effect May 25, 2018. We do not yet claim 100% compliance with GDPR, and will be updating our policy as we become more familiar with how the regulations apply to our business. In the meantime we are incorporating some of the terminology of the GDPR as we understand it to make it as easy as possible for our European customers, subscribers, and website visitors to see where we do comply. See below for information about our GDPR Controller, and Processors.
None of our businesses depend on advertising revenue. We occasionally publish content that is sponsored, including paid banner ads, when we do it is always prominently identified as “sponsored”.
What information do we collect and what do we do with it?
We collect the name and email address information of our email newsletter subscribers from a subscription form on our websites. We also collect name and email information from visitors to our site who are enquiring about our products or services.
Our newsletter subscribers and website visitors may also provide additional information such as their professional title, organization, professional interests, and additional contact information such as work address, phone number, and social media handles. None of this additional information is required, and all of it can be changed directly, or deleted, by subscribers and registered visitors at any time via a direct link in every email newsletter, or via the website. They can also request that we change or delete the information for them by contacting us via email, web site contact form, telephone, or postal mail.
We do not collect any sensitive personal data that GDPR considers “special categories of personal data” in Article 9.
All personal information is being collected to communicate with, deliver, and improve our products and services to our customers.
- We do not work with ad exchanges.
- We do not share personal data with third parties.
- We do not purchase or collect personal data from third parties.
- We do not use third party authentication from Facebook, Google, Twitter, or others, so neither they nor their advertisers receive any data from us when registering on our websites.
Tracking & Cookies
- We do not sell or share this data.
- We do not track customer, subscriber, or website visitor activity on other websites they visit.
We limit second and third party tracking on our websites, and have started replacing services and plugins on our website that don’t comply with GDPR. Relevant applications and plugins we use are listed in the GDPR Processors section below. You can use a browser extension, such as Ghostery, to see what trackers are active on our (or any) website.
Bluebill Advisors Inc is the GDPR Controller for personal data processing of https://gilbane.com, https://bluebillinc.com, and the The Gilbane Advisor email newsletter. Bluebill Advisors Inc. controls the websites and databases where personal data is secured. Processors who have access to our data are described below.
Bluebill Advisors, Inc. is located at 300 Summer St #76/77 Boston MA 02210, and can be contacted at +1.617.861.2406, or email@example.com. You can also contact us via our website at https://gilbane.com/contact/.
Bluebill Advisors Inc is a GDPR Processor of a subset of the personal data controlled by Information Today Inc for the Gilbane Conference. This subset includes personal contact data of Gilbane Conference speakers or individuals applying to speak at the Gilbane Conference. In GDPR terms, we understand this subset to be considered second party data. In W3C Do Not Track terms this subset might be considered as joint first party data.
Processors of personal data controlled by Bluebill Advisors Inc, with links to their privacy policies or GDPR compliance information are listed below. Many of them are still adding GDPR compliance features, and we will continue to test and integrate them:
- Campaign Monitor (email list manager), https://www.campaignmonitor.com/trust/gdpr-compliance/
- Monster Insights, https://www.monsterinsights.com/gdpr-and-monsterinsights-everything-you-need-to-know/
- Google analytics, https://www.google.com/analytics/terms/dpa/dataprocessingamendment_20160909.html
- WordPress, https://wordpress.org/news/2018/04/gdpr-compliance-tools-in-wordpress/
- WPForms, https://wpforms.com/introducing-new-gdpr-enhancements-for-your-wordpress-forms/
- Sassy Social Share, http://support.heateor.com/gdpr-and-our-plugins/
- Luxsci (our ISP), https://luxsci.com/blog/gdpr-luxsci-privacy-policy-and-terms-and-conditions-changes.html
- iThemes, (security and backup), https://ithemes.com/privacy-policy/
Our sites have security measures in place to protect the loss, misuse, and alteration of the information under our control. We use encryption (HTTPS/TLS) to protect data transmitted to and from our site. Logging into to our sites requires tw0-factor authentication, and we use continually updated security software that monitors our sites and databases and protects against malware and data breaches. Of course no data transmission over the Internet is 100% secure.
Opt-Out of emails, deletion of personal data, and questions
There is a link in every email message subscribers can use to opt-out of receiving future emails from us, or edit their preferences and profile at any time. Subscribers can also request changes, request that their personal data be deleted, or request information about what data about them we have. To make a request or if you have any questions about this privacy statement, please contact us.