UK GDPR Compliance Statement and Privacy Notice

Who we are

Our website address is:

If you have given us your email address (by emailing us, buying something from our website or subscribing to our website, for example) you should read this to reassure yourself that we are looking after your data responsibly.

If any website visitors understand these rules better than us and believe there is something else we should be doing, please don’t hesitate to let us know. We value the security of your information extremely highly and will never intentionally breach the rules. However, the rules are designed for large organisations and the rest of us are just doing our best to keep up.

Our use of cookies, analytics tracking, and more technical issues related to this website and data collection is addressed fully in our Cookies Policy.

Our lead data protection supervisory authority is the UK’s ICO so in order to create this document we consulted the UK ICO booklet, “Preparing for the General Data Protection Regulation – 12 Steps to Take Now”.

What personal data we collect and why we collect it

Name and email address

Email addresses of people who have emailed us via the contact page and to whom a reply has been sent – automatically saved in his AOL or Gmail accounts – collected only for the legitimate purpose of replying to emails.

We do not share this information with anyone, unless specifically indicated and when explicit consent has been given by the message sender, or in the highly unlikely event that we are legally obliged to do so.

If someone randomly asks for another person’s email address, unless both are known closely to us, we will always check with the other person first.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.


We use Google Analytics to monitor traffic levels, search queries and visits to this website. Google Analytics stores IP addresses anonymously on its servers in the US, and neither we nor Google can associate your IP address with any personally identifiable information. To find out more please visit: How Google uses data when you use our partners' sites or apps

Who we share your data with

We never share your name or email with anybody unless legally obliged to do so.

How long we retain your data

We retain your personal information only for as long as necessary to provide you with any services and as described in this Privacy Policy. However, we may also be required to retain this information to comply with any legal and regulatory obligations, to resolve disputes, and to enforce any agreements. We generally keep your data for the following time period: 4 years.

What rights you have over your data

You may request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

If someone asked to see their data stored via or we will take a screenshot of their email entry/entries.

Contact information

If you require any more information or have any questions about our privacy policy, please feel free to contact us by email at

Subject access requests

We aim to respond to all requests within 72 hours and usually much sooner.

Lawful basis for processing data

If people have emailed us, they have given us their email address, and usually, their names. We do not actively add it to a list but or will save it automatically. We will not add it to any database or spreadsheet unless someone asks us to or gives us explicit and detailed permission.

Use of Payment Service Providers

- Paypal
When you purchase a book through this website, you will be sent to to complete the purchase. The transfer takes place in accordance with Art. 6 (1) point b GDPR and only insofar as this is necessary for payment processing. Please refer to PayPal's data protection declaration at:


Young people sometimes email us but we don’t know their age unless they tell us – and we only have their word for that. We would not deliberately keep their email address (but or Gmail would save it in our account.) Since we are not “processing” their data, we are not required to ask for parental consent. We might reply to the email, but will not actively contact them again.

Data breaches

We have done everything we can to prevent this, by strongly password-protecting our computers, mobile devices, AOL, Gmail, Dropbox, Rochen Limited and VaultPress accounts, and using two-factor verification where available. If any of those organisations were compromised we would take steps to follow their advice immediately. Our website is hosted by Rochen Limited and is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information. Access to back end website management is also protected by strong passwords and two-factor verification.

Communicating privacy information

We have put this document on our website with a link in the footer.