What personal data we collect and why we collect it
| What we collect | From where we collect it | Why we collect it |
|---|---|---|
| Your name and emailaddress | From your social media account during registration, from the traditional registration form or from the billing form in the shop | For administration purposes |
| Your country | From the geolocation where you are when purchasing your membership, or from you when you override it | For administration and tax purposes |
| Your profile picture | From your social media account during registration or from you when uploaded separately | For administration and community purposes |
| Your purchase- and membershipdetails | From your purchases in the webshop | For administration, legal and tax purposes |
| Your comments and its metadata | From your session on the website | For determining if you have earlier comments approved by us, and for community purposes |
| Your IP address | From your session on the website | For anti-spam protection and for statistics |
| Your device and browser | From your session on the website | For statistics |
Who we share your data with
| With whom we share | What we share | Why we share your data |
|---|---|---|
| Akismet | Your emailaddress and IP address | To prevent spam in the comment boxes and in the contact forms |
| Your IP address. Google uses IP Anonymization (or IP masking) by setting the last octet of IPv4 user IP addresses and the last 80 bits of IPv6 addresses to zeros | For (statistical) Google Analytics | |
| Stripe (payment service provider) | Your country | For determining the payment options available in your country |
What we don’t collect and don’t share…
We don’t collect your paymentdetails, so no bankaccount data, no creditcard data, nothing. That information stays with the payment service provider. We are only advised by the payment service provider on your name and emailaddress, the amount and the payment method used.- We don’t use marketing or advertising cookies, nor social media pixels for them to follow you on the website.
- We don’t share your emailaddress nor the contents of the emails with third-party email service providers.
We don’t collect your paymentdetails, so no bankaccount data, no creditcard data, nothing. That information stays with the payment service provider. We are only advised by the payment service provider on your name and emailaddress, the amount and the payment method used.Where we store your data
Your data is stored on the servers of our webhosting provider. These servers are located in the Netherlands and the webhosting provider has implemented strict GDPR rules. All required DPA’s (Data Processing Agreements) are in place and evaluated at least annually.
No data is exchanged to servers outside of the EU area.
Comments
When you leave comments on the website we collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection.
Your comment and its metadata are retained indefinitely. This is so that any follow-up comments can be recognized and approved automatically instead of holding them in a moderation queue.
Cookies
We only store essential and functional cookies for the proper working of the website.
There are cookies for statistical purposes – Google Analytics – and these are based on your anonimised IP address.
We do not store any marketing or advertising cookies, nor social media pixels for any of them following you while on the website.
How long we retain your data
| Data elements | How long |
|---|---|
| Your name, emailaddress, country, profile picture, IP address, device and browser | As song as required for legal and tax purposes. It could be shorter, but by retaining it you will be remembered when you decide to come back and join again |
| Your purchase- and membershipdetails | As long as required for legal and tax purposes |
| Your comments and its metadata | Indefinite, unless you request for deletion |
How we protect your data
We have implemented many security measurements, including strong password enforcement, secret entrance (login masking), 2-steps verification to the administration area of the website, firewall and WAF.
Software updates are implemented within 24 hours after they become available.
What data breach procedures we have in place
Attempts to log in are logged and failed attempts are reported to us daily.
IP-addresses are added to blacklists after a predefined number of failed attempts to access the administration area of the website.
What rights you have over your data
You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You may request us to receive such an exported file, or to erase your personal data, through the contact or support form on this website.