Privacy Policy

Who we are

Contact name: Peter Berrisford (Healthy Working Life)

Email: [email protected]

Primary website address: https://healthyworking.life.

Other domains pointing to this primary address are: healthyworkinglife.co.uk, healthyworkinglife.com, healthyworkinglife.uk.

As described on the About page, my name is Peter Berrisford and this website forms the primary platform for operation of my “Healthy Working Life” social enterprise.

Page last updated: December 2022

Purpose of this Notice

The purpose of this document is to explain what user data is collected and how personal data is processed on the Healthy Working Life website and on integrated platforms. It has two key aims: to promote transparency and to give individuals more control over the way their data is collected and used.

Terminology

The website’ (or ‘site’) referred to on this page is the Healthy Working Life website, as accessed via any of the domains listed above.

The terms ‘visitor’ and ‘user’ are used interchangeably in this document, referring to the person browsing the website on a ‘device’, which may a desktop PC, a laptop, a tablet or a smartphone, i.e. any device that may be used to browse websites via the internet.

An ‘account holder’, or ‘registered user’, is a user who has registered on the website, a pre-requisite for being able to post comments or hold a membership. An account holder will be assigned a unique ‘username’. This username may not be changed, but the user may update the email address associated with their account. The account holder may also specify a ‘display name’, which will be the name displayed as the author of any comments left by that user.

A ’subscriber’ is a user who has subscribed to the Healthy Working Life Newsletter via the Subscribe Now form (see the Newsletter Subscription section). A ‘contact’ is a user entry on the Sendinblue platform, used to manage email communication (see the Sendinblue section).

A ‘member’ is an account holder who holds a current ‘membership plan’, granting them access to member-only content and benefits on the website. Membership may be obtained via purchasing a Membership Subscription (a ‘Subscribed Member’) or by being configured as a ‘Supporter Member’ by a website administrator, either as a reward for donations pledged to a crowdfunding project or as part of a collaborative project developing new resources. A Support Membership will be offered as a reward for a ‘backer’ making a funding ‘pledge’ against an active crowdfunding project, with the duration of this ‘Reward Membership’ membership varying based upon the pledge amount.

The term ‘session’ refers to a visitor's time browsing a web site. It is meant to represent the time between a visitor's first arrival at a page on the site and the time they stop using the site. A session will typically ‘time out’ after a period of 30 minutes of inactivity.

Finally, this document is in fact a Privacy Notice, rather than a Privacy Policy.

Privacy notices are publicly accessible documents produced for ‘data subjects’ (users of the website), whereas privacy policies are internal documents intended to explain to employees their responsibilities for ensuring General Data Protection Regulation (GDPR) compliance.

However, the vast majority of organisations appear to go with the ‘Policy’ nomenclature, so I’ve decided to be pragmatic and run with the herd in this instance.

Comments

Comments may only be submitted by a logged in, registered user (see the User Registration section). Articles published on the website will typically allow comments to be posted (in a Comments section at the end of the post) for a period of six months following initial publication. The first time a user leaves a comment, the comment will not be visible to other users until the comment has been approved by a website administrator.

When visitors leave comments on the site, in addition to collecting the data shown in the comments form (username / display name, date/timestamp, comment text) and the author’s email address, the visitor’s IP address and browser user agent string are recorded to help spam detection. This data is stored in the website database and no data is stored locally on the user’s device.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Newsletter Subscription

A ‘Subscribe Now’ form is available towards the bottom of most of the ‘static’ site pages. This form allows a user to subscribe to a (usually monthly) newsletter, providing updates on recent posts, forthcoming resources or events.

The email address is mandatory (obviously); if supplied, the first name and last name may be used for personalisation purposes. The supplied data is not actually stored in the website’s underlying database – it is sent to the Sendinblue Email Marketing platform via an API (Application Programming Interface) call and a new Contact entry is created in a Subscriber Contact List. See the Sendinblue section for further information.

Note that:

  • All newsletters contain an unsubscribe link, though of course I can’t imagine anyone wishing to use that.
  • Contact details are correlated via the email address, such that there should only ever be a single Contact entry per person. The intent is to prevent the same person receiving multiple copies of communication.
  • When a Subscriber unsubscribes, their Sendinblue Contact entry is removed from the Subscriber Contact list. However, the contact details are retained along with a record of any communication.
  • Any ex-Subscriber who wishes all trace of their existence to be removed may submit a request to be forgotten. This is covered under the Your Data Rights section.

If a Newsletter Subscriber becomes a site member then they will receive the Member Newsletter instead.

The Website Contact Form

When a message is submitted to Healthy Working Life via the Contact Form, the message is viewable by a website administrator via the website admin dashboard. The email address and message are mandatory, but the user may also opt to provide their name.

An administrator may add notes to the query, in support of processing the user’s query. The administrator has the option of emailing a note to the email address provided with the query – this is the method used to respond to the submitted queries. All data supplied by the user, plus any notes added to the query, are retained indefinitely on the website database.

A copy of the user’s query is also emailed to [email protected], in order to notify a website administrator that a support request has been received and enable a swift response. This email will be retained on the email servers (GoDaddy and Sendinblue).

If the specified email address matches an existing contact within the Sendinblue CRM then a record of this communication and follow-up responses may be added to this Contact entry, in order to enable better service provision. If provided, the name may be used to update the Contact entry – this data is used for personalisation purposes and potentially to support data de-duplication activities.

User Registration

Website users need to hold an account in order to post comments or hold a membership. When a user registers for a Healthy Working Life website account, the following data is collected or assigned:

  • A unique, immutable identifier, assigned automatically when the user registers: username (login name)
  • Data editable by a user in their My Account section, or by an administrator: first name, last name, display name, email address, login password
  • Date of registration

This data is stored within the website database. All changes to the user’s data are recorded in audit logs, viewable by website administrators. An email notification may be sent to an administrator email address upon user login, to facilitate website monitoring during the business launch phases. Security event log entries and notification emails include the user’s IP address.

A contact entry will be maintained on the Sendinblue CRM platform for the registered user for business administration purposes, as well as for email marketing purposes if the user has opted to receive newsletters. The following data is captured: current email address, username, first name, last name. The contact will not automatically be added to a newsletter contact list, but will be merged with any existing contact entry based upon email address.

Note that a registered user may supply a billing address and / or a shipping address within the My Account section. However, this is completely optional until such time as paid subscriptions are made available. The shipping address will not be required at any point, as all products will be ‘virtual’.

Membership

In order to access member-only content on the Healthy Working Life website, it is necessary for a user to hold a current membership. As at the time of website launch in January 2022, the only type of membership available is a Supporter Membership. This is configured by a website administrator using the data provided by either:

  • A crowdfunding backer, where they have opted to receive a Membership Reward in exchange for a pledge on the crowdfunding platform;
  • A third-party individual or organisation who are actively collaborating with Healthy Working Life on development of resources and who have opted to receive a membership.

Where agreed between all relevant parties, the name and / or logo of a backer or collaborator (individual or organisation) may be included in a publicly viewable Sponsorship and Collaboration section on the website.

Before the membership can be configured by an administrator, the backer (or collaborator) must create a website user account (see the User Registration section), unless already registered. A record of the membership is maintained within the website database (stored data: Membership Plan type, Status, Commencement date, Expiry date, plus any notes added by an administrator).

The current membership status is used to map the user’s Contact entry on the Sendinblue platform to the correct Contact List. By default, a Supporter Member will be configured to receive the Member version of the Healthy Working Life Newsletter as this is a standard part of the membership. If the Newsletter Unsubscribe link is used to indicate that the member no longer wishes to receive the Newsletter then the Contact is removed from the Newsletter Contact Lists. Upon expiry or cancellation of a membership, the Contact will be moved to the general newsletter contact list, if they were receiving the Member newsletter at the time of expiry.

The User has the ability to cancel their Supporter membership via My Account > My Membership > Manage (though I’m not sure why a user would remove their own member-level access – membership via paid subscription is managed via the subscription).

A website administrator may add notes to a user’s membership, with the option to notify the user (if the note does not purely relate to internal administrative processes). The notified Membership Notes may be viewed by the user via My Account > My Membership > Notes. As described in the Your Data Rights section, an export of all held data may be requested by a user.

Membership Subscription

This section of the Privacy Notice will be updated prior to the Membership Subscription functionality being enabled on the website.

Email communication

All outbound email communication, including all newsletter emails and transactional emails, are sent via the Sendinblue SMTP relay service. Where there is a match on email address, a record of all email traffic is maintained against the associated contact. This means that emails are held on the GoDaddy and Sendinblue email servers.

Any inbound email communication to any “*@healthyworking.life” email address will be retained indefinitely on the GoDaddy and Sendinblue email servers. Where the sender email address matches an existing contact on the Sendinblue CRM platform, the email may be attached to the matching contact, thus enabling more efficient and effective customer management.

Note that a local copy of the email may exist temporarily on an administrator’s smart phone, where this is used to review incoming email communication. Access to this device is controlled via biometric authentication.

Media

While it is not currently possible for users to upload images to the website via the front-end, this section ‘future-proofs’ the capability. Any user who uploads images to the website should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Cookies

Firstly, what is a cookie? Website cookies are small text files that are used to store information, enabling the website to remember a user’s actions and preferences. They are passed between a website ‘server’ and the user’s web browser. The browser stores the cookie files on the device on which the browser is running.

From a regulatory perspective, companies or websites are allowed to process user data as long as they receive consent. While writing this Privacy Notice, I consumed a few chocolate chip cookies; this information is accurate, but isn’t strictly necessary, fulfilling a ‘humour’ role. In a similar manner, website cookies can be classified according to their role. Cookies classified as strictly necessary may be used without user consent, but permission is required to use all other cookies. As described under Cookies, the GDPR, and the ePrivacy Directive, a cookie’s purpose may fall into different categories:

Strictly necessary cookies (Basic Operations)

These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. The cookies described in the table below that enable the use of the shopping cart to purchase a membership subscription are an example of strictly necessary cookies. While it is not necessary to obtain consent for these cookies, it is good practice to document what cookies are used and why (hence the table below).

Preference cookies (Content Personalisation)

Also known as “functionality cookies”, these cookies allow a website to remember choices you have made in the past.

Statistics cookies (Site Optimisation)

Also known as “performance cookies”, these cookies collect information about how you use a website, like which pages you visited and which links you clicked on. None of this information can be used to identify you. It is all aggregated and, therefore, anonymized. The sole purpose is to enable improvement of website functions and content. This includes cookies from third-party analytics services as long as the cookies are for the exclusive use of the owner of the website visited.

Marketing cookies (Ad Personalisation)

These cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad. These cookies can share that information with other organizations or advertisers. These are persistent cookies and almost always of third-party provenance.

Note that the category names in the brackets above map to the categorisation scheme used by the Healthy Working Life website Cookie Compliance banner – the one you use to confirm the cookie ‘access level’ you consent to when viewing this site.

The Healthy Working Life website does not employ third-party advertising, so I would not expect to see any cookies that fall under the marketing classification. Given the silver, gold and platinum levels of consent employed by the website’s Cookie Compliance banner, this means that selecting the Gold or Platinum consent levels should result in the same outcome. This Privacy Notice will be updated if I decide for some obscure reason to introduce third-party advertising to this site.

A Table of Cookies

The table below identifies all cookies that I am aware of that may be employed by the Healthy Working Life website. A quick aside to those members of my audience who actually read the detailed information held in Privacy Notices and Cookie policies: please contact me if you identify any cookies not documented in this table so that I can ensure that it is complete and accurate.

At the risk of information overload for those visitors who may not be IT professionals or techie fans, cookies may also be classified as either:

  • Session cookies – These cookies are temporary and expire once you close your browser (or once your session ends), or
  • Persistent cookies — This category encompasses all cookies that remain on your device until you erase them or your browser does, depending on the cookie’s expiration date. All persistent cookies have an expiration date written into their code, but their duration can vary. According to the ePrivacy Directive, they should not last longer than 12 months, but in practice, they could remain on your device much longer if you do not take action.

As reflected in the table below, several cookies are created when you log in, to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks (implemented via a session token held in the website database). If you log out of your account, the login cookies will be removed.

The listed cookies reflect the actual cookies created across multiple testing sessions using a range of web browsers .

Cookie name Purpose / Comment
_tccl_visit Statistics (GoDaddy)
_tccl_visitor Statistics (GoDaddy)
cookie_notice_accepted Boolean value indicating whether consent has been granted
email_id Value is email address of last logged-in user on that browser
hu-consent Records details about the selected consent level and about any blocked cookies or services
hu-session Cookie consent details
session_id Identifier used for session management for logged-in user
tk_ai WooCommerce Statistics. Normally used within the admin dashboard area for usage tracking
woocommerce_cart_hash Helps WooCommerce determine when cart contents/data changes.
woocommerce_items_in_cart Helps WooCommerce determine when cart contents/data changes.
wordpress_logged_in_* Stores information about the logged-in user, enabling web pages to display appropriately for that user
wordpress_sec_* Only seen in one testing session – current hypothesis is that it is created for enhanced security in specific circumstances
wordpress_test_cookie WordPress sets this cookie when you navigate to the login page. The cookie contains no personal data. It is used to check whether your web browser is set to allow, or reject cookies.

wp-settings-*,

wp-settings-time-*

Stores user preferences, enabling view customisation (normally applies to the admin interface)
wp_woocommerce_session_* Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.

Sending and Sharing your data

This section features a brief look at where we send your data and who we share your data with.

Visitor comments may be checked through an automated spam detection service.

As discussed in the relevant sections of this document, user data as captured or updated via the Healthy Working Life website may be forwarded or copied to the Sendinblue platform.

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

By default, and unless stated otherwise in other sections of this Privacy Notice, all user data and associated metadata is retained indefinitely. This includes:

  • Comments left by a user – the comment and its metadata are retained indefinitely so that any follow-up comments can be recognized and approved automatically instead of being held in a moderation queue
  • Queries submitted by a user via the Contact form, plus any related communication and administrative notes associated with the query
  • Personal information provided by a registered user and maintained in their user profile. Users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
  • Membership data relating to all periods of membership. Membership details can be viewed in the user’s My Account section of the website when logged in and by website administrators.
  • Product purchase data, including Membership Subscriptions. This section will be updated to document the handling of financial transaction data once a payment gateway has been enabled.
  • User event metadata, such as successful / unsuccessful login attempts and personal data updates, as recorded in security audit logs. Note that the visitor’s IP address and browser user agent string are recorded for such events.
  • Email communication
  • User data held on the Sendinblue CRM / Email Marketing platform

As and when the decision is made to commence deletion of certain types of data after a specified period of time, this Privacy Notice will be updated to reflect this change.

What rights you have over your data

If you have an account on this site, you can request to receive an exported copy of the personal data we hold about you, including any data you have provided to us; a copy of data held in the corresponding Contact entry on the Sendinblue platform will also be provided.

You may also ask us to:

  • Rectify any personal information you think is inaccurate
  • Request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at [email protected] if you wish to make a request.

How and why am I using the Sendinblue platform?

Healthy Working Life holds an account on the Sendinblue platform, providing the following services:

  • A Customer Relationship Management (CRM) solution
  • An Email Management solution
    • Newsletters are distributed via email to subscribed contacts based upon the contact lists they are assigned to
    • All email communication with users, subscribers and members is via the Sendinblue SMTP service
  • Automated integration points for:
    • The website Subscribe Now newsletter subscription capability
    • Website user account / contact creation and account transactions.

Personal data processing operations

The processing carried out by Sendinblue on behalf of Healthy Working Life is described below:

  • Storage of contact lists
  • Sending messages by email or SMS, whether automated or not
  • Retention and analysis of email deliverability data
  • Retargeting display
  • Collection of unsubscription requests and User information affected
  • Collection of consents.

Further information on how Sendinblue complies with GDPR requirements can be found in their GDPR Compliance documentation.

Note that email deliverability data is used to understand the level of user engagement with the newsletters they are receiving. ‘Unengaged’ users (where newsletter emails are consistently not being opened) will automatically be identified and will lead to removal of the user from the Newsletter Contact List. An email will typically be sent to the user before they are removed from the distribution list to confirm whether they wish to continue receiving the newsletters.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at [email protected].

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:           

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk