Privacy and Cookies Policylast updated September 24, 2018
Your privacy is important to GBM Productions (“GBM”). By visiting and using this website or any GBM Media (defined below), you agree and consent to the following Privacy and Cookies Policy governing the collection and use of personally identifiable and other information by GBM.
In order for us to operate our business and provide services to you, it is sometimes necessary for us to collect or process information about you. Generally, this information will take one or more of the following forms:
- Information that you provide to us directly, such as in the situation where you complete a form or send us a message via our website;
- Information that is automatically sent to us by your computer’s internet browser when you visit our website, such as your computer’s technical address (or ‘IP address’) or information about which particular internet browser you are using and so on;
Privacy and Cookies Policy Changes
Although most changes are likely to be minor, we may change our Privacy and Cookies Policy from time to time, and in our sole discretion. We encourage visitors to check this page frequently for any changes to our Privacy and Cookies Policy. Your continued use of this site after any change in this Privacy and Cookies Policy will constitute your acceptance of such change.
Definition of ‘Personal Data’
Obvious examples of PII include your name, email address, mailing address, etc. Other types of information, such as your computer’s ‘IP’ address or broad geographical location do not, generally, allow us to identify you directly. However, because in their current form, European data privacy regulations are somewhat vague in this regard, we will cover the use of such data here as well.
Who We Share Data With
We operate on a ‘need to know’ basis for all data that we work with, and that is particularly true for any personal data. The only people/organizations that are granted access to personal data are:
- Web hosting technology suppliers (currently SiteGround) who provide the physical server infrastructure that this website operates on;
- Our payment gateway processor (currently Paypal) to process and complete payment transactions for orders;
- Our email service provider (currently MailChimp) to support subscription and contact forms, delivery of our newsletter, fulfillment of download requests, and polls/surveys;
- Our cloud storage provider (currently Dropbox) whose services we use for secure backup storage.
Occasionally, at our discretion, we may include, offer, or link to third-party products or services on our website (for example, Amazon products referenced in podcast episodes or blog posts, and Girls Behaving Metaphysically branded designs on Zazzle or elsewhere). We may also link to articles and other relevant content on third-party websites.
These third-party sites have separate and independent privacy policies. We, therefore, have no control, responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites. If you have any concerns, we encourage you to review the privacy policies of these websites.
We may occasionally embed content (e.g. videos, images, etc.) from third parties (e.g., YouTube). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How Your Data Is Protected
We take the security of personal data very seriously, and that data is protected in multiple ways:
- Access control: access to personal data is strictly limited in line with our policy detailed in the ‘who we share data with section’ on this page.
- Security software: We operate access control software on our website. This software is responsible for limiting login attempts to our site, blocking potentially malicious attempts to access our services, and regularly performing system scans.
- Data encryption: where data is stored in a cloud facility (for example, the storage of website backup files), that data is encrypted both ‘in transit’ and ‘at rest’ – meaning that all data is securely obscured both during the process of transfer to the cloud provider, and then additionally when it is in storage at its final location.
- Encrypted traffic: this website is secured with SSL encryption, which means that all traffic to and from our servers is encrypted. This applies to our own administrative access to the website as well as that of users of our services.
- Selection of third party service providers: we use a very limited number of third party service providers, but some are essential for the provision of physical hosting environments and cloud services. One of the core factors in the selection of such providers is their ability to provide secure systems and processes.
Your Data Rights
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
You can also request that we correct any incomplete or incorrect information held about you, or erase any personal data we hold about you altogether. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
In most circumstances, you can exercise these rights without paying a fee to us.
If you have any questions or concerns about the data we hold about you, we can be contacted via email at firstname.lastname@example.org.
Types of Data Collected
GBM may collect information from you when you voluntarily sign-up for e-mails or free information; register for a class, webinar, or other presentation; leave comments on this website or any related website or forum hosted on any platform by GBM (including but not limited to any GBM group or page on Facebook.com) (“GBM Media”); order a product or service; fill out any type of form; access private membership pages; or otherwise contact GBM via an online form or email. The information collected may include your name, e-mail address, address, phone number, and/or billing information. Your IP address is also collected in order to help spam detection.
By submitting your information via any form on our website, you confirm and give permission to process your personal data, including your name, email, the text of your comment, data captured in other form fields, and your IP address. Also, for security reasons and to protect this website from spam, your data will be processed in the CleanTalk Cloud Service and they will be stored in log files for 7 days. On the expiry of this period, they will be deleted from the CleanTalk Cloud Service completely. CleanTalk may use information of spam activity of IP/email addresses to offer proper anti-spam protection to all websites connected to its service. This concerns exclusively those IP/email addresses that are being used for spam mailing.
We will also store the information you provide to us in our website database, and/or in our customer relationship management (CRM) system. Such storage allows us to efficiently access your data and respond to your requests.
For the purpose of maintaining the integrity of our systems, we may also store this data in system backups, which are encrypted and held securely by our technology partner Dropbox.
We may use this information to contact you about other of our own services that we believe may be of genuine interest to you. We will not use this data for any further purpose without your express further consent, nor will we sell your information to any 3rd party.
If you do not submit information via an online form on the website, no data will be collected in this regard.
If we do not enter into a further contract or agreement with you, we will retain contact form submission data for a maximum of 24 months. Newsletter subscriptions (including those initiated via a request for a download from the website) will be maintained for up to 24 months following the last activity on a newsletter issue (e.g., open and/or click).
For some website functionality, we will need to create for you a user account that allows you to login to the site to ensure that only authorized individuals can access your data and that functionality.
Examples include when you make an online purchase via the site, or when you have a role in administering or contributing towards website content (such as a blog post author). The purpose of these user accounts is to protect your personal data behind login security, and to protect the integrity of our site and the servers that run it.
Data collected will generally involve your name and email address, but may include your mailing address if it is required for online purchases.
If you do not register for an online account then no such data will be collected in this regard.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Website visitors can download and extract location data from images on the website.
If you do not upload images to the website then no such data will be stored in this regard.
When visitors leave comments on the site, we collect the data shown in the comments form, as well as the visitor’s IP address and browser user agent string to help spam detection.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
Visitor comments may be checked through an automated spam detection service.
For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Email Marketing and Subscriptions
We require your consent to collect and use your personal data for subscriptions to our newsletter, to provide you with complimentary downloads offered throughout the site, and to add you to our marketing email list. This consent is supplied when you provide your personal information via forms on our site. We only collect certain data about you, as detailed in this Privacy and Cookies Policy. Please note that requests for complimentary downloads from our site also constitute requests to be added to our newsletter and email marketing list.
Newsletters, complimentary download links and email marketing messages are sent through MailChimp, our email marketing service (EMS) and customer relationship management (CRM) provider. An EMS is a third-party service provider of software/applications that allow marketers to send out email marketing campaigns to a list of users.
Emails sent via MailChimp may contain tracking beacons/tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P. addresses, opens, clicks, forwards, geographic and demographic data. Such data will show the activity each subscriber made for that email campaign.
We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences regarding the information we hold about you and the way we communicate with you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences.
We may hold the following information about you within our EMS/CRM system:
- Email address
- I.P. address
- Subscription date/time
- Phone Number
- The emails you’ve opened, read, clicked on and deleted, including dates/times
- The pages on our website you have visited, including dates/times
- Social media profiles
- Orders placed on our website
- Preferred email format
Technical Data (e.g., IP address)
When you visit our website, our systems will log a record of your visit in our server logs, and typically this record will include the technical ‘IP’ address that is associated with your device, and the browser type and version that you are using. By using this website, your IP address can be stored and processed for security reasons. Your IP address may be saved in the server log files, CMS log files, and CleanTalk Anti-Spam & Security log files. They can store and process your IP address.
Such server logs are extremely common practice, and are used to monitor technical resources, monitor high-level server activity, and to detect and prevent malicious or fraudulent activity on our systems. This data can also be used, if required, to diagnose reports of technical issues. The storage of IP addresses, allows us to identify patterns of behavior (for example, repeated malicious attempts to access a system).
IP addresses, in and of themselves, do not allow us in any way to identify you as an individual, especially given that it is very common for IP addresses to be dynamically allocated by your service provider. Therefore, this information will often routinely change.
We do not and will not use the content of server access logs to attempt to determine an identifiable individual. Therefore, we do not consider that data held within server logs falls within the scope of ‘personal data’, and accordingly we do not seek your consent to collect it.
Cookies and Similar Technologies
We have included cookies, web beacons and similar technologies in one section because they all perform similar functions even if, from a technical perspective, they work slightly differently.
All of these technologies allow us to better understand how users are using our website and other related services. They can also be an essential part of providing certain online functionality. They are all essentially small data files placed on your computer (or other device) that allow us to tell when you have visited a particular page, or performed a particular action (such as clicking a particular button) on our website.
These technologies are used by most websites as they provide useful insight into how services are being used, as well as improving speed, performance and security, and enabling us to improve our personalization of your experience.
There are several types of cookies:
- Session cookies expire at the end of your browser session and allow us to link your actions during that particular browser session.
- Persistent cookies are stored on your device in between browser sessions, allowing us to remember your preferences or actions across multiple visits.
- First-party cookies are set by the site you are visiting.
- Third-party cookies are set by a third-party site separate from the site you are visiting.
There are a number of ways that you can influence how cookies are used on your particular device. Most commercial browsers (such as Chrome, Edge, Firefox, Internet Explorer, Safari, etc.) allow you to set preferences for whether to allow or block website cookies.
They will also provide tools that allow you to remove any cookies that have already been set. Using the ‘Help’ functionality of your browser, or an internet search, will help you to understand how to use these features for your particular browser.
Additionally, we have incorporated specific cookie functionality on our website that allows you to easily indicate when you first visit the site whether or not you consent to having cookies be set on your device. Ironically, it is necessary for us to set cookies for this specific purpose in order for our site to remember your preference.
When you first visit our site, a cookie notification box will be displayed allowing you to choose whether to allow cookies or not. Only Essential cookies and those that do not contain/track any personal data will be set when you first visit our site.
Small graphic images (also known as “pixel tags” or “clear GIFs”) that may be included on our sites and services that typically work in conjunction with cookies to identify our users and user behavior.
Our uses of such technologies fall into the following general categories:
- Marketing Related. We may use first-party or third-party cookies and web beacons to deliver content, including ads relevant to your interests, on our sites or on third party sites. This includes using technologies to understand the usefulness to you of the advertisements and content that have been delivered to you, such as whether you have clicked on an advertisement.
The cookies currently in use on this site are as follows:
|apbct_*, ct_*, and ct_sfw_*||This group of essential cookies is set by CleanTalk, our firewall and spam protection service. They are set from back-end and contain information about current user. They are used to help us identify and prevent fraud and attempted unauthorized access to our systems.|
|apbct_cookies_test||This essential cookie is set by CleanTalk, our firewall and spam protection service. It is used to validate other cookies, so they can’t be spoofed.|
|comment_author, comment_author_email, comment_author_url, wpdiscuz_last_visit||These essential cookies are used to collect information related to comments and questions you post on our site.|
|_ga, _gat, _gid||These performance-related analytics cookies are set by Google Analytics|
|woocommerce_cart_hash, woocommerce_items_in_cart, wp_woocommerce_session||These essential cookies contain information related to your shopping cart and help us know when shopping cart data changes.|
|PHPSESSID||This essential cookie is a PHP Session ID.|
Manage Browser Cookie Settings
Through your browser settings, you can accept or decline cookies or set your browser to prompt you before accepting a cookie from the websites you visit. You should be aware that you may not be able to use all of our features if you set your browser to disable cookies entirely.
If you use different computers in different locations you will need to ensure that each browser is adjusted to suit your preferences.
You can delete any cookies that have been installed in the cookie folder of your browser. Various browsers provide different procedures to manage your cookie settings. Click on any of the links below for instructions.
If you are not using any of the above-listed browsers, then select “cookies” in the “Help” function of your browser for information on where to find your cookie folder.
You should also be aware that disabling cookies does not necessarily disable other types of analytics products which we may use to collect generic information about how you and other visitors use our website.
We use Google Analytics to better understand what content people look at on our website.
When people visit our site, information about their visit (such as which pages they look at, how long they spend on the site, etc.) is sent in an anonymous form to Google Analytics (which is controlled by Google).
The data contains information about anyone who uses our website from your computer, and there is no way to identify individuals from the data. Your IP address information is partially obscured during this process.
For further information of Google’s privacy practices and how this applies to Google analytics, please visit:
Other Google Services
In addition to Google Analytics, we use a number of industry-standard Google services to provide particular pieces of website content. These include:
- Google Fonts: We may use one or more of Google’s web fonts to ensure that our website content is displayed in a clear and consistent fashion across all of the different types of devices and browsers.
- Google Recaptcha: We may use Google’s Recaptcha service (which provides the ‘I Am Not A Robot’ functionality) on our contact and subscribe forms. This is a security measure to prevent the abuse of our contact forms by automated programs.
Each of these services involve our website making a connection to one or more Google servers, and may result in Google placing cookies on your device.
By using Google Fonts, we make a connection to the Google Fonts API and, unless your browser has already stored a copy of the font in use (by virtue of visiting another website that uses it), your browser will download a copy of that font. This all happens in near real time, and means that our website content will be displayed on your device in the way we had intended it, regardless of whether the particular font is installed on your device.
The Google Fonts API connection is unauthenticated, meaning that it will work regardless of whether you are logged into Google. It does not rely on cookies being sent to Google. Google may capture your device’s IP address as part of this process, and uses this data only in aggregate form to understand the popularity of individual fonts. More detail can be found on the Google Fonts FAQ page.
We use the Google Recaptcha (‘I Am Not A Robot’) functionality to prevent automated programs (or ‘bots’) abusing our contact forms with spam messages or other malicious activity.
Before submitting a contact form to us, you will be asked to check the ‘I Am Not A Robot’ checkbox. In the background, Google will perform a number of checks that are aimed at understanding the likelihood of your being a ‘real’ person, as opposed to an automated system. If it is in any doubt, it will ask you to perform one or more activities (such as identifying particular items within an image) that only a ‘real’ person can do.
The exact mechanism for this is a closely guarded Google secret, but it does involve Google checking your activity on our (and other) websites and the presence/absence of any Google cookies in place on your device.
Google Recaptcha enables us to maintain the security and integrity of our systems by minimizing spam, and to provide an efficient service to ‘real’ users.