Who we are
This website forms part of the services provided by Bondesio Communications & Consulting, which is solely owned by Michelle Bondesio.
The website address is: https://bondesio.com
Please direct enquiries to info at bondesio dot com
What personal data we collect and why we collect it
Comments
If/when enabled, when visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Comments are currently disabled on blog posts for this website.
If/when comments are enabled, we have Akismet anti-spam service active on our site. The information WordPress collects via Akismet typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Currently only administrators with designated permissions are able to upload images to this website.
Contact forms
If/when a contact form is activated on this site, it is via a third party contact form plugin (such as Sumo or Google forms). When you submit a contact form to us, your name and email address is captured as well as the reason for your enquiry. This is used for follow up customer services purposes only, we do not use this information for marketing purposes. If the follow up does not lead to further or ongoing collaboration, your information is removed.
There is no contact form currently enabled on this site.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Links and embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
This site may contain links to third party websites, including social media features such as Instagram (privacy), LinkedIn, or Twitter ‘follow’ or ‘sharing’ buttons. We are not responsible for the privacy practices or content of any linked sites. They may collect personally identifiable information from you that is not subject to our control. The data collection practices of these sites will be governed by that site’s privacy policy, viewable via the above links.
Analytics
By default WordPress doesn’t collect analytics data. To determine regions our users come from, and how users interact with the website, we use Google Analytics and a Google Analytics Plugin
This tracking information is anonymous but you have the option of opting out of analytics tracking. To find out more about Google’s use of cookies and collection and use of information, review the documentation on these two pages for Google’s Policy on Privacy. To opt out of Google Analytics, please visit the Google Analytics Opt-Out Page to learn about opting out and installing the appropriate browser add-on.
The Google Analytics plugin is provided by Exactmetrics and their privacy policy can be found here.
We track broad website usage information, but your selection of the “Do Not Track” option provided by your browser may not have any effect on our collection of certain information. To completely “opt out” of the collection of information through cookies or other tracking technologies, you need to actively manage the settings on your browser to delete and disable cookies and other tracking/recording tools. However, not all tracking technologies can be controlled by browsers. As such, a setting may be effective for one purpose, but data may still be collected for another. Even if one website observes a “Do Not Track” signal, that website may not be able to control other websites.
Who we share your data with
By default WordPress doesn’t share any personal data with anyone.
We do not currently capture payments or payment details via the site.
Any data gathered via this website is used by Bondesio Communications & Consulting for the express purposes of running their business and engaging with clients and website members. We do however engage with third party suppliers and use plugins on the site, which may capture data as part of the way that they work.
Our hosting provider is Hetzner. They are based in South Africa and our website is hosted on a shared but private platform with the required level of security in place. For more information on Hetzner’s GDPR compliance, please see their terms and privacy policy.
Other third party providers we use in relation to this website:
Backups with Updraft Plus, SEO by Yoast, security by Akismet and Wordfence, and Mailchimp and Sumo for sign up and contact forms (when active).
Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.
Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.
Visitor comments are checked through an automated spam detection service called Akismet .
How long we retain your data
We retain analytics records for 12 months.
If/when contact forms are enabled, we retain personal data collected or processed via the website for 6 months.
If at any point a payment service is enabled on the site, we will retain customer purchase records for 10 years, in line with HMRC requirements for accounting purposes.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Your data may transfer out of the EU to the United Kingdom as the business currently operates from the UK. Your data may be sent to South Africa and to the USA, as some of our website support services are based in these countries. These third parties (all mentioned above) are up-to-date with their GDPR compliance, so your data is safeguarded to European data protection standards.
Your contact information
For privacy-specific enquiries or concerns, please contact Michelle Bondesio at Bondesio Communications and Consulting via info at bondesio dot com
Additional information
How we protect your data
We have SSL encryption activated on this website and use Wordfence to monitor the safety and security of our site and the data stored on it. User information is stored either directly on the WordPress site, or with Mailchimp (who have their own security in place) or on an excel document saved on a secure, password protected company hard drive which cannot be accessed by third parties and which is regularly scanned for Malware threats. We have carried out a 12-step Privacy Impact Assessment to ascertain and address potential risks in relation to GDPR, and to ensure we have the correct procedures in place.
What data breach procedures we have in place.
Should there be a potential or real data breach, upon becoming aware of such an occurrence, we will immediately notify potential users who’s data may be at risk, via email. We will take the necessary steps to upgrade our data protection, improve our security further, including deleting user information if required.
What third parties we receive data from
We do not have advertising on the site, but because we engage with third party suppliers in relation to the running of the site, we may receive data from them as part of the way they run their services.
What automated decision making and/or profiling we do with user data
We don’t employ automated decision making and/or profiling on this website. We do make human-based decisions based on the data provided by our analytics providers.
Industry regulatory disclosure requirements
None required at this time.
