Since Bluebill Advisors Inc. businesses do not sell consumer’s personal information they are not covered by CCPA, California’s Consumer Privacy Act of 2018. See CCPA Section 1798.140 for information on which businesses are covered. However, because of our existing level of conformance with GDPR, we already have policies in place that protect consumer’s personal data and, in effect, support the basic rights required by CCPA. We intend to add any policies necessary to fully support CCPA.
What information do we collect and what do we do with it?
We collect the name and email address information of our email newsletter subscribers from a subscription form on our websites. We also collect name and email information from visitors to our site who are enquiring about our products or services.
Our newsletter subscribers and website visitors may also provide additional information such as their professional title, organization, professional interests, and additional contact information such as work address, phone number, and social media handles. None of this additional information is required, and all of it can be changed directly, or deleted, by subscribers and registered visitors at any time via a direct link in every email newsletter, or via the website. They can also request that we change or delete the information for them by contacting us via email, web site contact form, telephone, or postal mail.
We do not collect any sensitive personal data that GDPR considers “special categories of personal data” in Article 9.
All personal information is being collected to communicate with, deliver, and improve our products and services to our customers.
- We do not work with ad exchanges.
- We do not share personal data with third parties.
- We do not purchase or collect personal data from third parties.
- We do not use third party authentication from Facebook, Google, Twitter, or others, so neither they nor their advertisers receive any data from us when registering on our websites.
None of our businesses depend on advertising revenue. We occasionally publish content that is sponsored, including paid banner ads, when we do it is always prominently identified as “sponsored”. Our Editorial Policy is here.
Tracking & Cookies
- We do not sell or share this data.
- We do not track customer, subscriber, or website visitor activity on other websites they visit.
- On our site https:gilbane.com there are two active trackers: Google Analytics, and Google Tag Manager. Both are used only by us for product research and quality control.
We limit second and third party tracking on our websites, and have started replacing services and plugins on our website that don’t comply with GDPR. Relevant applications and plugins we use are listed in the GDPR Processors section below. You can use a browser extension, such as Ghostery, to see what trackers are active on our (or any) website.
We do not yet claim 100% compliance with GDPR, but we do support all the basic privacy rights and will be updating our policy as we become more familiar with how the regulations apply to our business. In the meantime we are incorporating some of the terminology of the GDPR as we understand it to make it as easy as possible for our European customers, subscribers, and website visitors to see where we do comply. See below for information about our GDPR Controller, and Processors.
Bluebill Advisors Inc is the GDPR Controller for personal data processing of https://gilbane.com, https://bluebillinc.com, and the The Gilbane Advisor email newsletter. Bluebill Advisors Inc. controls the websites and databases where personal data is secured. Processors who have access to our data are described below.
Information Today Inc. is the GDPR Controller for personal data processing for the “Gilbane Conference”, http://gilbaneconference.com, and the Digital Experience Conference. See http://www.infotoday.com/privacy.shtml.
Bluebill Advisors Inc was a GDPR Processor of a subset of the personal data controlled by Information Today Inc for the Gilbane Conference until July 2019. This subset included personal contact data of Gilbane Conference speakers or individuals applying to speak at the Gilbane Conference. In GDPR terms, we understand this subset to be considered second party data. In W3C Do Not Track terms this subset might be considered as joint first party data.
Processors of personal data controlled by Bluebill Advisors Inc, with links to their privacy policies or GDPR compliance information are listed below. Many of them are still adding GDPR compliance features, and we will continue to test and integrate them:
- Campaign Monitor (email list manager), https://www.campaignmonitor.com/trust/gdpr-compliance/
- Google analytics**, https://www.google.com/analytics/terms/dpa/dataprocessingamendment_20160909.html
- WordPress, https://wordpress.org/news/2018/04/gdpr-compliance-tools-in-wordpress/
- WPForms, https://wpforms.com/introducing-new-gdpr-enhancements-for-your-wordpress-forms/
- Sassy Social Share, http://support.heateor.com/gdpr-and-our-plugins/
- Luxsci (our ISP), https://luxsci.com/blog/gdpr-luxsci-privacy-policy-and-terms-and-conditions-changes.html
- iThemes, (security and backup), https://ithemes.com/privacy-policy/
** Google Tag Manager also shows up as a tracker on our site, but we only use it for basic Google Analytics – Google now prefers this method for configuring Google Analytics accounts.
Our sites have security measures in place to protect the loss, misuse, and alteration of the information under our control. We use encryption (HTTPS/TLS) to protect data transmitted to and from our site. Logging into to our sites requires two-factor authentication, and we use continually updated security software that monitors our sites and databases and protects against malware and data breaches. Of course no data transmission over the Internet is 100% secure.
Opt-Out of emails, deletion of personal data, and questions
There is a link in every email message subscribers can use to opt-out of receiving future emails from us, or edit their preferences and profile at any time. Subscribers can also request changes, request that their personal data be deleted, or request information about what data about them we have. To make a request or if you have any questions about this privacy statement, please contact us.