Privacy Policy

Introduction
1. Information you submit to this website will not be resold or used for any purpose other than specified – for example, providing you a free subscription to The Light Withdrawn newsletter. We will not disclose your personal information to third parties for their direct marketing purposes. We are committed to safeguarding the privacy of our website visitors and will protect the privacy of your name, email address, mailing address, or any other personal information you submit.
2. This policy applies to the personal data of all persons who visit our website. We will maintain exclusive control over the purposes and means of processing any personal data.
3. Our website incorporates privacy controls. When signing up for the newsletter, you can specify whether you would like to receive direct communications updating you on items of interest related to the book.
4. We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website services, we will ask you to consent to our use of cookies when you first visit our website.
About Personal Data
1. 1. When you provide us information enabling us to get in touch with you (“contact data”), we will process that data for purposes of fulfilling our obligation to you (for example, providing you The Light Withdrawn newsletter). Whether the contact data you provide includes your name, email address, telephone number, mailing address and/or social media account identifiers, we will protect the privacy of that information while processing it for the purposes stated on our website. We will never resell it.
  2. Information in or relating to any communication you send us, or that we send you (“communication data”), may include metadata. For example, our website will generate the metadata associated with communications made using the website contact forms. We will process that information subject to all of the privacy protections documented in this policy.
  3. We will maintain and process data documenting our delivery of information to you at your request (for example, The Light Withdrawn newsletter) (“commercial data”).
  4. We may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of this usage data is Google Analytics.
  5. We encourage you not to provide us with sensitive personal information of any kind. Even if you do, we will delete it as soon as practicable upon receipt and never store such information about you. We do not sell any merchandise on this website, so there is never reason to provide us with financial information, debit or credit card numbers, security or access codes, passwords or other credentials. We will never ask for, collect, or store this or other similarly sensitive information about you including your personal preferences, characteristics, behaviors, and attitudes, or any inferences from that sort of information; information about any legally protected classifications to which you may belong, such as your gender; or information about your religious or philosophical beliefs. Again, we strongly urge you not to provide such information in the first place.
Legal Basis for, and Purposes of, Our Data Processing
1. We may process contact, communication, commercial, and usage data that may contain ct information (name, email(“personal data”) for the purposes of operating our website, fulfilling user requests for newsletters and other information, and communicating with you and other users (excluding communicating for the purposes of direct marketing). The legal basis for this processing of personal data is the proper administration of our website and the provision of services to users.
2. We may process personal data for the purposes of maintaining the security of data on our website, fraud prevention, risk management, and general record keeping. In addition, we may do so for purposes of researching and analysing the use of our website and services. The legal basis for this is the website’s legitimate interest in ensuring that we have access to all the information needed to properly and efficiently operate it in accordance with this policy.
3. We may process personal data if necessary for compliance with a legal obligation to which we are subject or in order to protect your vital interests or the vital interests of another natural person or to establish, exercise or defend legal claims. The legal basis for this processing is our legitimate interest in protecting and asserting your legal rights, our legal rights, and the legal rights of others.
Protecting Your Personal Data from Access by Others
1. We will never sell your personal data to third parties or use it for any purpose other than specified in this policy. Consistent with this, the following are the only reasons your personal data may be provided to a third party. We may provide aggregate (non-personally identifiable) personal data to our insurers or professional advisers in the event it becomes necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. In addition, personal data in our website database will be stored on the servers of our hosting and website maintenance providers.
Compliance with U.S. and International law
1. Certain U.S. jurisdictions, including California, have privacy and data protection laws with which we comply. If you live in California, you are protected by the provisions of the California Consumer Privacy Act of 2018 (“CCPA”) and California Privacy Rights Act of 2020 (“CPRA”) If you live in the United Kingdom, you are protected by the Data Protection Act 2018. If you live within the European Economic Area (EEA), you are protected by the the General Data Protection Regulation (GDPR) of the European Union.
2. The hosting and data processing for our website is done in Washington State in the United States. The competent data protection authorities have made an adequacy determination with respect to the data protection laws of the United States. If you reside outside of Washington State, or outside of the United States, including within the EEA, any personal data you submit will instantly be transmitted to Washington State for processing and reside on servers there. Data transfers to Washington State will be protected by appropriate safeguards including the use of standard data protection agreements adopted or approved by the competent data protection authorities.
3. You should be aware that, despite our following best practices for website security and adhering to the provisions of this Privacy Policy, any data transmitted over the internet is potentially vulnerable to outside criminal attacks, the nature of which are constantly evolving. There can be no assurance that personal data you submit to our website via the internet will not be intercepted by bad actors. Such criminal elements may be located anywhere in the world.
Personal Data Retention Policies and Procedures
1. Our data retention policies and procedures help ensure that we comply with our legal obligations relating to the retention and deletion of personal data. Personal data we process for any purpose will not be kept longer than is necessary for that purpose.
2. We retain contact data for a minimum of six months following the date of the most recent contact between you and us, and for a maximum period of three years following that date.
3. We retain account data for a minimum of one week following the date you voluntarily close your account, and for a maximum period of sixty days following that date.
4. We retain transaction data for as long as your account is open. Once you voluntarily close your account, your transaction data will be retained for a minimum of 24 hours following the date you voluntarily close your account, and for a maximum period of sixty days following that date.
5. We retain communication data for a minimum period of 24 hours following the date of the communication. We may retain communication data for as long as your account is open. Once you voluntarily close your account, your communication data will be retained for a minimum of 24 hours following the date you voluntarily close your account, and for a maximum period of sixty days following that date.
6. We retain usage data for a minimum period of one year and a maximum period of 26 months.
7. We may retain your personal data for shorter or longer periods than specified above where it is necessary for compliance with a legal obligation, or in order to protect your vital interests or the vital interests of another natural person.
Your Rights Under this Policy
1. You have the right to access copies of your personal data by requesting it in writing. You can ask us to correct any inaccurate personal data or to complete any incomplete personal data. You can ask us to delete your personal data at any time.
2. You can object to our processing your personal data or to opt-out of the sharing of your personal data as described in the Privacy Policy. You can also ask us to restrict the processing and use of your personal data to only that use that is necessary to perform the services or provide the goods requested you requested.
3. You can ask that we transfer your personal data to you, or to a third party you direct.
4. You can lodge a complaint about our processing of your personal data with any competent supervisory authority, and to the extent that the legal basis for our processing your personal data is your consent, you can withdraw that consent.
5. California residents have the right to access to, disclosure of, and portability of their personal information. These rights permit you to request, twice during a twelve-month period, information about the personal information we have collected about you for the time period from the date of your request to the inception of this website. Much of this information is already provided in the Privacy Policy (for example, we will never sell your personal information to third parties). The information you may request includes the categories of sources from which we collected the personal information, the business or commercial purpose for which we collected or sold the personal information; the categories of third parties with whom we shared the personal information; the categories of personal information that we sold or disclosed for a business purpose; the categories of third parties to whom we sold or disclosed personal information for a business purpose; the specific pieces of personal information we obtained from you (in a format that is easily understandable and machine-readable, unless technically infeasible). You may also designate an agent to make requests to exercise your rights under California law. We will take steps both to verify the identity of the person seeking to exercise your rights as listed above, and to verify that your agent has been authorized to make a request on your behalf through providing us with a signed written authorization or a copy of a power of attorney.
6. If we are unable to complete your requests fully, we will provide you additional information about the reasons we could not comply with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
7. For more information about your rights, including under the laws of California and the European Union, consult the websites of the State of California Department of Justice, the European Data Protection Board, and the Information Commissioner’s Office (UK).
Cookies Used on Our Website
1. We use cookies – small text files stored on your web browser – to identify you when you visit our website and as you navigate our website. Cookies may be either “persistent” or “session.” A persistent cookie is stored on your browser and remains valid until its set expiration date, or until you choose to delete it (which you can do at any time). A session cookie expires at the end of your visit to our website, when your web browser is closed.
2. The cookies we use do not contain any information that personally identifies you. The information stored in cookies can be used in conjunction with the personal data we store about you on our servers.
3. We use Google Analytics, which gathers information about the use of our website and uses cookies for this purpose. We use the information gathered by Google Analytics to create reports about the use of our website. You can find out more about Google’s use of information here and here.
4. Most browsers allow you to refuse to accept cookies in the first place, as well as to delete cookies once received. The methods for doing so vary from browser to browser and from version to version. For up-to-date information about managing cookies, check the support website for your browser. Please be aware that blocking all cookies will have a negative impact upon the usability of this website.
Updates and Questions
1. You should check this page occasionally for updates to this policy, which will adapt continuously to reflect any changes in applicable laws and regulations. You may contact us at any time with questions, using the contact page on this website. We are committed to making your use of our website a thoroughly pleasant, educational, safe, and secure experience.