Who are we?
Our website address is: https://thesunsetplan.com
We want to provide clear and transparent privacy guidelines as to how data is used. As a user of The Sunset Plan, it is important that you know how we use and share your data, and how you can control what happens to information you share with us.
Please also see our Terms and Conditions for further information.
In this Privacy Statement, we will use the shorthand “the Site” to mean all digital content at https://thesunsetplan.com website, its sub-domains, and mobile accessible information.
What personal data we collect and why we collect it
The site will record and store your personal information (name, email address) since we have a ‘legitimate interest’ to do so, to enable us to provide you with our services. This is our legal justification for processing your personal data.
We will try to minimise the amount of data we collect. Many details are optional – you don’t have to tell us anything that you don’t want to. We only collect your name and email address when completing the ‘Contact Us’ form.
We will use the data from the site to improve our services. This includes usage statistics, analysis and evaluation of how our members use the site and how they benefit from it. The results and findings from these may be shared internally at the site, with our stakeholders, or with the general public. None of your identifiable personal information will ever be shared without your prior written consent.
Click here to find out more about GDPR regulations in the UK.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
After approval of your comment, your profile picture is visible to the public in the context of your comment. If there is anything you are not comfortable sharing on the Comments sections of the website, you should not include it in questions or comments to blog posts or social media posts.
When comments are received on blog posts or social media linked accounts, they are held for moderation and approved at the site’s discretion. Please note the site reserves the right to decline to publish any comments.
If you upload images to the site or associated social media channels, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
When you contact us via a contact form, you will be asked to provide your email address. This will allow us, if necessary, to contact you via email. We will not use your personal information for any purpose besides contacting you regarding your query. You are able to use the form anonymously but we will be unable to respond to your query.
If you leave a comment on our site, you may opt in to saving your name, email address and website in cookies. These are for your convenience so you do not have to fill these details in again. The cookies will last for one year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
The site uses Google Analytics and other tracking tools to collect data, anonymously, that cannot be used to identify you personally but allows us to improve the website, deliver relevant content and have an overview of audience demographics for marketing purposes.
Google Analytics will capture your IP address, but no other personal information is captured. You can opt out of Google Analytics here.
Website Back Ups
The site has a backup that runs daily. A website backup creates a copy of all of the information on this website, including comments, photographs, blog posts and settings for the theme to run this blog, to ensure that the blog can be restored if a problem arises, including website breakdown, hacking or data breach. Previous backups are kept for 30 days at the WordPress hosting site.
Who we share your data with
We will never share or sell your data with any third parties.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
The site abides by the basic principles of data retention, in only retaining personal data for as long as we need it. This is to provide the services to Users, its customers and continue to provide a valuable resource. We will take all necessary steps to anonymise any data that is stored.
No paper records are held at all.
If you leave a comment on a blog post or linked social media account, the comment and its metadata are retained indefinitely on the site.
What rights you have over your data
If you have an account on this site for blog purposes or you have left comments against a blog post, you can request to receive an exported file of the personal data we hold about you. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to retain for administrative, legal or security purposes.
You are able to withdraw permission regarding your data by letting us know. You will still be able to use our website.
It is not possible to withdraw permission for analytical information that has already been collected, however this is statistical data based on numbers of people accessing the site – and there are no identifiable details stored in this way at any time.
Where we store and send your data
Visitor comments may be checked through an automated spam detection service.
By using the site, you agree to your data collected to be used for service evaluation and relevant research by the site for the purposes of delivering the website.
We will only store or transfer your personal data in the UK. This means that it will be fully protected under GDPR.
Your contact information
By signing up to the site, you are agreeing that we may provide you with information about our services (whether by email, social media or any other medium) that we consider appropriate.
You can opt out of receiving such materials or notifications by unsubscribing from newsletters, un-following any linked social media accounts or emailing us to inform request to be removed from any email lists.
The Site does not take or hold any personal or financial details from you other than email addresses. Any payments or stored detailed are made via third party websites. Their Privacy Policies will apply. If you are contacted directly by this Site and asked to provide payment details for services you are not aware of, please report this to email@example.com as soon as possible.
Any payments you make to any third parties – via links to other websites/marketing from this site – are not the responsibility of the site.
How we protect your data
The site is hosted on a third-party server (Word Press), and we have built in security measures and Plugins to protect the website and the data it holds. The site is hosted in a protected IT environment with regular backups to keep all information safe and secure.
Personal data is not just created by your interactions with the site. Personal Data is also generated from technical processes such as completing ‘Contact Us’ forms, cookies, analytics and third party embeds.
Word Press does not collect any personal data about visitors, and only collects the data shown on the User Profile screen from registered users (where applicable). Some PlugIns may collect personal data. Where we are aware of this, we will include this here.
What data breach procedures we have in place
If you need to report a data breach, please contact firstname.lastname@example.org
If we need to advise you of a data breach, then we will do so as soon as we are aware of it, including any remedial steps we are implementing.
Display Ads, Affiliate Links and Third Party Link
We use AWIN, The Affiliate Gateway, Google AdSense and other independent affiliate links, advertisements and marketing, to provide relevant content and advertisements when you visit this Site. These adverts may be tailored to your specific requirements and interests. This means we have an agreement with the relevant affiliate to market carefully selected products that may be of interest to our customers.
If you click that link and make a purchase, we may receive a small remuneration fee. This will not be at any cost to you. Cookies are placed within your browser to ensure that any sales or sign ups to services are correctly tracked back to the lead generation, to allow us to receive this remuneration.
The affiliate payments help us keep the Site available to customers. You are under no obligation to use any of the links, you can simply end use of the Site. We are not recommending any services and you should make your own informed decisions before entering in to any agreements or payments with any third party service. The Site doe not hold any responsibility for agreements made between the Customer and third party websites.
If we are using or promoting an affiliate link. This helps the site to generate revenue, and remain free to Users. All banners links are clearly visible as external advertisements.
The site may publish blog posts that contain links to other websites. We are not responsible for the content or privacy policies on any other websites.
The Sunset Plan Digital Vault Service
The Sunset Plan’s digital vault service is provided by a third party company, Legado Technologies. The Sunset Plan has co-branded with the Legado platform to bring you an all in one life organisation and legacy planning service. We will receive a small referral fee for any customers that purchase their premium digital vault plan.
When you link from our site to create a digital vault, you are transitioning to the Legado platform. From that point, all data, security, payment, privacy, liability and customer contact/support is subject to Legado’s terms and conditions. If you need support regarding the digital vault service, you must contact Legado for assistance.
How do I make a Subject Access Request?
You have the right to ask for a copy of the information we hold about you and have any inaccuracies corrected, If you wish to make a subject access request, we ask you to to:
- Email us at email@example.com
- Provide proof of identity including your name and any other personal information you have shared with us.
For your ongoing safety and security, we will only send a response to a subject access request to the email address you have previously provided us with. If we are unable to verify your identity, it may not be possible to provide you with the information requested. For further information please email firstname.lastname@example.org
Please note that the relevant legislation allows us one month in which to respond to a Subject Access Request.
This policy was last updated on 22/03/2021.