Sign in Subscribe

Privacy Policy

Last Updated: March 16, 2025

Introduction

Welcome to sentinel.blog ("I," "my," or "me"). I am committed to protecting your privacy and personal information. This Privacy Policy explains how I collect, use, disclose, and safeguard your information when you visit my website.

I value transparency and strive to use the minimal amount of data necessary to provide you with an excellent experience. Please read this policy carefully to understand my practices regarding your personal data.

Information I Collect

Information You Provide to Me

  • Subscription Information: If you subscribe to my blog, I collect your email address to send you updates.
  • Membership Information: If you become a member, I may collect your name, email address, and payment information.
  • Communication Data: Information you provide when contacting me, leaving comments, or participating in discussions.

Payment Processing

I use Stripe as my payment processor for handling membership fees and donations. When you make a payment on sentinel.blog, your payment information is collected and processed directly by Stripe. I do not store your full credit card details on my servers.

Stripe may collect information such as:

  • Your name
  • Email address
  • Billing address
  • Payment method details
  • Transaction information

Stripe's services are governed by their own Privacy Policy, which can be found at https://stripe.com/gb/privacy. I encourage you to review Stripe's privacy practices.

Information Automatically Collected

I use Plausible.io, a privacy-focused analytics service, to collect anonymous usage data about my website. Plausible.io operates on the following principles:

  • No Cookies: Plausible.io does not use cookies and does not track visitors across websites.
  • No Personal Data: I do not collect any personally identifiable information (PII).
  • GDPR Compliant: Plausible.io is fully compliant with GDPR, CCPA, and PECR regulations.

The anonymous data collected through Plausible.io includes:

  • Page views: Which pages on my site are visited
  • Referral sources: Where visitors come from (e.g., search engines, social media)
  • Device information: Browser type, device type (mobile/desktop), and operating system
  • Geographic information: Country-level location data (never precise location)
  • Visit duration: How long visitors stay on my site

This information is aggregated and cannot be used to identify individual visitors.

How I Use Your Information

I use the information I collect for the following purposes:

  • To operate and maintain my blog
  • To provide and deliver the services you request
  • To send you administrative emails (such as subscription confirmations or account notifications)
  • To send you marketing and promotional communications (if you have opted in)
  • To respond to your comments or inquiries
  • To improve my website based on aggregate usage statistics
  • To protect my website against unauthorized access

Email Communications and Unsubscribing

If you subscribe to my blog or become a member, you may receive email communications from me including:

  • New content notifications
  • Newsletters
  • Membership updates
  • Administrative notifications

All emails sent from sentinel.blog include an unsubscribe link at the bottom of each message. You can opt out of receiving these communications at any time by:

  • Clicking the unsubscribe link in any email
  • Updating your email preferences in your account settings
  • Contacting me directly at [email protected]

When you unsubscribe, your preference will be updated immediately in the system, and you will no longer receive marketing emails. You may still receive transactional emails related to your account or membership.

I respect your communication preferences and will honor your opt-out request promptly.

Cookies and Tracking Technologies

Unlike most websites, sentinel.blog minimizes the use of cookies:

  • I do not use third-party tracking cookies
  • I do not allow advertising networks to place cookies on my site
  • I do not track your activity across other websites

The only cookies I may use are essential for website functionality (such as maintaining login sessions if you are a member).

In compliance with GDPR, I will only place non-essential cookies on your device if you have given your explicit consent. You can withdraw your consent at any time by adjusting your browser settings or through the cookie management tool on my website.

Name Purpose Type Duration
__stripe_mid Stripe payment processing Functional 1 year
__stripe_sid Stripe payment processing Functional 30 minutes
ghost-members-ssr Ghost membership functionality Functional Session
ghost-members-ssr.sig Ghost membership signature verification Functional Session

Data Sharing and Disclosure

I do not sell, trade, or otherwise transfer your personal information to third parties. However, I may share information in the following limited circumstances:

  • Service Providers: I may share information with trusted third parties who assist me in operating my website and conducting my business:
    • Stripe: As my payment processor, Stripe receives necessary payment information to process transactions. Their privacy policy can be found at https://stripe.com/gb/privacy.
    • Email service providers: To send newsletters and communications.
    • Other service providers: As needed to provide the services offered on my blog.
  • Legal Requirements: I may disclose information when required by law or in response to valid requests by public authorities.
  • Business Transfers: If sentinel.blog is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Under the General Data Protection Regulation (GDPR), I need a legal basis to collect and process your personal data. I rely on the following legal grounds:

  • Consent: Where you have given clear consent for me to process your personal data for a specific purpose.
  • Contract: Where processing is necessary for the performance of a contract with you (e.g., when you purchase a membership).
  • Legitimate Interests: Where processing is necessary for my legitimate interests, such as to improve my blog and provide better services, as long as this doesn't override your fundamental rights and freedoms.

Data Processing Records

As required by GDPR, I maintain records of my data processing activities. These records include:

  • Categories of personal data collected
  • Purposes of the processing
  • Categories of recipients of personal data
  • Information about international transfers
  • Retention schedules
  • Description of security measures

You may request information about these records by contacting me using the details provided in the "Contact Me" section.

Your GDPR Rights

If you are a resident of the European Economic Area (EEA), you have the following rights under GDPR:

  1. Right to Access: You have the right to request copies of your personal data.
  2. Right to Rectification: You have the right to request that I correct any information you believe is inaccurate or complete information you believe is incomplete.
  3. Right to Erasure: You have the right to request that I erase your personal data, under certain conditions.
  4. Right to Restrict Processing: You have the right to request that I restrict the processing of your personal data, under certain conditions.
  5. Right to Object to Processing: You have the right to object to my processing of your personal data, under certain conditions.
  6. Right to Data Portability: You have the right to request that I transfer the data I have collected to another organization, or directly to you, under certain conditions.

If you make a request, I have one month to respond to you. To exercise any of these rights, please contact me using the information in the "Contact Me" section.

Data Security and Breach Notification

I implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

  • Secure Socket Layer (SSL) encryption for all data transmission
  • Regular security assessments
  • Limited access to personal information
  • Password protection and authentication measures

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, I will notify you and the relevant supervisory authority without undue delay and, where feasible, within 72 hours after becoming aware of the breach, as required by GDPR.

Data Retention

I retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

Children's Privacy

My website is not directed to children under 16 years of age, and I do not knowingly collect personal information from children under 16. If I learn that I have collected personal information from a child under 16, I will promptly delete that information.

International Transfers

I am based in the United Kingdom, and the information I collect may be stored and processed in the UK or any other country where I or my service providers maintain facilities.

If you are located in the European Economic Area (EEA) and I transfer your personal data outside the EEA, I will ensure that:

  1. The transfer is to a country that has been deemed to provide an adequate level of protection by the European Commission, or
  2. The transfer is subject to appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, or
  3. The transfer relies on one of the derogations for specific situations as set out in Article 49 of the GDPR.

If none of the above safeguards is available, I will only transfer your information with your explicit consent.

Changes to This Privacy Policy

I may update this Privacy Policy from time to time. I will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. I encourage you to review this Privacy Policy periodically.

California Privacy Rights

Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their personal information. These rights include:

  • Right to Know: You have the right to request information about the personal information I collect, use, disclose, and sell.
  • Right to Delete: You have the right to request the deletion of your personal information.
  • Right to Opt-Out: You have the right to opt-out of the sale of your personal information. However, I do not sell personal information.
  • Right to Non-Discrimination: You have the right not to be discriminated against for exercising any of your CCPA rights.

To exercise your rights under CCPA, please contact me using the information provided in the "Contact Me" section.

Contact Me

If you have any questions about this Privacy Policy, would like to exercise your data protection rights, or need to report a potential data breach, please contact me at:

  • Email: [email protected]
  • Data Protection Inquiries: Please include "Privacy" or "Data Protection" in the subject line for faster processing

I will respond to all legitimate requests within one month.

This Privacy Policy is effective as of the "Last Updated" date above.