Privacy Policy

This Privacy Policy explains how www.redrosethorns.com ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit our website, submit work, or interact with our services. By using our website, you consent to the practices described in this policy.

​

1. Information We Collect

We may collect the following types of information:

Personal Information

• Name

• Email address

• Mailing address (if applicable for payments or physical publications)

• Payment information (if applicable) is processed securely via third-party processors like Stripe/PayPal.

• IP address & browser data (for analytics and security)

• Submissions (creative works, cover letters, bios, etc.)

Automatically Collected Data

• Cookies & tracking technologies (see Section 5)

• Website usage data (pages visited, time spent, referral sources)

2. How We Use Your Information

We use your data for the following purposes:

• To process and review submissions.

• To send newsletters (monthly updates, event announcements, Substack publications).

• To improve our website and services.

• To comply with legal obligations.

• To prevent fraud or misuse.

3. Legal Basis for Processing (GDPR & CCPA Compliance)

For UK/EU Users (GDPR Compliance)

Under the UK GDPR and EU GDPR, we process your personal data based on the following legal grounds:

• Consent: When you submit work or voluntarily opt into our newsletters.

• Contractual Necessity: To fulfil agreements (e.g., publishing your work or processing payments).

• Legitimate Interests: For website security, analytics, and service improvements (balanced against your rights).

For California Users (CCPA Compliance)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), we:

• Do not sell or share your personal data (as defined by CCPA).

• Disclose data collection purposes (see Section 2).

• Honour opt-out requests for data sales/sharing (though we do not engage in these practices).

• Provide rights to access, delete, and correct data (see Section 7).

Note: CCPA applies only to California residents. GDPR rights apply to UK/EU users.

4. Data Sharing and Third-Party Disclosures

We do not sell your personal data. Your information is only disclosed under the following limited circumstances:

Essential Service Providers

We share data only with these necessary third parties, strictly for our operational purposes:

• Mailchimp: For managing email newsletters and updates

• Substack: For distributing our weekly literary publications, and marketing our publications and events

• Payment Processors (e.g., Stripe/PayPal): Only when processing financial transactions

• Web Infrastructure Providers: Including hosting services and Google Analytics (for anonymised traffic data only)

All service providers are:
✓ Contractually bound to confidentiality
✓ Prohibited from secondary data use
✓ Compliant with GDPR/CCPA requirements

Controlled Publishing Exceptions

If your work is selected for external features, we may share:

• Your name and work (with attribution)

• No personal contact details unless you explicitly consent

Legal Compliance

We may disclose information when legally compelled to:

• Respond to valid court orders or subpoenas

• Comply with UK/EU/US regulations

What We Never Do

× Sell or rent your data
× Share with unrelated marketers/advertisers
× Disclose personal details to other writers/artists without consent

5. Cookies & Tracking Technologies

We use cookies for:

• Essential functions (site operation).

• Analytics (Google Analytics) to improve user experience.

• Marketing (if applicable, for ad retargeting).

You can manage cookie preferences via your browser settings or our cookie consent banner.

6. Data Retention

We retain your data only as long as necessary:

• Submissions: Until the review process ends (or longer if published).

• Newsletters: Until you unsubscribe.

• Payment records: As required by tax/accounting laws.

7. Your Rights (CCPA/GDPR)

Depending on your location, you may have the right to:

• Access, correct, or delete your data.

• Opt out of marketing emails (via unsubscribe links).

• Data portability (request a copy of your data in a usable format).

• Restrict processing (under GDPR).

• Non-discrimination (under CCPA for California residents).

To exercise these rights, contact us at contact@redrosethorns.com.

8. International Data Transfers

If data is transferred outside the UK/EU (e.g., via US-based servers), we ensure safeguards like Standard Contractual Clauses (SCCs) or Privacy Shield compliance (where applicable).

9. Children’s Privacy

We do not knowingly collect data from children under 16 (or 13 under COPPA). Parents/guardians may contact us to remove such data.

10. Security Measures

We implement SSL encryption, secure passwords, and limited access protocols to protect your data, but no system is 100% secure.

11. Changes to This Policy

Updates will be posted here with a new "Last Updated" date. Continued use of the site constitutes acceptance.

12. Contact Us

For privacy requests or questions:
Email: contact@redrosethorns.com