Privacy Policy


May 25, 2014 by Lydia Syson


I have read the Information Commissioner’s Office guidelines for compliance with the new General Data Protection Regulation (GDPR) rules.This document that follows explains how I comply. If you have given me your email address (by emailing me, or subscribing to my website or newsletter via my website or during events, for example), please read this to be reassured that we’re looking after your data extremely responsibly.

I value the security of your information extremely highly and will never intentionally breach the rules. However, the rules are designed for large corporations and I can only do my very best to comply.

The information I hold:

  • Email addresses of people who have emailed me and to whom I have replied or who have commented on this website are automatically saved in gmail or 123-Reg, my web host.
  • Email addresses and names of people who have signed up to my mailing list via the opt-in link on my website.
  • Email addresses, postal addresses and names of people who I have worked with over the years. These are held as lists in my email servers as above.
  • I have access to the followers of my Twitter account. While I am the data controller of this account, I do not process this data. Anyone who does not wish to continue to follow me, can unfollow at any time as per Twitter’s regular procedures.
  • This wordpress website holds a database of followers which is held and run with JetPack plugin (by Automattic) who I believe are fully compliant. I’m not the data processor. There is information about Automattic’s privacy statement updates here.

I never share this information with anyone. 

If you are a subscriber, you will receive this privacy policy automatically.  You can unsubscribe at any time and your data will be automatically deleted. There is an option to unsubscribe at the bottom of every email that comes from this website. If someone asked to see their data, I would take a screenshot of their entry/entries and send it to them.

Lawful basis for processing data

If people have emailed me or contacted me via the website, they have given me their email address. If anyone has subscribed to my mailing list or followed me on Twitter they have actively opted in, in the knowledge that I will contact them occasionally, and I take that as consent to continue to do so.

I do not actively add any contact details to any list without valid permission them without permission.


I’m not normally contacted by children and do not correspond with them through my various social media presence. However I do not know the ages of my subscribers on Twitter or Mailing lists and can only act on known information.

Data breaches

I protect the datahold by strong passwords across the digital platforms I use. If any of those platforms were compromised, I would take steps to follow appropriate advice immediately.

Data Protection by Design and Data Protection Impact Assessments

I have familiarised myself with the ICO’s code of practice on Privacy Impact Assessmentsas well as the latest guidance from the Article 29 Working Party, and believe that I am using best practice.

Data Protection Officers

My lead data protection supervisory authority is the UK’s ICO as of 25th May 2018.




Leave a Reply

Your email address will not be published. Required fields are marked *

“A mesmerising portrait of a family unravelling” THE TIMES (Best historical fiction in 2018)

“Powerful, intense and beautiful” HISTORICAL NOVEL REVIEW

“This tense, evocative, richly-imagined novel conjures the voices of a strange time and place, and makes them universal” EMMA DARWIN

“Syson brings history alive” THE OBSERVER

Search this site