Data Protection


  1. This policy sets out how Hannah McCall will protect the personal data of her business contacts, primarily clients and potential clients. It may also include people involved in projects she works on, service and product suppliers, and editorial colleagues. This policy is intended to ensure compliance with the General Data Protection Regulation (GDPR).

Collection of data

  1. Hannah McCall acts as both Data Controller and Data Processor. Hannah McCall is a sole trader and does not employ or subcontract to other service providers.
  2. Data collected on the website is controlled and processed by and Automattic. You can read their privacy policy here: As administrator of this website, Hannah McCall can view the IP address, email address, blog or website address, and supplied name given when a user submits a comment on this website. These details are not processed or stored by Hannah McCall and will not be disclosed to any third parties.
  3. Hannah McCall may collect the following data from individuals: email addresses, telephone numbers and postal addresses.
  4. Hannah McCall does not use mailing lists or use client details for marketing correspondence.

Storage and use of data

  1. Data will be stored by Hannah McCall on a secure, password- and firewall-protected hard drive. It may backed up on an external, password-protected USB drive.
  2. Email addresses used for correspondence are automatically recorded by Hannah McCall’s email service provider ( They are not stored in a separate file. No email address will be disclosed to a third party without the permission of the email address user.
  3. Telephone numbers provided by clients or potential clients will be stored along with the relevant project documentation. This information will only be used to contact the individual about their project.
  4. Postal addresses are used for invoicing purposes, and may be used to contact the individual about their project. This information will be stored with the project documentation and in an archive of invoices.
  5. All data will be used for business purposes relating to specific projects. No data will be shared with third parties without prior express permission or unless Hannah McCall is legally obliged to do so.


  1. Data is stored on a password- and firewall-protected computer, or within a password-protected email account that makes use of two-step verification. Backed up files are stored on a password-protected, encrypted USB.

Rights of data subjects

  1. Data will be held for at least six years. Unless the data is required for tax or legal processes, clients and business contacts may request, at any time, that any details held on them are deleted.
  2. Hannah McCall respects the rights of data subjects to be told, on request, what details she holds on them, and to ask for that data to be updated, deleted, restricted or moved to another party (subject to any legal requirements).