Privacy Policy

 Last updated: May 7, 2026

Columba Booth (“we,” “us,” or “our”) operates the website https://columbabooth.com/ (the “Site”). We are committed to protecting your privacy and handling your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our Site, contact us, subscribe to our newsletter, or otherwise interact with us. By using the Site, you consent to the practices described in this Policy.

1. Who We Are (Data Controller) Columba Booth is an individual author publishing contemporary Christian fiction.
Contact details:
Email: [email protected]
Website: https://columbabooth.com/

We act as the data controller for the personal data we process.

2. Personal Data We Collect

We may collect the following categories of personal data:

  • Contact and Communication Data: Name, email address, and any other information you voluntarily provide when using our contact form or emailing us directly.
  • Newsletter Subscription Data: Email address (and optionally name) when you subscribe to our fiction newsletter.
  • Technical and Usage Data: IP address, browser type, device information, operating system, referring URLs, and pages visited. This data is collected automatically through server logs and cookies.
  • Other Information: Any additional details you choose to share in communications or forms (e.g., messages about our books or topics of interest).

We do not collect sensitive personal data (special categories under GDPR, such as health, religious beliefs for profiling purposes, etc.) unless you voluntarily include it in a message. We do not sell personal data.

3. How We Collect Your Data

  • Directly from you: Via the contact form, newsletter subscription form, or email.
  • Automatically: Through cookies, server logs, and similar technologies when you browse the Site.
  • From third parties: We may receive limited data from newsletter service providers or analytics tools (detailed below).

4. Purposes and Legal Basis for ProcessingWe process your personal data on the following lawful bases under GDPR Article 6:

Purpose
Legal Basis
Examples
Responding to your inquiries or communications
Legitimate interests (Art. 6(1)(f)) or contract (if applicable)
Replying to contact form messages
Sending our newsletter and updates about books, events, or free content
Consent (Art. 6(1)(a))
Email marketing to subscribers
Operating, maintaining, and improving the Site (analytics, security)
Legitimate interests (Art. 6(1)(f))
Understanding Site usage and preventing abuse
Complying with legal obligations
Legal obligation (Art. 6(1)(c))
Responding to lawful requests from authorities

You may withdraw consent for newsletter marketing at any time (see “Your Rights” below). We will not use your data for automated decision-making or profiling that produces legal or similarly significant effects.5. Cookies and Similar Technologies

We use essential cookies for Site functionality. We may also use analytics cookies (e.g., via Google Analytics or similar) to understand traffic and improve user experience. You can manage cookie preferences through your browser settings. For more details, please refer to any cookie banner or notice on the Site (if implemented).

6. Data Sharing and ProcessorsWe may share your personal data with:

  • Service Providers: Third-party processors who help us operate the Site, such as email service providers (for newsletters), web hosting providers, or analytics services. These processors are bound by data processing agreements and GDPR obligations.
  • Legal Requirements: If required by law, court order, or government request.
  • Business Transfers: In the unlikely event of a merger, acquisition, or sale of assets.

We do not share data with third parties for their own marketing purposes. Data transfers outside the EEA (if any) are protected by appropriate safeguards, such as Standard Contractual Clauses.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined above or as required by law:

  • Newsletter subscriptions: Until you unsubscribe.
  • Contact inquiries: For a reasonable period (typically up to 2 years) or as needed to resolve the matter.
  • Technical/usage data: For shorter periods (e.g., analytics logs are anonymized or deleted after 14–26 months, depending on the tool).

8. Your GDPR RightsUnder the GDPR, you have the following rights (subject to certain limitations):

  • Right of Access: Request confirmation of whether we process your data and obtain a copy.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data.
  • Right to Restriction of Processing: Request we limit processing in certain cases.
  • Right to Data Portability: Receive your data in a structured, machine-readable format and transmit it to another controller.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: At any time for consent-based processing (e.g., newsletter).
  • Right to Lodge a Complaint: With a supervisory authority, such as your local data protection authority in the EU/EEA.

To exercise these rights, contact us at [email protected]. We will respond within one month (extendable if complex).

9. Data Security

We implement reasonable technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration. However, no method of transmission over the internet or electronic storage is 100% secure.

10. International Transfers

As an individual based in the US, some of our service providers may be located outside the EEA. Where personal data of EEA residents is transferred, we ensure appropriate safeguards are in place.

11. Children’s Privacy

Our Site is not directed at children under 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete it.

12. Changes to This Privacy Policy

We may update this Policy from time to time. The “Last updated” date at the top indicates the revision. We encourage you to review it periodically. Continued use of the Site after changes constitutes acceptance of the updated Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
[email protected] (mailto: [email protected])Thank you for trusting us with your data. We value your privacy and are committed to transparency.