PRIVACY POLICY

Effective Date: 26/04/2025

The Cyber Compass is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights as a visitor, reader, or subscriber.

By accessing this site or subscribing to any services, you agree to the terms outlined here.

1. Who We Are

This site is operated by Heather Roache, founder of The Cyber Compass, based in Ireland. Our mission is to make cybersecurity understandable and accessible to all — especially those who aren’t technically inclined.

If you have questions about this policy or how your data is handled, you can contact here.

2. What Information We Collect

We only collect what we need to run the blog and improve your experience. This includes:

Information You Provide Directly:

  • Email address – when you subscribe to our newsletter or paid content

  • Name (optional) – if you provide it during signup

  • Payment details – managed securely by third-party processors (e.g., Substack, Stripe)

  • Poll votes or topic suggestions – when you engage in community content

Information We Collect Automatically:

  • Device and browser information

  • IP address

  • Pages viewed and time spent on the site

We use analytics tools (e.g., Substack’s built-in analytics or privacy-focused alternatives like Plausible) to understand traffic and improve the site. These tools do not identify you personally.

3. How We Use Your Information

We use your information:

  • To send you our newsletter and blog updates

  • To personalise your experience (like showing relevant content)

  • To process payments for paid subscriptions

  • To invite you to vote in polls or give topic suggestions

  • To improve site performance and understand readership trends

We do not sell your data. Ever.

4. Cookies & Tracking

We may use minimal cookies for:

  • Site functionality (e.g., remembering logins)

  • Anonymous traffic analytics

  • Newsletter performance (opens, clicks)

You can control cookies via your browser settings. Most of our cookies are essential or anonymous, and the site remains accessible without tracking cookies.

5. Who We Share Data With

We only share data with:

  • Email platforms (e.g., Substack) to manage newsletters

  • Payment processors (e.g., Stripe) for secure transactions

  • Analytics providers to understand site usage

All third-party services used are GDPR-compliant and only process data as necessary.

6. Your Rights Under GDPR

If you're in the EU or UK, you have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Delete your data (right to be forgotten)

  • Withdraw consent at any time

  • Object to processing

  • Export your data (data portability)

To make a request, email us here. We’ll respond within 30 days.

7. Data Retention

We keep your data only as long as necessary:

  • Email and subscription info: until you unsubscribe or request deletion

  • Analytics data: anonymous and retained only for site performance review

8. Security

We implement reasonable security measures to protect your data, including HTTPS encryption, strong passwords, and secure third-party services. However, no website can guarantee 100% security, so use caution when sharing sensitive information.

9. Children’s Privacy

This blog is not intended for children under the age of 13. We do not knowingly collect or store data from anyone in that age group.

10. Changes to This Policy

We may update this Privacy Policy occasionally. If we make significant changes, we’ll notify subscribers via email or update the blog post banner. The effective date at the top will always reflect the latest version.

11. Contact Us

Got questions? Want your data removed?
Contact us here, we’re always happy to help.