Privacy

Latest update: December 7th, 2021 (English version).

Your data is yours.

Here’s an complete overview of the data I’m gathering, the how and the why.

What is collected and why

First: all this data is yours and I’ll never sell it. I’ll never share your name and/or email address with others and/or use it in marketing without your consent.

  • You’ll supply your email address on signup
  • Optionally you can enter a first name and/or last name
  • Optionally you can provide a password. This password is saved in an encrypted state (BCrypt).
  • You can set your timezone. By default it is set to the timezone you were in when signing up.
  • When going through the GRIP email course and/or the GRIP on vacation email course I’m saving which edition you received. The emails do not contain opentracking or clicktracking.
  • You can make use of the GRIP Energy Tracker. Here you’ll provide a score (number and optional description) for a given date. This data is only accessible by you on the platform, but are saved in plain text. You can export all data at any time.
  • You can save your goals per quarter. This data is only accessible by you on the platform, but are saved in plain text. There’s no export feature yet, let me know if you want them exported.
  • You can save a firstname, lastname, birthdate and email address for contacts on the platform. I use this information to send you and only you an email to remind you of their birthdate. You can export all data at any time.
  • If you forward your (pre) order receipt to me, I’m storing your email address and number of products to give you access to the order gifts.

As you see: almost all details are optional. As much as possible there are ways to easily export your data. If you need or want your data in another format, just let me know. Happy to help.

External services

To run the website and app I’m making use of external services. Here’s an overview of the services I’m using and the data I’m sharing.

  • Gravatar. I’m making use of Gravatar to show an image with your account. To do that I’m sharing your email address in hashed form with Gravatar. Gravatar only knows who you are if you are registered with them.
  • Moneybird. I’m making use of Moneybird for my financial admin. I’m sharing your email address and name with them (if you provided it) to personalize your invoice(s).
  • Amazon Web Services. I’m making use of AWS to send email (Amazon SES) and to host the GRIP Masterclass and videos (Amazon S3, Amazon MediaConvert, Amazon CloudFront). Amazon SES obviously needs your email address in order to email you.
  • DigitalOcean. I’m making use of DigitalOcean to host my virtual server, with on it the database with all user data. This server is located in Amsterdam. I have access to this server. Technically, DigitalOcean employees would also have access to this server.
  • Stripe. I’m making use of Stripe for payments. They store your payment details securely. I only save who paid what.
  • Bugsnag. I’m making use of a service called Bugsnag to track error reports. I’m only sharing a unique ID for your accuont with Bugsnag, so I can link back who got what error. Bugsnag is also storing your IP address and various other browser properties, for debugging purposes.
  • Plausible. I’m using Plausible to track page visits. Plausible is a privacy friendly analytics service that does not follow you around like others do.

Also relevant

When you log in, a cookie is placed on your machine so you don’t have to log in the next time.

The database is backed up weekly and stored for one month.

I noted this above, but besides your password your details are not encrypted on the server (they are encrypted between you and my server because I’m using HTTPS). If someone gets access to the database, they are able to see your data. I obviously take a lot of care to make sure this does not happen.

If a data breach happens and your data is involved, I’ll send you an email about it.

There are no ads on the platform and that will also never happen.

When you delete your account (you can do that here) all your data is destroyed immediately. Your details are still in my backups for a month tops. After that they are removed too.

Questions about this policy? Email me.