Privacy Policy

This privacy policy explains how Transport Experiences uses and safeguards your personal data. It also explains how cookies are used and which third parties collect and use your data.

I, David Fiske t/a DBFCS, am the data controller for Transport Experiences. I make decisions about what data is collected and how it is processed on Transport Experiences.

I cannot control the data collected and decisions made by third parties but I do choose which third parties to work with. I only work with Data Controllers and Data Processors that claim to be GDPR-complaint. Where data is transmitted from the UK to the USA, I also only work with establishments that claim to comply with the EU-U.S. Privacy Shield framework.

What is in this Privacy and Cookie Policy?

To help you navigate this page, I have split the Privacy and Cookie Policy into sections:

What data is collected?

1. Analytics

Like most website, I run third-party software on Transport Experiences to analyse aggregate website usage for the purposes of creating even better content that you love, that is best suited to my audience, and is generally more helpful and useful to you. It's a handy tool that shows me which pages are popular and which pages are not, assisting me in making better informed decisions.

Details of these services and how your data is handled can be found below.

Company Product Additional Info Privacy Policy
Google Google Analytics I've set Google Analytics to anonymise IP addresses before it collects data Privacy Policy (Opt out)
Microsoft Microsoft Clarity Sensitive data is masked by default Privacy Policy

2. Search forms

When you use the search facility on this website, the search terms you use are logged for analytical purposes, better helping me understand what information my website visitors are searching for. No personally identifiable data is logged with the search terms.

3. Comments

If you wish to leave a comment on some pages on Transport Experiences, there is a form available for you to add your thoughts and opinions. If you are under 18 years of age you MUST obtain parental consent before posting a comment on Transport Experiences.

To complete the form, you need to add a name (which can be a pseudonym) and your email address. Your name (or pseudonym) is publicly displayed alongside your comment. Your email address is used to check against spam databases (see below).

I ask for explicit Consent to use and transmit your personal data for this purpose. Your name, email, and comment will remain stored on this website indefinitely unless I remove your comment or delete the article it is attached to. If you wish to delete your comment at any time prior to these events, please email your request to gdpr [at] dbfcs.co.uk using the email address you originally commented with (for identity verification purposes).

4. Contact forms

Contact forms on Transport Experiences let you easily and conveniently contact me.

When you complete a form, the content is converted into an email and sent to me. Email is transmitted from Transport Experiences using SMTP (Simple Mail Transfer Protocol), protected by TLS (Transport Layer Security). This means the email content is encrypted before being transmitted across the Internet.

If you complete a contact form, you will be asked for your name and email address. Your name is used to address you in a response while your email address is used to contact you in relation to your query or message. I also ask for explicit Consent to use and transmit your personal data for this purpose. Your personal data is not used for any other purpose than to contact you in relation to the matter you raise.

I retrieve my email over a secure SSL connection to maintain privacy and security. Email messages from website visitors are retained for up to 24 months, in raw form and potentially in backup files (see below).

5. Newsletter and email updates

If you sign up to receive my newsletter, you will be asked for your email address. Your email address is used to send you ongoing email updates from Transport Experiences. I also ask for explicit Consent to use and transmit your personal data for this purpose. Your personal data is not used for any other purpose than to send you ongoing email updates from Transport Experiences.

Email updates often contain news, website updates, and details of special offers and flash sales that may be of interest to you.

When you choose to sign up, I send you an email with a unique opt-in hyperlink to verify that your email address is capable of receiving my email updates. This opt-in email notification is resent after 48 hours if it is not actioned before then.

I use an in-house email server to reliably deliver emails. Messages are transmitted using SMTP and Transport Layer Security (TLS).

When you open an email update from Transport Experiences, it may load a pixel that tracks whether the email was successfully opened. Hyperlinks clicks are tracked. Together, this analytical data helps me to identify how many emails are opened by subscribers and which content is most relevant. This data is stored alongside your personal data as an audit trail indefinitely until your account is deleted (see below).

Should you wish to no longer receive email updates, simply click the 'unsubscribe' link at the bottom of any email update I send and follow the on-screen instructions. You will no longer receive email updates after this has been completed, although bear in mind that an email update may already have been sent and may be in transit when you unsubscribe.

An automatic purge of unsubscribed and unconfirmed registrations older than one week occurs daily, deleting that data from my database. In some circumstances, this data can potentially remain in backup files for up to 24 months (see below).

6. RSS email notifications

Where a Google (Feedburner) form is used, Google is the data handler of your details and uses your email address to automatically send you updates based on the RSS feed from Transport Experiences.

When you submit your email address, this is sent straight to Google which processes and stores this data. It is not transmitted by, nor saved by, Transport Experiences.

Company Product Privacy Policy
Google Feedburner Privacy Policy

7. Security

Your IP address is collected and checked against hacker and threat databases on the basis of Legitimate Interest. This is to safeguard server security and to safeguard personal data held upon it.

When you submit a comment, a contact form, or sign up to receive email updates, your IP address is collected and checked against spam databases on the basis of Legitimate Interest. This is to mitigate unsolicited content to help safeguard personal data held upon on the server.

Your IP address may be passed to third parties to check against blacklist databases:

Company Data transmitted Purpose Place of Processing Privacy Policy
hCaptcha (Intuition Machines, Inc) IP address; Usage Data To check the user authenticity for security/spam purposes USA Privacy Policy
ReCaptcha (Alphabet, Inc) IP address; Usage Data To check the user authenticity for security/spam purposes USA Privacy Policy
AbuseIPDB (Marathon Studios, Inc) IP address To check against spam databases for security purposes USA Privacy Policy
Wordfence (Defiant, Inc) IP address To check against spam and hacker databases for security purposes USA Privacy Policy

8. Log files

My server automatically records the IP address for every file request made in a log file on the basis of Legitimate Interest. Log files are an essential way to safeguard server security and therefore help protect personal data held upon it.

Log files are automatically purged after two months, although a copy of log files may be included in website backups.

Cookies

A cookie is a small text-based file stored within your web browser on your computer. Cookies are used by websites to store information to help enhance Your interaction with the website. Cookies typically contain the domain name of the website, the duration they should be stored within your web browser, and a value. Cookies can be set to expire when you close the web browser, or to remain for future use.

I use cookies only store preferences, such as to suppress website notice banners once you have dismissed them. I use cookies to signify login authentication to password-protected areas of the website.

1. Cookie Audit

These cookies have been found on Transport Experiences. Not all cookies are saved and used on every page as some depend on certain actions to be used.

Cookie name Lifespan Set by Purpose Essential?
PHPSESSID Just for the session Transport Experiences This is set by the server to identify your computer and to check whether you are logged in or not Yes
WordPress_test_cookie Just for the session Transport Experiences This is used by the Website to check if your website browser can handle cookies for the purposes of logging in Yes
Comment_author_{random string} 12 months Transport Experiences This is set by the website ONLY if you leave a comment - it remembers the name you used last time No
Comment_author_email_{random string} 12 months Transport Experiences This is set by the website ONLY if you leave a comment - it remembers the email address you used last time No
CookieWarn 1 month Transport Experiences This is set by the website to prevent the cookie notice appearing if you have already dismissed it No
_ga 24 months Google Analytics Used to distinguish users No
_gid 24 hours Google Analytics Used to distinguish users No
_gat_{random string} 1 minute Google Analytics Used to throttle requests No

Note: Third party content providers including affiliate networks and display advertising enterprises may set their own cookies (see below).

2. How to disable cookies

You can adjust your browser settings to prevent cookies from being set. Details on how to do this for your browser software can be found here.

Embedded third-party content

For your convenience, I embed third party content into this website to save you from needing to visit an external website to consume such content. An example is embedding a video into an article so you can watch footage via my website rather than having to leave to watch it elsewhere.

I have no control over the data these services collect nor how the associated companies handle your data. As such, I have consciously minimised the amount of third party services running on this website.

Details of how these third parties store and safeguard your data can be found in their privacy policies:

Company Object Purpose Data transmitted Place of Processing Privacy Policy
eBay Embedded auction listings Embed the latest auction listings upon the website. IP address; Usage Data USA Privacy Policy
Facebook Embedded Facebook website content Embed the content of a Facebook post or gallery within a website article IP address; Usage Data USA Privacy Policy
Google Embedded map Embed a static or dynamic (interactive) map within a website article IP address; Usage Data USA Privacy Policy
Google Fonts Loads a pretty font to use on the website IP address; Usage Data USA Privacy Policy
Twitter Embedded Twitter website content Embed the content of a post on Twitter (a 'tweet') within a website article IP address; Usage Data USA Privacy Policy
YouTube (Google) Embedded video (using cookieless domain) Embed a video within a website article IP address; Usage Data USA Privacy Policy

Affiliate links are clearly denoted on this website with a degree (°) symbol and are an essential part of this website. In some circumstances, I may earn a small commission if you go on to make a purchase after clicking on one of my affiliate links - without it costing you any extra. This helps offset the cost of running Transport Experiences and without this source of financing, Transport Experiences would likely become an uneconomically viable project.

Clicking on an affiliate link will cause you to leave the Transport Experiences website, which will normally then trigger third-party cookies to be stored on your browser by the merchant and/or their affiliate network tracking company (if used).

I work with the following affiliate networks to monetise some of my links on Transport Experiences. Details of how these third parties store and safeguard your data can be found in their privacy policies.

Company Type Privacy Policy
Awin Affiliate Network Privacy Policy
Clickbank Affiliate Network Privacy Policy
CJ Affiliate by Conversant Affiliate Network Privacy Policy
Paid on Results Affiliate Network Privacy Policy
Rakuten Marketing Affiliate Network Privacy Policy
Impact Tech Affiliate Network Privacy Policy
Tradedoubler Affiliate Network Privacy Policy
Webgains Affiliate Network Privacy Policy
Adeevo Ltd (Workcircle) Merchant with Affiliate Tracking Privacy Policy
Amazon Merchant with Affiliate Tracking Privacy Policy
Direct Ferries Merchant with Affiliate Tracking Privacy Policy
Ebay Merchant with Affiliate Tracking Privacy Policy
Logitravel Merchant with Affiliate Tracking Privacy Policy

I do not pass any personal data to these companies when embedding affiliate banners and content widgets provided by the merchant or affiliate network. However, the companies listed above may also collect personal information when you click on their links, including IP addresses, digital identifiers, information about your web browsing usage for a variety of purposes, such as: personalisation of offers or advertisements; analytics about how you engage with websites or ads; and other commercial purposes. For more information about the collection, use, and sale of your personal information and your rights, please use the links above.

Display advertising

Advertising banners and display widgets are used throughout this website. Some banners and widgets are provided by the affiliate networks and merchants listed above, while others are provided by these third parties:

Company Product Privacy Policy
Google AdSense Privacy Policy
Google DoubleClick Privacy Policy

I do not pass any personal data to these companies when embedding affiliate banners and content widgets provided by the merchant or affiliate network. However, the companies listed above may also collect personal information when you click on their links, including IP addresses, digital identifiers, information about your web browsing usage for a variety of purposes, such as: personalisation of offers or advertisements; analytics about how you engage with websites or ads; and other commercial purposes. For more information about the collection, use, and sale of your personal information and your rights, please use the links above.

With regard to Google AdSense in particular, I disabled 'Personalised Ads' at an account level. As a result, Google will only show non-personalised ads based on contextual information, including your city-level location, and the content on Transport Experiences. Google may save cookies on your computer as a result of display advertising. You can disable cookies in your browser. Details of how to do this can be found here.

Alternatively, use a tool like this one, that one or this other one to opt out of the services of Interest-Based advertising providers (I use all three).

Operational setup

1. Hosting

This website is hosted on servers owned and controlled by UKDedicated Ltd. Any personal data you share with Transport Experiences by email, comment form, contact form, or newsletter, in addition to log files, may be stored on these servers.

The data centre, where the servers reside, is a secure facility located in Hemel Hempstead, United Kingdom.

Transport Experiences is powered by a current version of PHP to help maintain security, with security patches regularly applied by UKDedicated Ltd.

2. Backups

This website is regularly backed-up for data integrity purposes. Emails and stored personal data are included in those backup files.

UKDedicated Ltd takes hourly off-site backups for the purposes of emergency response, should the server become compromised in some way (such as a technical fault or malicious access).

Daily database backups are stored off-site on Google Drive for the purposes of emergency response, should the data become compromised in some way (such as a technical fault or malicious access). Cloud backups are retained for one week.

My locally-held website, computer, and device backups are retained for up to two years. Previous backups are deleted when new backups are made.

3. Security

Transport Experiences uses an industry-standard SSL certificate for the encrypted transmission of website data.

Email is transmitted from Transport Experiences using SMTP (Simple Mail Transfer Protocol), protected by TLS (Transport Layer Security). This means the email content is encrypted before being transmitted across the Internet.

My web host runs a firewall on the server to minimise the risk of unauthorised access.

My email clients run on machines and devices with up-to-date operating systems and where appropriate and practicable, a firewall, anti-virus software, and anti-spyware software.

Getting in touch

1. Right to access and rectification

If you notice any inaccurate data held about you, please inform me by emailing gdpr [at] dbfcs.co.uk from the email address you used to originally submit any personal data (for identity verification purposes). I will amend the data as soon as practically possible.

Should you wish me to audit your personal data used by Transport Experiences, please email gdpr [at] dbfcs.co.uk from the email address you used to originally submit any personal data (for identity verification purposes).

2. Right to withdraw consent

It is your right to withdraw consent at any time. I have provided guidance above on how to do this for each applicable activity where personal data is collected and used. For any questions you might have on this, please email gdpr [at] dbfcs.co.uk from the email address you used to originally submit your personal data (for identity verification purposes).

3. Right to be forgotten

Should you wish me to remove your personal data used by Transport Experiences, please email gdpr [at] dbfcs.co.uk from the email address you used to originally submit your personal data (for identity verification purposes).

I will promptly delete your personal data from my system.

4. Right to lodge a complaint with a supervisory authority

If, after contacting me, you aren't satisfied with my efforts, you have the right to lodge a complaint with a supervisory authority. You can lodge a complaint with the Information Commissioner's Office (ICO) via their website here.

5. How to get in touch with me

Should you need to contact DBFCS regarding your personal data - or quite frankly, anything else - please email gdpr [at] dbfcs.co.uk. I usually respond to emails within 48 hours of receipt, except where I am out of the country with no Internet connection. In this instance, I shall reply as soon as practically possible.

Data Controller for Transport Experiences: D Fiske, DBFCS, 61 Bridge Street, Kington, HR5 3DJ, United Kingdom.

Please note that this address is for written enquiries only and is unable to receive packages and parcels. For security reasons, bulky items will be destroyed immediately upon receipt, without notice, by my mail handler. Please notify me if you wish to send any items other than letters (e.g. product samples, etc.) and I shall supply an alternative delivery address.

Change Log

This Privacy Policy and Cookie Policy is subject to change without prior notice, although I endeavour to notify you of changes in advance where possible. Details of changes are logged below.

Date Changes
30 Jan 2021 Updated Analytics section; Added Microsoft Clarity to the Analytics list.
6 Aug 2020 Updated written correspondence address; removed Affiliate Future from Affiliates list.
19 May 2020 Added hCaptcha to the list of spam checking services used.
10 Jan 2020 Removed email service provider information as no longer in use; Enhanced information about affiliate tracking.
28 Sep 2019 Address clarification; Email address format update.
4 May 2019 Added eBay embedded content.
31 Dec 2018 Replaced Stop Forum Spam with AbuseIPDB for checking for potential spam and abuse; Added Logitravel.
25 May 2018 Added additional information about backups.
13 May 2018 Privacy policy rewritten to take into account the changes required by GDPR legislation.
4 Nov 2016 Privacy policy created.