Privacy and Data Protection Policy
As an independent freelancer, I collect and process the personal data necessary for completing assignments and maintaining accurate business records. I have taken reasonable measures to protect this data from being accessed or misused by unauthorized third parties. In accordance with the European Union’s General Data Protection Regulation (GDPR), the following guidelines are meant to make these measures transparent and outline how I will use this data in “clear and plain language” (Art. 12 GDPR). If you have any questions or wish to exercise your rights under the GDPR, please contact me at the address below:
Dr. Ellen Yutzy Glebe
Schwarzer Weg 1
Data Collected and Transmitted
The data I collect or process for my translation work and business administration may include names, addresses, academic degrees earned, bank account numbers, etc. This data is stored solely for the purposes stated and shared with third parties only as necessary for these purposes. In general, this means that copies of outgoing and ingoing invoices and my financial statements are shared with my accountants and tax authorities in Germany and the United States. On occasion, I may ask a local information technology company for assistance in solving technical issues with my computer system; in such cases, said consultants may have temporary access to the data saved on my system as necessary to help resolve these issues.
In addition, I use G Suite for Business (Google) together with my own domain (hosted by 1&1) as my professional email provider. It is my understanding that G Suite is GDPR-compliant. As required by the GDPR, I have reached a data processing agreement with these providers to ensure their compliance with the regulations.
I assume and expect that clients who commission the translation of documents (for example, university websites, article signatures, etc.) which include data from third parties have the consent of those affected to share this information with me in this context. In such cases, this information is saved only within the electronic files generated in the translation or editing process; I do not log such data from third parties in any way.
I occasionally outsource jobs, but only with the express consent of the client.
Data is stored on my personal computer and multiple external back-ups. These files are encrypted, and my system is protected by professional security software in consultation with a local information technology expert. I do not store electronic files with any cloud-based service (except G- Suite in the case of email, see above). German tax laws require me to retain personal information for work completed (invoices, bank records, etc.) for five years; in some cases, however, I may have reasons for retaining information longer than this. When the legally required time has elapsed, and I have no ongoing reason for retaining said data (Art. 6, GDPR), it will be deleted from all systems and/or physically destroyed.
Under the GDPR (Chapter 3), individuals have the right to access, rectify, or restrict the processing of their data by others. They also have the right to request that their data be deleted and/or to receive a copy of the stored data in an easily accessible, machine-readable form. Once they have consented to being contacted, they can rescind this consent at any time. Should you have reason to exercise any of these rights regarding the data I have stored in my system, please contact me, and I will respond as soon as possible. I cannot comply with requests which run counter to other aspects of German law (e.g., tax codes). Should I be unable to adequately address your concerns, you also have the right to file a complaint with supervisory bodies in Germany or your country of residence (within the EU).
My website uses only GDPR-compliant session cookies. It should not place any other cookies on your system and does not track your access to it. My website, hosted by 1&1, is also, to my knowledge, GDPR-compliant. The entire website, including the contact form, has an SSL license installed to ensure the security of the data transmitted. Obviously, comments posted to my blog or the resource page are public, though not until I have approved of their content. A London-based firm (Websites for Translators) assists me on occasion with the maintenance and updating of my website.
In addition to my website at https://www.writinghistory.de, I maintain a Facebook page called Writing History, where I share my (very) occasional blog posts and other items of interest. These posts are publicly accessible on Facebook; I have little control over any data posted or transmitted via Facebook and advise against using it for sending me any potentially sensitive information. The same is true of my profiles on LinkedIn, Xing, and other online translation portals. Nevertheless, should you choose to contact me via these channels, I will treat your data in the same way as if you send it through one of the more secure channels suggested above.
This policy was last updated on May 24, 2018. It will be reviewed and amended as necessary.