Privacy policy

This privacy policy was last updated on 11 February 2026 (formatting changes only; no material changes to content).

I'm a registered sole trader operating as Louise Harnby | Crime Fiction & Thriller Editor. I offer editing and proofreading services to authors, and courses and books to authors, editors and proofreaders. My client/customer base is worldwide.

This policy describes how I protect and make use of the information you give me. If you're asked to provide information, it will only be used in the ways stated in this policy.

​​1. Why I collect data from you

I gather and use certain information about you for the following legitimate and understandable reasons:​

1. USER EXPERIENCE
  • To understand how visitors use my website 
  • To keep records and implement clients' preferences
  • So I can recommend relevant templates, tools or features
  • To enable you to access particular functions on my website

2. COLLABORATION DURING THE EDITING PROCESS
  • To store comments and suggestions we both have access to
  • To manage access permissions and version control

3. SYNCING AND STORAGE
  • To save and store documents to the cloud
  • To synchronize edits between devices in real time if required

4. ACCOUNTING
  • To handle payments, subscriptions and access levels for different people

5. SECURITY
  • To ensure people are who they say they are when they log in, and keep their login sessions secure
  • To spot suspicious activity or anyone trying to access files without permission
  • To keep documents safe from being lost or damaged

​6. ANALYTICS
  • To understand which features are used most or least on this website
  • To carry out tests and make improvements to this site

7. SUPPORT
  • To allow access to specific types of content
  • To provide customised for a particular person

8. LEGAL
  • To meet my GDPR obligations 
  • To respond to lawful requests for information

9. COMMUNICATION
  • To respond to requests for information
  • To send service or product updates 
  • To announce or new features or special offers
  • To provide guidance or tutorials
  • To send marketing messages, but only if you've opted in
  • To enable me to contact clients, students or customers when necessary

​2. What information I collect from you

I may collect the following information:

1. INFORMATION YOU GIVE ME DIRECTLY
  • Name
  • Postal billing address
  • Email address
  • Phone number
  • Information relevant to your enquiry (e.g. word count, nature of project, whether you're an author or an editor)
  • Documents you give me to edit, which may contain personal data about you

2. INFORMATION COLLECTED DURING THE EDITING PROCESS
  • Comments
  • Drafts
  • Edits
  • Invoices
  • Payment records
  • Project notes
  • Version history

3. INFORMATION COLLECTED DURING WEBSITE VISITS
  • Browser type and version
  • Cookies and trackers
  • Device type
  • Downloads or interactions with documents, videos or images
  • IP address
  • Links or buttons clicked within the site
  • Location data
  • Navigation paths
  • Operating system and version
  • Pages visited and time spent on each page
  • Referrer data
  • ​Search queries used on the site

​3. How I use this data

I use the data I collect in the following ways:

1. EDITORIAL SERVICES
  • To carry out the editorial service you've hired me for
  • To save drafts and track changes
  • To record your project preferences
  • To deliver completed work to you
  • To raise and respond to queries

2. COMMUNICATION
  • To ask for testimonials
  • To confirm bookings
  • To provide quotes
  • To respond to enquiries
  • To send updates

3. BUSINESS
  • To create invoices
  • To keep financial records
  • To meet HMRC's tax requirements
  • To record your agreement to the terms and conditions of my editorial services
  • To record a client's booking confirmation and the agreed project details
  • To safely store your documents and maintain backups

4. SECURITY
  • To check technical error reports if something goes wrong
  • To prevent unauthorized access to your files

5. REGULATORY REQUIREMENTS
  • To comply with a data subject access request
  • To comply with HMRC in the event of a tax audit
  • To share information if required to by law

6. MARKETING
  • To let you know about special offers
  • To send you my newsletter, The Editorial Letter

Please note that I will never use your data for marketing or promotion purposes without getting your permission in writing first or unless you have signed up or opted in to a particular subscription service.

4. Who I share your information with

I aim to keep your data private and therefore share informational minimally with the following:

1. SERVICE PROVIDERS
  • Cloud storage services
  • Invoicing software
  • Email services

2. REGULATORY BODIES
  • HMRC in the event of an audit
  • Appropriate legal authorities in the event of legal action

​5. How long I keep your data for

1. PROJECT FILES
  • Because many of my customers and clients work with me more than once and on book series, I don't delete data unless you specifically ask me to do so.

2. FINANCIAL RECORDS
  • HMRC requires me to keep records for 'at least 5 years after the 31 January submission deadline of the relevant tax year'. See 'How long to keep your records'.
 
3. CORRESPONDENCE
  • Because many of my customers and clients work with me more than once, I don't delete data unless you specifically ask me to do so.

​6. How I store your personal data

The information I collect is stored on the following data servers:

1. WEBSITE
  • Weebly: This is my website host. It is password-protected and has SSL-certification (https) to provide an additional layer of security. You can access Weebly's privacy policy here. Its servers are based in the US but it is registered with the EU–​US Privacy Shield.

2. CLOUD SERVICES
  • Dropbox: This is my cloud-based file management system accessed via my password-protected computer. My Dropbox account is protected by a two-step password-authentication process. Dropbox's servers are based in the US. You can access its privacy policy here. It is registered with the EU–​US Privacy Shield.

3. NEWSLETTER SUBSCRIPTION SERVICE
  • Flodesk: This is my newsletter-subscription management system. I require a double opt-in. That means that after a subscriber signs up they have to confirm their opt-in via email. Flodesk's servers are based in the US. You can access its privacy policy here, its Data Processing Addendum here, and its terms of service here.

4. TEACHING PLATFORM
  • Teachable: This is the platform I use to sell my books and courses. Here's where you can access its Data Processing Agreement and Privacy Policy. Its servers are based in the US. Its terms of service are available here.

5. PAYMENT AND INVOICING SERVICES
  • PayPal: This is a password-protected online payment service I may use for sales of my courses and books, and for editorial-services clients who elect not to be invoiced via direct bank transfer. All PayPal transactions are subject to the PayPal Privacy Policy. Your data will used for accounting purposes only and will never be divulged to third parties.
  • Stripe: This is a password-protected online payment service I may use for sales of my courses and books, and for editorial-services clients who elect not to be invoiced via direct bank transfer. Stripe's data servers are based in multiple locations, including Ireland. Its privacy policy can be found here. Your data will used for accounting purposes only and will never be divulged to third parties.
  • Wave: This is the accounting app I use to send invoices. Your name, email address and a project summary are stored. Wave's data servers are based in the US. You can access its privacy policy here, its security policy here, and its terms of use here

6. EMAIL
  • BT Mail: This is the UK-based password-protected server I use to communicate via email. You can access BT's privacy policy here.

​7. Your rights

You have the following rights in relation to your personal data:
  • To access the data I hold about you
  • To ask me to correct anything that’s inaccurate
  • To ask me to delete information (‘right to be forgotten’) unless I need it for legal or regulatory reasons
  • To restrict or object to certain types of use
  • To take your data elsewhere (‘data portability’)
  • To withdraw consent at any time (if consent is required)

To exercise any of these rights, email me at at [email protected] or write to me at Louise Harnby, The Laurels, Yarmouth Road, Hemsby, Norfolk NR29 4NJ, UK. I'll respond in a reasonable time frame.

8. How I use cookies

A cookie is a small file placed on your computer’s hard drive when you visit my website. Cookies do not provide me with access to your computer or any information about you other than that which you elect to share with me.

1. ESSENTIAL COOKIES
  • These ensure my website works properly.

2. PERFORMANCE COOKIES
  • These enable me to understand how people use my website so I can improve it.

3. FUNCTIONALITY COOKIES
  • These remember your preferences and make things work on this website the way you expect.

4. THIRD-PARTY COOKIES
5. AFFLIATE LINKS
  • Amazon Associates product links: As an Amazon Associate, I earn from qualifying purchases. Some pages of my website include links to Amazon.com, Amazon.ca and Amazon.co.uk that allow me to earn a small commission if you order my books from Amazon via those links. Special Links permit accurate tracking, reporting, and accrual of advertising fees. Amazon uses cookies to track purchases made on a user's browser via these Special Links. I include a short statement under these Amazon Associate product links. Read the Federal Trade Commission's (FTC) Endorsement Guides and Amazon's Operating Agreement.
  • Alliance of Independent Authors (ALLi) affiliate link: I am a partner member of ALLi. The ALLi badge in the footer of each page of my website includes an affiliate link. If you join ALLi using that link, ALLi will give me a commission equivalent to 30% of your first year’s fees. ALLi uses cookies to track purchases made on a user's browser via this link.
  • Policy Bee affiliate link: I'm insured with Policy Bee. The Policy Bee badge in the footer of each page of my website includes an affiliate link. If you take out insurance via that affiliate link, Policy Bee will give us both £20. Policy Bee uses cookies to track purchases made on a user's browser via this link.

You can use your web browser’s cookie settings to determine how my website uses cookies. If you do not want my website to store cookies on your computer or device, you can amend your settings. Please note that this may affect how my website functions, and some pages may become unavailable to you.

9. How I use AI

To enhance the quality, accuracy, consistency and efficiency of my editing service, I use digital tools that may have AI-assisted technologies running in the background (even if I'm not actively using them).

1. PERMISSIONS
  • Except for the purposes of secure storage, backup and recovery, I will never upload your text to a third-party site without your express permission.

2. RESPONSIBILITY
  • All outputs are reviewed and refined by me, a qualified human editor, before delivery to ensure quality and contextual accuracy. Software and AI tools are used strictly to support my human editing process and do not replace my human judgement or professional oversight.

3. OPEN AI SYSTEMS
  • I do not use open AI systems for client work. This ensures that your materials are never used for language model training and that your privacy and data are fully protected.

4. PROVIDERS
  • I use reputable providers who commit to maintaining the confidentiality of your materials.

5. DIGITAL TOOLS WITH AI-ASSISTED TECHNOLOGY RUNNING IN THE BACKGROUND
  • Microsoft Word: Used for text editing and reporting. Hosted locally via a licensed version of Microsoft 365. Copilot runs in the background but I don't use it for editing. Copilot may still transmit small portions of the text in your project (commonly called 'code') to generate suggestions. Any editorial suggestions I add to your project may also be processed in this way. GitHub provides privacy controls to protect this private work. This private code will not be stored or used to improve Copilot unless I have explicitly opted in, which I have not.
  • Microsoft Excel: Used for creating chapter summaries. Hosted locally via a licensed version of Microsoft 365. Copilot runs in the background but I don't use it for editing. Copilot may still transmit small portions of the text in the project (commonly called 'code') to generate suggestions. GitHub provides privacy controls to protect this private work. The private code will not be stored or used to improve Copilot unless I have explicitly opted in, which I have not.
  • Google search: Used for fact-checking. Cloud-based service. Uses multiple AI systems to match queries with relevant results.​
  • Dropbox: Used for secure file storage, backup and recovery. Cloud-based licensed version. Dropbox is introducing AI features to support search and organization but these are not yet universally available and may be optional add-ons. 

10. Changes to this privacy policy

From time to time, I review and update this privacy policy to make sure it's fit for purpose. When I make changes I'll always amend the last-amended date at the top of this page.

11. Contact me

If you have any questions or requests for changes to or removal of your data, you are welcome to email me at [email protected] or write to me at Louise Harnby, The Laurels, Yarmouth Road, Hemsby, Norfolk NR29 4NJ, UK.