Our systems hold transactional data. In terms of volume, the vast majority of this data is related to orders for products. Associated with each order may be ancillary data: who the customer is, whether it has been downloaded, whether an update is available, author royalty information and so on. The second biggest volume of data we hold is that associated with customers.
We hold this data in order to provide support to our customers. For example, if you have an account, and if you have told us you want to receive notifications, our system will automatically send you an email should a free updated version of something you purchased become available. Most of our customers opt in to our weekly newsletter, where we announce new titles, upcoming author events, and so on.
We think that holding this information is a privilege, and we protect it to the best of our abilities. After all, the owners, employees, and authors of the Bookshelf have their data stored in there, too.
We are based in the United States and the majority of our customers are US based as well. Our main business is our imprint, The Pragmatic Bookshelf, which publishes books for professional software developers, managers, and related professions, directly through this website and through retail channels. Our contact details are:
|The Pragmatic Programmers, LLC
|9650 Strickland Rd Ste 103-255
|Raleigh NC 27615
You can access our Web site home page and browse our site without disclosing your personal data.
We collect the personal data that you may volunteer while using our services. We do not collect information about our visitors from other sources, such as public records or bodies, or from private organizations.
You may choose to register yourself, giving us your e-mail address to enable us to identify you. You may optionally elect to have us send you email using that address. This email falls into two categories. One is information on orders (for example, telling you that a download is available, or sending you a receipt). The second category is informational, low-volume marketing information—in particular we send out a weekly newsletter, and very occasionally send out information about sales.
In order to purchase things at our online store, you will need to give us certain personal information (name, e-mail address, telephone number, address(s), credit card type, number, expiration, and CVV2 value). We store your contact information in our order entry system. We do not store your credit card details. In fact, your credit card information never passes through our site—it is captured directly by our payment gateway providers, which may include Braintree Payments, Stripe, and/or Paypal.
If you are an author, we may ask you to provide us with bank account information which we use to electronically pay royalties, this information is shared with our third party payment provider to facilitate ACH and similar payments.
We have always respected your right to privacy, and will continue to do so as a matter of course. However, we now operate in a world where governments are becoming more active in their efforts to police their citizen’s rights.
If you are a citizen of the European Union, our responsibilities regarding your data are laid out in the EU General Data Protection Regulation (GDPR). We believe we conform to this regulation. However, if you have a complaint, you have the right to object. Our goal is always to do the right thing, but if we can’t reach an agreement you have the right to have your personal data deleted from our systems. You also have the right to download the data we store related to you at no charge.
We do not knowingly collect personal data from children. We do not take specific steps to protect the privacy of children who disclose their personal data to us.
As part of your order, we and/or our third party cart provider store the items that you bought, any discounts or coupons you used, and the net, tax, shipping, and gross amounts you paid.
We record the type of payment you make (credit card, Paypal, and so on) and we record any confirmation numbers returned to us by the payment processor. Our systems do not receive, not do we store, any information such as account numbers, credit card details, expiry dates, and so on.
If you have written or created products we sell (you are an author), then we store all the information that we do for a normal user account. In addition, we record the products that are associated with you and a royalty percentage associated with each. We also record sales of your products (both direct and as reported by our partners), and use this to calculate your total royalty earnings. We record the amount and type of each royalty payment we make.
Most of the information we hold about you is available to you via our normal website: log in and you can see your orders and so on.
You may also request a copy of all the data we hold. Please email
email@example.com to request it.
We do not automatically expire your data: we store it to provide you with access to things you bought.
You may request that we delete all the data we store for a given email address/account by emailing
firstname.lastname@example.org using the email address in question. We will confirm that you want all your personal data deleted.
This has a number of ramifications:
Some data cannot be deleted. For example, if you bought something from us, our system records a corresponding order. The amounts in this order are used in the future when calculating royalties for the authors of the products you bought. If you are an author, your contract and electronic records of it cannot be deleted.
Order information and certain identifying information must be kept in accordance with various taxation authority and other governmental requirements.
In these cases, we will remove all traces of your identity from the system, and will replace those traces with references to a single, internal, anonymous user.
Deleting your data from our system is a one-way process—once initiated, we cannot recover it.
We perform backups of our data. A reasonable and customary number of backups are retained. These are intended to be used only in the event of a catastrophic loss of our production servers.
Access to your data is controlled at a number of levels:
We use standard web server logging which may contain connection information including your IP address, date and time, request status and errors and so on. Our intent is to use this information to tune the way we organize our site and the information it contains.