Privacy policy

This policy is effective from 16 December 2022, and explains how I collect, use and protect any information that you give when you use this website.


I commit to protecting your privacy. I believe it’s important to act ethically and help protect human rights in our increasingly digital world. So:

  1. This website does not track you. It does not use analytics or third-party software such as web fonts or social media buttons.
  2. This website does not use cookies. Full stop.
  3. I only collect information about you when you contact me. You can read more about that below.

The detail

When you provide me with personal information about you, you can be assured that it will only be collected with your consent and be used in accordance with this privacy policy. I will never disclose or share your information without your consent, unless required to do so by law. I will never sell your data.

I regularly review and update this policy to ensure it meets with data protection laws. Most recently, the policy has been reviewed to meet the European Parliament’s General Data Protection Regulation (“GDPR”), which replaces the UK’s Data Protection Act 1998. Where this policy refers to “data protection laws”, it implies the General Data Protection Regulation.

The terms “Dotjay”, “me” or “I” refer to me, Jon Gibbins, and not my company, As It Should Be Ltd. “Dotjay” is a trade mark of As It Should Be Ltd, a company registered in England and Wales, company number 07251721.

What information is collected

I may collect the following information about you when you contact me:

  • Your name, job title and organisation
  • Contact details, typically your email address, telephone number (or digital equivalent) and sometimes things like social media account usernames
  • Your Internet Protocol (IP) address and details of the web browser and operating system you use
  • Rarely, as relevant to anything we might collaborate on, I may collect demographic information such as personal preferences and interests

Typically, I collect personal information via my website, email, telephone, social media or in person. Sometimes, I may obtain personal information via a mutual contact. In such cases, this privacy policy still applies.

I do not collect sensitive personal data. This means that I do not usually collect information concerning race or ethnic origin, political opinions, religious beliefs, physical or mental health, sexual life, or details of criminal offences. If I am required to collect such information, I will clearly state the reason for collecting the information and how it will be used.


This website does not use cookies and does not track you.

“Cookies” are small files that are placed on your computer’s hard drive by your web browser. They can be used to make your experience online much better and useful, but they can also be used for more invasive purposes, such as tracking your browsing habits. You can read more about cookies and how to manage them at

You’ll find YouTube videos on some pages of this site. I try to ensure that these are added in a way that means that no cookies are used. Sometimes a video slips through that means YouTube sets some of its cookies, but I try my best to spot these quickly and switch to “no cookie” mode.

IP addresses

Internet Protocol (IP) addresses are used to connect your computer to the Internet and are assigned to you by your internet service provider. As standard, web servers collect and store details of your web browser and operating system, the website from which you came, the pages that you browse on my website, the date of your visit, and your IP address. This information is collected as part of reasonable measures towards the prevention and detection of fraud, attacks on my website, and other irregularities. As such, I do not require your consent to collect this data. However, I do whatever I can to anonymise and encrypt this data where possible, then dispose of the data when it is no longer necessary (usually within 12 months).

What I do with the information I collect

The information collected is used for the following main reasons:

  • Communicating with you or your organisation
  • To contact you to gather feedback on my work, events or talks you have attended

Where your data is used

Your information will only be used by me, and I will only ever share your information with your consent. I will not sell or lease your personal information to third parties.

Where your data is stored on third-party systems, I try to ensure that your data remains in the UK, or inside the EU. For example, my website is hosted in the UK.

Where it is necessary to use services outside the UK, I have contracts in place with those third-party suppliers to ensure they meet data protection laws and this privacy policy. For example, in some situations, your data may be transferred and stored via online systems that operate outside the UK or the EU. Such services that I use include Google Workspace (for email, calendars, documents, spreadsheets), Dropbox (for file transfer), and SendInBlue (to send emails).

How long I retain your personal information

I retain personal information collected from you as long as I have an ongoing legitimate reason to do so. This typically means information is kept during the normal activities of communicating with you, or as required by applicable laws.

All data is typically stored electronically. When your personal information goes past its data retention period, it is deleted. If it is not possible to fully delete data, it will be anonymised in order to protect your privacy.

Controlling your personal information

Under data protection laws, you have the right to obtain a copy of any personal data I hold for you. You also have the right to ask that I remove all your data from my records.

You may request from me full details of the personal information I hold about you (commonly referred to as a subject access request). If you would like a copy of the information held on you, please contact me. I will fulfil reasonable requests within one month.

If you believe that any information I are holding about you is incorrect or incomplete, please write to or email me as soon as possible. I will fulfil reasonable requests to correct inaccurate or incomplete information within one month.

You may choose to restrict the collection or use of your personal information, or even request that I remove all your data from my records. If you have previously agreed to me using your personal information and have changed your mind in any way, please contact me to request changes to or removal of your data.

Links to other websites

My website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave my site, you should note that we do not have any control over that other website. Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting other sites, and such sites are not governed by this privacy policy. You should exercise caution and look for the privacy statement applicable to the website in question.


I’m committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, I have put in place suitable procedures to safeguard and secure your information.

The email systems I use are secured using a secure socket layer (SSL). Wherever I request personal information from you digitally, I use Hypertext Transfer Protocol Secure (HTTPS) to ensure your data is safely transmitted via SSL. Web browsers typically indicate that a website is secure by showing a padlock icon in its address bar.

Data breach notifications

Should I detect any data breaches that adversely affects your privacy, I will contact you as soon as possible and within the 72 hours required by data protection laws.

Contacting me about your privacy

If you have any questions about this privacy policy, please contact me via the website, or email me at