Privacy Policy

Who we are

Our website address is:


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here:

After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Embedded content from other websites

Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Contact Forms

We use Everest Forms for all of our forms on this website.  Your information is not shared with them but they may collect interaction information.  Their privacy policy is here –


AlbaCon uses Discord to manage and host the events organised.

Discord’s Privacy Policy is here.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Your Consent

By using our site, you consent to our privacy policy.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.

You can also request that we erase any personal data we hold about you.

This does not include any data we are obliged to keep for administrative, legal, or security purposes.

How we protect your data (Website)

We use a certificate for encrypting all information exchanged between our website and your browser.

Our web host uses various Security services including but not limited to firewalls (both hardware and web application based).

All admin passwords are Strong Alphanumeric using letters, numbers and symbols.

Checks are routinely made on the website and 3rd party scanning activity is conducted daily.

We use Akismet anti-spam services as well as other 3rd party security applications.

How we protect your data (General)

All emails and other digital correspondence are stored within secure cloud based services and access is limited to the convention team.

Any physical materials are stored within secure storage and held by David Wright.

What data breach procedures we have in place

The website is used almost daily by the administrators and checks are made on log files and other alerts to ensure that if a breach has occurred we will be aware of it.  Alert emails are sent to administrators if any unusual activity is identified.

As this website is hosted in the United Kingdom of Great Britain & Northern Ireland, procedures are in place to notify the Information Commissioner’s Office (ICO) and others in the event of any such breach.

If you have previously agreed to us using your personal information, you may change your mind at any time by emailing us at

We will not sell, distribute or lease your personal information to third parties.

You may request details of personal information which we hold about you under the Data Protection Act 1998.

If you would like a copy of the information held on you please contact us via email at

If you believe that any information we are holding on you is incorrect, incomplete or you wish us to remove it please contact us via email at

If you have any questions about anything above please get in touch.