First off, this is a personal website…
… which means I have no interest whatsoever in capturing your data for nefarious purposes 🙂
What personal data is collected and why
When visitors leave comments on the site it collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Apparently if you upload images to any website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website (again, any website) can download and extract any location data from the images. (All that said… I’m pretty sure you can’t upload anything to any part of this site… lol).
Obviously you send your email, name and message through the contact form, and the whole lot will get emailed to me, and that information will live on in whatever email system it ends up on, until the message gets deleted. Or until the (email) hosting service expires and the hosting service also decides to delete related data. Also:
If you leave a comment on the site you may opt-in to saving your name, email address and website in cookies. This feature was not built by me. It’s a convenience feature so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year if you don’t delete them sooner. All of this is between your browser and you, and has nothing to do with me.
If I ever allow folks to log in to the site, and you visit the login page, it sets a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
Where you can log in to the site, (and this will not generally be the case), the site would set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login would persist for two weeks. If you log out of your account, the login cookies will be removed.
Where you can edit or publish an article, (and this will also not generally be the case), an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
As on any other website, articles may include embedded content (e.g. videos, images, podcasts, etc.). Embedded content from another websites behaves in the exact same way as if you had visited the other website.
I did once use google analytics tracking in places, but not everywhere, to:
- track distribution of pageviews to get a sense of which articles had reach / became popular
- track the countries in which someone stumbles across one of my pages
- detect when I’m being spammed by bots
In short, mostly for shits ‘n giggles… and I’m not averse to ripping it out entirely. Since for some of the sub-sites I reinstalled the wordpress theme, any GA code I might have kicking around would also have been reinstalled. Regardless, you should always just assume that your web browser automatically sends certain information to Google (especially if you use chrome). This includes the URL of the page you’re visiting and your IP address. Google may also set cookies on your browser or read cookies that are already there. I’m just lettin’ ya know!
Who your data is shared with
No-one: I don’t do anything with the site data.
How long data is retained
If you leave a comment, the comment and its metadata are retained indefinitely. This is so the site can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. But in any case, any site backup, in any format, of any site that is a blog or a CMS (content management system), will necessarily retain such things as comments… and as long as those backups exist, so are your comments.
For users that register on the site (and you’re not generally able to do so at this time), it would store the personal information provided in your user profile. All users can see, edit, or delete their own personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
Where your data gets sent to
Getting in touch
You can contact me via the contact page. Generally, if you know about this site, you also know who I am so please reach out to me in flesh-space instead.
How your data is protected
Mostly by my being the only one with access to the site’s data… while refusing to interact with the back-end database, mostly out of sheer disinterest in SQL-wrangling in my free-time, thank you very much. In short, no-one’s really touching the site data.
What data breach procedures I have in place
The procedure is to throw my hands up in the air, and to wave them like I just want to get the attention of folks who actually know what do in such circumstances. Look, I’m not a data governance / security boffin. I’m just running a blog, ya dig?
What third parties I receive data from
That would be no-one.
What automated decision making and/or profiling I do with user data