First off, this is a personal website

… which means I have no interest whatsoever in capturing your data for nefarious purposes 🙂
My website encompasses the main blog at and any websites / blogs that are a subdomain of I tinker with them in my spare time, as a hobby. This document is based on a template that WordPress (which powers this website) provides. So really, it’s more their privacy policy than mine. I want you to read it… as a gentle reminder of the data trail you leave in your wake, as you traipse through the internet… rather than as anything specific to this site. Because what applies here, pretty much applies everywhere else. Happy wince-ing 😉

What personal data is collected and why


When visitors leave comments on the site it collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture (from Gravatar) is visible to the public, in the context of your comment.


Apparently if you upload images to any website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website (again, any website) can download and extract any location data from the images. (All that said… I’m pretty sure you can’t upload anything to any part of this site… lol).

Contact forms

Obviously you send your email, name and message through the contact form, and the whole lot will get emailed to me, and that information will live on in whatever email system it ends up on, until the message gets deleted. Or until the (email) hosting service expires and the hosting service also decides to delete related data. Also:

Browser Cookies

If you leave a comment on the site you may opt-in to saving your name, email address and website in cookies. This feature was not built by me. It’s a convenience feature so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year if you don’t delete them sooner. All of this is between your browser and you, and has nothing to do with me.

If I ever allow folks to log in to the site, and you visit the login page, it sets a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

Where you can log in to the site, (and this will not generally be the case), the site would set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login would persist for two weeks. If you log out of your account, the login cookies will be removed.

Where you can edit or publish an article, (and this will also not generally be the case), an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

As on any other website, articles may include embedded content (e.g. videos, images, podcasts, etc.). Embedded content from another websites behaves in the exact same way as if you had visited the other website.

Those websites may (hah! read: will…) collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content especially if you have an account and are also logged in to their service a that time… think YouTube, Twitter, Facebook, Google, Amazon whatever. Related to which:


I did once use google analytics tracking in places, but not everywhere, to:

  • track distribution of pageviews to get a sense of which articles had reach / became popular
  • track the countries in which someone stumbles across one of my pages
  • detect when I’m being spammed by bots

In short, mostly for shits ‘n giggles… and I’m not averse to ripping it out entirely. Since for some of the sub-sites I reinstalled the wordpress theme, any GA code I might have kicking around would also have been reinstalled. Regardless, you should always just assume that your web browser automatically sends certain information to Google (especially if you use chrome). This includes the URL of the page you’re visiting and your IP address. Google may also set cookies on your browser or read cookies that are already there. I’m just lettin’ ya know!

Who your data is shared with

No-one: I don’t do anything with the site data.

How long data is retained

If you leave a comment, the comment and its metadata are retained indefinitely. This is so the site can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. But in any case, any site backup, in any format, of any site that is a blog or a CMS (content management system), will necessarily retain such things as comments… and as long as those backups exist, so are your comments.

For users that register on the site (and you’re not generally able to do so at this time), it would store the personal information provided in your user profile. All users can see, edit, or delete their own personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site (you don’t), or have left comments, you can request to receive an exported file of the personal data, including any data you have provided to us. You can also request that it be erased. (At this point, the privacy policy template goes on to state: “This does not include any data I’m obliged to keep for administrative, legal, or security purposes”, which… I don’t even know what that means, truth be told).

Where your data gets sent to

Visitor comments may be checked through an automated spam detection service. I use the Akismet service, and this is their privacy policy:

Getting in touch

You can contact me via the contact page. Generally, if you know about this site, you also know who I am so please reach out to me in flesh-space instead.

Additional information

How your data is protected

Mostly by my being the only one with access to the site’s data… while refusing to interact with the back-end database, mostly out of sheer disinterest in SQL-wrangling in my free-time, thank you very much. In short, no-one’s really touching the site data.

What data breach procedures I have in place

The procedure is to throw my hands up in the air, and to wave them like I just want to get the attention of folks who actually know what do in such circumstances. Look, I’m not a data governance / security boffin. I’m just running a blog, ya dig?

What third parties I receive data from

That would be no-one.

What automated decision making and/or profiling I do with user data

Zero. *Yawn*.