Who I am
I’m Roy (a person, not an organization).
What personal data I collect and why I collect it
When visitors leave comments on the site I collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. This spam detection data is not shared with anybody else, does not leave my server, and is deleted every seven days.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
When visitors use the contact form, I collect the data shown in the form, and also the visitor’s IP address and browser agent string to help spam detection. This spam detection data is not shared with anybody else, does not leave my server, and is deleted every seven days. You don’t need to contact me using the form, you can email me directly at firstname.lastname@example.org.
If you leave a comment on my blog you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit the login page, I will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, I will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
I collect analytics data to see how my visitors behave. As a visitor to my blog, you can actually visit my Analytics dashboard here (I believe your data belongs to you) to see what data I collect about you. This is done for my benefit, you can easily opt out of it using my cookie settings. I also implore you to check out the following services if you take your privacy seriously: Pi-hole (a raspberry pi ad blocking server to block ads and data collection cookies in your entire home network), and Diversion (the same as Pi-hole, but less point of failure if you have an Asus router). These will start you off in the right direction towards securing your home network.
Social Share Plugin
The social share plugin I use is fully CPA/GDPR compliant, and does not collect any data by itself. When you share something, the plugin sends you to your chosen social media platform, and that social media platform may collect data about you.
Who I share your data with
How long I retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on my blog (if any), I also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators (me) can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data I hold about you, including any data you have provided to me. You can also request that I erase any personal data I hold about you. This does not include any data I am obliged to keep for administrative, legal, or security purposes.
Where I send your data
Visitor comments may be checked through an automated spam detection service running on my server.
Your contact information
If you provide me with your contact information, I will add you in my contacts, and it will stay there forever (not in a scary way). I don’t share this data with anybody else.
How I protect your data
The server I use has encryption enabled. I use multiple services to stop malicious attacks on my web server, and various secure firewall rules on my server to deter other server side attacks.
What data breach procedures I have in place
In case of data breach, I will add a disclaimer on the website of when and how it happened. I will also contact the affected visitors directly to let them know how and what data has been breached, and how we should handle it.
What third parties I receive data from
I might receive data from referral services (if you click on any link that brings you here) for analytics purposes. Check above in Analytics section for how you can limit the amount of data I receive.
What automated decision making and/or profiling I do with user data