Privacy Policy

Updated November 15, 2020. This is based on the standard privacy policy provided by WordPress, customized by me.

Who I am

This blog is written by me, Dan Harper, and resides at the website address https://www.danielharper.org/yauu. This is a personal blog; the congregation I currently serve has no authority over it, nor any responsibility for it.

What personal data I collect and why I collect it

Comments

If you leave a comment, I collect the data in the comments form (name, email address, and Web site URL if you choose to leave it); and the blog also automatically collects your IP address and browser user agent string to help spam detection. (Please note that spammers often leave fake email addresses; if I find your email address is a fake, I’ll delete your comment.)

I also use the Akismet anti-spam plugin and service, provided by the WordPress developers at Automattic, which collects information about visitors who comment here. The information collected typically includes the commenter’s IP address, user agent, and referrer, along with other information directly provided by the commenter such as their name, username, email address, Web site URL, and the comment itself.

Media

I discourage commenters from uploading media, and may delete comments that contain, e.g., images. Please be aware that if you do upload images or other media with embedded location data (EXIF GPS) included, and if I permit that image, visitors to this Web site can download and extract any location data from the images you post.

Cookies

WordPress has a feature where if you leave a comment on my site, you may opt-in to saving your name, email address, and website in cookies. However, I don’t use this feature, so don’t waste your time.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, etc.; mostly YouTube videos). Embedded content from other Web sites behaves in the exact same way as if the visitor has visited the other Web site. These Web sites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

I hate that this happens, and I’m slowly trying to remove the embedded YouTube videos from this site. Until then — watch yourself with third-party content, because I have no control over what they do with your data.

Analytics

My Internet Service Provider provides a standard package of back-end tools, including various analytical tools, which have varied over the years. Information collected about you may include the IP address your browser request came from, the page requested, the referrer page (if any), and your browser identification string (if any). If you need anonymity, I recommend using a VPN or other system to anonymize any or all of these things.

Whom I share your data with

Nobody, unless forced to — for example by a legal subpoena or court order.

How long I retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

What rights you have over your data

If you leave a comment on this blog, I assume that you are giving me permission to publish your comment anywhere in the world. (On rare occasion someone posts a comment where I question whether they really want to make it public, and in such cases I contact them directly using the email address they provide, and only publish the comment if I get their express permission.)

If you have have left comments on my blog, you can request to receive an exported file of the personal data I hold about you, including any data you have provided. You can also request that I erase any personal data I hold about you. This file will not include any data I’m obliged to keep for administrative, legal, or security purposes; and it will not include data sent to the Akismet anti-spam service (see above); nor will it include any data you gave up by visiting a third-party service through an embedded link such as YouTube (see above). If you would like me to to this, you must send me the email address you used to post the comment (this is my way of ensuring that you are really the person who posted the comment).

How soon will I send you that file? I’m not a big corporation with paid staff; I’m one person doing this as a hobby in my spare time. I do not read email every day; sometimes a week will go by without my looking at this blog; and I have a more-than-full-time job. So it may take a while to reply to, let alone comply with, your request. To erase your data, I’ll use the tools built in to the WordPress platform.

But seriously, if you’re worried about this kind of thing, don’t leave a comment. It’s that easy.

Where I send your data

Visitor comments may be checked through the Akismet anti-spam service (see above). Aside from that, what little data that is collected resides on my Internet Service Provider’s server (see above).

As of 23 December 2023, I use hCaptcha on all logins (e.g., comments, etc.). hCaptcha claims: “Our systems are thus designed from the ground up to minimize data collection and retention while maintaining class-leading security. The best way to protect user data is not to store it at all.” However, note that your IP and other data used to solve the captcha will be forwarded to hCaptcha’s servers.