Who is this
My name is Marek Foss and this website address is: https://marekfoss.org
What personal data is collected and why
Comments
When visitors leave comments on the site it collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on this site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit the login page, this website will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, this website will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
This website is using a first-party analytics system and does not share the collected statistics with third parties.
How long your data is retained
If you leave a comment, the comment and its metadata are retained indefinitely. This is so this website can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on this website website (if any), it also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data it holds about you, including any data you have provided. You can also request that it erases any personal data it holds about you. This does not include any data that is obliged to keep for administrative, legal, or security purposes.
Where is your data sent
Visitor comments may be checked through an automated spam detection service.
Your contact information
My name is Marek Foss and you can contact me via email mf@marekfoss.org or via Twitter @f055.
Additional information
How is your data protected
Your data is strongly protected. Server access is restricted to only one location in the world via unbreakable SSH keys (at the time of writing). Web access is encrypted with an A+ SSL configuration (as tested by SSLLabs). WordPress access and integrity is secured via a secret set of plugins and enhancements.
What data breach procedures are in place
In the unlikely event of a breach the server will be scraped and restored from the latest unaffected backup, and all affected users will be notified through the available channels.