Last updated 2022-08-25.
Who I am
I’m Dylan Umsted. This (dylan.umsted.org) is my personal Web site.
What personal data I collect and why I collect it
Analytics
To understand trends in site traffic, I use a self-hosted instance of Plausible Analytics. To paraphrase their data policy page, it does not track, collect, nor store any personal data or personally-identifiable information. It does not use cookies or persistent identifiers. Site measurement is anonymous. Data points include the page URL and HTTP Referer header, your browser version, operating system version, device type, and location (determined using your IP address, which is then discarded). Location is never more granular than your municipality.
Comments
When you leave a comment, I collect the data you enter into the comments form. I also collect your IP address and browser user agent string to help spam detection.
A non-identifiable hash of your email address may be provided to the Gravatar service to see if you are using it. If your comment is approved, your profile picture is visible to the public in the context of your comment. For more information, read the Gravatar privacy policy.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) or other sensitive information included. Visitors to the website can download images from the website and extract such data.
Cookies
When you leave a comment, you may choose to save your name, email address, and website in cookies. These are for your convenience so you don’t have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, a temporary cookie is set to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, several cookies are set up to confirm that you are logged in and to store your screen display choices. Login cookies last for two days; screen options cookies last for one year. If you select “Remember Me,” your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, the post ID of that article is stored as an additional cookie in your browser. It expires after one day.
Embedded content from other sites
Articles on this site may include embedded content, like videos, images, and so on. Embedded content from other websites behaves as if you visited the other site.
Those sites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
With whom I share your data
Except as indicated in this policy, your data is not disclosed to third parties, except as necessary to operate the website, to protect myself or others, to comply with the law, or as I am obliged to disclose for administrative, legal, or security purposes.
Data may be shared in aggregate form or after anonymization.
How long I retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is to enable comments and to recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on this website, I also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). I and any website administrators can also see and edit that information.
Your rights over your data
If you have an account on this website or have left comments, you can request to receive an exported file of the personal data collected for such purposes. You can also request that I erase your personal data from this site. This does not include any data I am obliged to keep for administrative, legal, or security purposes; any data that has been anonymized and thus cannot be associated with you; or any data not related to this website. It also does not apply to any data disclosed in a journalistic capacity.
Where I send your data
In addition to any aforementioned parties and purposes, visitor comments may be checked through an automated spam detection service.
Contact me
You can reach me with any questions or comments about these practices by emailing [firstname] @ [lastname].org.
Additional information
How I protect your data
User data in transit are protected by encryption. In fact, all HTTP requests must be made through HTTPS. Unencrypted connections are redirected to HTTPS.
User data are stored on physical server(s) housed in restricted-access facilities. The storage volume on which this site’s data is stored is encrypted. Remote access is restricted.
Third parties from which I receive your data
Unless otherwise indicated while using this site, I do not receive your data from any third parties.
Industry regulatory disclosure requirements
To my knowledge, there are no industry or regulatory disclosure requirements by which I must abide.