What personal information do I collect from the people that visit my blog, website or app?
When ordering or registering on my site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details to help you with your experience.
When do we collect information?
I collect information from you when you register on my site, subscribe to a newsletter, respond to a survey, fill out a form, open a support ticket or enter information on my site.
How do I use your information?
I may use the information we collect from you when you register, sign up for my newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- to allow me to better service you in responding to your customer service requests.
- to administer a contest, promotion, survey or other site feature.
- to quickly process your transactions.
- to follow up with them after correspondence (live chat, email or phone inquiries)
How do I protect your information?
My website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to my site as safe as possible.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
I implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
Any financial transactions are processed through a gateway provider and credit card and similar information are not stored or processed on my server.
Do I use ‘cookies’?
- understand and save user’s preferences for future visits.
- compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. I may also use trusted third-party services that track this information on my behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help information to learn the correct way to modify your cookies.
If you turn cookies off that will turn off some of the features of this site.
I do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist me in operating my website, conducting my business, or serving my users, so long as those parties agree to keep this information confidential. I may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect my or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Occasionally, at my discretion, I may include or offer third-party products or services on my website. These third-party sites have separate and independent privacy policies. I therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, I do seek to protect the integrity of my site and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
I may use Google AdSense Advertising (https://support.google.com/adwordspolicy/answer/1316548) on my website.
I, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to my website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page.
Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA, I agree to the following:
- Users can visit my site anonymously.
You can change your personal information:
- by emailing me at firstname.lastname@example.org
- by logging in to your account if you have created one.
This feature only records activities of a site’s registered users, and the retention duration of activity data will depend on the site’s plan and activity type.
Data Used: To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.
Activity Tracked: Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options. Retention duration of activity data depends on the site’s plan and activity type. See the complete list of currently-recorded activities (along with retention information).
Data Synced (?): Successful and failed login attempts, which will include the actor’s IP address and user agent.
Data Used: If Akismet and the Jetpack Contact Form is enabled on the site, the contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service (also owned by Automattic) for the sole purpose of spam checking. The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to the owner of the form (i.e. the site author who published the page on which the contact form resides). This email will include the submitter’s IP address, timestamp, name, email address, website, and message.
Data Synced (?): Post and post meta data associated with a user’s contact form submission. If Akismet is enabled on the site, the IP address and user agent originally submitted with the comment are synced, as well, as they are stored in post meta.
Data Used: This feature will send a hash of the user’s email address (if logged in to the site or WordPress.com — or if they submitted a comment on the site using their email address that is attached to an active Gravatar profile) to the Gravatar service (also owned by Automattic) in order to retrieve their profile image.
Data Used: In order to record page views via WordPress.com Stats (which must be enabled for page view tracking here to work) with additional loads, the following information is used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: Page views will be tracked with each additional load (i.e. when you scroll down to the bottom of the page and a new set of posts loads automatically). If the site owner has enabled Google Analyticsto work with this feature, a page view event will also be sent to the appropriate Google Analytics account with each additional load.
This feature is only accessible to users logged in to WordPress.com.
Data Used: In order to process a post like action, the following information is used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID (on which the post was liked), post ID (of the post that was liked), user agent, timestamp of event, browser language, country code.
Activity Tracked: Post likes.
Data Used: A visitor’s preference on viewing the mobile version of a site.
Activity Tracked: A cookie (akm_mobile) is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version. Learn more about this cookie.
This feature is only accessible to registered users of the site who are logged in to WordPress.com.
Data Used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Some visitor-related information or activity may be sent to the site owner via this feature. This may include: email address, WordPress.com username, site URL, email address, comment content, follow actions, etc.
Activity Tracked: Sending notifications (i.e. when we send a notification to a particular user), opening notifications (i.e. when a user opens a notification that they receive), performing an action from within the notification panel (e.g. liking a comment or marking a comment as spam), and clicking on any link from within the notification panel/interface.
Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.
Data Synced (?): Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
Data Used: To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URIand DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
Activity Tracked: Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
Data Used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Important: The site owner does nothave access to any of this information via this feature. For example, a site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post. Stats logs — containing visitor IP addresses and WordPress.com usernames (if available) — are retained by Automatticfor 28 days and are used for the sole purpose of powering this feature.
COPPA (Children Online Privacy Protection Act)
We do not specifically market to children under the age of 13 years old.
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to comply with Fair Information Practices I will take the following responsive action, should a data breach occur:
- I will notify the users via in-site notification within one (1) business day.
- I will notify you via email within seven (7) business days.
I also agree to the Individual Redress Principle, which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
I collect your email address in order to:
- send information, respond to inquiries, and/or other requests or questions.
- send you additional information related to your product(s) and/or service(s).
- I may market to my mailing list or continue to send emails to my clients after the original transaction has occurred.
To be in accordance with CANSPAM, I agree to the following:
- not use false or misleading subjects or email addresses.
- identify the message as an advertisement in some reasonable way.
- include the physical address of our business or site headquarters.
- monitor third-party email marketing services for compliance, if one is used.
- honor opt-out/unsubscribe requests quickly.
- allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email me at email@example.com or follow the instructions at the bottom of each email, and I will promptly remove you from all correspondence not directly related to ongoing services I provide.
Grosse Hamburger Str. 15
Last Edited on May 31, 2018