Last Updated on 2018-05-27
Who we are
What personal data we collect and why we collect it
We strive for minimal collection of Personally-Identifying Information
Certain visitors to this site choose to interact with it in ways that require the gathering of personally-identifying information. The amount and type of information that is gathered depends on the nature of the interaction. For example, we ask visitors who leaves comments to provide a username and email address. In each case, we collect such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with the site. We do not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities that depends on it. If you have any questions, feedback, or request, please contact us (as described above). If we accidentally omitted any topic from the following list, please let us know ASAP so that we may update this document.
Protection of Certain Personally-Identifying Information (PII)
We disclose potentially personally-identifying (PPI) and personally-identifying information (PII) only to those of project administrators, employees, contractors, and affiliated organizations that (i) need to know that information in order to process it on our behalf or to provide services available through the site, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using this website, you consent to the transfer of such information to them.
This website will not rent or sell PPI and PII to anyone. Other than to project administrators, employees, contractors, and affiliated organizations, as described above, we disclose PPI and PII only when required to do so by law, if you give permission to have your information shared, or when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of this website, its owner, third parties, or the public at large.
If you are a registered user of the website and have supplied your email address, we may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with the site and its content/topic. We primarily use our blog to communicate this type of information, so we expect to keep this type of email to a minimum.
If you send us a request (for example via an email), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. We take all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of PPI and PII .
Legal grounds for processing personal information
We rely on one or more of the following processing conditions:
- our legitimate interests in the effective delivery of information and services to you;
- explicit consent that you have given;
- legal obligations.
Rights in relation to your information and access to data
You may have certain rights under data protection law in relation to the personal information we hold about you. In particular, you may have a right to:
- request a copy of (some or all of) your personal information we hold about you;
- ask that we update the personal information we hold about you, or independently correct such personal information that you think is incorrect or incomplete;
- ask that we delete personal information that we hold about you from live systems, or restrict the way in which we use such personal information (for information on deletion from archives, see the “Retention of personal information” section);
- object to our processing of your personal information; and/or
- withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing).
If you would like to exercise these rights or understand if these rights apply to you, please contact us (details are given at the beginning of this document).
Third Party Links
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Guest posts, comments, and license
You must have the full copyrights to any information you are posting to the site for public display (be it a text comment, your username, your opinion, or any other file format such images or audio files). Any such content is automatically released under CC-BY and may be used by us in various sections of the site or in other websites, media, or offline. Note that any information you choose to share publicly through and on the website (including your personal information) can be viewed, saved, and used by others. You have full responsibility for the information you choose to submit publicly to the site (and the consequences of posting it) and we have no responsibility to publish, take down, remove or edit any of it (although you are welcome to ask us, and we will often try to help).
Note that posts that are fetched to the site by having a blogger add their RSS feed are NOT released under CC-BY, but under the original license the blogger uses for their content. The reason we are still allowed to use the material is since we are given permission by the content owner to have the right to re-use and re-publish their content (be it on this site, in our RSS, mailing list, social media, and other forms of sharing content).
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
- If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
- If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
- When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
- If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
- This site uses a cookie by cloudflare to provide extra security to the site and its visitors. This is done in order to identify individual clients behind a shared IP address and apply security settings on a per-client basis. For example, if the visitor is in a coffee shop where there are a bunch of virus infected machines, but the specific visitor’s machine is trusted (e.g. because they’ve completed a challenge within your Challenge Passage period), the cookie allows cloudflare to identify that client and not challenge them again. It does not correspond to any user ID on this website, and does not store any personally identifiable information (see here for more details).
- This site keeps a cookie to remember when a user wishes to not have the “register to the mailing list” banner show again. This cookie doesn’t contain any information allowing to identify the user.
- The site serves a sidebar section with ads. In order to keep a persistent list of ads (instead of having to load all of them again every time the user moves between pages), the site keeps a cookie for 24 hours to allow the browser to have a persistent caching of the ads. This cookie doesn’t contain any information allowing to identify the user.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, ads, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
- Google analytics
- Google adsense (see the link here for how to control your adsense experience and cookies settings) – our default setting is to serve Non-personalized ads to users in EEA (see here for more details).
Often times, the tracking settings of these sites have been set by you, the user, in the respective’s site settings page. Whenever we have the option, we chose the most conservative option for data sharing (for example, we use IP annonymization with google analytics so to not send them your IP address)
Like most website operators, this site collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. The purpose in collecting this non-personally identifying information is to better understand how this website is used. From time to time, we may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of this website. The Google Analytics Data Retention is set to not expire for any user-level and event-level data stored by Google Analytics (see here for more details). Visit here to learn more about data privacy and security in google analytics.
If you still wish to not let us track you via google analytics, there is an opt-out browser add-on that helps users make opting out incredibly easy and convenient.
Who we share your data with
Your data is not shared with any third party except for what is mentioned above.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. Such information that is provided is kept without expiration so to allow visitors to access their published information in the future.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request (via the contact details mentioned at the top of this page) that we erase any personal data we hold about you. This site holds the right to erase all the data of its users without notifying the user. You are solely responsible to have a backup your information.
This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service. Also see the sections above regarding embedded scripts and analytics.
Your contact information
If you shared your contact information (name/email/address/etc.) in any of the means available in the site (such as comments, contact form, registering as a user) – then we reserve the right to contact you with issue relating to the site. This includes sending passwords, general announcements relating to the site, or relating to something concerning the topic of the site. We do not share you information with third parties (other than what is necessary to allow the communication, such as the email server, etc.). We relatively rarely do this, and of course you can ask to have your data removed, as mentioned in other parts of this document.
How we protect your data
This site uses several preventative measures from being hacked (which are not mentioned in order to not give help to any potential hacker to use), as well as several layers of backups.
For security reasons, this site saves the IP addresses of users who have tried to hack the site, within a firewall system so to block malicious attempts to breach the site. This data is kept for 45 days and then erased. This site does not use such information to identify its visitors for anything other than security related issues and will not disclose information gathered this way (unless needed for security related issues, or if it is required by law enforcement).
What data breach procedures we have in place
If we will come to believe any users’ data was compromised, we shall reach out to the users in order to let them know based on the means of communication we have about them (probably email).
What third parties we receive data from
What automated decision making and/or profiling we do with user data
Industry regulatory disclosure requirements
To enable payment relating to the services of the site, we collect and store contact details (such as name, address, telephone number, email address) and details relating to the payment and the payment method (such as credit card information). This information is shared only with either third parties who are part of the purchase transaction (such as paypal, invoice system, etc.), as well as when reporting to the Tax authorities. The retention for data relating to billing information is without restriction so as to have it available for reporting to the relevant government authorities (be it Mas Hachnasa, Maam, etc.).
If you subscribe to receive an email update about new content, your email will be stored and used for that purpose (or sometimes for direct mailing, relating to the topics of this website, in case the need will arise). We respect your privacy and by providing us with your email we commit to NOT share it with any external third party (other than the one which provides the mailing list service, such as feedburner, mailchip, gmail, etc.).
You are free to opt-out from a mailing list you’ve joined at anytime. Often the unsubscribe link as at the bottom of the email you receive. If, for some reason, that does not work for you – you are welcome to contact us (see details at the beginning of the text), and we’ll make sure to unsubscribe your email from receiving future emails.
Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.
Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.
The license of this document