Privacy Policy

Details about how we collect, process, protect, and use your personal data.

Data We Collect & Why

Comments

  • Data collected: Name, email, website (optional), IP address, browser user agent.
  • Purpose: Spam detection (legitimate interest).
  • Retention: Comments and metadata are retained indefinitely for automatic approval of follow-ups.
  • Third parties: Anonymized email hashes shared with Gravatar (privacy policy here).

Newsletters

  • Data collected: Email, name (optional), subscription date/IP.
  • Purpose: Sending newsletters (explicit consent required).
  • Third parties: Brevo, Substack with GDPR-compliant data processing agreements.
  • Tracking: Open/click rates via Facebook, LinkedIn, and X pixels (with consent).
  • Opt-out: Unsubscribe link in every email.

Analytics & Tracking

  • Tools: Google Analytics, Google Tag Manager.
  • Data collected: Anonymized IP, device type, pages visited, interactions (consent required via cookie banner).
  • Retention: 24 months.
  • Opt-out: You can opt out of Google’s analytics tracking here.

Media Uploads

  • Warning: Avoid images with embedded GPS data. Visitors may extract location data.

Cookies

  • Functional: Saved comment details (1 year), and login cookies (2 days to 1 year).
  • Analytical/Tracking: Enabled only with consent via cookie banner.
  • Third-party cookies: Embedded content (e.g., YouTube) may set cookies—review their policies.

Data Sharing & Transfers

  • Spam detection: Comments shared with Akismet (Automattic).
  • Third parties: Gravatar, Google Analytics, Brevo, and embedded content providers (e.g., YouTube). Data may be transferred outside the EU under GDPR adequacy decisions or standard contractual clauses.
  • Legal obligations: Data is disclosed if required by law.

Your Rights Under GDPR

You may request:

  • Access to your data.
  • Rectification or deletion (exceptions: legal/administrative data).
  • Restriction of processing or data portability.
  • Withdraw consent (e.g., unsubscribe newsletters).
  • Object to processing (e.g., analytics).

To exercise rights contact us with proof of identity.

Data Security

  • Measures: HTTPS encryption, limited access to data, and regular software updates.
  • Breach notification: You will be notified within 72 hours if a breach risks your rights.

Policy Updates

Changes will be posted here. Major changes to this policy (e.g., new data uses) will be emailed to subscribers.