Privacy Policy

Who I am

My website address is: https://kathrella.com and I am Kath Rella.

What personal data I collect and why I collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. Your IP address will be automatically deleted after two months.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

If you contact me via the contact form, I ask for a name (this is used to address you and does not need to be your real name) and an email address (for responding) in addition to the subject of your query and the query itself. Sending me a message does not result in your information being passed on to any third-party, you will not be added to any mailing lists and I do not consider that consent to send you any emails unrelated to your initial query.

If your message does not need/require a follow-up, I will delete the message and your data once it has been read. If I do need to follow-up, I will retain your contact information for as long as is necessary to respond to your message and then your data will be deleted.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, I will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, I will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

CloudFlare, my Content Delivery Network (CDN), will also install cookies that are necessary for this site to function properly. One is a Session Cookie, which expires after 30 minutes of inactivity or when you navigate away from the website. The Session Cookie is designed to limit malicious attempts to access this website. CloudFlare also installs a load-distribution cookie to improve speed and reliability. As you browse this site, the cookie will aid my CDN in routing traffic and requests through the lowest latency server.

CloudFlare may also install additional security related cookies. If you use a VPN or other shared connection that has been blacklisted on certain security databases, CloudFlare will attempt to discern whether your device can be trusted. It may present you with a Captcha to complete. In this instance, CloudFlare may install a cookie to ‘whitelist’ your device for one year. Please be aware that as a VPN user myself, I have made no attempt to restrict access to this website to other VPN users. It’s a shame that a small minority of bastards have to cause problems for the rest of us.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

I have ceased using Google Analytics. However, I continue to use the analytic solution supplied by my hosting provider by default. This solution is AWStats that takes information gathered by my Apache server logs to provide me with information as to how visitors use this website.

Because traffic is routed through CloudFlare, your IP address is obfuscated in my Apache server logs and I only see CloudFlare IP addresses accessing my website. These logs do not provide any other information that would allow me to identify or de-anonymize users, nor would I want to even if I could.

I receive no information that would allow me to identify the device you are using, although I receive some information about the type of device, browser, screen resolution, etc. This data is completely anonymous.

For clarity, CloudFlare does offer the function for me to see the original IP address in my server logs but I have not enabled it as I have no reason to do so. Should I do so in future, this Privacy Policy will be updated.

Who I share your data with

If you click on the social media sharing buttons then some of your data will be passed to the relevant networks to facilitate sharing. This is an automated process.

I do not share your data with anybody else.

How long I retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on my website (if any), I also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. You are under no obligation to register on this website regardless of how you intend to use it.

What rights you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments will be checked through Akismet, an automated anti-spam tool. Akismet checks IP addresses against known batches of IP addresses that have a history of fraudulent or malicious use.

I use CloudFlare as a Content Delivery Network (CDN). Therefore, your data will usually pass through CloudFlare’s servers. CloudFlare installs cookies. One is a Session Cookie which expires after thirty minutes of inactivity, or when this site is closed. The Session Cookie is designed to reduce malicious attempts to access this website. The other is a load-distribution cookie, designed to improve the speed of this website by directing your requests through the lowest-latency server.

Your contact information

You can contact me via the form found at kathrella.com/contact

Additional information

How I protect your data

Your data is only accessed from devices which I own and am the only user. I never access such data on shared devices, nor do I do so via non-private connections (eg. public WiFi). All devices I use are password protected and sensitive information held in encrypted storage. Additionally, I use two-factor authentication for accessing the administration areas of this website to reduce the possibility of data breaches.

What data breach procedures I have in place

In the event of a data breach, I will immediately contact anybody whose data is likely to have been taken and I will publish a notice on this website along with my social media channels. I actively work to limit the potential problems caused by a data breach by not storing any more information than necessary on the server and by ensuring that my own devices are secured and encrypted.

What third parties I receive data from

AWStats (although it sources it from data on my servers), Akismet and CloudFlare as described above. I do not currently use any other third-party services.

What automated decision making and/or profiling I do with user data

I do not engage in any user-profiling. Any automation with your data is as described above. This is not a business website and I use no marketing or similar tools to target specific users. I also host no advertisements and therefore your data is not being used to serve personalised content.

 

Updated 27th May, 2018