Note: This is NOT the Privacy Policy — this is a summary of older revisions to that policy that were made prior to January 1, 2021, listed in reverse order by date. For a summary of more recent revisions, please see the Recent Revisions section at the bottom of the Privacy Policy page.
(Portions of the Privacy Policy were adapted from the Automattic Privacy Policy and from the Automattic Terms of Service for WordPress.com (both of which you can also find at their Legalmattic repository), which are both licensed under a Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license. Therefore, the entire aaronseverson.com Privacy Policy is also licensed under CC BY-SA 4.0, as the terms of that license require. If you elect to use or further adapt my policy, please credit Automattic as well as me (Aaron Severson). Automattic, Legalmattic, and WordPress.com are trademarks or registered trademarks of Automattic (or Automattic’s licensors). WordPress is a registered trademark of the WordPress Foundation in the United States and other countries. I am not affiliated with or endorsed by Automattic or the WordPress Foundation in any way. All other trademarks are the property of their respective owners.)
- December 29, 2020: In Disclosure of Personally Identifying Information, made a number of clarifications to the bullet point on photos, images, and/or other media: Changed “(such as videos)” to “(e.g., videos)”; changed “whether in the image or other media itself” to “whether in the photos, images, and/or other media themselves”; and changed “For various reasons, it is not always practical or even feasible for me to completely obscure visible bystanders or potentially personally identifying information (for example, the license terms under which I use photos owned by others …” to “Obviously, in certain cases, those people (and/or their information) may be the subject(s), or among the subjects, of the photo(s), image(s), and/or other media; even where they are not, it is not always practical or even feasible for me to completely remove or obscure visible bystanders or other personal information or potentially personally identifying information such photos, images, and/or other media may contain (for example, the license terms under which I use images owned by others …” Amended the bullet point reading “If the person(s) to whom the information pertains have asked or authorized me to do so” to “If the person(s) to whom the information pertains (and/or, where applicable, their respective assigns, heirs, and/or successors) have asked or authorized me to do so, either directly or through their respective agent(s) or other authorized representative(s)” (mostly for clarity and the avoidance of doubt). Made the same change to the corresponding bullet point in the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice.
- December 28, 2020: In Definitions, made a minor adjustment to the definition of “Personal information/personally identifying information” (changing “that describes or could be associated with you …” to “that describes and/or could be associated with you and/or your household …” for internal consistency). In Disclosure of Personally Identifying Information, updated the examples of third-party vendors and service providers to change “use of their computers, catalogs, databases, and/or other systems, and/or …” to “use of their computers, catalogs, databases, and/or other systems and/or services — some of which may be provided by, powered by, and/or otherwise supported by third parties, some of which may have their own privacy policies — and/or …” for completeness.
- December 24, 2020: In Other Information I Receive from Third-Party Sources, fixed a typo in the paragraph beginning “If I have employees …” (changing “the services the perform” to “the services they perform”). In that same sentence, also changed “may entail their providing …” to “may entail and/or include their providing …” for completeness.
- December 21, 2020: In Other Information I Receive from Third-Party Sources, in the paragraph beginning “Also, where I use vendors and/or service providers to purchase, access, and/or otherwise obtain published works …” changed “download a photo from a repository …’ to ‘take a class that discusses the life and/or work of notable people related to the course subject matter” to “… that discusses the lives and/or work of notable people related to the class’s subject matter” for consistency and grammar and changed “or download a photo” to “and/or download a photo containing recognizable people” for clarity. (I had accidentally pasted the change rather than making the change, which also had a grammatical error.)
- December 20, 2020: In Other Information I Receive from Third-Party Sources, in the paragraph beginning “Also, where I use vendors and/or service providers to purchase, access, and/or otherwise obtain published works …” changed “or download a photo from a repository …” to “take a class that discusses the life and/or work of notable people related to the course subject matter; or download a photo from a repository …” In Disclosure of Personally Identifying Information, updated the bullet point on independent contractors, employees, agents, and/or business partners to change “and/or other types of repair/maintenance/service” to “other types of repair/maintenance/service, training, tutoring, and/or education” and added “teachers, instructors, trainers, tutors, and/or other educators” to the examples of third-party vendors and/or service providers.
- December 18, 2020: In Disclosure of Personally Identifying Information, updated the bullet point beginning “If I believe in good faith that such disclosure is reasonably necessary …” to change “… of third parties and/or the public at large” to “… of others and/or of the public at large” and add an example pertaining to contact tracing for infectious disease cases. (In the midst of an ongoing pandemic, this seems worth spelling out!) Also in that bullet point, changed “… that was provided to me by a third party violates your copyright” to “… that was provided to me by a third party violates your copyright or other intellectual property right(s)” to align with the current wording of the section of the Terms of Use to which that sentence refers. In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, updated the corresponding bullet point to change “… and/or to forward copyright claims …” to “… and/or to forward copyright or other intellectual property rights claims …” for internal consistency.
- December 16, 2020: In Other Information I Receive from Third-Party Sources, changed “… naturally depends on the specific circumstances” to “… naturally depend on the specific circumstances” for grammatical reasons (subject-verb agreement). In Disclosure of Personally Identifying Information, updated the item about postal services, common carriers, shipping agencies, delivery services, and/or mailbox rental services to change “for the purposes of sending and/or receiving correspondence, packages, and/or shipments” to “for the purposes of sending, receiving, and/or tracking the status of correspondence, packages, and/or shipments” for completeness. (I think tracking the status of correspondence, packages, and/or shipments would be reasonably encompassed by “sending and/or receiving,” but I spell it out for the avoidance of doubt.) In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, in the second-to-last bullet-pointed list in that subsection, updated the first bullet point to change “if that content incorporates or involves …” to “if that content or those services incorporate or involve …” Added a bullet point to that list: “Presenting and/or discussing examples of my content and/or my past or current writing/editing/writing consulting services in the course of proposing, pitching, or otherwise offering for commercial advantage my content and/or professional services (e.g., submitting some of my content as writing samples and/or describing some of my previous work as part of my application or pitch for a job or freelance assignment), if such examples incorporate or involve any personal information.”
- December 14, 2020: In Comments, changed “… may also be subjected to certain automated tests for security purposes” to “… may also be subjected to certain automated tests for security purposes, to discourage spam, and/or to filter out comments submitted by automated bots rather than human users.” In Other Information I Receive from Third-Party Sources, changed “I routinely gather a wide variety of information related to the content I write and/or edit (and/or on which I consult), whether for this website or in connection with my business and/or other creative endeavors, professional or otherwise, which often includes information about people involved with and/or otherwise relevant to that content …” to “I routinely gather a wide variety of information related to the content I write and/or edit (and/or on which I consult), whether for this website or in connection with my business, and/or to my other creative endeavors (professional or otherwise), which often includes information about people involved with and/or otherwise relevant to that content and/or such creative endeavors …” for clarity and consistency. In the next sentence, changed “My research, writing, and editing process often involves …” to “The process of researching, creating, and/or editing such content and/or creative endeavors (and/or consulting on others’ content and/or creative endeavors) routinely involves …” In Disclosure of Personally Identifying Information, amended the last sentence of the bullet point on information disclosed as part of and/or in connection with my content to change “the process of researching, writing, and editing such content routinely involves sharing and discussing relevant information with various third parties and/or the public; the same is true of publishing, promoting, and/or otherwise disseminating such content” to “the process of researching, creating, and/or editing such content and/or creative endeavors (and/or consulting on others’ content and/or creative endeavors) routinely involves routinely involves sharing and discussing relevant information with various third parties and/or the public; the same is true of publishing, promoting, publicly performing, exhibiting, broadcasting, and/or otherwise disseminating and/or discussing such content and/or creative endeavors” for consistency and completeness. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, in the bullet point on network, shared device, and/or online service information (under “Internet or similar network activity information”), changed “e.g., names, passwords/login credentials, technical details, and/or other information …” to “e.g., names, passwords/login credentials, URLs, IP addresses, technical details, and/or other information …”; changed “online service accounts” to “online accounts”; and changed “… and/or other means of networking, sharing, and/or otherwise connecting electronic devices, files, and/or data” to “… and/or other means of networking, connecting, sharing, and/or otherwise accessing electronic devices, files, and/or data”.
- December 13, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, added “courses taken and/or completed” to the enumerated examples of education information; changed “schools attended” to “schools considered and/or attended”; changed “degrees and/or credentials earned” to “degrees and/or credentials considered, pursued, and/or earned” for completeness. (One hopes both would be reasonably-self evident, but I decided to spell this out anyway.)
- December 12, 2020: In Other Information I Receive from Third-Party Sources, further refined the language about information I may receive through third-party vendors and/or service providers by adding a sentence about vendors and/or service providers who enable me to purchase, access, and/or obtain published works and/or other publicly available information and/or resources. Tinkered further with the additional wording after initial publication. Also in that section, changed “… often contain an assortment of personal information” to “… often contain and/or otherwise incorporate an assortment of personal information” for wording consistency. In Disclosure of Personally Identifying Information, added other wire transfer and/or other funds transfer services and restaurants, meal delivery, and/or food/grocery delivery services to the examples of third-party service providers. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, further adjusted the wording of a few of the examples: Under “Additional categories of personal information,” changed “other information pertaining to creditworthiness, assets, income, and/or liabilities” to “other information pertaining to creditworthiness, assets, benefits, income, and/or liabilities” (for completeness). Under “Professional or employment-related information,” changed “Compensation” to “Compensation and/or benefits” and changed “Other information about an individual’s work, vocation, trade, professional services, products, and/or commercial offerings” to “Other information about an individual’s current, past, and/or prospective work, vocation, trade, professional services, products, and/or other commercial endeavors”.
- December 11, 2020: In Website Server, Error, and Security Logs, changed “Many (though not necessarily all) of those logs record the IP address and/or user agent information …” to “The information these logs record may include (but is not necessarily limited to) the IP address and/or user agent information …” for greater clarity. In Embedded Content, changed “To learn more about what user information such third-party websites or services may collect and how they use it, click the links on the applicable player or display window to go to that hosting site …” to “To learn more about what user information such third-party websites or services may collect and how they use it, please visit the applicable site …” (since not all content necessarily has a player or display window in the manner originally described). In the Information Sharing subsection of the Financial Transactions Policy, changed, “To my applicable payment processor(s) and/or bank(s)/financial institution(s) …” to “To the applicable payment processor(s) and/or bank(s)/financial institution(s) …” Further updated Other Information I Receive from Third-Party Sources to tinker with the paragraph added December 10 regarding content I create and/or edit (and/or on which I consult) that is published, broadcast, exhibited, and/or otherwise distributed by third parties; add a new paragraph regarding information I may receive through employees, independent contractors, agents, and/or business partners; and amend the paragraph on information from third-party services to change “third-party services and/or service providers” to “third-party vendors and/or service providers” for internal consistency and clarify that the information such services or vendors may provide me isn’t necessarily only about other users of the same service(s) (although that is probably the most common example); and add language about information I may receive from someone’s agents, representatives, and/or service providers. Rearranged the order of the paragraphs in that section to provide a more logical progression, making some minor wording changes, clarifications, and grammatical fixes throughout the text. In the paragraph on comments and other inquiries, added a reference and internal link to the Contact Forms section of this policy (which I’d neglected to do when I added that section some time ago). In the last paragraph of that section, changed “may be published or disclosed in that context” to “may be published and/or otherwise disclosed in that context”. Tinkered a bit with the new and revised wording after initial publication. In Reports and Aggregated Statistics, changed “I may may compile” to “I may compile” to fix a typographical error. In the examples of third-party vendors and service providers listed under Disclosure of Personally Identifying Information, moved the item about bank(s)/financial institution(s) and/or other applicable payment processors to the bullet point on “Other types of service providers” later in that same list and reworded it as “bank(s), financial institution(s), and/or payment processor(s) that process (and may sometimes audit or otherwise investigate) my financial transactions” (which better expresses the intended scope). In the Your California Privacy Rights section, renamed the “Do Not Sell My Personal Information” subsection “Opting-Out or Submitting Other California Privacy Requests (Do Not Sell My Personal Information Page)” to reduce the risk of confusion with the separate Do Not Sell My Personal Information page, also making the same change to the Table of Contents above. In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, changed “routinely involve collecting and sharing personal information, often for publication” to “routinely involve collecting and sharing personal information, often for publication (and/or public performance, exhibition, and/or broadcast, as applicable)”; changed “… for use in or with my published work(s)” to “… for use in or with work(s) intended for publication and/or other public dissemination”; changed “Publishing or submitting for publication …” to “Publishing, submitting for publication, and/or otherwise commercially distributing or disseminating …”; in the paragraph discussing the problems with the CCPA definitions of “commercial” and “noncommercial speech,” changed “Examples could include:” to “Some representative examples could include:” (to make it clearer that the subsequent list is not intended to be exhaustive); and changed “&hellip is intended for publication” to “… is intended for publication (and/or public performance, exhibition, and/or broadcast, as applicable)”. Removed some extra spaces throughout this page. Made a minor clarification to the December 5, 2020, entry in the revisions list (“In Categories of Information and Purposes for Collection …” was supposed to say “In the Categories of Information and Purposes for Collection subsection of the CCPA Information Collection and Sharing Notice …”). Also made a minor grammatical correction in the December 10 entry (where the word “subsection” was inadvertently omitted).
- December 10, 2020: In Website Server, Error, and Security Logs, changed “and/or involves credentials I create to allow specific users to access certain resources …” to “and/or involves or appears to involve credentials I create to allow specific users to access certain resources …” In Security Scans, changed “If the activity in question involved or appears to involve any of this website’s administrative users, the information collected may also include the username(s), user ID number(s), and/or other identifiers associated with such administrative user(s)” to “If the activity in question involves or appears to involve any of this website’s administrative users, and/or involves or appears to involve credentials I create to allow specific users to access certain resources (e.g., the login credentials for certain FTP folder(s) associated with this website), the information collected may also include the username(s), user ID number(s), and/or other identifiers associated with such administrative user(s) and/or credentials” for consistency with Website Server, Error, and Security Logs. Updated Transaction-Related Information I Receive from Third Parties to clarify that I may also receive information related to questions, comments, reviews, and/or other interactions related to products and/or services I offer through third-party services (not just regarding completed sales or transactions). Made a number of other clarifications in that section. In Other Information I Receive from Third-Party Sources, added a paragraph about information I may receive in connection with content I create and/or edit (and/or on which I consult) that is published, broadcast, exhibited, and/or otherwise distributed by third parties. In the Collection Sources subsection of the CCPA Information Collection and Sharing Notice, changed “Clients or employers for whom I provide (or have provided) writing/editing/writing consulting services” to “Clients or employers for whom I provide (or have provided) writing/editing/writing consulting services, and/or publishers or other third parties through which I publish, perform, broadcast, exhibit, and/or otherwise distribute my content and/or other creative endeavors (professional or otherwise).” In the Information Shared for Business or Commercial Purposes subsection of the notice, changed “The public, through the publication, performance, broadcast, other dissemination, and/or public discussion of …” to “The public, through the publication, performance, broadcast, exhibition, other dissemination, and/or public discussion of …” for consistency.
- December 7, 2020: In Data in Submitted Images, updated the third paragraph to change “the metadata could also include other personally identifying and/or potentially personally identifying information, such as …” to “the metadata could also include personal information and/or potentially personally identifying information, such as (though not necessarily limited to) …” and changed which portions of that sentence are boldface. In Disclosure of Personally Identifying Information, updated the bullet point on Google to change “the Android platform and the related Google Mobile Services applications and APIs” to “the Android platform and Google’s related services, applications, APIs, and infrastructure (such as, though not limited to, the Google Location Service infrastructure)” (to clarify that this text is referring to a range of services associated with Android devices, not to Google’s wireless service). Added the Google Location Service to the trademark notice at the end of that bullet point. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, under “commercial information,” changed “Information about real property an individual or household has purchased, rented, and/or leased (and/or is considering purchasing, renting, and/or leasing), and/or property records indicating who owns, manages, administers, sells, rents, leases, or otherwise offers for commercial advantage a particular building, lot, or other real property” to “Information about real property and/or lodgings an individual or household owns, rents, leases, and/or otherwise uses (and/or is considering purchasing, renting, leasing, and/or otherwise using), and/or information about who owns, manages, administers, sells, rents, leases, and/or otherwise offers for commercial advantage particular lodgings and/or a particular building, lot, or other real property” for greater clarity and completeness. (My first pass at this revised language, published earlier today, was “Information about real property an individual or household owns, rents, and/or leases (and/or is considering purchasing, renting, leasing, and/or otherwise obtaining), and/or information about who owns, manages, administers, sells, rents, leases, and/or otherwise offers for commercial advantage a particular building, lot, or other real property”; I subsequently decided to further revise that text as indicated above.) In the Information Shared for Business or Commercial Purposes subsection, changed “&hellip of my content and/or other creative work …” to “… of my content and/or other creative endeavors (and/or content I write and/or edit (and/or on which I consult) for others) …” for greater internal consistency.
- December 6, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, under “commercial information,” changed “property records indicating who owns and/or manages a particular building, lot, or other real property” to “property records indicating who owns, manages, administers, sells, rents, leases, or otherwise offers for commercial advantage a particular building, lot, or other real property” and changed “(e.g., whether an individual or household owns and/or has recently purchased and/or sold shares in a particular corporation or other business entity)” to “(e.g., whether an individual or household owns and/or has recently purchased and/or sold shares in a particular corporation or other business entity, and/or what broker(s) and/or other intermediaries, if any, conducted and/or administered such transaction(s))”. Under the “professional or employment-related information” bullet point, restored the bullet point on “Publishing histories/bibliographies …” (which had been inadvertently deleted in a previous revision); changed “… about writers, artists, designers, performers, developers, engineers, scientists, and/or other professionals” to “… about writers, artists, designers, architects, performers, developers, engineers, scientists, inventors, and/or other professionals”; and changed “… mechanical inventions and/or designs, and/or other types of artwork and/or creative endeavors” to “… architectural plans, mechanical inventions and/or blueprints, designs of whatever type, and/or other types of artwork and/or creative endeavors”. Under “other types of personal information …” added “broker(s)” to the examples of an individual’s employees, agents, representatives, and/or service providers. (These are all essentially nitpicking elaborations; the previously listed examples would probably have reasonably encompassed each of these additions.)
- December 5, 2020: In Definitions, updated the definition of “Other personal information” to change “This includes any other information about an individual or household …” to “This may include any information about an individual or household …” In the Categories of Information and Purposes for Collection subsection of the CCPA Information Collection and Sharing Notice, added a new final paragraph explaining that while the listed categories are intended to describe the types of information I typically collect in the specified contexts, there may be circumstances in which I collect or receive a type of information not listed and/or that can’t be easily categorized. In Security Scans, updated the categories of information gathered to add “email addresses*; other contact information (e.g., phone numbers)*; images and/or other media (including metadata)*” and change “geolocation data (estimated from IP addresses and/or inferred from other data)*” to “geolocation data (determined directly, estimated from IP addresses, and/or inferred from other data)*” to reflect the broader range of security measures mentioned in the current text of that section. In Information I Receive from Third Parties for Security Purposes, updated the categories of information gathered to include “images and/or other media (including metadata)*” and change “geolocation data (estimated based on IP address/domain name and/or inferred from other data)*” to “geolocation data (determined directly, estimated from IP addresses, and/or inferred from other data)*” (for similar reasons). Corrected an error in the revisions list (this item had been inadvertently dated “November 5” rather than “December 5”!). Also in Security Scans, rearranged several of the paragraphs in that section to place them in a more logical order. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, changed “&hellip in the course of my business” to “through and/or in connection with this website and/or in the course of my business” for more consistent wording. In the “Collection Purposes” subsection, changed “… in the course of operating this website and/or my business” to … through and/or in connection with this website and/or in the course of my business” for similar reasons. In the Information Shared for Business or Commercial Purposes subsection, changed “Therefore, by the law’s definitions, I may share any or all of the categories of personal information I collect in the course of my business …” to “I may share any or all of the categories of personal information I collect through and/or in connection with this website and/or in the course of my business …” (also for internal consistency) and adjusted which portions of that sentence are boldface. Later in that section, changed “in ways that are hard to avoid with any business activity conducted at home” to “in ways that are hard to avoid with any activity conducted at home.” Also in that section, changed “… any or all of the categories of personal information I collect in the course of my business” to “… collect through and/or in connection with this website and/or in the course of my business”; changed “… could also involve any or all of the categories of personal information I collect in the course of my business” to “… could also involve any or all of the categories of personal information I collect through and/or in connection with this website and/or in the course of my business”; and changed “any or all of the categories of personal information I collect in the course of my business” to “any or all of the categories of personal information I collect through and/or in connection with this website and/or in the course of my business” (also for internal consistency). Elsewhere in that section, changed “(including offering the content on this website, which is supported by advertising and user contributions)” to “(potentially including publishing content on this website, which may be supported by advertising, and which I may use to advertise and/or otherwise promote my work and/or professional services)” (since to date, I haven’t received or even solicited any user contributions for this website, nor do I have any immediate plans to do so). (To date, I haven’t run any paid advertising on this website either, but I don’t rule it out, which is why the advertising language is included in this policy.)
- December 4, 2020: In the preamble, changed “… and how I use that information” to “… and how I may use and/or share that information.” In Legal Bases for Collecting and Using Information, removed the parenthetical examples after “The use is necessary to provide the functions of the website”; added “to conduct research into the subjects of my content” to the examples listed after “I have a legitimate interest in using your information …”; and added a statement after the numbered list (adapted from similar text in recent versions of the Automattic privacy policy) explaining/reiterating that because I’m based in the U.S., information from users in the European Economic Area (EEA) may be used, stored, and/or accessed by individuals operating outside the EEA. In Additional Information About Data Retention, changed “Naturally, the applicable bank(s)/financial institution(s) and/or payment processor(s) may also retain transaction-related information, which is outside of our control” to “Vendor(s), service provider(s), payment processor(s), and/or bank(s)/financial institution(s) involved in a given transaction may also retain certain information related to that transaction, which is generally outside of my control” for greater clarity. In Data in Submitted Images, changed “the recognizable likeness of any individual person in an image or video (and/or their voice in a video or audio recording or broadcast) …” to “the recognizable image and/or identifiable likeness of any individual person in images and/or other media (and/or their audible voice in a video or audio recording, broadcast, other media) …” and changed “The image might also contain …” to “Images or other media may also contain …” for completeness. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, changed “… images, videos, audio recordings, and/or other media in which recognizable individuals and/or likenesses are visible …” to … images, videos, audio recordings, broadcasts, and/or other media in which recognizable individuals and/or their identifiable likenesses are visible …” for internal consistency and better grammar. Also rearranged the order of several of the bullet points under “Other types of personal information not specifically described in the applicable statutes …”
- December 3, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, made a number of very minor wording changes to the enumerated examples (e.g., changing certain instances of “and” and “or” to “and/or”) for greater internal consistency. Also changed “Health insurance information (e.g., whether or not individuals are insured and with which insurance carrier(s) …” to “Health insurance information (e.g., whether or not individuals or households are insured and if so, with which insurance provider(s) …”; changed “Information about personal property, products, goods, and/or services an individual or household owns, rents, leases, and/or otherwise uses; has owned, purchased, rented, leased, obtained, or considered; desires to purchase, rent, lease, obtain, and/or use; and/or is considering purchasing, renting, leasing, obtaining, and/or using” to “Information about personal property, products, goods, and/or services an individual or household owns, rents, leases, has otherwise obtained, and/or uses; has owned, purchased, rented, leased, otherwise obtained, used, and/or considered; desires to purchase, rent, lease, otherwise obtain, and/or use; and/or is considering purchasing, renting, leasing, otherwise obtaining, and/or using”; and removed the bullet point on “Network, shared device, and/or online service information” from under “Professional or employment-related information” (as it had been inadvertently duplicated from “Internet or similar network activity information”). Under “Professional or employment-related information,” changed “Other information about an individual’s vocation, trade, professional services, products, and/or commercial offerings” to “Other information about an individual’s work, vocation, trade, professional services, products, and/or commercial offerings” for completeness.
- December 2, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, updated the bullet point on agents, representatives, and/or service providers (under “Other types of personal information”) to change “Information about an individual or household’s agents, representatives, and/or service providers (e.g., attorney(s) or legal counsel, talent or literary agency, manager(s), accountant(s), auditor(s), assistant(s) and/or secretaries, and/or other authorized representatives and/or professional service providers)” to “Information about an individual or household’s employees, agents, representatives, and/or service providers (e.g., assistant and/or secretary, attorney(s) and/or other legal counsel, talent and/or literary agent(s), manager(s), accountant(s), auditor(s), and/or other authorized representatives and/or professional service providers)”. In the Collection Sources subsection, changed the first bullet point to “You, whether through your direct communications with me; through other public disclosures you’ve made (e.g., social media posts); through your use of this website; and/or through your employees, agents, representatives, and/or service providers (as applicable)”. In Disclosure of Personally Identifying Information, revised the references to Gpg4win and its associated software to update and clarify the information about Kleopatra, add a trademark notice, and rearrange one of the existing trademark notices. In Additional Information About Data Retention, updated the bullet point about contact information to change “The contact information of individuals with whom …” to “The contact information and other details of individuals with whom …” and added a sentence with some further explanation. In Disclosure of Personally Identifying Information, updated the reference to WordPress.org to add the phrase “and/or its respective developers, contributors, volunteers, and other users” and change “… of the WordPress website and/or forums to help me manage and troubleshoot this site” to “… of the WordPress website and/or forums, which I regularly use to seek help in managing, troubleshooting, and/or improving this website as well as to report bugs, security flaws, and/or other issues with the WordPress content management system itself” (since use of the forums and/or website may involve communicating with various people who are not part of the WordPress organization).
- December 1, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, added a bullet point to the examples under “Commercial information”: “Information about products, goods, services, and/or property an individual or household sells, rents, leases, and/or otherwise offers for commercial advantage”. Also changed “Information about cars and/or other vehicles an individual has owned, purchased, rented, leased, otherwise obtained, or considered …” to “Information about cars and/or other vehicles an individual or household has owned, purchased, rented, leased, otherwise obtained, or considered …”; changed “Information about real property an individual has purchased, leased, or rented, and/or property records indicating who owns a particular building, lot, or other real property” to “Information about real property an individual or household has purchased, rented, and/or leased (and/or is considering purchasing, renting, and/or leasing), and/or property records indicating who owns and/or manages a particular building, lot, or other real property”; and changed “… (e.g., whether an individual owns or has recently purchased or sold shares in a particular corporation or other business entity)” to “… (e.g., whether an individual or household owns or has recently purchased or sold shares in a particular corporation or other business entity)”. In the examples of “Professional or employment-related information” later in that section, changed “Other information about an individual’s vocation and/or trade” to “Other information about an individual’s vocation, trade, professional services, products, and/or commercial offerings” and updated the bullet point on “Authorship, other credits, and/or rights holder information” to change “… artwork, books, films, software, photographs, other media, other published works or designs, and/or other intellectual property such as trademarks and/or patents” to “… creative works, designs, inventions, and/or performances (e.g., books, articles, essays, blog posts, photographs, illustrations and/or other images, videos, songs and/or musical compositions, audio recordings, films, television and/or radio programs, other media, software, mechanical inventions and/or designs, and/or other types of artwork and/or creative endeavors), and/or other types of intellectual property such as trademarks, service marks, and/or patents” for greater completeness. Added a new section under Information We Collect Automatically: Subscribing via Web Feed (Atom and RSS). Also fixed the title of the “Information You Provide to Me” section (which had been accidentally changed to “Information You Provide to Us” at some point I hadn’t previously noticed). In Comments, changed “the contents of published comments may also appear in search results of the website’s search function” to “the contents of published comments may also appear in search results of the website’s search function and/or to users who have subscribed to this website’s web feeds (as described in “Subscribing via Web Feed (Atom and RSS)” above).” In the first paragraph of the preamble, changed “… through and/or in connection with this website …” to “… through and/or in connection with this website (including, where applicable, its web feeds, if any) …” In the second paragraph of the preamble, changed “… including those linked from the aaronseverson.com website or on which I may have accounts …” to “… including those linked from the aaronseverson.com website and/or on which I may have accounts …”
- November 30, 2020: In the examples of third-party service providers under Disclosure of Personally Identifying Information, updated the item on hotels, motels, and/or other lodging providers to change “(if I use and/or arrange such lodgings in some context related to this website and/or in the course of my business)” to “(if I use, arrange, and/or communicate with people using such lodgings in some context related to this website and/or in the course of my business)” for completeness.
- November 26, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, rearranged the examples of “Internet or similar network activity information” to put them in a (hopefully) more logical order. Also in that subsection, changed the phrase “about an individual’s interactions with a website, application, or advertisement” to “about an individual or household’s interactions with websites, applications, and/or online advertisements” for greater completeness.
- November 23, 2020: Updated Other Information I Receive from Third-Party Sources to change “user name” to “username” and updated Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice to change “user names” to “usernames” for internal consistency of spelling.
- November 20, 2020: In the Refunds and Returns subsection of the Financial Transactions Policy section, updated the bullet point on Other Purchases to change “digital goods or services other than advertising” to “digital goods and/or services other than advertising” (for completeness) and changed “(e.g., the purchase of an ebook)” to “(such as, without limitation, the purchase of an ebook and/or payment(s) for my writing/editing/writing consulting services)” (to better illustrate the intended scope). Updated the bullet point on Other Types of Transactions to change “transactions that do not fit any of the above categories …” to “transactions that do not fit into any of the above categories (including, though not limited to, payment(s) of license fees and/or royalties for the reuse of my content) …”
- November 19, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, made some minor grammatical and punctuation adjustments to the “Education information” bullet point (separating the examples with semicolons rather than commas and adding “and/or” before “degrees and/or certifications earned”). Under the “Other types of personal information” bullet later in that section changed “Information about wills, estates, executorship, and/or inheritance” to “Information about wills, estates, executorship, inheritance, trusts, and/or trusteeship”.
- November 17, 2020: In Disclosure of Personally Identifying Information, added hCaptcha to the examples of third-party service providers. Also updated and adjusted the references to Cloudflare in that section for greater accuracy and better readability, also adding and rearranging some trademark notices in that text and adjusting which portions of the text are anchor text for the applicable links.
- November 16, 2020: In Disclosure of Personally Identifying Information, added Discord to the examples of third-party service providers and adjusted the wording of the reference to Signal in the same section to be more readable, also rearranging the trademark notices in that text.
- November 14, 2020: In the Website Server, Error, and Security Logs; Security Scans; and Information I Receive from Third Parties for Security Purposes sections, added “other personal information*” to the listed categories where it wasn’t already included, and changed “special: other technical details (some of which might be potentially personally identifying)*”; and “special: other technical details relevant for security purposes (some of which might be potentially personally identifying)*”; and “special: other security-related technical details (some of which might be potentially personally identifying)*” to “special: other technical details (some of which might be potentially personally identifying and/or constitute personal information in certain jurisdictions)*” for consistency. (These changes are really just clarifications; some jurisdictions have adopted such expansive definitions for “personal information” that certain types of information may be considered “personal information” even if it could not reasonably be used to individually identify you.) In Disclosure of Personally Identifying Information, changed “travel agencies, travel bureaus, ticket brokers, and similar services” to “travel agencies, travel bureaus, ticket brokers, and/or similar services” for consistency of wording. Also in that section, updated the PayPal reference to change “processes some payments for me” to “processes certain payments I make or receive” for greater clarity. In the Transaction-Related Information Gathering section of the Financial Transactions Policy section, added a paragraph referencing the Transaction-Related Information I Receive from Third Parties section, including an internal link to that section. In both those sections, added “images and/or other media (possibly including metadata)*” to the listed categories of information I may collect (since the information I receive may include profile pictures or other types of images and/or media). Also in Transaction-Related Information I Receive from Third Parties, changed “the seller’s profile picture” to “the seller’s profile picture and/or geographical location,” since the latter is another common example of this type of information, and made a number of clarifications to the paragraph on data retention. In Additional Information About Data Retention; Controller/Responsible Party, Questions, and How to Reach Me; and the revisions list, removed some duplicated commas.
- November 13, 2020: In Advertising, changed “settings/configurations/addons” to “settings and/or add-ons” to better align with the Embedded Content section (and to make the spelling of “add-ons” consistent throughout this policy).
- November 11, 2020: In Disclosure of Personally Identifying Information, amended the paragraph about possible incidental disclosures involving roommates, houseguests, other cohabitants, and/or visitors for better grammar and changed the conjunction separating the listed examples from “or” to “and/or.” Also in that section, added a trademark notice for Akamai.
- November 8, 2020: In Disclosure of Personally Identifying Information, added “online time servers” to the examples of third-party service providers. Also in that section, updated the reference to the manufacturers of my wireless routers to change “their associated software/services” to “their associated software and/or services” (for greater accuracy). Amended a previous item on this list for October 30, 2020, to change “examples of third-party services” to “examples of third-party service providers” for internal consistency. Removed some extra spaces throughout this page. In Consents and Agreements, completely revised and updated the text to be more broadly applicable and more accurate (it was originally written to refer mostly to the privacy banners and consent checkboxes, but the new version is more comprehensive), also splitting the second paragraph into two separate paragraphs in the interests of readability. Tinkered with the updated wording.
- November 7, 2020: In Disclosure of Personally Identifying Information, updated the bullet point on comments to add the following phrase to the end of the sentence beginning “As explained in that section …”: “and/or emailing you directly (at the email address you provided with your comment) prior to or instead of publishing your comment(s).” (Since this point is already spelled out explicitly in the Comments section above, this is a just a clarification for easier reference.) Also in that section, updated the bullet point on inquiries and support requests to change “As part of a public response to an inquiry or support request” to “To respond (publicly and/or privately) to your messages, inquiries, and/or support requests” for greater accuracy. (Even if I only respond to you privately, doing so typically involves communicating at least some information to third parties in ways some jurisdictions now regard as a disclosure of personal information — for example, sending you an email in response to your inquiry necessarily involves transmitting your email address to the servers of our respective email providers!)
- November 3, 2020: In Website Server, Error, and Security Logs, changed “Additionally, if a logged event or action involved or appeared to involve any of this website’s administrative users, certain logs may also record the username(s), user ID number(s), and/or other identifiers associated with such administrative user(s)” to “Additionally, if a logged event or action involves or appears to involve any of this website’s administrative users, and/or involves credentials I create to allow specific users to access certain resources (e.g., the login credentials for certain FTP folder(s) associated with this website), certain logs may also record the username(s), user ID number(s), and/or other identifiers associated with such administrative user(s) and/or credentials.” Also in that paragraph, changed the phrase “the routine operation of the website and its host” to “the website and its related systems” (which is more correct).
- November 2, 2020: In Disclosure of Personally Identifying Information, updated the reference to WebAIM to change the phrase “whose WAVE Accessibility Tool …” to “whose WAVE Accessibility Tool and/or other tools …” for completeness. (They have a number of useful tools besides the WAVE tool.) Later in that same section, changed “repair, maintenance, and/or technical service providers” to “repair, maintenance, installation, and/or technical service providers” and changed “postal services, common carriers, shipping agencies, and/or mailbox rental services (for the purposes of sending and/or receiving correspondence and/or packages)” to “postal services, common carriers, shipping agencies, delivery services, and/or mailbox rental services (for the purposes of sending and/or receiving correspondence, packages, and/or shipments)” (again for completeness).
- October 30, 2020: In Disclosure of Personally Identifying Information, adjusted the wording of the reference to Audacity audio editing software (for greater correctness and better grammar). Also added identity theft protection services to the examples of third-party service providers listed in that section.
- October 29, 2020: In Website Server, Error, and Security Logs, updated the categories of information gathered to add asterisks to “IP addresses,” “user agent information” and “geolocation data” (since such information may be collected and/or inferred in some circumstances and not in others, depending on the specific logs involved) and added “domain names*” to the listed categories for completeness. In the first paragraph of that section, deleted the phrase “such as submitting comments” (which was grammatically awkward); added a new sentence: “Many (though not necessarily all) of those logs record the IP address and/or user agent information of the applicable device (and sometimes the referring site, if any), which sometimes makes it possible to determine, estimate, and/or infer certain other information (e.g., geographical location and/or device type)”; and changed “Most such logs also include …” to “Most such logs include …” In the paragraph beginning “Please keep in mind that …” changed “server and server error logs” to “server access and server error logs” for clarity. In Disclosure of Personally Identifying Information, amended the reference to insurers and/or warranty providers to change “their respective affiliates, agents, brokers, claims adjusters, subcontractors, and/or subsidiaries” to “their respective administrators, affiliates, agents, brokers, claims adjusters, subcontractors, and/or subsidiaries” for completeness.
- October 28, 2020: In Disclosure of Personally Identifying Information, changed “Abine, Inc.” to “Abine Inc.” to reflect their stylization. In Your Rights (GDPR and Other National or State Privacy Laws), changed “or in some U.S. states” to “or in certain U.S. states” for grammatical reasons; changed “I may (to the extent permitted — and/or required — by applicable law/regulation) ask you to provide additional information to verify your identity and/or residency before processing any data-related requests” to “I may (to the extent permitted — and/or required — by applicable law/regulation) take steps to verify your identity and/or residency before processing certain requests pertaining to your personal information”; and changed “for legal or administrative purposes or to secure this website and its data” to “for legal or administrative purposes and/or to secure this website and its data.” In Controller/Responsible Party, Questions, and How to Reach Me, added a link to the former section and changed “If you have questions about this policy or my use of personal information, you can contact me …” to “If you have questions about this policy or my use of personal information, or if you would like to contact me regarding the rights mentioned in “Your Rights (GDPR and Other National or State Privacy Laws)” above, you can reach me …” In Other Information You Provide to Me, changed “These are just a few of the many possibilities” to “These are just a few of the many possibilities, not an exhaustive list.”
- October 25, 2020: In Disclosure of Personally Identifying Information, updated the reference to LibreOffice to change “their LibreOffice suite” to “the LibreOffice suite of open source office software” for clarity, added a link to the homepage for that software, and updated the trademark notice. Also updated the reference to FileZilla to add a link to the FileZilla privacy policy and remove the (inaccurate) statement that the software did not have such a policy (which was an unfortunate error on my part; the project website’s privacy policy does include a section pertaining to the software itself). Throughout that section and in older items on the revisions list, removed the hyphen from “open source” for consistency. Also changed “Social media services (including, without limitation, chat rooms, online bulletin boards/message boards/discussion groups, and/or similar online forums)” to “Social media services (including, without limitation, chat rooms, online bulletin boards/message boards/discussion groups, wikis, and/or similar online forums)” for completeness. (Whether a wiki can be considered a social media service is arguable, but there is not necessarily a strong distinction between a wiki dedicated to a specific topic and a chat room or online bulletin board dedicated to the same topic.)
- October 24, 2020: In Disclosure of Personally Identifying Information, added towing and/or roadside assistance services to the examples of third-party service providers; changed “mapping and/or navigation services” to “mapping, navigation, and/or trip-planning services and/or apps” (for completeness, although these are to some extent different terms for very similar types of services); and changed the parenthetical note in the listing for cars, trucks, vans, bicycles, scooters, and/or boats from “if I use such services …” to “if I use and/or arrange such services …”
- October 21, 2020: Added credit bureaus and/or credit reporting agencies to the examples of other types of service providers under Disclosure of Personally Identifying Information. In that section, also changed “third-party printers/print services” to “third-party printers and/or print services” for clarity.
- October 18, 2020: In Disclosure of Personally Identifying Information, added print-on-demand publishing and/or distribution platforms to the examples of third-party service providers, including one specific example. (This is just a clarification, since that section already lists both publishers and distributors.) In the same part of that section, also changed “sites and/or services for publishing and/or distributing audiovisual content” to “platforms and/or services for publishing and/or distributing audiovisual content” (this is just a nitpicking change for consistency with the wording of the privacy policy of my professional writing website).
- October 16, 2020: In Embedded Content, clarified the bullet point regarding jQuery to also mention the API service as well as the CDN service.
- October 15, 2020: In Security Scans, Information I Receive from Third Parties for Security Purposes, and Disclosure of Embedded Content, updated references to Bitdefender to remove the registered trademark symbol (which Bitdefender apparently prefers that third parties not use in connection with Bitdefender marks). Also in Information I Receive from Third Parties for Security Purposes, adjusted the wording of the reference to Spybot. In Embedded Content, amended the recently added bullet point for jQuery CDN to clarify that it may also use cookies and/or store potentially personally identifying information on your device. In that section and Security Scans, changed references to content distribution network(s) to content delivery network(s), which is the correct term for such services.
- October 14, 2020: In Embedded Content, updated the bullet point regarding Yoast SEO to describe the plugin’s latest integration, with the SEMrush SEO and Internet marketing firm, also adding a link to the SEMrush Privacy Policy and their trademark notice. (It may be worth noting that in adding trademark notices on this page, I have generally omitted the phrase “All rights reserved” (which many trademark owners prefer or insist on incorporating into such notices) in contexts where it would seem likely to cause confusion. I am sensitive to the importance of appropriately presenting such marks, but given the unavoidable density of the information on this page and the sheer number of notices in the text, there is a danger of inadvertently creating uncertainty over which rights are being reserved by whom, which seems counterproductive. In general, you should can reasonably assume that all rights to the various third-party trademarks mentioned on this page are reserved by those marks’ respective owners, whether that phrase expressly appears in the text or not.) Made a correction in the revision summary for October 13, 2020, below, to fix an inadvertent use of “we” rather than “I.” In Embedded Content, updated the bullet point regarding BootstrapCDN to add a trademark notice and links to the StackPath Privacy Statement and California Privacy Rights page and to update the link to the StackPath GDPR page. Added a new bullet point pertaining to the jQuery CDN. In the Financial Transactions Policy, changed “PayPal’s User Agreement, Privacy Statement, and any other applicable PayPal policies or requirements” to “the PayPal User Agreement, the PayPal Privacy Statement, and any other applicable PayPal policies and/or requirements” and adjusted the positions of the applicable hyperlinks to match. In Information I Receive from Third Parties for Security Purposes and Disclosure of Personally Identifying Information, adjusted the wording of certain descriptions to avoid some awkward possessive use.
- October 13, 2020: In Do Not Sell My Personal Information; the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice; and Controller/Responsible Party, Questions, and How to Reach Me, updated the text to better distinguish the Right to Know and the Right to Access (which under the CCPA are distinct, though obviously related) and capitalize the names of the various CCPA rights, since each has a specific legal meaning. Made some minor adjustments to the adjacent text to accommodate these changes and for consistency. In those sections, Contact Forms, Additional Information About Data Retention, Reports and Aggregated Statistics, and Disclosure of Personally Identifying Information, adjusted the references to the CCPA to spell out “California Consumer Privacy Act of 2018 (CCPA)” for consistency. In Additional Information About Data Retention, changed “for compliance purposes, I must retain information pertaining to privacy-related requests” to “for compliance purposes, I must retain information pertaining to certain privacy-related requests” (since the retention requirements may apply in some cases and not others) and changed “receive under” to “receive pursuant to” for grammatical reasons.
- October 11, 2020: Updated the Financial Transactions Policy to clarify that where your transaction is pursuant to a separate written agreement with us, the terms of that agreement shall, where applicable, take precedence over the terms of the Financial Transactions Policy present on this page.
- October 10, 2020: In Security Scans and Embedded Content, added a trademark notice for GoDaddy to the paragraph on the Sucuri Security plugin. Also added the same notice to the first reference to Sucuri in Disclosure of Personally Identifying Information.
- October 8, 2020: In Disclosure of Personally Identifying Information, revised the reference to embedded content providers to change “the embedded content providers described in …” to “embedded content providers such as (though not necessarily limited to) those described in …” to better align with the language Embedded Content section (which makes clear that its list of providers is not intended to be exhaustive). Added GoDaddy to the examples of third-party service providers in that section (mostly for completeness, since I haven’t used their domain registration services for years and permanently closed my account today). In that section, Security Scans, and Embedded Content, updated references to GoDaddy Operating Company, LLC, to match their current stylization.
- October 7, 2020: Fixed a broken internal link in Security Scans. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, added a bullet point under “Internet or similar network activity information”: “Online avatars, profile images, and/or icons” (this is essentially just a clarification, since such images would also reasonably be encompassed by several of the categories and examples already listed).
- October 5, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, updated the bullet point under “Other types of personal information” about awards and honors to change “Information about awards, honors, other recognition, prizes, and/or winnings in games of chance or skill” to “Information about awards, honors, prizes, and/or other recognition” and moved the part about games of chance or skill to a new bullet point under “Commercial information”: “Information about an individual or household’s scores, achievements, winnings, and/or prizes in games of chance or skill.” Under “Professional or employment-related information,” added a bullet point: “Professional achievements and/or honors.” (These clarifications are intended to arrange these points in a more logical order and better reflect the fact that there are many different kinds of awards and honors, some of which the law may regard as different categories of information.) Also made a minor revision to the bullet point for “Audio, electronic, visual, thermal, olfactory, or similar information,” changing “recognizable individuals or likenesses” to “recognizable individuals and/or likenesses.”
- October 4, 2020: Made a further clarification in Data in Submitted Images, changing “… some of which may be personally identifying” to “… some of which may include and/or constitute personal information and/or potentially personally identifying information” and changed “the metadata could also include other personal information” to “the metadata could also include other personally identifying and/or potentially personally identifying information” (mostly for greater consistency with the Definitions).
- October 3, 2020: Updated Categories of Information and Purposes for Collection to note that any or all of the listed purposes may include communicating with you (and/or third parties), which is why I haven’t listed that separately. (This is a clarification, more clearly spelling out a point I had hoped would be reasonably self-evident!) In Reports and Aggregated Statistics, changed “may compile and publish aggregated statistical information” to just “may compile aggregated statistical information” (since the possible publication and/or sharing of such information is discussed later in that section). In Data in Submitted Images, changed “digital files contain metadata (such as EXIF information)” to “digital media files usually contain metadata (such as Exif information)” for clarity and to conform to how the official standard stylizes “Exif” (which is an acronym for “exchangeable image file”); added a sentence later in that paragraph: “Video and/or audio recording devices and/or editing software may add various metadata to other types of digital media files”; and, in the final sentence of that paragraph, changed “for your individual device” to “for your individual device and software.”
- September 30, 2020: In Website Server, Error, and Security Logs and Security Scans, added an additional type of information to the categories of information gathered (“special: other identifiers*”). In Website Server, Error, and Security Logs, changed the sentence “Most such logs also include the date and time each logged event took place” to “Most such logs also include the date and time each logged event took place; certain types of events may also be assigned unique ID numbers and/or other identifiers for reference purposes.” In Security Scans, added a sentence to the paragraph beginning “Like the logs described …”: “Certain events may be assigned unique ID numbers and/or other identifiers for reference purposes.” (These additions are a clarification intended to better describe the information that may be recorded in the various logs, not all of which is within my technical understanding.)
- September 29, 2020: In Information I Receive from Third Parties for Security Purposes, fixed misspellings of Spamhaus, updated the link to the MVPS HOSTS file homepage, added a trademark notice for IPinfo, and changed “the security components of the Microsoft® Windows® operating system …” to “the security components of the Microsoft® Windows® operating system and/or its associated software and/or services …” In Disclosure of Personally Identifying Information, updated the description of Microsoft in the examples of third-party service providers to change “which provides some of the software, apps, tools, and services I may use and/or offer — including, but not limited to, the operating systems for some of the devices I use and the Microsoft Office suite of software and services — and gathers certain information about such use as described …” to “which provides some of the software, apps, tools, and services I may use and/or offer — which are too numerous to list here, but may include (without limitation) the operating systems and associated software and services for some of the devices I use and the Microsoft Office suite of software and services — and gathers certain information about the use of such software, apps, tools, and services as described …” (mostly for the sake of internal consistency of wording). Also added to that section the providers of filter lists, block lists, and/or other security information listed in Information I Receive from Third Parties for Security Purposes that were not already among the examples listed in Disclosure of Personally Identifying Information and adjusted the wording of the existing references to NetGuard and IPinfo in that section, mainly to add a trademark notice for the latter. (For the record, the IPinfo website is inconsistent about the spelling and stylization of both IPinfo and IDB LLC, the company that provides the service; I went with what seemed to be the most frequently used iterations and took my best guess at an appropriate trademark notice.) Removed some extra spaces. Renamed the License for This Policy section “Credits and License for This Policy.” In Legal Bases for Collecting and Using Information, corrected the abbreviation for Brazil’s new privacy law (the LGPD). In the Your Rights (GDPR and Other National or State Privacy Laws) section, moved the language about the right to make a complaint to the applicable data protection authority to the bullet-pointed list, adjusting the preceding items in that list and the text of following paragraph accordingly.
- September 26, 2020: In Disclosure of Personally Identifying Information, updated the bullet point beginning “To editors, publishers, clients, employers, and/or other third parties …” to change “and/or for whom I may otherwise work and/or provide services” to “for whom I may otherwise work and/or provide services; and/or as I may reasonably be requested or directed to do as part of and/or in connection with such services, content, and/or work (and/or the offer thereof)” (since there are various scenarios in which my work and/or services, and/or the sale or licensing of my content, might entail my sharing certain pertinent information directly with third parties other than the actual editor(s), publisher(s), client(s), or employer(s)). In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, updated the related bullet to change “and/or for whom I may otherwise work and/or provide services” to “for whom I may otherwise work and/or provide services; and/or as I may reasonably be requested or directed to do as part of and/or in connection with such services, content, and/or work (and/or the offer thereof)” for consistency. Tinkered a bit with the wording of these amendments.
- September 25, 2020: Added the Blacklight tool developed by The Markup to the examples of third-party service providers under Disclosure of Personally Identifying Information.
- September 24, 2020: In Definitions, updated the definition for geolocation data to change “(or, obviously, if I meet you in person), but I (and/or my service providers, where applicable) may also determine or estimate your geographical location or movements based on other data …” to “(or, obviously, if I meet or otherwise encounter you in person); if someone else directly or indirectly describes your location or movements to me; or if I (and/or my service providers, where applicable) determine, estimate, and/or infer your geographical location or movements based on other data …” In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, changed “Geolocation information, such as a geographical location estimated based on an IP address and/or GPS coordinates, or a location and/or movements that you describe to me” to “Geolocation information, such as an individual or household’s geographical location and/or movements, whether directly observed; stated or described to me (directly or indirectly); or determined, estimated, and/or inferred from other data (e.g., from an IP address, telephone area code, and/or GPS coordinates)” (for internal consistency with language elsewhere in this policy).
- September 23: 2020: In Definitions, updated the definition for user agent information to change “certain settings such as (though not necessarily limited to) …” to “certain settings such as (though not limited to) …” In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, amended the bullet point under “Additional categories of personal information” regarding health insurance information to change “much of what insurance-related data I do collect” to “much of what health-insurance-related data I do collect” for clarity and added an additional bullet point: “Information about other types of insurance and/or insurance coverage.” Under “Commercial information,” added a bullet point: “Information about an individual or household’s participation in sports, games, hobbies, and/or other pastimes.” Under “Internet or similar network activity,” changed “Network and/or shared device information” to “Network, shared device, and/or online service information” and added “websites; online service accounts;” to the listed examples after “shared printers and/or other devices.” In “Other types of personal information,” added three bullet points: “Information about an individual or household’s agents, representatives, and/or service providers (e.g., attorney(s) or legal counsel, talent or literary agency, manager(s), accountant(s), auditor(s), assistant(s) and/or secretaries, and/or other authorized representatives and/or professional service providers)”; “Information about wills, estates, executorship, and/or inheritance”; and “Information about community service (e.g., jury duty), volunteer work, and/or charitable activity.” Also changed “Encryption public keys and similar security data” to “Encryption public keys and/or similar security data.” Fixed an accidental duplication in these additions.
- September 22, 2020: In Categories of Information and Purposes for Collection, updated the bullet point on “Research and publishing” to change “… and/or other creative endeavors” to “… and/or my other creative endeavors.” In Embedded Content, updated the bullet point regarding PayPal content to change “that some plugins place on the administrative dashboard” to “that certain themes and/or plugins place on the administrative dashboard” and updated the bullet points on embedded YouTube videos, Vimeo videos, and blog feeds to change “by certain plugins on portions of the administrative dashboard” to “by certain themes and/or plugins on portions of the administrative dashboard” (for internal consistency).
- September 19, 2020: In Website Server, Error, and Security Logs, changed “In general, DreamHost has access to any data or files on any server they own — except in cases where I have specially encrypted such file(s) or data …” to “In general, DreamHost has access to any data and/or files on any server they own — except in cases where I have specially encrypted such file(s) and/or data …” In Disclosure of Personally Identifying Information, updated the reference to DreamHost to more fully (though still not exhaustively) describe the range of services they provide for us. Also fixed a capitalization error elsewhere in that section.
- September 18, 2020: In Disclosure of Personally Identifying Information, made a minor revision to the reference to Blur (changing “Abine, Inc.’s Blur” to “Abine Blur” to reflect their current usage), and added a clearer trademark notice for Khan Academy. Made a minor clarification in the Cookie Notice: In the “Commenting” subsection, changed “are associated with their user ID number and user profile” to “are associated with their user ID number and user profile information” for clarity.
- September 15, 2020: In Disclosure of Personally Identifying Information, changed “Second, if I possess artwork, one or more copies of published work(s), and/or useful article(s) that contain and/or incorporate personal information about certain individual(s) or household(s) who have visited this website (such as, without limitation, a book by or about you (or that you once owned and in which you wrote your name), a magazine that published a letter or article you once wrote, or a DVD of a movie in which you appeared), I might sell, lend, donate, or otherwise dispose of such artwork, my copy or copies of such published work(s), and/or such useful article(s)” to “Second, if I possess artwork, copies of published work(s), and/or useful article(s) that contain and/or otherwise incorporate personal information about certain individual(s) or household(s) who have visited this website (such as, without limitation, a book by or about you; a magazine you once owned that still bears your name and address on the subscription mailing label; a DVD of a movie in which you appeared; or some item you once autographed), I might sell, lend, donate, or otherwise dispose of such artwork, my copy or copies of such published work(s), and/or such useful article(s).” In the related paragraph of the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, changed “that contain and/or incorporate personal information” to “that contain and/or otherwise incorporate personal information” for consistency. Also revised the wording of the related bullet points in that section and Disclosure of Personally Identifying Information in an effort to better align the language, changing the first portion of the text of each bullet point to “If the information is contained in and/or otherwise incorporated into artwork, a copy of a published work, or a useful article (including, without limitation, information inscribed or imprinted upon and/or affixed or otherwise attached to such work(s), copies, or article(s), particularly where that information cannot reasonably be removed without damaging the item or article in question …” (although the formatting of each instance is a little different, and the examples listed in the Disclosure bullet point are now contained in the same parentheses as “including, without limitation …” in the interests of clarity). In the Disclosure bullet point, also struck the sentence “(There are many possible scenarios; these are just a few illustrative examples.)” (The revised wording hopefully makes this statement extraneous.)
- September 13, 2020: In Other Information I Receive from Third-Party Sources, updated the paragraph regarding the types of people with whom I routinely discuss and/or share information regarding my research to also include “researchers and/or other academics” in the interests of completeness. For the same reason, in the Collection Sources subsection of the CCPA Information Collection and Sharing Notice, changed “Subject matter experts (e.g., historians, biographers), archivists, librarians, observers, eyewitnesses, and/or other knowledgeable parties” to “Subject matter experts, historians, biographers, researchers and/or other academics, archivists, librarians, observers, eyewitnesses, and/or other knowledgeable parties.” (These are clarifications and efforts to more fully illustrate the intended scope, not an actual change in my practices.) In Certificate Authority Checks and Disclosure of Personally Identifying Information, rearranged and updated the trademark notices for Let’s Encrypt. In Embedded Content and Disclosure of Personally Identifying Information, added trademark notices for Font Awesome.
- September 12, 2020: In Comments, changed “Also, if your comment contains HTML/PHP code (including hyperlinks), emojis, and/or special characters, they may be removed (“stripped”) prior to publication” to “Also, if your comment contains hyperlinks, certain types of HTML/PHP or other code, emojis, and/or special characters, they may be removed, either by being automatically “stripped” prior to publication or manually deleted by me” for greater clarity. Later in that section, updated the paragraph on commenting-related cookies to refer to the Commenting subsection of the Cookie Notice rather than the Cookies and Similar Technologies section, adding a link to the Cookie Notice and making some minor wording and punctuation adjustments to that paragraph for consistency. In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, added a bullet point on information inscribed or imprinted upon, affixed to, and/or otherwise attached to or incorporated into artwork, a copy of a published work, or a useful article, for consistency with the similar bullet point in Disclosure of Personally Identifying Information. Throughout this page, fixed a recurrent typographical error in the HTML attributes of certain hyperlinks (I realized I had frequently misspelled “noopener”!).
- September 11, 2020: In the Data Retention subsection of the Financial Transactions Policy, Transaction-Related Information I Receive from Third Parties, Other Information I Receive from Third-Party Sources, and Additional Information About Data Retention, added disclaimers that the retention of data by third parties (e.g., vendors and/or service providers) is subject to the individual policies of the applicable third parties, and in most cases is outside of my control. (The wording of the disclaimer varies slightly from section to section, but the intent is the same.) Added a similar disclaimer (also worded slightly differently, but again with the same intent) to Data Related to Recruitment/Hiring or Business Partnerships. In Additional Information About Data Retention, also updated the bullet point on financial transactions and/or legal agreements to add “(Naturally, the applicable bank(s)/financial institution(s) and/or payment processor(s) may also retain transaction-related information, which is outside of my control.)” to further emphasize and illustrate the point. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, changed “The collection/sharing of personal information by third-party services is subject to the applicable service’s privacy policy and terms of use/terms of service, and is outside of my control” to “The collection, use, and/or retention of personal information by third-party services are subject to the applicable service’s privacy policy and terms of use/terms of service, and are outside of my control.” Also in the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, under “Other types of personal information,” changed “Handwritten notes, documents, and/or other examples of individuals’ handwriting (in whatever medium)” to “Handwritten notes, documents, illustrations, paintings, sketches, and/or other examples of individuals’ handwriting, calligraphy, and/or artwork (in whatever medium).” Did some minor tinkering with the wording of these additions.
- September 10, 2020: In Information I Receive from Third Parties for Security Purposes, updated the reference to EFF browser add-ons to specify Privacy Badger as an example, also making some minor adjustments to the wording. Also added Disconnect (whose Tracker Protection lists some web browsers now use to help block fingerprinting and/or certain other forms of online tracking) to that section’s listed examples of information sources. Fixed a minor punctuation error in that section and Disclosure of Personally Identifying Information (replacing a colon with a semicolon).
- September 8, 2020: In Data Related to Recruitment/Hiring or Business Partnerships and the examples of third-party service providers under Disclosure of Personally Identifying Information, changed “employment agencies” to “staffing agencies/employment agencies” in the interests of completeness (although these terms can generally be considered synonymous).
- September 6, 2020: In the list of examples of third-party service providers and vendors in Disclosure of Personally Identifying Information, updated the bullet point on electronic devices to also mention other types of home appliances, headphones and/or headsets, and webcams and/or microphones. Also changed “I do not presently use these devices’ proprietary software” to “I generally seek to avoid or at least limit my use of these devices’ proprietary software (if any)” and changed “any applicable product-specific privacy policies” to “any applicable product- and/or software-specific privacy policies.” (Although I generally loathe both Internet-enabled appliances and proprietary device software, they are becoming harder to avoid, which calls for additional caveats.) In that same bullet point, changed “incorporated into the devices and/or their associated software, firmware, and/or drivers” to “incorporated into the devices and/or their associated software and/or drivers” (since many electronic devices can’t work without their associated firmware, it didn’t really make sense to try to distinguish the two in this context). In Disclosure of Personally Identifying Information, updated the bullet point on social media services to note that I retain an offline copy of my Facebook account data as of December 11, 2018 (the date I initiated the deletion of my account). Also in Additional Information on Data Retention, changed “… social media accounts, and/or social media services” to “… social media services, and/or other communications services” (which was how that phrase was intended to read). In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, amended a bullet point in the examples of Professional or employment-related information to change “and/or similar and/or other comparable information …” to “and/or other, similar and/or comparable information …” in the interests of clarity. Made a number of minor corrections to earlier items in the revisions list.
- September 5, 2020: In Disclosure of Personally Identifying Information, changed “… or otherwise perform services for me or on my behalf” to “… and/or otherwise perform services for me or on my behalf” (for internal consistency) and changed an instance of the phrase “again, without limitation” to “again without limitation” (for stylistic consistency). In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, changed “Service providers and/or vendors I use in connection with this website, my other professional activities, and/or the management or operation of my business” to just “My service providers and/or vendors” in the interests of clarity (and to avoid inadvertently obfuscating or contradicting the corresponding language in Disclosure of Personally Identifying Information).
- September 2, 2020: In Disclosure of Personally Identifying Information, updated the bullet point on social media services in the examples of third-party service providers to add a note regarding LiveJournal. Also added Tumblr to the examples listed in that bullet point. Fixed a minor punctuation issue.
- August 30, 2020: In Other Information I Receive from Third-Party Sources, made a number of minor adjustments to the paragraph on information provided by social media services (mostly nitpicking, and intended to make the language as broadly applicable as possible), also changing the first words of that paragraph from “Social media services …” to “Similarly, third-party social media services …” (to help clarify that it’s intended to refer to social media services outside of this website) and eliminating the potentially confusing use of the second person in the first sentence. In Disclosure of Personally Identifying Information, updated the reference to the software included with Gpg4win to change the phrase “including (again without limitation)” to “which may include (again without limitation).”
- August 28, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, removed the FAX number bullet point from Other types of personal information to Additional categories of personal information, combining it with the bullet point in that section for telephone numbers (i.e., “Telephone numbers (and/or FAX numbers)”), which is probably a more appropriate place for it. In Disclosure of Personally Identifying Information, restored the bullet points on third-party service providers, which I had accidentally replaced with the equivalent section of the 6200 Productions Privacy Policy while making other changes on August 25, 2020, and (hopefully) recreated the changes I had intended to make at that time. In the bullet point on social media services in that section, also changed “discuss and/or promote” to “research, discuss, and/or promote” for completeness. Later in that section, updated one of the references to Yahoo! to change the phrase “their services are now subject to …” to just “their services are subject to …” to avoid confusion, fixed some errors in the anchor text for several of the links to the Verizon Media Privacy Policy (the name of which had been listed incorrectly in a couple of places in this policy), and further adjusted the references to and trademark notices for Yahoo and Verizon Media (which had gotten garbled in the previous attempt to update them). Made a couple of minor corrections to the revisions list (in particular, the FAX number addition was actually in the In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, not the Information Shared for Business or Commercial Purposes subsection!). In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, also made a number of adjustments to the examples under Additional categories of personal information (updating the “Other financial information” bullet point to also include “other information pertaining to creditworthiness, assets, income, and/or liabilities” and updating the “Medical information” bullet point to list include drugs and/or medical products and/or equipment used rather than vaccinations received); Characteristics of classifications protected by law (updating the bullet point on “Information about children and/or family members” bullet point to add after “children” the parenthetical phrase “(such as the number of children and/or their names, ages, and/or genders)”; and Commercial information (amending the first and third bullet points to also mention rental and leasing as well as purchase, which was already partially reflected in the first bullet point; changing “Property records (e.g., information about who owns or has owned a particular building or other real property)” to “Information about real property an individual has purchased, leased, or rented, and/or property records indicating who owns a particular building, lot, or other real property”; and changing “Information about other types of purchases or transactions” to “Information about other types of purchases, transactions, and/or investments”). (Most of these are just clarifications and to better align the listed examples with certain statutory language.) In Information I Receive from Third Parties for Security Purposes, changed “For example (but without limitation), I might submit to the maintainers of these lists or databases certain email addresses or domain names that have been used in malicious activity directed at me” to “For example (but without limitation), I might submit to the maintainers of these lists or databases certain email addresses or domain names that have been used in malicious activity directed at me, or post information on support forums in order to obtain help or advice in preventing and/or remediating certain malicious activity” (for clarity and further emphasis). In Disclosure of Personally Identifying Information, changed “insurers” to “insurers and/or warranty providers (for greater clarity and completeness).
- August 27, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, added FAX numbers to the examples listed under Other types of personal information.
- August 25, 2020: In Other Inquiries, Messages, and Support Requests, changed “In general, you’re perfectly free to contact me using a pseudonym unless your message is a privacy request or pertains to a specific legal or financial matter” to “In general, you’re perfectly free to contact me using a pseudonym unless your communication(s) pertain to a legal matter, a specific financial transaction, or certain privacy-related requests, in which case I may need your legal name.” Later in that section, added a trademark notice for Verizon and Verizon Media and added links for the older Yahoo! Privacy Policy (which in some cases may apply in addition to or instead of the Verizon Media Privacy Policy). In Disclosure of Personally Identifying Information, made similar adjustments to the Yahoo! and Verizon Media privacy policy links, removed a potentially confusing reference to Oath (the corporate entity that is now Verizon Media), added or updated some other trademark notices in that section, and slightly amended the references to the DuckDuckGo and Startpage.com search engines (to separate the two with a semicolon and delete the phrase “the search engines I most commonly use,” although that statement remains true). Also updated some trademark notices elsewhere in this policy. Removed some extra spaces elsewhere in the text and fixed a number of minor punctuation issues. Throughout the text, updated some external links from HTTP to HTTPS.
- August 24, 2020: In Disclosure of Personally Identifying Information, revised the reference to travel agencies and airline/bus/rail services to change “in connection with trips I take or arrange” to “in connection with trips I take and/or arrange” and revised the reference to hotels, models, and/or other lodging providers to change “in connection with trips I take or arrange in some context related to this website and/or in the course of my business” to “if I use and/or arrange such lodgings in some context related to this website and/or in the course of my business” (all nitpicking clarifications). Also in that section, changed “the Microsoft Office suite” to “the Microsoft Office suite of software and services” for clarity and updated the trademark notice. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, changed “such as a geographical location estimated based on an IP address” to “such as a geographical location estimated based on an IP address and/or GPS coordinates” (again for clarification purposes, since either example would clearly fall into this category).
- August 23, 2020: In Disclosure of Personally Identifying Information, added the phpMyAdmin project to the examples of third-party service providers whose services I may use in operating this website. In Information I Receive from Third Parties for Security Purposes, changed the phrase “(which is used by Bitdefender, Mozilla Firefox, various other web browsers, and some other apps and online services)” to “(which is used by Bitdefender, various web browsers, and some other apps and online services)” for the sake of conciseness.
- August 22, 2020: In Information I Receive from Third Parties for Security Purposes, changed “… bank(s)/financial institution(s), and/or other sources not specified above” to “… and/or bank(s)/financial institution(s); the support forums on WordPress.org (WordPress is a registered trademark of the WordPress Foundation) and/or other support forums or online resources; and/or other sources not specified above” for completeness.
- August 21, 2020: In Disclosure of Personally Identifying Information, updated the references to the Google, Yahoo, and Yandex search engines to change “search engine” to “search engine(s)” (since in some cases they may technically comprise families of distinct search engines that can’t reasonably be enumerated in this already-crowded list). Also updated the reference to Microsoft Bing Search to add the phrase “(and/or other Bing search engines such as, without limitation, Bing Maps)” for the same reason and fixed a typographical error in the trademark notice.
- August 20, 2020: Made a minor clarification in Comments, changing “a request to retrieve, delete, or amend personal information” to “a request to access, delete, and/or correct personal information.” (The intended meaning is the same, but the latter terms are hopefully clearer.) In Website Server, Error, and Security Logs, changed “Like most websites, I and my web host” to “Like most websites, the aaronseverson.com website and my web host” (since I am obviously not a website) and changed “… or attempts to interact with the site in any unusual or suspicious way (such as trying to access the site’s administrative dashboard or run an unauthorized script)” to “&hellips; logs into or otherwise accesses the administrative dashboard and/or other administrative resources or controls; attempts to interact with the site in any unusual or suspicious way (such as trying to access the site’s administrative dashboard without authorization or run an unauthorized script); and/or performs certain other actions.” Also in that section, added “special: information collected via cookies and/or similar technologies*” to the listed categories of information that may be collected and changed “data pertaining to administrative resources” to “data pertaining to administrative resources or controls” for consistency. In Online Tracking, changed “web analytics tools” to “third-party web analytics services” (for clarification) and amended the entry below for August 19, 2020, to better explain the reasoning for the wording change.
- August 19, 2020: In Website Server, Error, and Security Logs, changed the sentence “Certain website logs that contain only anonymous and/or administrative data (e.g., hit counters) may be retained for longer periods” to “Certain website logs and/or log reports that contain only aggregated data, anonymous information (e.g., hit counters), and/or data pertaining to administrative resources that are normally off-limits except to authorized administrative users, may be retained for longer periods” (in the interests of completeness). Also in that section, changed “Naturally, I may retain certain specific information from the website’s logs if I still need it …” to “Naturally, I and/or my web host may retain certain specific information from the website’s logs if it is still needed …” for greater accuracy and changed “… and are not in any way connected to or associated with any web analytics service” to “… and are not connected to or associated with any third-party web analytics service” for clarity. (Although I may sometimes use log data for purposes that could be described as analytic, such analysis involves examining data already collected as part of the site’s normal operations, in the same way one might analyze call data from one’s existing monthly phone bills.)
- August 18, 2020: In Disclosure of Personally Identifying Information, added a new bullet point: “To editors, publishers, clients, employers, and/or other third parties for whom I provide (and/or to whom I offer) my writing/editing/writing consulting services; to whom I may license, sell, or otherwise offer my content and/or other creative work; and/or for whom I may otherwise work and/or provide services, where the information is part of and/or otherwise pertains to such services, content, and/or work,” along with a few representative examples. (As already indicated elsewhere in this policy, I am a professional writer/editor and writing consultant. While that work is primarily covered by a separate privacy policy, it’s not beyond the realm of possibility that there could be some overlap with this website, a point that was already stated later in that same section and at various other points in this policy.) Amended the related bullet point in the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice to better align with this language. Elsewhere in the Disclosure of Personally Identifying Information section, changed “somehow visible, audible, or otherwise included” to “somehow visible, audible, and/or otherwise included” (obviously, it’s entirely possible for someone to be both visible AND audible in certain media!). Throughout this document, changed various instances of “writing consultation” to “writing consulting” for internal consistency.
- August 17, 2020: Updated Security Scans to note that the features of the Sucuri Security and iThemes Security plugins include testing the integrity of the website’s WordPress files (which involves communicating with WordPress API servers and/or repositories), making a number of revisions to the descriptions of those plugins to accommodate the added text (including noting that some of the features of iThemes Security may include transmitting information to other external sources as well as receiving information from them) and add links to the WordPress Privacy Policy. Updated the bullet point in Embedded content regarding WordPress.org content to change “associated content distribution networks” to “associated API servers, content distribution networks (CDNs), and/or repositories” and mention file integrity checking as a specific example of the kind of communication that may be involved, referring back to the Security Scans section.
- August 16, 2020: In Disclosure of Personally Identifying Information, amended the reference to Dell to change “factory-installed software” to just “software” (since their software isn’t necessarily factory-installed); updated the reference to HP to change “software and/or services” to “drivers, software, and/or services”; and updated the references to Seagate and Western Digital to change “associated software and/or drivers” to “associated drivers and/or software” for consistency. (Most of this is just nitpicking to make the language in that section reasonably consistent.) Also updated the reference in that section to Tracker Software Products (Canada) Ltd. to also reference PDF-XChange Co. Ltd. (of which Tracker Software Products is a subsidiary), adjust the wording, and add a trademark notice. In Disclosure of Personally Identifying Information, also changed “… are the subject(s) of and/or otherwise pertinent to that content” to “… are the subject(s) of and/or otherwise pertinent to such content and/or creative endeavor(s)” for consistency.
- August 15, 2020: In Information I Receive from Third Parties for Security Purposes, changed “from the StevenBlack hosts file” to “Steven Black’s StevenBlack/hosts” (which appears to be how the developer styles the name), mostly for grammatical consistency within that paragraph, and changed “WHOIS or similar lookups” to “WHOIS, RDAP (Registration Data Access Protocol), and/or similar lookups” for completeness. In Definitions, amended the Domain name definition to make some clarifications and correct a number of factual errors. In Disclosure of Personally Identifying Information, changed “WHOIS lookup providers” to “WHOIS and/or RDAP (Registration Data Access Protocol) lookup providers” (since RDAP is intended to fulfill the same function as and eventually replace WHOIS) and changed “tools such as the ICAAN WHOIS Lookup tool” to “tools such as, though not necessarily limited to, the ICANN Domain Name Registration Data Lookup tool,” also updating the link to the latter tool and adding a trademark notice. In the same section, also added a trademark notice for TCL.
- August 14, 2020: In Embedded Content, rewrote the bullet point regarding WordPress.org content for greater accuracy and clarity (also updating and reordering the examples of domains used by content distribution networks associated with WordPress.org, such as s.w.org). In the following paragraph in that section, changed “I may post embedded content hosted and served by other third-party websites or services not listed above” to “I may post or otherwise use embedded content hosted on and served by other third-party websites or services not listed above” for similar reasons. Did some minor tinkering with the wording of these additions. Also made a minor amendment to the Information Sharing subsection of the Financial Transactions Policy, changing “…” deliver anything to you in connection with your transaction” to “… deliver anything in connection with your transaction.” (This is mostly a clarification; obviously, if your transaction is for or on behalf of someone else, it may involve mailing, shipping, or delivering something to some person or entity other than you.) Elsewhere in that section, also changed “so that I may communicate with you regarding your transaction” to “for purposes of transaction-related communications” for similar reasons.
- August 13, 2020: Updated Security Scans and Information I Receive from Third Parties for Security Purposes to also make reference to iThemes Security. Corrected the second reference to the Sucuri Security privacy policy in Security Scans to change “As explained in the Sucuri Privacy Policy …” to “As explained in the Sucuri Security Privacy Policy …” Also added Sucuri Security to the Information I Receive from Third Parties for Security Purposes section (mostly for completeness, since it’s already discussed elsewhere in this policy), added “and/or other Google services” after Google Voice (since there may be other relevant Google services besides those already enumerated), and tidied up the grammar of the list of examples in that section (removing various extraneous instances of the words “through” and “via”). Added iThemes to the examples of third-party service providers in Disclosure of Personally Identifying Information. Removed some extra spaces. In Disclosure of Personally Identifying Information, also changed the phrase “associated images” to just “images” to avoid confusion (since in some cases, the images may BE the content in question rather than simply associated with it) and added a separate bullet point on information in images and other media. Did some minor tinkering with the wording of these additions.
- August 12, 2020: In Disclosure of Personally Identifying Information, added a new bullet point pertaining to information “inscribed or imprinted upon, affixed to, and/or otherwise attached to or incorporated into artwork, a copy of a published work, or a useful article, particularly where the information cannot reasonably be removed without damaging that item or article,” which was already alluded to elsewhere in the text, but probably needs to be spelled out explicitly. In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, updated the bullet point beginning “The public …” to add “my disposal of my personal property (e.g., lending, donating, or selling my copies of books, magazines, and/or other published works)” for consistency. In the latter section, also added an additional bullet point to the list that follows the paragraph beginning, “Actions like the following could also be deemed sharing information …”: “Lending or giving someone a copy of a book or other published work that was autographed by the author and/or contains someone’s handwritten marginal notes, or a magazine with the original subscription mailing label still affixed to or imprinted upon the cover.” Did some minor tinkering with the wording of these additions. In the latter section and Disclosure of Personally Identifying Information, also changed existing language about personal information contained and/or incorporated into published works to also refer to useful articles containing and/or incorporating personal information, for consistency with today’s other additions. In the same paragraph of the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, also changed “… disposing of my copies of published books, magazines, CDs, DVDs, or other such personal property” to “… disposing of personal property such as my copies of published books, magazines, CDs, and/or DVDs” (again for consistency). In the applicable paragraph of Disclosure of Personally Identifying Information, also changed “a book by or about you” to “a book by or about you (or that you once owned and in which you wrote your name)” to further illustrate the point. Fixed some stray uses of “we” and “our” rather than “I” and “my.” In Other Inquiries, Messages, and Support Requests, changed “With some third-party services, our respective settings may also affect what information is shared and/or accessible in connection with messages and/or other communications” to “With some third-party services, individual settings may also affect what information is shared and/or accessible in connection with messages and/or other communications” for internal consistency. Did some minor tinkering with the wording of these additions (including updating it to include artwork as well). Removed some extra spaces.
- August 11, 2020: In Disclosure of Personally Identifying Information, changed “as do some works of fiction and other types of artwork” to “as do some works of fiction and other types of art and/or creative work” (a nitpicking wording change that better expresses the intended scope with less risk of inviting argument about what constitutes an artwork) and removed the parentheses around that phrase, setting it off with a comma instead.
- August 9, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, added another bullet point to the examples listed under “Other types of personal information”: “Information about friendships, personal relationships, and/or social interactions (including observations and/or inferences regarding individuals’ tendencies and/or preferences therein)” and, under “Professional or employment-related information,” changed “Performance evaluations and/or information about individuals’ professional reputations” to “Performance evaluations and/or information about individuals’ professional reputations and/or conduct” (which more fully expresses the intended scope).
- August 7, 2020: In Security Scans changed “my mobile carrier” to “my current mobile carrier”; updated the “Phone calls” bullet point in Additional Information About Data Retention” to change “My phone company/mobile carrier …” to “My phone service provider(s) and/or mobile carrier(s) …”; and updated Disclosure of Personally Identifying Information to change “my mobile carrier” to “my mobile carrier(s),” setting the name of the current carrier in parentheses and adjusting the remainder of that phrase for subject/verb agreement, and change “other Internet service providers, mobile carriers, and/or wireless network services …” to “other Internet service providers, mobile carriers, phone service providers, and/or wireless network services …” (As of this writing, I use only one mobile carrier, but I’ve had multiple phone service providers at some points in the past, and it’s not inconceivable that I might again in the future.) Also in that section of Disclosure of Personally Identifying Information, changed “process certain emails sent to and from my phone(s)” to “may process certain emails sent to and from my phone(s)” (since the way email is handled on my newer smartphone isn’t necessarily the same as on my older devices, which the original language was intended to describe) and changed “or otherwise conducted” to and/or otherwise conducted …” for consistency.
- August 6, 2020: Made various minor changes to the Cookie Policy in the interests of clarity, consistency, and better grammar. (The most substantive changes are to clarify how the setting of cookies may differ for administrative users.)
- August 5, 2020: Updated recent items in the revisions list (to add the preceding entry for August 4, 2020, and this one to explain it). In the Other Information I Receive from Third-Party Sources section, updated the paragraph on information in published works to also make reference to advertising and/or promotional materials and change “… also gather additional information about the people described, depicted, or involved with such published works, such as (without limitation) seeking to identify pictured individuals not named in a photo caption, the names of contributors not credited in the work itself, or the contact information of an editor or publisher” to “… also gather additional information about the people described, depicted, and/or involved with such published works, such as (without limitation) seeking to identify pictured individuals not named in a photo caption, determine the names of contributors not credited in the work itself, and/or obtain the contact information of an editor or publisher” (mostly in the interests of grammar and internal consistency; this is all hopefully self-evident!).
- August 4, 2020: Made a minor correction in the previous entry in the revisions list. (There were no further changes to the policy itself, just to the description of the revisions made on August 3, 2020.)
- August 3, 2020: Updated and revised some of the examples listed in the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice: changed “Names” to “First and/or last names”; changed “Cookies” to “Information gathered through cookies and/or similar technologies” for consistency; added a new bullet point under “Internet or similar network activity information” about network and/or shared device information; added a new catch-all bullet point under “Professional or employment-related information”: “Other information about an individual’s vocation and/or trade”; and amended the bullet point regarding legal information to change “information regarding an individual having been accused of, charged with, and/or convicted of crime(s), infraction(s), and/or misconduct, and/or involved in a civil lawsuit” to “information regarding an individual having been accused of, charged with, and/or convicted of crime(s), infraction(s), and/or misconduct; having been a victim (or alleged victim) of crime(s) and/or misconduct; and/or being involved in a civil lawsuit” for completeness. (Most of these changes are really just clarifications, but it occurred to me that the law may regard simply viewing lists of nearby wireless networks or devices — much less connecting to any of them — as the collection of personal information.) Updated the Cookie Notice to describe the wp-settings-UID and wp-settings-time-UID cookies (listed in the Administrative and Login Cookies category) in the plural rather than the singular. (There’s typically only one of each of these cookies, but there are some scenarios where there could be multiple versions.) Also corrected and clarified the description of the wp-saving-post cookies, including noting that there may be more than one; restored the sentence explaining the meaning of “xx” and “UID” in the cookie descriptions, which had been inadvertently deleted from the Administrative and Login Cookies category; made a grammatical change to the description of the wp-donottrack_feed cookie (to avoid an unclear antecedent); made a minor wording change to the PayPal® Button cookie descriptions (changing the phrase “and is used for …” to “and is probably used to facilitate …” in the interests of preciseness); renamed the latter category “PayPal® Buttons” (since it refers to more than one); added the phrase “(and potentially also for various other purposes, such as user analytics and/or advertising)” after “… to manage your PayPal login and transaction data”; and, in the Vimeo Videos category, changed the phrase “Vimeo’s Cookie Policy …” to “The Vimeo Cookie Policy …”. In the Cookie Notice and on this page, also updated the anchor text and/or title attributes for the links to the Legal Agreements for PayPal Services page. In Other Inquiries, Messages, and Support Requests, changed “in your public profile or that you otherwise make visible …” to “in your public profile and/or that you otherwise make visible …” and added a sentence to the end of that paragraph: “With some third-party services, our respective settings may also affect what information is shared and/or accessible in connection with messages and/or other communications.”
- July 31, 2020: Updated the Cookie Notice to clarify the descriptions (and some of the names) of the commenting and WordPress cookies and add an additional category for the cookies used to access password-protected posts (which I might conceivably use at some point in the future). Also amended the first paragraph in the Categories of Cookies Used section of the Cookie Policy to insert an additional disclaimer about embedded content providers’ use of cookies (noting that content providers not currently listed might begin using cookies in connection with their embedded content, and/or may already do so in certain circumstances I have not yet recognized) and added a reference and link to the Embedded Content section above, with its links to my commonly used embedded content providers’ respective privacy policies.
- July 29, 2020: Updated the Contact Forms section to change “If you ask me to publish some portion of your message …” to “If you ask or authorize me to publish your message (or some portion of it) …” (This clarification is mostly for internal consistency of language; I assume most people would consider it reasonably self-evident!) In Other Messages, Inquiries, and Support Requests, simplified the reference to the preceding section by changing the phrase “under the same circumstances as those described in the examples listed in …” to “under the same circumstances as described in the …” (which is hopefully a little clearer).
- July 28, 2020: Updated Transaction-Related Information I Receive from Third Parties to fix a typographical error and clarify that that section may also apply in situations where I use a third-party vendor or service for other types of transactions, not just where I offer products or services in such ways. Updated that section and the Information Sharing subsection of the Financial Transactions Policy to note that I may also use certain information pertaining to my purchase of products or services (or other, similar transactions) as part of and/or in connection with reviews and/or other commentary regarding the applicable transaction(s). Made a minor editorial change in Embedded Content, changing “(such the ones placed on your device when you log into a specific third-party website or online service)” to “(e.g., the ones placed on your device when you log into a particular third-party website or online service).” Updated a number of trademark attribution notices.
- July 27, 2020: Further updated the Cookie Notice to fix a typographical error (changing “needed to login” to “needed to log in”); change the words “disappear” and “disappears” to “expire” and “expires” (which is more technically precise); clarify the reference to the Google Video hosting service; add “compiling user analytics data” to the purposes for which YouTube may use cookies; rearrange the trademark notices in the YouTube Videos category for better readability; rearrange the text of the Vimeo Videos category for better readability (including moving the trademark notices to the end); fix a typographical error in the name of one of the Vimeo cookies (“Searchtoken” was misspelled “Sarchtoken”); add the parenthetical phrase “(without limitation)” after “such as” in the YouTube Videos and Vimeo Videos categories (to emphasize that the purposes described are not necessarily an exhaustive list).
- July 26, 2020: Updated the Cookie Notice to fix a minor grammatical error in the Administrative and Login Cookies category (changing “if you click the “Remember Me” when logging in” to “if you click “Remember Me” when logging in”) and to fix a text formatting error. Amended the Embedded Content section to clarify the bullet point on blog feeds, reorganizing the text, cleaning up some patchy grammar, and making it clearer that such feeds may collect your IP address and user information and may be able to use cookies and/or stored information to track and/or identify you. (As already noted in that bullet point, this refers to feeds on the administrative dashboard, so it normally only applies to logged-in administrative users.)
- July 25, 2020: In Disclosure of Personally Identifying Information, updated the reference to Intel to change the word “equipment” to “devices and/or hardware” (which is a more accurate description).
- July 24, 2020: In Other Information I Receive from Third-Party Sources, updated the paragraph about information I may receive from other visitors (the paragraph beginning, “From time to time …”) to specifically mention car photos. (People frequently send me pictures of interesting cars for various reasons!) Updated Cookies and Similar Technologies and the Cookie Notice to clarify that while the cookie descriptions in the Cookie Notice and the cookie settings accessed through the “Access Your Privacy and Cookie Preferences” button are intended to be identical save for minor variations in formatting and text style, in the event of any substantive discrepancy, the Cookie Notice version(s) shall govern. Updated Browser Tests and the Browser Tests section of the Cookie Notice to note that the login page for the administrative dashboard also conducts similar tests (something that was already mentioned in the Cookie notice section on Administrative and Login Cookies) and amended some of the existing text, deleting the wording about the local storage lasting the duration of your visit (which may not always be the case depending on the test and what browser you’re using) and the line about not using the test results information to track or individually identify you. (Some jurisdictions now take such an expansive view of what information may be considered personally identifying that I’d rather not argue the latter point.) In the Who I Am section of this page, amended the anchor text for the link to the Controller/Responsible Party, Questions, and How to Reach Me section in the interests of clarity. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, added handwritten notes, documents, and/or other examples of individuals’ handwriting (in whatever medium) to the examples of other types of personal information.
- July 23, 2020: In the Cookie Notice, made some changes to the descriptions of the cookies (principally stylistic) in hopes of making those descriptions clearer and easier to read. Also made some minor corrections to the references to PayPal on this page and the Cookie Notice (their privacy policy is called the Privacy Statement, and “Statement on Cookies and Tracking Technologies” was supposed to be singular rather than plural). In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, added information collected through cookie and/or similar technologies to the listed examples of identifiers collected. In that notice and the Data Related to Recruitment/Hiring or Professional Partnerships section, also changed “professional certification and/or licensure” to “professional certifications and/or licensure.”
- July 22, 2020: Moved or copied some of the information from the Definitions and the Cookies and Similar Technologies section of this page to the Cookie Notice. Revised and rearranged the Cookie Notice text to accommodate the additions, improve clarity, and limit repetition. Revised the Cookies and Similar Technologies section to better reflect the move. Updated the Definitions of “Cookies and similar technologies” (both on this page and the Cookie Notice) to change “Some online services …” to “Some websites and/or online services …” Copied some of the information from the Browser Tests section to the Cookie Notice (since that section describes certain information that may be stored in a visitor’s browser). Added an additional category of information to Browser Tests; Security Scans; Embedded Content; Consents and Agreements; Age Verification; Comments; Other Messages, Inquiries, and Support Requests; and Data Related to Recruitment/Hiring or Business Partnerships: “special: information collected via cookies and/or similar technologies.” (This is really a clarification rather than an addition, since it pertains to how information may be collected rather than what information is collected, which was already encompassed by the existing categories. For example, the information the website may collect when someone submits a comment is the same whether that user has saved their name and email address in cookies or types it in each time.) In Disclosure of Personally Identifying Information, added an internal hyperlink to the Embedded Content section. Clarified some points in the previous entry (July 21, 2020) in the revisions list. Removed some extra spaces here and on the Older Privacy Policy Revisions page. Added a trademark disclaimer statement to the Older Privacy Policy Revisions page. Copied part of the final paragraph of Disclosure of Personally Identifying Information (a portion of the sentence beginning “While no online website —”) to the beginning of Security Scans — where it more logically belongs — and amended the paragraph in the latter section to clarify that it is (now) reiterating the point. (Also changed “https” to “HTTPS” for stylistic consistency.) In Website Server, Error, and Security Logs, changed “trying to access the site’s administrative area” to “trying to access the site’s administrative dashboard” for clarity. Added trademark notices for Creative Commons. In License for This Policy, changed the phrase “both the original and this document” to “both their policy and this document” in the interests of clarity.
- July 21, 2020: Updated the Website Server, Error, and Security Logs and Security Scans sections to state explicitly that some of the information gathered by the logs and/or security measures “may be considered personal information or potentially personally identifying information in at least some jurisdictions” and more clearly explain that certain logs and/or security measures may record the username, user ID, and/or other identifiers associated with administrative users involved in (or appearing to be involved in) certain actions or events. Also added the latter to the categories listed in the Consents and Agreements, Age Verification, Comments, and Contact Forms sections. (I’ve categorized this type of data as “special” because it normally doesn’t apply to you at all if you’re not one of this website’s administrative users; in most cases, it’s only collected from me when I use site functions like comments. The principal exceptions would be if someone else used or attempted to use my user credentials on this website, or tried to create and/or use new user credentials, as part of an intrusion or hacking attempt.) In Website Server, Error, and Security Logs, also amended the paragraph about email alerts to change “If the event is a potential threat, it may include the IP address of the device involved (which is also recorded in the website logs)” to “The alert may include some or all of whatever data the logs recorded.” Made a number of minor changes to the language in those sections to accommodate these additions and improve readability. Updated Other Messages, Inquiries, and Support Requests to rename the category “information on or provided by third-party services (as applicable)” to “special: identifiers and/or other information provided by and/or specific to third-party services (as applicable)” for completeness. Also added that category to Data Related to Recruitment/Hiring or Business Partnerships (replacing “information provided by third-party services (as applicable)”), Financial Transactions Policy, Transaction-Related Information I Receive from Third Parties, and Other Information I Receive from Third-Party Sources. (This category is intended to better encompass a whole range of information that identifies or is associated with the users of various third-party services; for example, an individual’s unique ID number or username on a particular service would fall into this category. It’s necessarily general because it may vary dramatically depending on the specific services involved.) In Data in Submitted Images, also changed the category “potentially personally identifying information such as (without limitation) license plate and/or vehicle identification numbers*” to “special: other visible and/or audible identifiers and/or potentially personally identifying information (such as (without limitation) a pictured car’s license plate and/or vehicle identification numbers)*” (since a license plate number or VIN is probably now considered an identifier in many jurisdictions). Throughout this policy, also revised the category lists to ensure that sections listing multiple “special” categories separate them by semicolons, with each category preceded by “special:” (which is hopefully less confusing). In Other Messages, Inquiries, and Support Requests, also added a that information that pertains to my articles or other content (for example, if I interview or consult with you in connection with an article) may be published or disclosed in that context, as already stated in the Other Information I Receive from Third-Party Sources section. In Disclosure of Personally Identifying Information, changed “storage facilities” to “storage facilities (including, though not limited to, providers of safe deposit boxes)” and changed “postal services, common carriers, and/or shipping agencies” to “postal services, common carriers, shipping agencies, and/or mailbox rental services.” In Other Information I Receive from Third-Party Sources, made various minor edits to the paragraph about research related to my content (the paragraph beginning “I routinely gather information …”). In Contact Forms, changed “I may amend and/or update the applicable content to incorporate and/or reflect the factual substance of your corrections, clarifications, and/or suggestions” to “I may incorporate the factual substance of your corrections, clarifications, and/or suggestions into the applicable content” and added a new second bullet point to that list reading, “If your inquiry provides significant assistance with the management of this website, my content, and/or some related matter(s), I may elect to publicly acknowledge and/or thank you by name or applicable pseudonym, unless you ask me not to or I reasonably surmise that you prefer not to be acknowledged or identified.” Adjusted references to my newer smartphone to match the way the manufacturer styles the model name. Updated the preamble and Cookies and Similar Technologies to note that the Cookie Notice also constitutes the “cookie policy” for this website, for jurisdictions that explicitly require such a policy. Also added a similar note to the Cookie Notice itself. In Disclosure of Personally Identifying Information, completely rewrote the bullet point about information incorporated into my content (which previously began “As part of journalistic, historical, critical, or other nonfiction accounts”) and the paragraphs later in that section regarding information incorporated into content that I license or sell, also deleting the paragraph about keeping certain information separate (since it was confusingly framed and I couldn’t figure out a suitable generalizable way to coherently express the intent). (These revisions don’t represent a change in my practices — although the revised language is slightly broader in scope — but rather my ongoing efforts to explain the normal activities of a professional writer/editor within the context of this policy, something for which I have few useful models. As you may gather, I remain deeply uneasy about the potential impact of the various state and national privacy laws and regulations on freedom of expression, freedom of the press, and my livelihood.) Elsewhere in that section, changed the phrase “are difficult to quantify” to “is difficult to quantify” (a point of troublesome grammar). In that section, Advertising, and the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, changed “they may gather information about you as described …” to “they may gather and use information about you — potentially for various commercial purposes — as described …” In the instance in Disclosure of Personally Identifying Information, also added the sentence “This could conceivably be deemed to constitute sharing information “for commercial purposes” as the CCPA defines it, even if I do not directly provide any information about you to those advertisers” to the end of the applicable paragraph.
- July 20, 2020: In Disclosure of Personally Identifying Information, added I.R.I.S. (which makes OCR software) to the examples of third-party service providers. Added or updated more trademark notices through this page (and, where applicable, the Cookie Notice), sometimes making minor adjustments to the surrounding text to fit. Also corrected the capitalization of Startpage and fixed some stray uses of “we” and “our” rather than “I” and “my.” Made various other wording adjustments to Disclosure of Personally Identifying Information, including changing “other services for sharing images and/or other media, and/or audiovisual streaming services” to “other services or platforms for sharing images and/or other media, and/or audiovisual streaming services or platforms”; changing “sites and/or services for publishing and/or distributing audiovisual content” to “platforms and/or services for publishing and/or distributing audiovisual content”; and changing “Voice over Internet Protocol (VoIP), voice chat, teleconferencing, and/or video chat services; other types of messaging and/or chat services, apps, and/or clients …” to “Voice over Internet Protocol (VoIP), voice chat, teleconferencing, and/or video chat apps, clients, platforms, and/or services; other types of messaging and/or chat apps, clients, platforms, and/or services, such as (without limitation) …” (This is mostly nitpicking, as the distinction between a “platform” and a “service” is at best hazy and a client can be either an app or a service; the point is to cover a range of service providers who may use different terms for similar concepts.) Also changed “Other providers whose services enable me to operate and secure my devices and/or data …” to “Other providers whose services enable me to operate and/or secure my devices and/or data …” and adjusted the wording of the reference to IPinfo.io (mainly to avoid the possessive after “LLC”). Also in the Cookie Notice, made some minor changes to the description of the cookies used by the PayPal button(s). Throughout this page, changed a number of instances of the phrase “potentially identifying” to “potentially personally identifying” for internal consistency. In Website Server, Error, and Security Logs; Security Scans; and Information I Receive from Third Parties for Security Purposes, updated the category descriptions at the beginning of each section to note that of the other technical details collected, “(some of which might be potentially personally identifying)” (which, as noted in the Definitions, refers to information that may be personally identifying in some contexts and/or in combination with certain other information). Also added news services and online publications to the examples of third-party vendors and service providers under Disclosure of Personally Identifying Information.
- July 19, 2020: In Disclosure of Personally Identifying Information, updated the references to Microsoft (to note explicitly that I also use Microsoft Office; this isn’t new, but it previously wasn’t expressly stated), Adobe and Apple (to adjust the trademark information), and LibreOffice (to properly capitalize The Document Foundation and change “LibreOffice software” to “LibreOffice suite,” since it’s technically a suite of several interrelated software programs). Also in that section, changed “public relations firms” to “public relations services”; changed “advertising agencies” to “advertising agencies and/or services”; added online scheduling, task management, meeting, and/or collaboration platforms, tools, and/or services to the specified examples of other types of service providers; changed “messaging services, apps, and/or clients” to “other types of messaging and/or chat services, apps, and/or clients” for completeness; and amended the reference to online file transfer, file sharing, and/or file storage services by adding the parenthetical phrase “(which may include, but are not necessarily limited to, cloud storage services)” to the description (for clarification). Added additional Microsoft trademark notices in Security Scans, Information I Receive from Third Parties for Security Purposes, Information Captured by Service/Software/App/Device Telemetry, and throughout Disclosure of Personally Identifying Information. Also added some additional Google trademark notices to those sections and to Embedded Content; Other Inquiries, Messages, and Support Requests; Financial Transactions Policy; Additional Information About Data Retention; and the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice. Added trademark notices to the references to Amazon Web Services in Other Inquiries, Messages, and Support Requests and Disclosure of Personally Identifying Information. Added or updated trademark notices throughout this page and added a variety of trademark notices to the Cookie Notice, sometimes making minor adjustments to the surrounding text to fit. In the Cookie Notice, also deleted the words “strictly necessary” from the description of the Privacy and Cookie Preferences cookies (since that may not have been entirely accurate from a legal standpoint, although those cookies are currently this website’s only means of managing your cookie preferences.) Also updated the License for This Policy section to note that a changelog for the Automattic Privacy Policy can also be found in the repository mentioned in that section. Moved items on this list from prior to January 1, 2020, to the separate Older Privacy Policy Revisions page for space reasons and updated the license information on that page to include trademark attribution. In Legal Bases for Collecting and Using Information, changed “complying with the terms of a Creative Commons or other license …” to “complying with the terms of a license …” In Other Information I Receive from Third-Party Sources, changed “under a Creative Commons or similar license …” to “under a Creative Commons license or other, similar license …”
- July 18, 2020: In Disclosure of Personally Identifying Information, added “file-sharing services” in the examples in the bullet point on search engines and/or other research tools. (This is basically just a clarification, as such services would fall into one or more categories already listed among those examples, and are also listed among the “other types of service providers” examples.) Also in that section, further updated the language about the Privacy Shield Frameworks and added a note that a recent European court ruling has declared those frameworks invalid as a means of complying with European data protection regulations. Made a slight correction to the description of Signal: removing the comma from “Signal Messenger LLC” (upon belatedly realizing that they don’t use a comma before “LLC”). In Financial Transactions Policy, amended the Information Sharing subsection to change “To the applicable email and/or telephony provider(s) …” to “To the applicable email, telephony, and/or other communications service provider(s) …” (This is a clarification, and should hopefully be reasonably self-evident; obviously, transaction-related communications via some third-party service necessarily entail sharing certain information with the applicable service provider, even if the means of communication include something other than email or telephony.) Also made some minor adjustments to the description of Bitdefender in that section (to better describe the scope of Google services the these apps may incorporate and/or utilize). Also made some updates to the enumerated examples of Google trademarks in that section and changed the phrase “I could theoretically still use Blogger through my Google account” to “I could theoretically still use Blogger through my Google account(s).” In Cookies and Similar Technologies, Consents and Agreements, Age Verification, and the Cookie Notice, changed several instances of the phrase “on your computer or device” to “on your device/browser” for internal consistency. In Embedded Content, revised the description of BootstrapCDN to change the phrase “your computer or device” to just “your device” (again for internal consistency). In Website Server, Error, and Security Logs, changed “about each computer or device” to “about each computer or other device” for clarity (since in the context of this policy, a computer is a type of device, although not all devices are necessarily computers). Adjusted the wording of the first paragraph of the Cookie Notice, adding the phrases “though not necessarily limited to” and “again without limitation” after the word “including” and adding storing your comment data to the examples of site functions that use cookies.
- July 17, 2020: In Security Scans, changed the phrase “Among the website security measures I use on this website is the Sucuri Security plugin …” to “Among the website security measures I may use on this website is the Sucuri Security plugin …” (As noted elsewhere in this policy, which specific security measures I use may vary.) In that section and Embedded Content, updated the language about Sucuri and Cloudflare’s Privacy Shield certification (they’re both certified under both the EU-U.S. and Swiss-U.S. frameworks, not just the EU-U.S. framework). Made some minor adjustments to the language regarding Privacy Shield in the Disclosure of Personally Identifying Information. (To be clear, I am not Privacy Shield certified, but some of my third-party service providers and/or vendors are, so I want to make sure I’m describing the Privacy Shield Frameworks correctly.) Also changed the Privacy Shield examples in that paragraph from “Adobe Inc., Cloudflare, Google, HP, and Sucuri …” to “Adobe, Cloudflare, Google, HP, Microsoft, and Sucuri …” In the list of examples of third-party service providers and vendors in that section, also changed “Adobe® Inc.” to just “Adobe®” and the first reference to “Apple Inc.” to just “Apple” (mainly for consistency of language. In Your Rights (GDPR and Other National or State Privacy Laws), changed the phrase “(aka the “GDPR”)” to “(aka the “GDPR” or “EU GDPR”) for clarity and amended the paragraph about government data protection authorities to distinguish the EU GDPR and the UK GDPR, update the link to the list of EU data protection authorities, and add a link to the UK ICO (which is the British data protection authority and will remain so in the wake of the UK’s withdrawal from the EU). In the first paragraph of the California Privacy and Data Protection Rights section, deleted the comparison to the European GDPR to avoid confusion. In Legal Bases for Collecting and Using Information, changed “such as the EU or UK General Data Protection Regulation (GDPR) or the forthcoming Brazilian Lei Geral de Proteção de Dados (LGPD)” to “such as the European General Data Protection Regulation (aka the “GDPR” or “EU GDPR”), the UK GDPR, or Brazil’s Lei Geral de Proteção de Dados (LGDP)” for internal consistency. In the first item in the list of bases, changed the parenthetical example from “(such as comments)” to “(such as comments and user feedback forms).” In Who I Am, changed “many of the vendors and third-party service providers …” to “many of the other third-party vendors and service providers …”
- July 15, 2020: In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, revised the wording of the bullet point on legal information to change “… accused of, charged with, and/or convicted of a crime …” to “… accused of, charged with, and/or convicted of crime(s), infraction(s), and/or misconduct …” In Disclosure of Personally Identifying Information, changed “some or all of those vendors and/or service providers may use …” to “some or all of my vendors and/or service providers may use …” for greater clarity. In Security Scans, updated the paragraph about anti-theft/loss-protection features to note that I may also use similar features to protect my desktop computer, including, though not necessarily limited to, security features of products and/or services provided by Microsoft. In Embedded Content, added the following sentence to the paragraph beginning, “Please note that the types of information embedded content providers may collect …”: “Similarly, some or all of my embedded content providers may use various subcontractors, subprocessors, vendors, subsidiaries, affiliates, and/or partners to process information related to their services, which is also outside of my control and generally beyond my reasonable ability to enumerate here.”
- July 14, 2020: In Disclosure of Personally Identifying Information, changed “where I might share information related to this website” to “where I might discuss and/or promote this website, its content, the management of my business operations, and/or my other creative endeavors” and changed “…” search for and/or purchase materials related to my research, my content, and/or this website” to “… search for and/or purchase materials related to this website, its content, the management of my business operations, and/or my other creative endeavors” for greater consistency. Also in that section, added a note explaining that the use of the Roundcube mail client is also subject to the DreamHost Privacy Policy (since DreamHost actually operates the client and the mail servers to which it connects); changed “operate and secure my devices” to “operate and secure my devices and/or data” (which is a more broadly accurate description); and changed various instances of “in the course of my business and/or in some context related to this website” to “in some context related to this website and/or in the course of my business” (which is more in keeping with the scope of this policy). In the description of the Sucuri Security plugin in Security Scans, changed “… that perform certain suspicious actions” to “… that perform certain actions (e.g., adding or editing a post, updating or installing a plugin).” (The plugin may log a variety of routine administrative activities that aren’t necessarily suspicious in and of themselves.) Updated the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice to add vaccinations to the enumerated examples of medical information collected. In the same section, in the paragraph immediately following the bullet-pointed list, added the parenthetical phrase (“but without limitation”) after “(For example …” for emphasis.
- July 13, 2020: In Definitions, made some nitpicking adjustments to the wording of some definitions, inserting additional instances of the phrases “(without limitation),” “(again without limitation),” and/or “(though not necessarily limited to)” for emphasis and changing an existing instance of “such as” to “e.g.” In the definition of Identifiers, changed “that expressly identify an individual, household, or specific device” to “that specifically identify an individual, a household, or a device” (which is a bit more accurate). In Disclosure of Personally Identifying Information, added photo-sharing services and other services for sharing images and/or other media to the examples of third-party service providers. (This is mainly a clarification, since most such services would also fall into one or more of the categories already described in that section.) In Legal Bases for Collecting and Using Information, changed “European data protection laws” to “data protection laws such as the EU or UK General Data Protection Regulation (GDPR) or the forthcoming Brazilian Lei Geral de Proteçao de Dados (LGPD).” Updated Security Scans to add a link to the Privacy Shield website for more information on that framework. In Disclosure of Personally Identifying Information, updated the note on the Privacy Shield Framework to note that Privacy Shield participation may in some instances also cover the transfer of data subject to Swiss data protection laws and/or the UK GDPR, but additional requirements may apply; added a link to the Privacy Shield Program website for more information. In Your Rights (GDPR and State Laws), updated the first paragraph to also reference the UK GDPR and the Brazilian LGPD. Changed the name of that section to “Your Rights (GDPR and Other National or State Privacy Laws)” and updated the Table of Contents. Added Google Search Console (formerly known as Google Webmaster Tools) to the enumerated examples of Google services among the examples of third-party vendors and service providers listed in Disclosure of Personally Identifying Information. (This again is just a clarification; as that section already indicated, the range of Google apps, services, and/or tools I may use and/or offer is too extensive to list more than a sampling.) Throughout the text of this policy and the Cookie Notice, changed various instances of the phrase “potentially identifying information” to “potentially personally identifying information” for consistency. (I realized I had inadvertently alternated between the two versions in different portions of the text; although I regard those phrases as synonymous, I want to make the usage consistent throughout.)
- July 12, 2020: In Disclosure of Personally Identifying Information, added parking attendants, security guards, property managers, receptionists, and/or other such functionaries to the examples of third-party vendors and service providers. In the Online Tracking section, changed the words “on this site” to “on this website” for clarity and added a final paragraph to the end of that section noting that other websites or online services, including ones to which I may link and/or on which I have accounts, may use various web analytics services and/or tools, which in most cases is outside of my control. That paragraph also notes that analytics tools used on my Ate Up With Motor and 6200 Productions websites are described in those websites’ respective privacy policies. Added a similar paragraph to the end of the Embedded Content section. Updated the Cookie Notice to change “The use of cookies and/or similar technologies by third-party sites and/or services …” to “The use of cookies and/or similar technologies by third-party websites and/or services …” for greater consistency. In Information I Receive from Third Parties for Security Purposes, added the DTEK by BlackBerry app to the listed examples of sources of security-related information. (This is one of the suite of BlackBerry Limited apps and services that came preinstalled on the newer of my BlackBerry smartphones.) Also updated the Security Scans section to note that BlackBerry Limited is another of the principal providers of security measures I use for my mobile devices. (The BlackBerry security features are primarily concerned with electronic security rather than anti-theft/loss-protection, but there may be exceptions that would fall within the scope of that paragraph.) Fixed a formatting error in the revisions list. Fixed a typo in Security Scans: “the security of my system, devices, and data” should have read “the security of my systems, devices, and data.”
- July 10, 2020: In the first paragraph of Information I Receive from Third Parties for Security Purposes, changed “… and/or user agents that may be associated with malicious activity such as spam” to “… user agents, and/or other such information that may be associated with malicious activity such as (without limitation) spam and/or attempts to transmit or otherwise propagate malicious code.” (This is really just a clarification; the types of information enumerated in that paragraph are the most common and typical examples, but not necessarily an exclusive list, and of course spam is only one possible type of malicious activity.) In the following sentence, changed “(without limitation)” to “(again without limitation)” for better flow. In the following sentence, changed “(without limitation)” to “(again without limitation)” for better flow. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, changed “Information about other household members (e.g., roommates and/or pets)” to “Information about other household members (e.g., roommates) and/or pets.” (This is just a nitpicking clarification; a pet is usually not considered a household member in a legal sense.) In Disclosure of Personally Identifying Information, added job search and/or professional networking sites and/or services, employment agencies, and sites and/or services for publishing and/or distributing audiovisual content (e.g., videos and/or podcasts) to the examples in the bullet point about services and/or service providers that help me promote and/or sell (or otherwise offer for commercial advantage) my content, writing/editing/writing consulting services, and/or other creative endeavors, also rearranging the order of some of those examples. Corrected some inadvertent uses of “we” and “our” rather than “I” and “my” in recent entries in this Recent Revisions list.
- July 9, 2020: In Embedded Content, added a bullet point for the Sucuri Security plugin described in the Security Scans section. (That section already describes the plugin’s functions, but some components of the plugin do qualify as embedded content, so I decided it would be appropriate to also mention it in the Embedded Content section.)
- July 8, 2020: In Embedded Content, updated the entry on Yoast to also mention the remotely served functionality provided by Ryte (which is incorporated into recent versions of the Yoast SEO plugin) and my fruitless efforts to determine from the developers whether the plugin’s remotely served components gather personal information about logged-in administrative users. (Any such information-gathering would apply only to users logged into the site’s administrative dashboard, not visitors to the publicly facing website, but it needs to be reflected here regardless.) Elsewhere inn Embedded Content and in several prior entries in this Recent Revisions list, corrected some inadvertent uses of “we” and “our” rather than “I” and “my.” In Cookies and Other Technologies, moved the example about showing or hiding banners for first-time visitors to parentheses; changed “&hellip and to ensure that …” to “… and to help ensure that …”; and changed “such as” to “e.g.” Added another sentence to the end of that paragraph: “Certain other site functions and/or site content may require the use of cookies and/or similar technologies to function properly.” Toward the end of that section, changed “some site features may not function …” to “some site features and/or site content may not function … for consistency and added a paragraph about the use of cookies and/or similar technologies by third-party services. Also updated the Cookie Notice to mention that, to reflect the revised language about cookies and/or similar technologies recently added to the Embedded Content section, and to clarify that this Recent Revisions list now also includes changes to that notice. Fixed a punctuation error in this Recent Revisions list.
- July 7, 2020: In Definitions, renamed “Cookies and local storage” to “Cookies and similar technologies” and further refined that definition. In Cookies, changed “(such as local storage)” to “(such as local storage objects)” (which is both more accurate and more grammatically correct in that sentence). In Embedded Content, further adjusted the language and descriptions, including using the phrase “cookies and/or similar technologies” (which is how other privacy policies tend to characterize these technologies), smoothing out the wording, and simplifying and/or further clarifying some of the specific descriptions. Subsequently made an additional round of revisions to Embedded Content to further refine this language. Renamed the Cookies section to “Cookies and Similar Technologies” and changed other references to that section accordingly (both on this page and the Cookie Notice, which previously had erroneously identified that section as the “Cookie Policy” section, an inadvertent holdover from an earlier version of this policy). In Comments, corrected another stray reference to “Cookie Policy” section to refer to the “Cookies and Similar Technologies” section instead and added an internal link to that section. In Financial Transactions Policy, changed “PayPal may use cookies and/or “web beacons” (such as so-called “tracking pixels” and “pixel tags”) in the payment button and/or in the shopping cart to collect and track data about users” to “PayPal may also use cookies and/or similar technologies in the payment button and/or the shopping cart to collect information about, track, and/or identify users, in addition to whatever information the service may collect to log you into your PayPal account (if any) and/or complete your transaction” (which is more accurate and more internally consistent). In Advertising, added the parenthetical aside about information-gathering by ads on the administrative dashboard that already appeared in the Disclosure of Personally Identifying Information section, for greater internal consistency. In the latter section, reordered that aside in the paragraph in which it appears (which entailed splitting the first sentence in that paragraph into two sentences with the parenthetical aside between them), again for the sake of consistency. Also in Definitions, amended the definition of “Personal information/personally identifying information” to change “(or in combination with certain other information)” to “(and/or in combination with certain other information” and amended the definition of “Identifiers” to change “… to be personal identifiers” to just “… to be identifiers” (which is more accurate).
- July 6, 2020: In Definitions, fixed a formatting error inadvertently created during yesterday’s revisions and further amended the “Cookies and local storage” definition for greater accuracy. Updated the Cookies section to also mention “similar technologies” such as local storage of information. Also updated Browser Tests to note that the results of the tests may be stored in your browser’s local storage for the duration of your visit. (This is how the test have always worked, but I struggled to properly explain it.) Further amended the Embedded Content section for greater accuracy and to further refine the new language added yesterday about local storage. (Again, this isn’t a procedural change, but an effort to more accurately explain technically complex concepts of which I don’t have a robust understanding myself!)
- July 5, 2020: In Embedded Content, changed the phrase “and/or other domains owned by WordPress, such as …” to “and/or other domains owned by WordPress, such as (without limitation) …” and changed “… or other WordPress-related messages” to “… and/or other WordPress-related information.” (This is just a clarification.) Fixed an HTML error in the revisions list. In Other Inquiries, Messages, and Support Requests, added a paragraph about communications by some means that is accessible to multiple users (e.g., via email discussion group or group chat, on social media, and/or by transmitting electronic files via shared FTP folder(s)) and/or publicly accessible, noting that such communications may be visible to anyone with access to the shared medium and that I cannot control and accept no responsibility for what third parties may do with information shared in such ways. (I hope this is reasonably self-evident!) In the following paragraph, changed “may publish such communications” to “may publish your communications” for a more natural progression from the inserted language. In the paragraph about data retention at the end of the section, changed “any third-party websites or services you use to contact …” to “any third-party websites or services you may use to contact …” Updated Information I Receive from Third Parties for Security Purposes to note that I may also receive alerts and/or other security-related information from various sources regarding third-party data breaches that could potentially expose my online credentials and/or other personal information to malicious actors. In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, fixed a punctuation error (incorrectly nested parentheses in the example regarding the processing of payments) and changed “my bank(s) and the applicable payment processor, if any” to “my bank(s) (or other applicable financial institution(s)) and the applicable payment processor(s), if any (e.g., PayPal®)” for greater internal consistency. In Definitions, updated the definition of cookies (which has been renamed “Cookies and local storage”) to include a brief definition of local storage of potentially identifying information (a technology which is sometimes used in addition to or instead of cookies). Updated Embedded Content to add language about local storage (which many embedded content providers and other online services now use along with cookies), insert a new bullet point about embedded content from Twitter, and add a disclaimer that embedded content providers may also use and/or add other information-gathering and/or tracking technologies beyond what I can reasonably specify in that section. Made various other minor adjustments to the wording of that section for clarity. Further updated the adjusted language in that section to fix my repeated but unintentional use of “store other personally identifying information” when I meant to say “store other potentially identifying information” (an error I repeated an embarrassing number of times by careless use of copy-paste) and made a number of additional minor adjustments and updates to the text, including changing the language about displaying videos or Tweets to be a bit broader in scope (including sharing and/or otherwise displaying the content as well as posting it) and fixing an inadvertent use of “us” rather than “me.”
- July 4, 2020: In Disclosure of Personally Identifying Information, added rental services and/or rental agencies for vehicles such as (without limitation) cars, trucks, vans, bicycles, scooters, and/or boats.
- July 3, 2020: In Security Scans, added a new paragraph about anti-theft/loss-protection security measures for my devices that may collect additional personal information under certain circumstances.
- July 1, 2020: In Disclosure of Personally Identifying Information, added the Roundcube project (whose open source webmail client software my web host uses) to the examples of third-party service providers. In the description of Font Awesome in that section, changed “web mail” to “webmail” for consistency. Updated the Other Information I Receive from Third-Party Sources section to add language about information I might receive from or through social media services and to insert an explicit reference and an internal link to the Additional Information About Data Retention section. (Since the latter section presently follows immediately after Other Information I Receive from Third-Party Sources, I hadn’t previously included such a link, but I added it now for convenience and ease of reference.) Toward the end of Other Information I Receive from Third-Party Sources, also changed “other non-public information” to “other, non-public information” (which better expresses the intended meaning).
- June 29, 2020: In Other Information You Provide to Me, added a note regarding submitted images and/or other media, with an internal link to the Data in Submitted Images section. Also changed the parenthetical aside from “(These are just a few hypothetical possibilities.)” to “(These are just a few of the many possibilities.)”
- June 28, 2020: In Information I Receive from Third Parties for Security Purposes, added social media services to the examples of sources from whom I may receive such information and changed “Internet service provider, mobile carrier, bank …” to “Internet service provider(s), mobile carrier(s), bank(s)/financial institution(s) …” for internal consistency. In Disclosure of Personally Identifying Information, created a new sub-bullet for social media services on which I have accounts and/or where I might share information related to this website in the list of examples of third-party service providers. Moved the existing bullet point about Flickr to that sub-bullet. Tinkered a bit with the wording of the new language.
- June 27, 2020: In Security Scans, Financial Transactions Policy, and Other Information I Receive from Third-Party Sources, changed several instances of “such as (for example, but without limitation)” to just “such as (without limitation)” (for internal consistency and because “for example” is probably redundant in those instances).
- June 26, 2020: In Security Scans, changed “and/or the various Google services I use (e.g., the Google Voice communications service …” to “and/or other applicable service provider(s) (e.g., the various Google services I use, such as (for example, but without limitation) the Google Voice communications service …” In Comments; Contact Forms; and Other Inquiries, Messages, and Support Requests, adjusted the language referring to the Security Scans section (regarding messages being scanned for spam and/or malware) to be more consistent with the wording of the latter section. Added similar language to the Information Sharing subsection of the Financial Transactions Policy section. In Other Inquiries, Messages, and Support Requests, also changed “other services place the entire message text in the notification” to “other services include some or all of the message in the notification.” In Website Server, Error, and Security Logs, added a sentence noting that email alerts may be scanned for spam and/or malware (also referring to the Security Scans section) and changed “since my web host …” to “because my web host …” (which is more grammatically appropriate).
- June 25, 2020: A number of minor wording adjustments for internal consistency: In Website Server, Error, and Security Logs, changed “may be captured in backups created by me or my web host” to “may be captured in backups created by me and/or my web host.” In Comments, changed, “may have been accessed or used” to “may have been accessed and/or used.” In Data in Submitted Images, changed “backup files created by me or my web host” to “backup files created by me and/or my web host” and changed “may have already been accessed or used by third parties” to “may have already been accessed and/or used by third parties.” In Information I Receive from Third Parties for Security Purposes, changed “applications/services” to “applications/software/services.” In Disclosure of Personally Identifying Information, updated some of the descriptions of third-party service providers to change a number of instances of the word “applications” to “software” for greater clarity. In the latter section, also changed “Internet firewall applications/services” to “Internet firewall applications/software/services” and changed “TinyWall and …” to “TinyWall and/or …” for consistency. Also updated the sentence beginning “Where I become aware of such a case, I will take reasonable efforts to keep separate any information I have gathered through or in connection with this website …” to insert the parenthetical phrase “(e.g., the IP addresses in the logs, the email addresses associated with comments and/or form submissions)” in hopes of clarifying the intended scope of that paragraph.
- June 23, 2020: In Disclosure of Personally Identifying Information, added a new paragraph following the bullet-pointed list regarding the possibility of roommates, houseguests, other cohabitants, and/or visitors becoming incidentally aware of certain personal information pertaining to this website and/or my business operations, in ways that are hard to avoid with any business activity conducted at home. Added similar language to the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice. In the subsequent paragraph of the latter section, also changed the phrase “in such contexts” to “in the above contexts” to avoid any potential confusion due to the added paragraph.
- June 21, 2020: In Disclosure of Personally Identifying Information, further adjusted the description of BlackBerry Limited by adding “(and/or, where applicable, their subsidiaries and/or affiliates)” after the corporate name to better reflect the framing of their Privacy Policy. Also changed “its previous corporate name” to “the previous corporate name” to avoid an unclear antecedent. Changed “other service providers, and/or other vendors” to “various subcontractors, subprocessors, vendors, subsidiaries, affiliates, and/or partners” and, at the end of that bullet point, changed “any third-party subcontractors, subprocessors, vendors, and/or partners those entities may employ or utilize …” to “any subcontractors, subprocessors, vendors, subsidiaries, affiliates, and/or partners those entities may employ and/or utilize …” for greater internal consistency. Updated the description of Abine’s Blur to also mention their email masking tool.
- June 20, 2020: In Disclosure of Personally Identifying Information, updated the descriptions of TCT and BlackBerry Limited to clarify that TCT made the hardware for the newer device and BlackBerry Limited makes the suite of BlackBerry apps, services, and software both devices use. Also adjusted TCT’s corporate name to match their current usage (TCL Communication Ltd., with “Limited” abbreviated) and updated the description of VeraCrypt to clarify that portions of the software are the work of various developers besides IDRIX. In that section, also changed “may use various subprocessors and/or other vendors not necessarily listed here …” to “may use various subprocessors, other service providers, and/or other vendors, not necessarily listed here, …”
- June 16, 2020: Updated the Information I Receive from Third Parties for Security Purposes and Disclosure of Personally Identifying Information sections to note that Bitdefender may also use the Google Safe Browsing API. Also updated the reference to Google Safe Browsing in the former section to note that some other apps (as well as web browsers and online services) may also use that service. Also in Disclosure of Personally Identifying Information, updated the bullet point on disclosures I deem reasonably necessary to protect property, rights, security, and/or safety to note that (as stated in the Copyright/Intellectual Property Violations section of the Terms of Use) I may forward copyright claims pertaining to material provided to me by a third party to that third party. (This provision has been in the Terms of Use for years, but I had previously neglected to mention it in the Privacy Policy.) Made a related update to the Information Shared for Business or Commercial Purposes section of the CCPA Information Collection and Sharing Notice.
- June 15, 2020: In Other Information I Receive from Third-Party Sources, made a variety of clarifications to the paragraph regarding my research process: Added “(without limitation)” after “… with third parties such as …” and added “observers, eyewitnesses, and/or other knowledgeable parties” to the examples enumerated in that sentence. (These were already listed in the related language in the CCPA Information Collection and Sharing Notice.) Later in that paragraph, changed “the subjects of my content” to “the subject(s) of my content.” Added a new second-to-last sentence: “In some cases, I may look for your contact information so I can ask you questions related to my content, request an interview, and/or let you know about content in which you were mentioned.” In the final sentence of that paragraph, changed “… or if you have disclosed the information …” to “… and/or if you have disclosed the information …” In the same section, updated the paragraph regarding information provided by third-party services to add two more examples of the type of information that might be provided: whether a contact “is typing, and/or has seen a particular message.” (These are obviously just additional examples, not an exhaustive list of possibilities.)
- June 14, 2020: Made some minor clarifications to the summary of the June 13 revisions below.
- June 13, 2020: In Embedded Content, fixed a typographical error in the description of Font Awesome: correcting “your IP address and user information” to “your IP address and user agent information” (the word “agent” had been inadvertently deleted). In Disclosure of Personally Identify Information, amended the bullet point on public acknowledgments and thanks to note that those acknowledgments may also include (where applicable) the date(s) of the assistance. (This is just a clarification of my customary practice, not a change in how I handle such acknowledgments.) In that bullet point, also changed “the type of assistance” to “the nature of the assistance provided” for greater clarity.
- June 11, 2020: In the list of examples of third-party service providers in Disclosure of Personally Identifying Information, updated the description of Firefox to clarify that that may include the desktop and/or mobile versions and changed “taxi and/or ride-share services” to “taxi, livery, shuttle, carpool, and/or ride-share services.” Also adjusted the description of Simple DNSCrypt to change “desktop computer” to “desktop computer(s).”
- June 10, 2020: In the list of examples of third-party service providers in Disclosure of Personally Identifying Information, made some minor wording adjustments to the “accessing the Internet” bullet point for clarity and internal consistency (and to fix some questionable grammar). Also added “other Internet service providers, mobile carriers, and/or wireless network services I may periodically use.”
- June 8, 2020: In Disclosure of Personally Identifying Information, added Microsoft Bing Search to the examples of third-party service providers. (This is mainly a clarification, since Bing is one of the many Microsoft “software, apps, tools, and services” mentioned elsewhere in that section.) Fixed a typo in the revisions list.
- June 7, 2020: In Disclosure of Personally Identifying Information, fixed a typographical error in the description of CompanionLink and DejaOffice CRM and adjusted the description to better explain their function. Changed “Other providers of apps, tools, and/or services I may use in connection with this website and/or its content” to “Other providers of apps, tools, and/or services I may use in connection with this website, its content, the management of my business operations, and/or my other creative endeavors” to better reflect the current language elsewhere in this policy. Adjusted the description of DreamHost in that section to change “(which also hosts the mail servers for email addresses using this domain name)” to “(which also hosts the mail servers for all email addresses using the 6200productions.com domain name)” for greater clarity. Updated Other Information I Receive from Third-Party Sources to also mention that I may sometimes receive information through third-party services and/or service providers. Amended and simplified the language in that section about software developers, added a note that software licenses typically prohibit deleting the developer information, and moved that paragraph to an earlier point in the section. Fixed a typographical error. Later in that section, changed the phrase “any attribution information” to “any of the developer credits or copyright information” for greater clarity. In Disclosure of Personally Identifying Information, fixed a punctuation error in the description of Signal and updated that description to indicate that Signal is a registered trademark.
- June 6, 2020: Updated the Additional Information About Data Retention section’s bullet points on text messages and phone calls to explain that my retention of text messages and phone records on my phone(s) is now highly variable. (This change is to reflect my increased use of a newer device that no longer allows me to globally control message retention the way my older smartphones did; if there’s a way to get the newer phone to automatically delete all unsaved messages after a certain period of time, I haven’t yet found it!)
- June 4, 2020: In Disclosure of Personally Identifying Information, corrected the attribution for MozBackup, also reordering that item in the list of examples to keep that section in more or less alphabetical order.
- May 31, 2020: In Disclosure of Personally Identifying Information, updated the attribution for Cookie-AutoDelete to reflect that browser extension’s current copyright statement. In Security Scans, updated the reference to the EU-U.S. Privacy Shield Framework to add periods to “U.S.” to match the reference in Disclosure of Personally Identifying Information.
- May 30, 2020: In Contact Forms, split the final sentence (beginning “Otherwise, I may disclose …”) into a separate paragraph. Inserted a bullet point regarding incorporating corrections, clarifications, and/or suggestions (which hopefully was reasonably self-evident, but bears mentioning). In that section, also changed “infringe on” to “infringe upon.” In Other Inquiries, Messages, and Support Requests, deleted the bullet-pointed list beginning “Unlike comments, I do not generally publish …” and replaced it with a reference to the list in the Comments section above (to avoid repeating the same list twice). Fixed a typo in Data Related to Recruitment/Hiring or Business Partnerships.
- May 23, 2020: In Data in Submitted Images, changed “I typically also gather additional information about the images I use …” to “I typically also gather additional information about the images and/or other media I use …” for internal consistency. Also changed several instances of “images or media files” to “images or other media files,” again for consistency of wording. In Other Information I Receive from Third-Party Sources, added a paragraph noting that published works I use and/or access may also contain a variety of personal information, and I may also obtain additional information about the people depicted, described, or involved with those works. Also changed “photographs and other images or media” to “photographs, other images, and/or other media.” Updated Additional Information About Data Retention to note that I typically retain indefinitely copies of published works I own, along with (where applicable) associated documentation and/or notes and any inventories, catalogs, and/or lists that I may create and/or utilize to manage my collection of such works.
- May 20, 2020: Updated the description of the NoScript browser extension in Information I Receive from Third Parties for Security Purposes and Disclosure of Personally Identifying Information to better describe its attribution. (The NoScript website‘s copyright statement attributes it to InformAction, but the copyright statement in the extension’s source code credits the extension to InformAction co-founder Giorgio Maone.) Also updated the Security Scans section to correct a reference to the Information I Receive from Third Parties for Security Purposes section (from which the word “Parties” had somehow been dropped) and fix the link, which had been configured incorrectly. In Disclosure of Personally Identifying Information, changed “journalistic, historical, or other nonfiction accounts” to “journalistic, historical, critical, or other nonfiction accounts.” (This is mostly a clarification; a review or other work of criticism is a type of nonfiction account and sometimes also a journalistic one, but spelling it out helps to better explain the intended scope of that provision.) Also updated the description of uBlock Origin in Information I Receive from Third Parties for Security Purposes and Disclosure of Personally Identifying Information to note that the extension is developed by Raymond Hill (although its associated lists are developed and maintained by various people).
- May 18, 2020: Updated the Cookie Notice to make some clarifications to the description of the WordPress administrative and login cookies. In the examples of third-party service providers in Disclosure of Personally Identifying Information, changed “bookkeeping and/or accounting services” to “bookkeeping, accounting, and/or tax preparation services.”
- May 16, 2020: In Disclosure of Personally Identifying Information, updated and expanded the bullet point regarding contractual obligations by changing “If I am contractually required to do so in connection with a dispute, investigation, or audit involving a third-party service” to “If I am contractually obligated to do so pursuant to my agreement(s) with my business partner(s), vendor(s), and/or third-party service(s), such as (without limitation) in connection with a dispute, investigation, or audit involving …” (since a business partner, vendor, or service provider could also conceivably compel me to provide information in situations other than a formal dispute, investigation, or audit, although those are the most likely examples; I changed “required” to “obligated” principally to better distinguish this bullet point from the earlier bullet point regarding legal requirements). Also clarified the example by changing “their” to “the payment processor’s” (to avoid a potentially unclear antecedent). For related reasons, updated the Financial Transactions Policy subsection on Information Sharing to change the phrase “as otherwise required by my legal agreements with …” to “as otherwise required by my contractual agreements with …” (This is a clarification; a contract is of course a legal agreement, but “contractual agreements” better expresses the intent in this instance.) In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, changed the phrase “If I am legally obligated to do so …” to “If I am legally or contractually obligated to do so …” and added “or in connection with a payment dispute or other contractual dispute” to the enumerated examples for internal consistency. In Privacy Policy Changes, changed “This Privacy Policy may be modified from time to time, at my sole discretion. Your continued use of and access to the site signifies your acceptance of any such modifications …” to “I may change this Privacy Policy from time to time, at my sole discretion. Your continued use of this website after any changes to this Privacy Policy will constitute your acceptance of such changes …” (This change is mainly to better align the wording of this policy with the privacy policy of my freelance writing website, to help me avoid confusion in the future.) Also changed “If the policy has changed since your last visit …” to “If the policy has changed since your last visit to this website …” for greater clarity. Updated the preamble to change the phrase “… which summarizes recent modifications by date” to “… which summarizes recent modifications in reverse order by date” for consistency with the description at the beginning of the revisions list.
- May 15, 2020: In Disclosure of Personally Identifying Information, added Apple Inc. to the examples of third-party service providers. Fixed a typographical error in another listed example and corrected an accidental use of “our” rather than “my.” Made some minor adjustments to the wording of the reference to Adobe in that list for greater internal consistency, also changing the first instance of “Adobe” to “Adobe Inc.” Changed the phrase “Some or all of my third-party vendors/service providers …” to “Some or all of my third-party vendors and/or service providers …” and changed “data subprocessors” to just “subprocessors” (a term that now has a specific legal meaning in some jurisdictions). Updated the reference to the EU-U.S. Privacy Shield Framework to add periods to “U.S.” (which is how the framework’s name is officially styled, at least in the U.S.); note that Adobe Inc. also complies with that framework; and add a parenthetical note that others among the listed examples of vendors and/or service providers probably do as well. (The Privacy Shield website currently lists more than 5,300 U.S. businesses as active participants, so the fact that I haven’t listed a specific service provider or vendor as a participant doesn’t necessarily mean that they are not one — there are just too many for me to keep track.) Added generic listings for “providers of other web browsers I may use” and “any other search engines I may use” to the examples of third-party service providers. (I hope this was already clearly implied, but I spelled it out for the avoidance of doubt.) Also added generic listings for healthcare providers and/or their respective staffs and “other online information services, repositories, websites, blogs, video blogs (“vlogs”), podcasts, and/or audiovisual streaming services.”
- May 14, 2020: In Disclosure of Personally Identifying Information, updated the description of taxi and/or ride-share services to change “which I may use if I travel to meet with someone via such means and/or arrange such transportation for someone in some manner related to this website” to just “which I may use if I travel via such means and/or arrange such transportation for someone in the course of my business and/or in some context related to this website” (since such travel might not always be to meet with someone, that possibility is obviously implied without needing to be spelled out, and “context” is more correct than “manner” in this instance). In that same bullet point, changed references to business trips or travel to “in connection with trips I take or arrange in the course of my business and/or in some context related to this website” for internal consistency. Also in that section, changed “such that it could not reasonably be used to identify specific person(s)” to “such that it could not reasonably be used to identify the specific person(s) and/or household(s) to whom the information pertains.” (This is another attempt to clarify the intent of that bullet point’s somewhat cumbersome wording.) Elsewhere in that section, changed “financial consulting services” to “financial advisory services” (which is a more correct term for the type of service that language was intended to describe).
- May 11, 2020: In Embedded Content, changed the phrase “what information I collect in connection with PayPal transactions with me” to “what information I may collect in connection with PayPal transactions to which I am a party and that pertain directly to this website” for greater clarity. Also fixed a typographical error in Disclosure of Personally Identifying Information (correcting the phrase “its and associated drivers” to “its associated drivers”).
- May 10, 2020: In Disclosure of Personally Identifying Information, added some other generic types of services to the listed examples of third-party service providers. In Controller/Responsible Party, Questions, and How to Reach Me, changed the phrase “can file a request” to “can submit a request” for more consistent wording. Adjusted the wording of references to the Controller/Responsible Party, Questions, and How to Reach Me section in Notice to Parents Regarding Children Under 18; Not for Children, the Age Verification section, and the CCPA Information Collection and Sharing Notice so that those references all consistently say “methods described in” rather than “methods listed under …” or “methods described under …” For similar reasons, also adjusted the wording of a reference in the Cookies section to the Cookie Notice and Privacy Tools pages (changing “the list shown in” to “the list shown on”) and of a reference in Disclosure of Personally Identifying Information to the Financial Transactions Policy (changing “as otherwise described under” to “as otherwise described in”).
- May 8, 2020: In Disclosure of Personally Identifying Information, changed the sentence “Please note that in many cases, I have no way of associating data gathered through this website with information I may have obtained about you in other contexts” to “Please note that in many cases, I have no reasonable way of associating data gathered through this website with information I may have collected about you in other contexts, or of associating different types of personal information and/or potentially personally identifying information I may have obtained about a given individual or household.” Also made that sentence the beginning of a new paragraph rather than a continuation of the previous one.
- May 5, 2020: Corrected the HTML anchor in Other Information I Receive from Third-Party Sources, which had been configured incorrectly. In Disclosure of Personally Identifying Information, corrected the internal link to the Other Information I Receive from Third-Party Sources section, which had not been updated correctly in yesterday’s revision. (I had corrected the link text, but not the link itself.)
- May 4, 2020: In Disclosure of Personally Identifying Information, revised the language of the bullet point regarding journalistic, historical, or other nonfiction accounts to change “it may also include information, corrections, clarifications, and/or additional details provided by the person(s) to whom the information pertains and/or obtained from third parties” to “it may also include non-public information obtained from a variety of sources.” Also corrected the reference in that bullet point to the Other Information I Receive from Third-Party Sources (which had not been updated properly in a previous revision) and adjusted the corresponding language in that section to match this current revision (deleting the word “certain” in the phrase “may also include certain non-public information obtained from a variety of sources,” since including that word was probably more confusing than helpful in that context).
- May 3, 2020: In Disclosure of Personally Identifying Information, added online file transfer, file sharing, and/or file storage services to the examples of third-party service providers. Rearranged the order of some of the examples in that section. Also in that section, updated the description of Microsoft to change “some of the software, apps, tools, and services I use — including, but not limited to, the operating systems for some of my devices” to “some of the software, apps, tools, and services I may use and/or offer — including, but not limited to, the operating systems for some of the devices I use” (mostly for consistency with other language in this policy, but also because at present, I own only a single device with a Microsoft operating system, although that may change in the future, and I may still sometimes use other devices with their operating systems and/or other software, apps, tools, and/or services, whether or not I own those devices).
- May 2, 2020: In Disclosure of Personally Identifying Language, amended the language about the sale or rental of information about individual site visitors to change the phrase “about a site visitor” to “about one or more site visitors.” Also amended the description of LG to change “my peripheral devices” to “my displays and/or peripheral devices” (to avoid any uncertainty about whether a display constitutes a peripheral device). In the CCPA Information Collection and Sharing Notice, changed the final bullet point in Categories of Personal Information Collected subsection from “Other data that could potentially be deemed personal information, but that does not easily fit into any of the above-listed categories” to “Other types of personal information, and/or other types of data that could potentially be deemed personal information, that do not readily fit into any of the above-listed categories.” Fixed an error in the HTML anchor for the “Controller/Responsible Party, Questions, and How to Reach Me” section.
- April 30, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to add “any other DNS resolver service(s) I may use” (as there may be various others besides Cloudflare). Also added Ysard’s Cookie Quick Manager to the listed examples of browser extensions and updated the description of Adblock Plus to add the phrase “and its related lists” for consistency.
- April 29, 2020: In Disclosure of Personally Identifying Information and the Information Shared for Business or Commercial Purposes of the CCPA Information Collection and Sharing Notice, updated the language about disposal of published works to change “incorporating personal information” and “that contain personal information” to “that contain and/or incorporate personal information” for consistency. In the latter section, also changed “or other personal property” to “or other such personal property” for greater clarity. In Disclosure of Personally Identifying Information, also added a sentence to the beginning of the list of examples of third-party vendors and service providers noting that some or all of those providers and/or vendors may use various subprocessors and/or other vendors not necessarily listed. Also amended the subsequent sentence to change “vendors/service providers” to “vendors and/or service providers.” Made a slight adjustment to the revisions list.
- April 26, 2020: In Disclosure of Personally Identifying Information, added gitg, the vDos DOS emulator, and Shahin Gasanov’s ZoneIDTrimmer tool to examples of third-party service providers. Further amended the description of Gpg4win in that list to fix a typographical error and adjust the wording. Added the Android Open Source Project’s SDK Platform Tools to the enumerated examples of Google products and services and made some minor wording adjustments to the other item in that bullet point. In Website Server, Error, and Security Logs, changed “accesses the site and its content” to “accesses the site and/or its content.” (This is a clarification; the server and error logs will usually also record attempts to access certain site content without actually visiting the site, such as if someone “hotlinks” an image.) Fixed a typographical error in this bullet point. In Financial Transactions Policy and Transaction-Related Information I Receive from Third Parties, changed “transaction-related questions or inquiries” to “transaction-related questions, inquiries, and/or comments.”
- April 25, 2020: Revised Disclosure of Personally Identifying Information and the Information Shared for Business or Commercial Purposes of the CCPA Information Collection and Sharing Notice to explain that I may also sell, lend, or otherwise dispose of copies of published works (e.g., books, magazines, DVDs) that contain someone’s personal information. (I’d hoped I wouldn’t need to spell this out, but California’s Office of the Attorney General has still failed to provide any guidance regarding the profound First Amendment implications of the CCPA regarding the sale or distribution of published works.) Also noted that the CCPA doesn’t regard transfers of information as part of the sale or transfer of a business to be sales. Rearranged and revised the text following the bullet-pointed list in Disclosure of Personally Identify Information to present the points described there in a (hopefully) more readable way. Made some further tweaks to the newly added language. Also in Disclosure of Personally Identifying Information, added the phrase “or other such devices, equipment, and/or accessories” to the bullet point on other electronic devices to emphasize that the enumerated examples are not intended to represent an exhaustive list of my electronic equipment. Also added Francesco De Stefano’s Opena11y Toolkit extension to the examples and tweaked the descriptions of the various browser add-ons in that list for more consistent wording.
- April 24, 2020: Updated the effective date, which I had neglected to do yesterday. In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, simplified the paragraph beginning “I may disclose personal information I collect through and/or in connection with this website …” to change the second sentence to “Also, as noted in that section and elsewhere in this Privacy Policy, my work as a professional writer/editor and writing consultant and/or other creative endeavors routinely involve collecting and sharing personal information, often for publication.” Struck the links to the 6200 Productions and Ate Up With Motor privacy policies (which are already included earlier in the notice). In Disclosure of Personally Identifying Information, changed “… keep separate any information I have gathered through or in connection with this website” to “… keep separate any information I have gathered through and/or in connection with this website” for wording consistency. In Information I Receive from Other Third-Party Sources, revised the paragraph about my writing and editing process to also refer to my other creative endeavors, professional or otherwise (since “creative endeavors” are referenced elsewhere in this policy; the intent is to express that some aspects of what I do creatively are not strictly writing or editing); change the phrase “research and writing process” to “research, writing, and editing process”; and note that in some cases, my research, writing, and/or editing may include inviting comment from and/or presenting questions to the public regarding related topics. Made similar adjustments to the corresponding language in Disclosure of Personally Identifying Information for consistency, also changing the phrase “in the course of researching, writing, and/or editing same” to “in the course of researching, writing, and/or editing my content and/or other creative endeavors” for clarity and consistency and changing “including, as applicable but without limitation, any associated images …” to “which may include, as applicable but without limitation, information contained in associated images …” to better express the intended meaning. Elsewhere in that section, also amended language referring images and other media to change “visible” to “visible or otherwise included” (since no one may actually be visible in some types of media, such as audio recordings).
- April 23, 2020: In Transaction-Related Information I Receive from Third Parties, corrected a reference to “transactions with us” to “transactions with me.” In the Financial Transactions Policy, fixed an inadvertent duplication of the word “and” and updated both the Transaction-Related Information Gathering and Data Retention subsections to note that I may use the information I gather to respond to your transaction-related questions or inquiries (which I hope would be self-explanatory). Expanded the Transaction-Related Information I Receive from Third Parties section to include information I may receive if I offer products or services through some third-party vendor or service. Updated that section and the Financial Transactions Policy to clarify that I may also use transaction-related information to meet my contractual obligations and fixed a grammatical issue. Further amended the Financial Transactions Policy subsection on information sharing to change “information pertaining to payments I make to you” to “personal information related to payments I make to you” (for greater clarity and to avoid using “pertain” twice in the same sentence) and to add bullet points regarding transactions made on behalf of some third party and information I share with my employees and/or independent contractors. (Those points were already effectively covered through the reference to the Disclosure of Personally Identifying Information section, but it seemed worth spelling them out more explicitly in the Financial Transactions Policy.) Made some further minor adjustments to the wording of those bullet points and to the first two paragraphs of the Financial Transactions Policy. In Disclosure of Personally Identifying Information, updated the reference to developers of WordPress plugins, themes, and/or add-ons to note that any information they collect may be through telemetry features incorporated into those plugins, themes, and/or add-ons as well as through my communications with the developers. In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, added links to the Ate Up With Motor and 6200 Productions privacy policies and inserted the phrase “… and much (though not all) of the information I collect in connection with that work is intended for publication” in the sentence beginning “Because I am a professional writer/editor and writing consultant …” Also revised the wording of the first paragraph of the Categories of Personal Information Collected subsection to better express the intended scope of the section and include references and links to the 6200 Productions and Ate Up With Motor privacy policies. Made a few other wording adjustments to match. Fixed several instances of the word “the” being duplicated. In the examples of third-party service providers listed under Disclosure of Personally Identifying Information, updated and corrected the descriptions of Gpg4win and VeraCrypt and rearranged the order of the encryption tools listed. Also fixed a couple of minor errors in the revisions list.
- April 22, 2020: In the Financial Transactions Policy, changed “applies to financial transactions with me and/or pertaining to aaronseverson.com …” to “applies to financial transactions with me pertaining to the aaronseverson.com website …” In the following paragraph, changed “applies only to transactions with me, NOT to your transactions with third-party vendors, retailers, or services” to “applies only to transactions pertaining directly to the aaronseverson.com website, and then only to transactions you enter into with me, NOT to your transactions with third-party vendors, retailers, or services, which are outside of my control” and changed “if you purchase a copy of some work I have written through an online bookseller rather than directly from me …” to “if you purchase a copy of some work I have written through an online bookseller …” (I’m concerned that the previous wording was confusing and potentially misleading as to the intended scope of the policy.) Made similar wording changes through the rest of that policy for consistency. Also struck a confusing reference to “transactions with 6200 Productions,” which does not apply to this policy, and noted in the Transaction-Related Information Gathering subsection that I may also use transaction-related information I collect for service improvement, fraud prevention, and/or other security purposes. (This was already indicated in the data retention subsection.) Fixed some punctuation errors in the data retention subsection.
- April 21, 2020: In the list of examples of third-party service providers in Disclosure of Personally Identifying Information, added Waves Audio Ltd. to the listed examples and clarified the bullet point regarding other electronic devices, also adding some other devices to the examples listed and removing one (which I just returned without ever really using). Made some further minor adjustments to the wording of my recent additions to the list of examples and changed several instances of the word “suite” to “software” for clarity. (In a number of instances in that list, I had previously used the word “suite” to refer to packages of software consisting of more than one distinct program or app, but “software” is probably clearer in context.) Removed some extra spaces.
- April 19, 2020: In Disclosure of Personally Identifying Information, added another bullet point regarding other electronic devices such as cameras and memory storage devices to the examples of third-party service providers. Tinkered further with the wording of that addition. Fixed some typos in that section. Also added Realtek Semiconductor Corp. to the listed examples, updated the description of Qualcomm (also adding a registered trademark symbol), and rearranged the order of some of the examples in the list. Added another device to the examples of other electronic devices.
- April 17, 2020: Added the Simple Mobile Tools Voice Recorder app to the examples of third-party service providers under Disclosure of Personally Identifying Information. (Hastily updated to add the correct link to the app’s privacy policy.) Also clarified the description of Librera Reader in that section. Updated Controllers, Questions, and How to Reach Me to note that I am also the “responsible party” with regard to the processing of personal information related to this website (for the purposes of local privacy laws that use that term rather than “controller”). Changed the name of that section to “Controller/Responsible Party, Questions, and How to Reach Me” and updated internal references to it accordingly.
- April 16, 2020: In the CCPA Information Collection and Sharing Notice, revised the examples of professional or employment-related information, adding “and/or client(s)” to the bullet point about employer(s); changing the phrase “certification or licensure” to “certification and/or licensure”; adding a bullet point about other professional relationships; and rearranging the order of several bullet points in that list.
- April 15, 2020: In Disclosure of Personally Identifying Information, updated the description of CompanionLink Software products listed among the examples of third-party service providers, removing the reference to DejaDesktop and adding the acronym “CRM” after “DejaOffice®.”
- April 12, 2020: In the CCPA Information Collection and Sharing Notice, amended the second list in the Information Shared for Business or Commercial Purposes subsection (including adding a bullet point about appropriately crediting someone for the use of their intellectual property) to better align it with the list in Disclosure of Personally Identifying Information. Also adjusted the punctuation in that list for greater consistency. Updated Information I Receive for Security Purposes to note that I may also receive such security-related information through the security features, firmware, software, and/or services of my routers.
- April 7, 2020: In Information I Receive from Third Parties for Security Purposes, changed the phrase “from other external sources such as …” to just “from sources such as …” (since “external” was potentially confusing here).
- April 5, 2020: In the CCPA Information Collection and Sharing Notice, made a slight adjustment to the wording of the bullet point on sex, gender, gender identity, and/or gender expression (to separate the latter two items with a comma and “and/or” rather than a slash) and added a bullet point regarding language(s) spoken and/or preferred. (This doesn’t appear to be mentioned among the statutory categories, so I’ve listed it under “Characteristics of classifications protected by law,” since language would tend to suggest or implicate one or more characteristics that ARE specified by law.) In Disclosure of Personally Identifying Information, revised the description of dnscrypt-proxy to better describe what it does (viz., allow me to encrypt my DNS queries when I browse the web from my desktop computer).
- April 4, 2020: Made some clarifications to yesterday’s entry on this revision list (April 3) regarding the changes to the Cookie Notice. Made some further adjustments to the Cookie Notice entries (regarding cookies set by embedded video players). In Definitions, updated the definition of “Cookies” to note that cookies are also used to help identify specific users or devices for analytics and/or advertising purposes. In Disclosure of Personally Identifying Information, amended the bullet point regarding journalistic, historical, and other nonfiction accounts to change “any associated illustrations, bibliographies, and/or metadata” to “any associated images, other media, bibliographies, and/or metadata”; revised the paragraphs following the bullet-pointed list to better explain the intended meaning of “non-public” information” and further clarify the intent and intended scope of that text; and added a reference to the CCPA Information Collection and Sharing Notice and the way some local laws have greatly expanded the definitions of the word “sale.” In the CCPA Information Collection and Sharing Notice, added a bullet point under “Commercial information” regarding information about retailers, vendors, and/or service providers. (This a clarification rather than a new type of information gathered, since this information is probably reasonably encompassed by the other examples listed in that category.) Amended the bullet point regarding “Information about specific vehicles” to also mention damage, repairs, and/or maintenance.
- April 3, 2020: Updated the Definitions and Embedded Content section to explain that some embedded content may be saved (cached) in your browser. Also amended the latter section to clarify that this does not only apply to Google Fonts and Google Hosted Libraries. Further amended Embedded Content to note that embedded YouTube and/or Vimeo video players may show you ads (and may set cookies and/or use information the player gathers about you for that purpose). In the CCPA Information Collection and Sharing Notice, struck the word “permanent” in the phrase “death or permanent incapacity” (making it just “death or incapacity”) and changed “heirs and successors” to “heirs, successors, and/or assigns” for consistency with the corresponding language in Disclosure of Personally Identifying Information. In Disclosure of Personally Identifying Information, adjusted that bullet point to change “to third-party purchaser(s) or acquirer(s) (including, where applicable …” to “to the third-party purchaser(s) or acquirer(s) (and/or, where applicable …” for the sake of coherency and grammar. Also in Disclosure of Personally Identifying Information, updated the description of Librera Reader in the examples of third-party service providers to make some clarifications and add a link to their privacy policy; updated the description of Google services to add references to Google advertising services (which I don’t use, but may be used by apps, services, and/or websites I use) and a few additional trademark references; and updated the reference to Adobe to change “other services or tools” to “other services and/or tools”; and updated the reference to taxis and/or ride-share services to change “to meet with you via such means and/or arrange such transportation for you” to “to meet with someone via such means and/or arrange such transportation for someone.” Fixed a typographical error in an earlier item in the revisions list. Updated Cookies to clarify that the Cookie Notice forms part of this Privacy Policy; also added language to that effect to the preamble. Updated the Cookie Notice to also make that clearer, rearrange and update some text, and explain that the Privacy Policy license also applies to the Cookie Notice. Fixed a typo in this item. In the CCPA Information Collection and Sharing Notice, amended the bullet point regarding “Information about specific vehicles” to also include customization and/or modifications among the examples. (This a clarification rather than a new type of information gathered, since modifications or customization would reasonably be considered “other identifying characteristics or details,” but it seems worth specifying.)
- April 1, 2020: Adjusted some wording in Embedded Content, for greater internal consistency and to clean up some grammatical issues. In the CCPA Information Collection and Sharing Notice, added a bullet point under “Other types of personal information” regarding gifts, donations, and contributions. (This is primarily a clarification, since gifts, donations, or contributions would probably also constitute “other types of purchases or transactions,” already listed under “Commercial information.”)
- March 28, 2020: Added Nuance Communications, Inc. (present owner of the voice dialing software on the older of my BlackBerry devices) and the certificate management application Kleopatra (which is installed along with the Gpg4win suite) to the examples of third-party service providers under Disclosure of Personally Identifying Information.
- March 27, 2020: In Disclosure of Personally Identifying Information, updated the bullet point regarding public responses to an inquiry or support request to also reference the Contact Forms section as well as the Other Inquiries, Messages, and Support Requests sections, for internal consistency. (I neglected to update this item when I added the Contact Forms section earlier this year.) Fixed some typographical errors in the revisions list. In License for This Policy, fixed the capitalization of Legalmattic.
- March 23, 2020: Added the F-Droid repository and client app to the examples of third-party service providers under Disclosure of Personally Identifying Information.
- March 22, 2020: Amended the revision made March 19 by changing the phrase “person or people to whom …” to “person(s) to whom …” (to better convey the intended meaning and specificity of that phrase). For the same reason, in the language about de-identified, anonymized, redacted, and/or aggregated information, changed “such that it could not reasonably be used to identify the specific person(s) to whom it pertains” to just “such that it could not reasonably be used to identify specific person(s) (other than me, if I am somehow included in that information and elect not to de-identify, anonyimize, redact, and/or aggregate my own information).” Fixed a minor formatting error. In Advertising, Disclosure of Personally Identifying Information, and CCPA Information Collection and Sharing Notice, clarified the language about advertisers (to specify that I don’t let advertisers use technologies like scripts or cookies to gather information about you through the publicly visible portions of this website) and fixed some inconsistent wording. Also in Disclosure of Personally Identifying Information, deleted the automotive sites listed among the examples of third-party service providers (as they’re unlikely to be applicable in the context of this website). In CCPA Information Collection and Sharing Notice, changed “to protect property, rights, and/or safety” to “to protect property, rights, security, and/or safety” to align with the recent revision of the corresponding language in Disclosure of Personally Identifying Information.
- March 21, 2020: Added some additional automotive sites to those listed among the examples of third-party service providers under Disclosure of Personally Identifying Information.
- March 20, 2020: In CCPA Information Collection and Sharing Notice, amended the biometric information item to also mention fingerprints. (I have no means of analyzing, identifying, or using fingerprint data, but the law and its associated regulations make no such distinction.) Added Intel to the examples of third-party service providers under Disclosure of Personally Identifying Information.
- March 19, 2020: In Disclosure of Personally Identifying Information, changed “Where that information otherwise is or was already publicly available” to “If that information otherwise is or was already publicly available” (to avoid potential ambiguity about the intended meaning of the word “where” in this context). In the bullet point regarding de-identified or aggregated information, inserted the word “specific” before “person or people to whom it pertains.” In the CCPA Information Collection and Sharing Notice subsection regarding Information Shared for Business or Commercial Purposes, changed “where” to “if” (and changed “Where I deem it reasonable and appropriate …” to “As I deem reasonable and appropriate …”) in the third bullet-pointed list and made some wording adjustments for consistency with the Disclosure language.
- March 18, 2020: In Advertising, changed “use scripts or cookies to collect information about you while you are on the publicly visible/publicly accessible portions …” to “use scripts, cookies, web beacons, or other such technologies to collect information about you while you are visiting the publicly visible/publicly accessible portions …”; changed “(and can typically tell that you came from this website)” to “(and may be able to tell that you came from this website)”; and changed “NOT normal site visitors” to “NOT other site visitors.” In Disclosure of Personally Identifying Information, added a paragraph about advertising (basically to reiterate what it says in Advertising above) and fixed a technical problem with one of the links.
- March 17, 2020: In the CCPA Information Collection and Sharing Notice subsection regarding Information Shared for Business or Commercial Purposes, changed the phrase “the management of my business” to “the management or operation of my business” and added the phrase “for publication and/or for use in or with my published work(s)” after “any images and/or other media you submit to me” in the interests of clarity. Also added a bullet point to the list following that one regarding the sharing of information that is already publicly available. (This is already noted elsewhere in that section, but I want to make it absolutely clear; I am quite alarmed by the unconstitutional effort of the CCPA and its associated regulations to restrict free expression and freedom of the press in the name of “consumer privacy.”)
- March 16, 2020: In Disclosure of Personally Identifying Information, changed some additional instances of the second person to the third person (e.g, changing “you” to “someone,” “they,” or “the person or people to whom the information pertains”), continuing the update begun on March 15. In Embedded Content, changed the phrase “may include, but is not limited to …” to “may include, but is not necessarily limited to …”; changed “From time to time …” to “Not all of the above embedded content is necessarily used on the site at any given time, and from time to time …”; and added the phrase (“but without limitation”) after “for example” for greater clarity. Corrected some typographical errors in the revisions list.
- March 15, 2020: In the CCPA Information Collection and Sharing Notice, amended the example under “Additional categories of personal information” regarding medical information to change “(e.g., health conditions, treatments or therapies received)” to “(e.g., health conditions and/or tests, treatments, and/or therapies received).” Also amended “and most of the insurance-related data I do receive is in aggregated form” to “and much of what insurance-related data I do collect is in aggregated form.” In Disclosure of Personally Identifying Information, amended “property, rights, and/or safety” to “property, rights, security, and/or safety” (to clarify the intended meaning of that phrase; obviously, “security” may encompass various threats and/or potential threats to property, rights, or safety). Also in that section, changed several instances of the second person to the third person (e.g, changing “you” to “someone,” “they,” or “the person or people to whom the information pertains”) to avoid potential confusion and amended the bullet point on historical, journalistic, and other nonfiction accounts to restore the word “accounts” (which had been accidentally deleted), change “associated bibliographies and/or metadata” to “associated illustrations, bibliographies, and/or metadata,” and change “which may include images and/or other media such as …” to “and may include images and/or other media such as, again without limitation …” Made a related change (adding “without limitation” and “again without limitation”) to the corresponding paragraph of Other Information I Receive from Third-Party Sources for consistency. In Information Captured by Service/Software/App/Device Telemetry, changed the phrase “about me and/or other individuals” to “about me and/or other individuals and/or households.” Removed some extra spaces.
- March 14, 2020: In the CCPA Information Collection and Sharing Notice, amended the first example under identifiers to also specify nicknames. (This is essentially a clarification rather than an addition, as I would consider nicknames to be a type of alias/pseudonym.) In Disclosure of Personally Identifying Information, added some automotive history and information sites and the Opera browser (and/or its integral VPN/proxy service) to the examples of third-party service providers. Clarified an earlier item on the revisions list.
- March 13, 2020: In the CCPA Information Collection and Sharing Notice, updated the geolocation data bullet to change the word “data” to “information” and edited the examples to illustrate that geolocation information can include movements as well as location (as is already noted in the Definitions).
- March 12, 2020: In Disclosure of Personally Identifying Information, updated the paragraph following the bullet-pointed list to clarify that that language also applies to content I edit and/or write, and/or on which I consult, as part of my professional work (as well as work that I write and/or publish myself in that context). (I hope that this was previously implicit, but I don’t want there to be any confusion on this point.) In the bullet points, changed “journalistic or historical accounts” to “journalistic, historical, or other nonfiction accounts” (to limit hairsplitting about what is and isn’t “journalism”) and changed “in the course of researching and writing same” to “in the course of researching, writing, and/or editing same.” Also made some related clarifications in Other Information I Receive from Third-Party Sources.
- March 11, 2020: Some wording adjustments: In Other Inquiries, Messages, and Support Requests, changed “the message itself might also be publicly visible” to “the messages themselves might also be publicly visible.” In the CCPA Information Collection and Sharing Notice, clarified the examples under commercial information by changing “property and/or services” to “personal property, products, goods, and/or services” (which is what that bullet point was always intended to encompass; the change is simply to make that clearer), fix a missing serial comma in that section, and change “purchasing or consuming history or tendencies” to “purchasing or consuming history and/or tendencies” (since one tends to suggest the other).
- March 10, 2020: In Disclosure of Personally Identifying Information section, changed “repair, maintenance, and/or service providers” to “repair, maintenance, and/or technical service providers” for clarity.
- March 9, 2020: In Disclosure of Personally Identifying Information, added Dell, LG, and Logitech to the examples of third-party service providers. In that same list, updated the description of WordPress.org to note that their privacy policy also applies to my use of their website and/or support forums to help me manage and troubleshoot this site. In the CCPA Information Collection and Sharing Notice, changed instances of the phrase “names or other personal information” to “names and/or other types of personal information” for internal consistency (and so as not to cause confusion with the usage outlined in Definitions). Also added airlines, bus or rail services, hotels, motels, other lodging providers, travel agencies, travel bureaus, travel brokers, and the developers of this website’s theme(s), plugins, and/or add-ons to the examples of third-party service providers under Disclosure of Personally Identifying Information (noting that my communications with such developers are typically but not always via the WordPress forums). Fixed a typo in this list.
- March 8, 2020: In the CCPA Information Collection and Sharing Notice, struck the word “larger” in the phrase “and in the larger context of my business …” (since it might be confusing in this context).
- March 7, 2020: In Disclosure of Personally Identifying Information, amended the bullet point on journalistic and/or historical accounts to clarify that, where applicable, information may be shared as part of the bibliographies and/or metadata of such content as well as within the content itself. Adjusted the formatting of that bullet point for greater readability.
- March 6, 2020: In Disclosure of Personally Identifying Information, added Wikimedia Foundation, Wikipedia, and other Wikimedia projects and services to the examples of third-party service providers and changed “libraries, archives, and/or databases” to “museums, libraries, archives, and/or databases.” Removed some extra spaces.
- March 4, 2020: In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, changed “for whom I provide writing/editing/writing consulting services” to “for whom I provide (and/or to whom I offer) my writing/editing/writing consulting services.” (I believe this was implicit before, but it seemed worth spelling it out.) In Disclosure of Personally Identifying Information, updated the description of messaging services/apps/clients to strike the phrase “if I communicate with you through such means” and move that example to an earlier point in the same bullet point. Also changed the phrase “which I may use if I need to correspond with you via postal mail and/or send or receive packages” to “for the purposes of sending and/or receiving correspondence and/or packages.” Added other VoIP, voice chat, teleconferencing, and/or video chat services to the examples of third-party service providers. Further updated the CCPA Information Collection and Sharing Notice to clarify that the categories of information collected are NOT necessarily only from California residents (since I often have no reasonable way of knowing whether someone is a California resident or not) and made some minor textual adjustments for clarity.
- March 3, 2020: In Definitions, amended the geolocation definition to more closely align with the statutory definition, broaden the examples presented, and note that geolocation information can also refer to movements as well as location. In CCPA Information Collection and Sharing Notice, further adjusted the wording, order, and examples of the listed categories to better align with the categories defined by the applicable statutes. Also added language explaining that some categories may overlap, that the list includes some categories the law does not specifically describe, and that the examples are intended to be representative but not exhaustive. Throughout this policy, changed several references to “local/offline storage” to “local and/or offline storage.” Fixed a typo in the revisions list.
- March 2, 2020: In License for This Policy, added a link to Automattic’s Legalmattic repository and fixed an HTML issue with one of the existing links. In Definitions, updated the definition of embedded content to change “such as scripts, fonts, or video players” to “such as (without limitation) images, scripts, fonts, or video players”; updated the cookies definition to include definitions of first-party and third-party cookies and tracking cookies; and added a definition of pixel tags (in the cookies bullet point). In Embedded Content, changed “In certain cases, embedded content providers can also detect …” to “In some cases, embedded content providers can also detect other information, such as (without limitation) …” In Additional Information About Data Retention, added language about preservation requests from government and/or law enforcement agencies. In Disclosure of Personally Identifying Information, added storage facilities, information/document management services, movers, moving companies, and/or relocation services to the examples of third-party service providers. Removed some extra spaces.
- February 29, 2020: In Disclosure of Personally Identifying Information, changed the phrase “either provided by you or obtained from third parties” to “provided by you and/or obtained from third parties” for greater consistency of wording and updated the descriptions of some of the open source and freeware tools listed among the examples of third-party service providers to better reflect who created/develops those tools (also reordering some of them to put them in mostly alphabetical order by developer). Added the GIMP Batch Image Manipulation Plugin by Alessandro Francesconi to the listed examples. Fixed a punctuation error in that section. In the last paragraph of the CCPA Information Collection and Sharing Notice section, changed the phrase “using one of the methods shown under …” to “using any of the methods described under …” In the Controllers, Questions, and How to Reach Me section, adjusted the language about CCPA requests for greater consistency with the preceding sections. (There’s no substantive change, just an effort to make the wording more internally consistent.)li>
- February 28, 2020: Made some adjustments to the wording of the final paragraph in the Disclosure of Personally Identifying Information section regarding security measures, borrowing some additional language from the Automattic Privacy Policy as of December 31, 2019. (See the “License for This Policy” section toward the top of this page for links to that policy and its license.) Updated the Definitions to note that this policy treats “gather” and “collect” synonymously and changed some instances of “gather” to “collect” throughout. (This change is to hopefully avoid any confusion about the wording of certain legally required disclosures.) In Disclosure of Personally Identifying Information, updated the link to the BlackBerry Mobile Privacy Policy; fixed a punctuation error in that section; changed “messaging services, apps, and/or clients such as …” to “messaging services, apps, and/or clients such as (without limitation) …”; and added repair, maintenance, and/or service providers to the listed examples of independent contractors and third-party service providers Amended the data retention bullet point under Contact Forms to clarify that retained form data is typically moved to offline/local storage after receipt and I may sometimes redact portions that I no longer need. In the last paragraph of the Additional Information About Data Retention section, changed “the website’s online database(s) and mail servers, transferring the data to offline storage” to “the website’s online database(s) and/or mail servers, transferring the data to local/offline storage.” Updated Information I Receive from Third Parties for Security Purposes to include the Play Protect feature of Google Play among the listed examples of security data sources.
- February 27, 2020: Amended the CCPA Information Collection and Sharing Notice section to add other types of identification, account, and/or membership numbers/identifiers to the examples of identifiers collected; add information about membership in and/or affiliation with other types of groups and/or clubs to the examples of other types of personal information collected; amend several of the examples under commercial information to include considering purchasing or using as well as desiring/intending to do so (making various minor wording adjustments to fit that into the existing language); change “Audio, electronic, visual, or similar information” to “Audio, electronic, visual, olfactory, or similar information”; and change “Skills/aptitudes” to “Skills, aptitudes, abilities, and/or intelligence.” (These changes aren’t new additions so much as an effort to better describe the types of information I have collected/may collect.)
- February 26, 2020: In the CCPA Information Collection and Sharing Notice section, corrected an erroneous reference to the CCPA as the “California Consumer Protection Act” rather than the California Consumer Privacy Act.
- February 25, 2020: Updated the preamble to add links to the privacy policies of my other websites. In Other Information You Provide to Me, changed “through or in connection with this website (and/or pertaining to my work and/or other creative endeavors)” to “through and/or pertaining to this website.” In Disclosure of Personally Identifying Information, added a bullet point about publicly acknowledging and/or thanking you for your assistance. Corrected an erroneous use of “us” rather than “me” in that section. Made a number of minor wording adjustments to Categories of Information and Purposes for Collection; Other Inquiries, Messages, and Support Requests; Data in Submitted Images; Data Related to Recruitment/Hiring or Business Partnerships; Other Information I Receive from Third Parties; Additional Information About Data Retention; and Disclosure of Personally Identifying Information to replace some general references to my “business” to relate more specifically to this website (which is the intended scope of this policy). In Categories of Information and Purposes for Collection, also changed “Providing a service” to “Providing services” to match the wording used elsewhere in this policy. [I intended to make this change globally, but somehow failed to do so; I finally changed it throughout this page on July 17, 2021.] In Disclosure of Personally Identifying Information, added notaries to the examples of third-party service providers. In Additional Information About Data Retention, changed “correspond regarding this website or related matters” to “correspond regarding this website and/or related matters” and changed “Any names and/or company/domain names I’ve entered into my spell-checking dictionaries” to “Names and/or company/domain names I’ve entered into my spell-checking dictionaries.” In that section and Other Information I Receive from Third-Party Sources, changed “… that I deem unusable and/or elect not to use” to “… that I deem unusable, elect not to use, and/or no longer need.”
- February 24, 2020: In the Contact Forms and Other Information I Receive from Third-Party Sources sections, added links to the Additional Information About Data Retention section. Updated the references to that section in the Other Inquiries, Messages, and Support Requests; Other Information You Provide to Me; and Financial Transactions Policy sections for consistency of wording (also adding a link to the data retention bullet point at the beginning of the latter section). Clarified the data retention language in Data in Submitted Images and Data Related to Recruitment/Hiring or Business Partnerships. Further amended Other Information I Receive from Third-Party Sources to add some provisos to the data retention bullet point at the beginning; change “I can’t retain or remember every fact I see, read, or hear, but I do typically retain my notes” to “I can’t and don’t retain or remember every fact I see, read, or hear, but I do typically retain my notes in some form or other”; and note that I may delete or discard certain research notes, materials, and/or information that I deem unusable and/or elect not to use. Added similar language (also including drafts) to the first bullet point in Additional Information About Data Retention. Rearranged some of the text in the latter section to put it in a more logical order and made some other minor clarifications and additions. In Information I Receive from Third Parties for Security Purposes, clarified the reference to EasyList to note that it provides filter lists I may use with browser extensions (rather than being a browser extension in itself). Also added Hosh Sadiq’s filter list to that section. In the latter section, slightly amended the language regarding Epic Privacy Browser to change “through my use of …” to “through and/or in connection with my use of …” and changed “if you are or were involved with the subject(s) of content I write and/or edit” to “if you are and/or were involved with the subject(s) of such content.”
- February 23, 2020: Streamlined and clarified the first paragraph of the Other Inquiries, Messages, and Support Requests section. Added a bullet point to Additional Information About Data Retention regarding postal mail and physical documents and amended the bullet point about email to include “mass mailings” as well as “obvious spam” among the types of email messages I promptly delete.
- February 22, 2020: In Financial Transactions Policy and Disclosure of Personally Identifying Information, amended references to common carriers and/or shipping agencies to specify postal service(s), common carrier(s), and/or shipping agencies (singular or plural). (I had previously assumed that government-operated postal services were considered a type of common carrier, but I recently learned that that isn’t technically accurate in at least some jurisdictions; in any case, that language was intended to encompass both publicly owned postal services and other types of shipping/delivery services!) Updated the wording of the policy’s descriptions of some Google services, including noting that Google is a registered trademark of Google LLC. Also adjusted the descriptions of Yahoo! services. Fixed a formatting error. Added reCAPTCHA to the examples of Google services and added language about that service to Information Captured by Service/Software/App/Device Telemetry.
- February 20, 2020: In the Contact Forms section, clarified Data Retention slightly to note that I must retain information from California Privacy Request Form submissions.
- February 19, 2020: In the Financial Transactions Policy, updated the Google Voice notice to clarify that notifications of missed calls to clarify that number may also be forwarded via email; change “… texts, or other messages” to “… texts, and/or other messages”; and clarify that calls and/or messages are subject to this Privacy Policy as well as the listed Google policies. Simplified and clarified the Data Retention subsection, adding a link to the Additional Information About Data Retention section of this policy. Updated Other Inquiries, Messages, and Support Requests and Additional Information About Data Retention, moving the information about data retention from the former to the latter section and making various amendments and clarifications to that information. In the Data Retention bullet point at the beginning of the Comments section, changed
“… or comments on …” to “… and/or comments on …” In the Data Retention bullet point at the beginning of the Contact Forms section, changed “…” or any submission …” to “… and/or any submission … and added “… for compliance purposes” after “California Privacy Request Form submissions must be retained for at least 24 months.” Amended Data in Submitted Images to note that I may also elect to remove metadata from images or media files and/or may remove it incidentally while preparing the images/files for use. In Other Information You Provide to me, changed “… through or in connection with this website” to “… through or in connection with this website (and/or pertaining to my work and/or other creative endeavors).” - February 18, 2020: Made further amendments to the Financial Transactions Policy, principally to indicate that some provisions apply to payments I make as well as ones I receive and make a number of minor clarifications. Also changed “… such as (again without limitation) Form 1099-MISC” to “… such as (again without limitation) Form 1099-MISC and/or Form W-9.” In Disclosure of Personally Identifying Information, changed the phrase “(which process — and may sometimes audit or otherwise investigate — site-related financial transactions)” to “(which process — and may sometimes audit or otherwise investigate — my financial transactions).” Fixed some errors in the Table of Contents, including a reference to a section that no longer exists and an incorrectly named (and ordered) reference to the Data Retention section, renaming the latter “Additional Information About Data Retention” to avoid confusion. In Other Information You Supply to Me, changed “My use of personal information …” to “My use and retention of personal information …” and added a link to the Additional Information About Data Retention section. Removed some extra spaces. Fixed an error in this revision list (a previously listed change that wasn’t actually implemented due to some mishap). In Additional Information About Data Retention, changed “any financial transactions or legal agreements” to “any financial transactions and/or legal agreements”; changed “… which includes records of purchases or payments I make in connection with the website” to “… which includes (but is not limited to) including (but not limited to) records of purchases or payments I make or receive in connection with the website and/or my business”; and added an extra sentence to that bullet point: “I must also retain my tax records for bookkeeping and compliance purposes.”
- February 17, 2020: Added a new Financial Transactions Policy subsection, following Data Related to Recruitment/Hiring or Business Partnerships, and a corresponding Transaction-Related Information I Receive from Third Parties section. Amended the Embedded Content bullet point about PayPal to refer to the Financial Transactions Policy for information related to PayPal transactions with me. Amended the Information You Provide to Me section to also refer to the Financial Transactions Policy. Amended the bullet point in Disclosure of Personally Identifying Information about dispute investigations involving third-party service to refer back to the Financial Transactions Policy and add some additional explanatory text. In Disclosure of Personally Identifying Information, changed “… for me to make informed hiring, employment, and/or business decisions regarding prospective employees, independent contractors, or business partners” to “… to enable me to make informed hiring, employment, and/or business decisions regarding prospective employees, independent contractors, and/or business partners.” Amended the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes to better align text on information-sharing with the provisions in the Disclosure of Personally Identifying Information section. Made various minor clarifications throughout the CCPA Information Collection and Sharing Notice.
- February 16, 2020: Amended the CCPA Information Collection and Sharing Notice to add “Information about individuals’ professional reputations” to the examples of employment-related information and “Information about individuals’ public and/or personal reputations” to the examples of other types of personal information (to spell out more explicitly what was hopefully already indicated by the other examples presented).
- February 15, 2020: Amended the text throughout to clarify that I am a professional writer/editor and writing consultant (as well as a writer/editor). (This doesn’t represent any change in my actual business, just an effort to better describe it here.) To that same end, in the CCPA Information Collection and Sharing Notice, amended the Information Shared for Business or Commercial Purposes subsection to change “offering my articles or other content” to “offering my content or writing/editing/writing consulting services”; change “if that content incorporates any names or other personal information” to “if that content incorporates or involves any names or other personal information”; change “other content I am creating and/or editing for commercial advantage” to “other content I am creating and/or editing (and/or on which I am consulting) for commercial advantage.” In Other Information I Receive from Third Parties, changed “articles or other content I write and/or edit” to “articles and/or other content I write and/or edit (and/or on which I consult)” and changed “including people involved with …” to “including information about people involved with …” Added a bullet point to Disclosure of Personally Identifying Information about information incorporated into journalistic and/or historical content I publish or otherwise disseminate. Fixed a number of typographical errors. In Consents and Agreements, changed “site-related dispute or legal action” to “related dispute or legal action.” In Other Inquiries, Messages, and Support Requests, changed “my phone” to “my phone(s)” for internal consistency. In the examples of third-party service providers under Disclosure of Personally Identifying Information, changed “… and/or purchase site-related materials” to “… and/or purchase materials related to my research and/or my business.” Added registered trademark symbol to Flickr; removed it because it’s unclear if that’s correct or not.
- February 12, 2020: Made some minor adjustments to the wording of Reports and Aggregated Statistics. Updated the text throughout to change the name of the CCPA Request Form to the California Privacy Request Form to reduce the risk of confusion. Updated Controllers, Questions, and How to Reach Me to add another link to the Do Not Sell My Personal Information page. In the Your California Privacy Rights section, added q attributes to longer quotes; subsequently removed them to avoid browser compatibility issues. In CCPA Information Collection and Sharing Notice, amended the wording of the Categories of Personal Information Collected subsection to change “… and/or similar records for writers, artists, designers, performers, developers, engineers, scientists, and/or other professionals” to “… and/or other comparable information about writers, artists, designers, performers, developers, engineers, scientists, and/or other professionals” and change “e.g., if an individual has been accused of or charged with a crime …” to “e.g., regarding an individual having been accused of, charged with, and/or convicted of a crime, and/or involved in a civil lawsuit …” (As with most of the many wording adjustments and minor amendments I’ve made to this policy in recent months, this change doesn’t represent a new type of collection, but rather my ongoing struggle to describe and categorize the scope of my normal business practices, particularly as regards my research!) Made assorted minor clarifications to this revision list. Further amended the CCPA Information Collection and Sharing Notice to note that parents or legal guardians can submit requests on behalf of their minor children through the Do Not Sell My Personal Information page; to fix some discrepancies in the contact instructions; and to change “Applicable law and/or regulations may stipulate the maximum time allowed for acknowledging and/or responding to your request” to “Applicable law and/or regulations stipulate the maximum time allowed for acknowledging and/or responding to your request.” Clarified some potentially confusing language in Your Rights (GDPR and State Laws).
- February 11, 2020: In Other Information I Receive from Third-Party Sources, changed “… will give you a sense of what kinds of personal information I collect” to “… will give you a sense of what kinds of personal information I may collect.” In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to change “Information about other property or services …” to “Information about property and/or services …”; change “sports and/or other pastimes” to “sports, games, and/or other pastimes”; change “Publishing histories/bibliographies/discographies/filmographies/portfolios/development credits/patent records…” to “Publishing histories/bibliographies/discographies/filmographies/performance histories/broadcast histories/portfolios/development credits/patent records and/or similar records …”; and change “… scientists, and other professionals” to “… scientists, and/or other professionals.” In Disclosure of Personally Identifying Information, added Abine Inc.’s Blur (formerly known as DoNotTrackMe) and Cliqz International GmbH’s Ghostery® browser extension to the examples of third-party service providers. Updated Contact Forms to note that while CCPA Request Forms will not be published, I may release de-identified and/or aggregated information or statistics about requests received. (Also fixed some punctuation issues and changed some instances of “or” to “and/or.”) Added a new section on Reports and Aggregated Statistics. Made some further updates to Contact Forms, including adding additional language regarding CCPA Request Forms.
- February 10, 2020: Fixed an error in an older item on this revision list. In Categories of Information and Purposes for Collection, added a new category: “Recruitment/hiring or business partnerships.” Added that category to the listed purposes in the Consents and Agreements; Comments; Other Inquiries, Messages, and Support Requests; Data in Submitted Images; Information I Receive from Third Parties for Security Purposes; and Other Information I Receive from Third-Party Sources sections. Added “advertising and other commercial purposes” to the purposes listed for Comments. (These changes don’t represent a change in how I use information so much as an effort to more accurately categorize it.) Added a new subsection, Data Related to Recruitment/Hiring or Professional Partnerships, and added corresponding language to Other Information I Receive from Third-Party Sources, Information I Receive from Third Parties for Security Purposes, and Disclosure of Personally Identifying Information. In Disclosure of Personally Identifying Information, added employment agencies and background check services to the examples of third-party service providers. In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to add sports and/or other pastimes to the existing bullet point about opinions and tastes in the examples of commercial information; add grades and/or scores on standardized or aptitude/skill tests to the examples of education information; add professional certification or licensure, skills/aptitudes, professional references, and resumes to the examples of professional or employment-related information (combining “resumes/CVs” into a new bullet point); add credit ratings and past foreclosures to the examples of other financial information; and change “… of a public figure” to “… of public figures.” In Definitions, amended the definition of “referring site” to change the word “Whenever” to “When” and change the phrase “although the actual name of the HTTP header is …” to “although the actual name of the HTTP header that conveys this information is …” Amended California Privacy and Data Protection Rights to more clearly state that authorized agents can also find information on filing a request on the Do Not Sell My Personal Information page and to add a hyphen to “opt-out” to align with the usage in the applicable regulations. Added a new Contact Forms section. Updated Data Retention to add that I must retain CCPA requests for at least 24 months for compliance purposes and note that how long I reasonably need to retain other types of information may be dictated by applicable law/regulations and/or other legal obligations. Amended Advertising and the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes to note that if you click on advertising links, the advertiser may be able to tell that you came from this website. In CCPA Information Collection and Sharing Notice, made some further clarifications to the Collection Sources and Information Shared for Business or Commercial Purposes subsections.
- February 8, 2020: In the CCPA Information Collection and Sharing Notice section, clarified the Categories of Personal Information Collected subsection by changing “These categories include information …” to “These categories also include information …” In Categories of Information and Purposes for Collection, amended the description of “Functionality” to strike the word “listed” and amended the description of “Providing a service” to change “… to provide some service or perform some action you ask (or have asked) me to perform” to “… to perform some action you have asked me to perform, provide my services, and/or conduct the normal activities involved in running my business and offering my services.” In that same section, also reworded the description of “Research and publishing” to change “I use the information as part of the research involved in my writing and editing work and/or other creative endeavors, and/or to help me decide what content to create and/or publish on this website in the future” to “I use the information as part of the research involved in creating and publishing my content, my other writing/editing work, and/or other creative endeavors, and/or to help me decide what content and/or other work to create and/or publish in the future”; reworded the description of “Security, troubleshooting, quality control, and technical improvement” to change “… to help me protect this website, its data, its users, and me from malicious activity; troubleshoot and resolve technical problems; and/or improve the quality and functionality of the site” to “… to help me protect this website, its users, my data, my systems/devices, my business, and/or me from malicious activity; troubleshoot and resolve technical problems; and/or maintain and/or improve the quality and functionality of the site and/or my services”; and reworded the description of “Advertising and other commercial purposes” to change “… monetize the site and its content in other ways” to “… monetize the site and/or my content in other ways.” Added “fulfilling a contractual obligation” to the listed purposes for Certificate Authority Checks; Online Tracking (along with some additional explanatory text); Security Scans (along with some additional explanatory text); Consents and Agreements; Other Inquiries, Messages, and Support Requests; Data in Submitted Images; and Other Information I Receive from Third-Party Sources. Added “functionality,” “fulfilling a contractual obligation,” and “legal compliance or audit” to the listed purposes for Website Server, Error, and Security Logs (along with some additional explanatory text). Added “fulfilling a contractual obligation” and “legal compliance or audit” to the listed purposes for Information I Collect from Third Parties for Security Purposes (along with some additional explanatory text). Fixed a typographical error in Embedded Content.
- February 7, 2020: In Browser Tests, amended the purposes to also include “security, troubleshooting, quality control, and technical improvement.” In Embedded Content, amended the categories of information gathered to change “other browser settings/configuration details*” to “other browser settings/configuration details/add-ons*” and added “the presence of other cookies*” to better align with the actual text of that section. Amended the Advertising section and the CCPA Information Collection and Sharing Notice section’s subsection on Information Shared for Business or Commercial Purposes to clarify that some ads that appear on the site’s administrative dashboard (not normally visible or accessible to visitors other than logged-in site administrators) may include embedded content and/or other information-gathering mechanisms. Amended the CCPA Information Collection and Sharing Notice subsection on Categories of Personal Information Collected to note that while I do not knowingly collect personal information from minor children through this website, I may sometimes do so as part of my other writing/editing work.
- February 6, 2020: In Disclosure of Personally Identifying information, updated the examples of third-party service providers to include insurers (and/or, where applicable, their respective affiliates, agents, brokers, claims adjusters, subcontractors, and/or subsidiaries).
- February 4, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to include other applicable telephony and/or email providers and note that Bitdefender may also use various subprocessors such as (without limitation) Akamai Technologies, Inc., and Amazon Web Services. Restored the Age Verification section, which had been inadvertently deleted, made some minor updates to its language and formatting, and added category information like that of the other sections.
- February 3, 2020: In Other Inquiries, Messages, and Support requests, further clarified the language regarding the use of third-party webmail services. Added links throughout to the Google Voice Privacy Disclosure and clarified some references to Google Voice. Fixed some punctuation issues. Corrected the spelling of FeedBurner.
- February 2, 2020: Throughout, replaced most instances of the phrases “images or other media” and “photos and/or other media” with “images and/or other media” for greater internal consistency. In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to include information about awards, honors, other recognition, prizes, and/or winnings in games of chance or skill. Fixed a typo in this list. Tidied up the language recently added to Other Inquiries, Messages, and Support Requests.
- February 1, 2020: In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to change “Political affiliations and/or activity” to “Political affiliations, opinions, and/or activity.” In Definitions, clarified the definition of “Images or other media.” Updated Security Scans to note that Google services may also scan messages for spam or malicious code. Updated Other Inquiries, Messages, and Support Requests to describe Google Voice among the examples of communication methods, fix a formatting problem, note that Google Voice notifications and/or transcripts are among the types of messages that may be sent via Gmail, update the trademark notice, and change “personal Gmail account” to “personal Gmail accounts.” Updated Information I Receive from Third Parties for Security Purposes to include Google among the listed information sources. In Disclosure of Personally Identifying Information, added Google Voice to the examples of Google Services and fixed a typographical error in that section.
- January 31, 2020: In Disclosure of Personally Identifying Information, added Qualcomm to the examples of third-party service providers.
- January 30, 2020: Added Adblock Plus and EasyList to the examples of information sources under Information I Receive from Third Parties for Security Purposes and the examples of third-party service providers under Disclosure of Personally Identifying Information. Corrected a couple of inadvertent uses of “our” rather than “my.”
- January 29, 2020: In Disclosure of Personally Identifying Information, amended the description of Epic Privacy Browser to update the name of their associated search engine (now called EpicSearch.in) and note that their default search engine is now Yahoo.
- January 28, 2020: In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected to change “such as photographs, videos, audio recordings, and/or other media …” to “such as photographs, illustrations and/or other images, videos, audio recordings, and/or other media …” Also changed “… which are often revealed in IP address and/or user agent information)” to “… which are often revealed in IP addresses, user agent information, email signatures, and/or metadata).” Added an additional example under commercial information regarding stocks and/or securities ownership and/or purchases/transfers. Amended the Collection Sources subsection to also include podcasters and/or other media creators.
- January 26, 2020: In Definitions, corrected the spelling of “referer” [sic] and clarified that it is (mis)spelled that way on purpose.
- January 24, 2020: In CCPA Information Collection and Sharing Notice, further amended the Information Shared for Business or Commercial Purposes subsection to change the bullet point that read “Any individual or entity with whom I communicate and/or collaborate in the process of researching and developing my content, writing/editing work, and/or other creative endeavors” to “Any individual or entity with whom I communicate, consult, and/or collaborate in the process of researching and developing my content, writing/editing work, and/or other creative endeavors, and/or who communicates and/or consults with me regarding their content and/or other creative endeavors.” In Disclosure of Personally Identifying Information, added “taxi and/or ride-share services” to the examples of third-party service providers. In that list, separated Microsoft into its own bullet point and fixed a typographical error.
- January 23, 2020: In Information I Receive from Third Parties for Security Purposes, changed “via the Mozilla Firefox browser” to “via Mozilla Firefox and/or other web browsers” and also added Google Safe Browsing (which is used by Mozilla Firefox, various other web browsers, and some other online services) to the examples of information sources. Fixed a typo in that list. Added InformAction’s NoScript extension to that section and to the examples of third-party service providers listed under Disclosure of Personally Identifying Information. Also added the CAD Team (maker of the Cookie AutoDelete browser extension), Nodetics (maker of the Cookiebro – Cookie Manager extension), and Thomas Rientjes’ Decentraleyes to the latter list.
- January 22, 2020: In CCPA Information Collection and Sharing Notice, further amended the Information Shared for Business or Commercial Purposes subsection to change “… sharing and/or discussion of information that is already publicly available” to “… sharing, discussing, and/or otherwise disseminating information that is already publicly available.” Added Font Awesome to the examples of Embedded Content providers and third-party service providers in Disclosure of Personally Identifying Information.
- January 21, 2020: In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection’s examples of commercial information collected to include information about art, books, other publications, films, videos, and/or other media an individual or household has read, watched, or otherwise consumed (or desires/intends to consume) and opinions, critical judgments, tastes, and/or preferences, expressed or implied, regarding cars and/or other vehicles; art, books, other publications, films, videos, and/or other media; and/or other products, goods, or services. Also amended the item beginning “Information about other property or services …” to append “and/or desires/intends to purchase or use,” slightly rearranging the wording to better accommodate the additional clause. Amended the item under professional or employment-related information regarding authorship and rights holder information to change “for books, films, software, photographs, other published works or designs, and/or for other intellectual property …” to “for artwork, books, films, software, photographs, other media, other published works or designs, and/or other intellectual property …” Amended the Information Shared for Business or Commercial Purposes subsection to reiterate that I may also share and/or discuss information that is already publicly available (e.g., in news articles, published works, and/or public records). Also changed “the general public” to just “the public.”
- January 20, 2020: In CCPA Information Collection and Sharing Notice, amended the Collection Sources list to also include employees, independent contractors, agents, business partners, photographers, videographers, illustrators, observers, eyewitnesses, and clients or employers for whom I provide (or have provided) writing/editing services. Made some minor adjustments to the wording and punctuation of other items on that list. Amended the Information Shared for Business or Commercial Purposes subsection to change “Editors, publishers, clients, and/or other third parties …” to “Editors, publishers, clients, employers, and/or other third parties …”
- January 18, 2020: Updated the examples of third-party service providers in Disclosure of Personally Identifying Information and revised the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice to include service providers and other entities who help me promote and/or sell (or otherwise offer for commercial advantage) my content, other creative endeavors, and/or services (e.g., literary or talent agents or agencies, publicists, promoters, public relations firms, ad agencies, brokers, and the like).
- January 17, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to include DataViz®, Inc. (in connection with the Documents to Go BlackBerry® app), Tracker Software Products (in connection with their PDF creation and editing software), and a variety of open source and freeware programs/apps. Fixed some inconsistent punctuation in that section and changed “and bookstores …” to “and/or bookstores …” Fixed a typo in this list.
- January 16, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to include Librera Reader and Notepad++. Rearranged several items in that bullet point to put them in alphabetical order and made some minor text edits for consistency of presentation.
- January 15, 2020: Amended California Privacy and Data Protection Rights to note that, except as otherwise required by law, privacy-related requests pertaining to children under 18 should be submitted by a parent, legal guardian, or other authorized adult representative and change “You may authorize an agent …” to “You may designate an authorized agent …”
- January 14, 2020: Updated Information I Receive from Third Parties for Security Purposes to include some additional information sources.
- January 13, 2020: In California Privacy and Data Protection Rights: Categories of Personal Information Collected, changed “photographs, videos, audio recordings, and other media …” to “photographs, videos, audio recordings, and/or other media …” In Comments, clarified some of the language about data retention and the deletion of comments and fixed some clunky grammar in the language about the information that becomes publicly visible when a comment is published. Rearranged some text in that section for better flow.
- January 12, 2020: In California Privacy and Data Protection Rights, changed “The purposes for which I shared or disclosed the information” to “The categories of business and/or commercial purposes for which I collected and used the information”; changed “The categories of such third parties” to “The categories of third parties with whom personal information was shared”; rearranged the order of those bullet points; and struck the word “unredacted” from the phrase “… that exposes your unredacted personal information …”
- January 10, 2020: In Disclosure of Personally Identifying Information, amended the language about embedded content providers’ possible use or disclosure of information to also include other service providers and/or vendors. Amended Website Server, Error, and Security Logs to clarify that the logs typically include dates and times in addition to the other types of information described.
- January 8, 2020: Further clarified some language in CCPA Information Collection and Sharing Notice. Fixed some inconsistent punctuation and an improperly configured anchor link. In Disclosure of Personally Identifying Information, amended the link to the privacy policy for the Artifex SmartOffice app. January 7, 2020: Made some minor adjustments to Categories of Information and Purposes for Collection, fixing a grammatical error and removing a parenthetical aside about “associated services” that doesn’t apply to this website. Added “advertising and other commercial purposes” to the list of potential purposes under Other Inquiries, Messages, and Support Requests; Data in Submitted Images; and Other Information I Receive from Third-Party Sources.
- January 6, 2020: Amended Cookies to note that while the cookie descriptions include the cookies typically used on this website, embedded content providers may sometimes change or add cookies, and the descriptions may not include cookies set by certain administrative dashboard components.
- January 5, 2020: Further amended CCPA Information Collection and Sharing Notice to include a more emphatic statement about how by the law’s broad definitions, any or all of the categories of personal information I collect in the course of my business could be deemed to be shared for business and/or commercial purposes, even if I do not “sell” personal information in the way most people understand that term. Also, in the lists of categories of personal information, moved “signatures” from “Identifiers” to “Other types of personal information” (also changing “written and/or digital” to “physical and/or digital”) and moved “domain names and/or websites/URLs” to “Internet or other online activity information.” Renamed “Information about an individual or household’s financial status” to “Other financial information” and made it a separate category. Reordered several of the items under “Other types of personal information.” Added “Other information about an individual’s online interactions” to “Internet or other online activity information” and changed “Errors and/or suspicious activity” to “Errors and/or suspicious activity on this website.” Fixed an inadvertent use of “us” rather than “me” in “Commercial information.”
- January 4, 2020: In CCPA Information Collection and Sharing Notice, amended the examples of commercial information collected, changing “personal property or services” to “property or services” and adding a separate item about property records.
- January 3, 2020: In Information I Receive from Third Parties for Security Purposes, added the StevenBlack hosts file to the list of examples of sources. In Definitions, in the item on “personal information,” changed “(which for the purposes of this policy I treat synonymously)” to “(terms this policy uses synonymously).” Amended Legal Bases for Collecting and Using Information to reword the first sentence (fixing the grammar and making clear that it applies to people in areas subject to European data protection laws); reorder several items; and change “to troubleshoot technical problems, and/or to appropriately respond” to “to troubleshoot technical problems, and to appropriately respond” in the last bullet point. Added the calibre ebook management suite to the examples of third-party service providers under Disclosure of Personally Identifying Information. Amended Website Server, Error, and Security Logs to add “special: other technical details*” to the types of information gathered. In Data Retention, amended the item about information related to the use of intellectual property owned by others to note that I may delete such information if I discontinue using that intellectual property for some reason (e.g., if I uninstall and delete some app or software) and change “it is my customary practice to retain …” to “I typically retain …”
- January 2, 2020: In the Information Shared for Business or Commercial Purposes section, amended that section’s second list (the one prefaced with the sentence “I may disclose personal information I collect …”) to refer back to the Disclosure of Personally Identifying Information section, split the list into two separate lists, reordered some items, struck the phrase “for commercial advantage,” added some additional language about comments and public discussion, and adjusted the punctuation. Later in that section, in the sentence “Much if not all of the personal information I collect or access in the course of my business …” struck the words “in the course of my business” (this statement remains true whether the information is business-related or not). Also, changed the phrase “Because the proprietor of this website is a professional writer/editor and much (though not all) of the information I collect in connection with my business is intended for publication — whether on this website or elsewhere — a …” to just “Because I am a professional writer/editor …” and added some additional language about advertising disclosures. Amended Disclosure of Personally Identifying Information to reiterate (as already explained in Other Information I Receive from Third-Party Sources) that my research and writing process process often involves discussing or sharing relevant information with third parties. In the Data Retention, Disclosure of Personally Identifying Information, and CCPA Information Collection and Sharing Notice sections, changed the word “freelance” to “professional” throughout. Clarified some of the language in the Ads section and renamed that section “Advertising,” updating other references to the section accordingly. Fixed a link formatting error in Embedded Content. In Data in Submitted Images, amended the list at the beginning to note that geolocation data may be “provided by provided by the creator/rights holder/repository, determined from metadata, and/or inferred from other data.” In Definitions, in the definition of “IP address,” changed “Each device that can access the Internet has its own IP address; if you use several different Internet-capable devices, their individual IP addresses are usually all different” to “If you use several different Internet-capable devices, their individual IP addresses are typically all different (although if you have several devices connected to the same router or tethered together, they might share the same IP address so long as they remain connected or tethered).”
- January 1, 2020: Added the International DOI Foundation to the examples of third-party service providers under Disclosure of Personally Identifying Information. In the first sentence of that section, changed “may release or disclose …” to “may share, release, or otherwise disclose …” Under California Privacy and Data Protection Rights, simplified the language about verifying your identity before processing certain privacy requests. Under Categories of Personal Information Collected, added compensation to the examples of professional or employment-related information collected and changed “Current or past employer(s)” to “Current and/or past employer(s).” Under Definitions, changed the boldface heading “Personal information” to “Personal information/personally identifying information,” since this policy treats those terms synonymously. Under Your Rights (GDPR and State Laws), clarified the wording of the first paragraph and the list of rights provided by the GDPR.
- December 31, 2019: In Disclosure of Personally Identifying Information, amended the description of Piriform (CCleaner) to include a link to their Data factsheet and clarify that their products include security and maintenance tools (rather than just security tools). Renamed the CCPA Information Collection and Disclosure Notice section “CCPA Information Collection and Sharing Notice” and adjusted other references to that section accordingly. Reordered and clarified some of the categories of personal information listed in that section (taking some cues from the latest update of Automattic’s Privacy Policy). In Definitions, changed “personal identifiers” to just “identifiers,” clarified that that term can also include device identifiers, and amended the item about IP addresses to note that the IP address typically also reveals the Internet service provider or mobile carrier you are using.
- December 30, 2019: In the Disclosure of Personally Identifying Information bullet point regarding independent contractors, employees, agents, and business partners, struck the parenthetical phrase “(e.g., on my writing/editing work and/or other creative endeavors)” after “collaborate with us.”
- December 29, 2019: Extensive revamp, adding a table of contents, definitions, several new sections (including one on the possibility of personal data being captured by software/device telemetry), and additional information and disclosures related to the California Consumer Privacy Act (CCPA); reorganizing and/or renaming some sections (including integrating most of the data retention info into the applicable sections); reorganizing/updating the third-party service provider examples (including restoring some items that had been inadvertently deleted and adding others); making many minor corrections; and revising substantial portions of the text to better explain how and why I collect personal information. Moved older entries in this Recent Revisions list to a separate page. Assorted stylistic adjustments.
- December 28, 2019: In Disclosure of Personally Identifying Information, amended the description of Bitdefender to include both the Bitdefender Mobile Security and Bitdefender Central apps and note that they use Google’s Firebase Crashlytics crash reporting service. Updated Information I Receive from Other Sources to provide an example of how the NetGuard firewall app provides information about the IP addresses or domains to which my mobile apps connect or try to connect. Added this to the description of NetGuard under Disclosure of Personally Identifying Information.
- December 27, 2019: In California Privacy and Data Protection Rights, corrected several uses of “we” to “I” for grammatical consistency. Fixed an error in an earlier item in the revisions list
- December 26, 2019: In California Privacy and Data Protection Rights, updated the description of the proposed verification requirements to include the verification standards that may be required for data deletion requests.
- December 25, 2019: In Data Retention, amended the text regarding retention of images to change “It is my normal practice to retain indefinitely any images or photographs …” to “I typically retain indefinitely the photographs and/or other images …” and note that I may delete specific images if they are duplicates, if I deem them unusable, if I have some legal reason to delete them, or if I elect to not use them (or to discontinue using them) for some other reason. Struck the parenthetical phrase “(except where I have some specific obligation to destroy the originals)” to avoid confusion with the revised language. Inserted the phrase “where possible” before “my associated work files and editing stages, if any.” Added Yahoo!® to the list of examples of third-party service providers under Disclosure of Personally Identifying Information. In that section, fixed some spotty grammar in the description of Google and added their well-known search engine to the listed examples of their services. Fixed a typo in an earlier revision on this list.
- December 24, 2019: In Disclosure of Personally Identifying Information, updated the description of Startpage.com to note that I also use Startpage’s associated proxy service. Updated the reference to libraries and archives to add links to the privacy policies of two local public libraries I use. Following the bullet-pointed list, changed the sentence “In general, I do not sell or rent personal information about individual visitors to the aaronseverson.com website” to “In general, I do not sell or rent the non-public information I collect from individual visitors to the aaronseverson.com website.” Struck a reference in that section to Google Analytics, which I no longer use on this website. In GDPR and State Law, struck the parenthetical phrase “(starting in 2020, California residents may request this up to twice per year)” after “Request portability of your personal data” (to avoid contradicting the Your California Privacy Rights section). Further updated the text of the California Privacy and Data Protection Rights section.
- December 22, 2019: Further adjusted the description of rights under California Privacy and Data Protection Rights and Do Not Sell My Personal Information.
- December 21, 2019: In Disclosure of Personally Identifying Information, updated the description of Cloudflare to note that websites and online services we visit/use may use Cloudflare’s CDN and/or DDoS protection services. Also fixed a typographical error in that language and corrected the links to the Cloudflare privacy policies that apply to each service. Made some clarifications and updates to the list of rights under California Privacy and Data Protection Rights.
- December 19, 2019: In Disclosure of Personally Identifying Information, updated the description of Flickr to clarify the wording and indicate that the service is now on an Amazon Web Services platform (making Amazon Web Services a principal Flickr subprocessor).
- December 11, 2019: Separated Not for Children Under 18; Age Verification into two sections: Not for Children Under 18, located immediately after Legal Bases for Collecting and Using Information, and Age Verification, in the previous location. In Not for Children Under 18, changed “If you have questions about any of these points, if you are a parent and believe that this website may have collected personally identifying information about your minor child …” to “If you have questions, if you are a parent or legal guardian and believe that this website may have collected personal information about your minor child …” Changed the first sentence of the final paragraph of the Age Verification section to “If you have questions about any of these points, please contact me …” and removed the language about parents or legal guardians, which is now in the separate Not for Children Under 18 section.
- December 3, 2019: Added EFF to the list of examples of third-party service providers under Disclosure. In the GDPR and State Law section, changed the sentence “EU individuals also have the right to make a complaint to a government supervisory authority, as will California residents beginning in January 2020” to “EU individuals also have the right to make a complaint to the applicable government data protection authority. (California residents will have a similar right beginning in January 2020.)” Added a link to the European Commission’s directories of national data protection authorities to that section.
- November 27, 2019: Under Disclosure of Personally Identifying Information, changed “Examples of such third-party vendors/service providers …” to “Representative examples of my third-party vendors/service providers …” Updated Embedded Content to note that only some versions of the Yoast plugin use Algolia search functions (which have reportedly been removed in newer updates), changing “The Yoast SEO plugin incorporates some search tools …” to “Some versions of Yoast SEO plugin have incorporated search tools …”
- November 25, 2019: Further adjusted the language of the Information-Sharing Disclosures (Shine the Light Law) section for greater clarity.
- November 24, 2019: In Security Scans, changed the phrase “flag the phone numbers of certain incoming voice calls …” to “flag certain incoming voice calls and/or text messages …”
- November 23, 2019: Completely overhauled the Information-Sharing Disclosures (Shine the Light Law) section to more accurately describe the law’s requirements, better explain how to make a request, and clarify how we respond to such requests. Updated Information I Receive from Other Sources to note that the security components of the Microsoft Windows operating system may also supply blacklists and/or other security-related data, and added the words “via the” before the reference to Safer-Networking in the same paragraph for grammatical flow.
- November 20, 2019: Further updated the California Privacy and Data Protection Rights language regarding verification requirements (noting the restrictions the proposed regulations impose on my use and retention of any additional data I may request to verify your identity; clarifying that the term “reasonable degree of certainty” is as the applicable regulations may define that term; changing “may permit certain exemptions” to “may provide certain exemptions”; changing “the law and it associated regulations” to “the law and/or its associated regulations”; and changing “or, if you act through an agent or representative” to “and/or, if you act through an agent or representative”).
- November 19, 2019: Added a link to the Embedded Content bullet point on YouTube videos to Google’s “Businesses and Data” pages, which contain further information on what data Google may provide to YouTube content creators/publishers. Updated the language about Google Services in Disclosure of Personally Identifying Information to change “other services or tools” to “other services and/or tools.” Updated the California Privacy and Data Protection Rights section to clarify the language about identity verification, note that I may be unable to respond to a request if I am unable to adequately verify your identity, and emphasize that (in addition to any other exemptions the law and associated regulations may permit) I may be unable to delete certain types of information for technical reasons. Updated Data Retention to note, “For compliance purposes, I must also retain information pertaining to privacy-related requests, to the extent required by applicable law and/or regulation.”
- November 18, 2019: Updated Embedded Content to note that when you access embedded content, your browser may also contact a certificate authority to check the validity of the embedded content provider’s encryption certificate. Updated the reference under Disclosure to my certificate authority to add “and/or other certificate authorities I may use or access.”
- November 17, 2019: Further clarified the language about service/software/app/device telemetry in Disclosure of Personally Identifying Information (changing the phrase “that could gather personal information through telemetry” to “that could gather site-related personal information through telemetry”). Updated the bullet point about situations where I may be legally required to disclose information (changing “in connection with an audit or other official investigation or proceeding” to “in connection with an audit, civil or criminal trial, or other official investigation or proceeding”). Updated the bullet point about disclosures to protect rights, safety, and/or property (changing “to protect my property, rights, and/or safety, or the property, rights, and/or safety of third parties or the public at large” to “to protect my property, rights, and/or safety, and/or the property, rights, and/or safety of third parties and/or the public at large.”). Added boldface to additional items on that list to aid readability. Clarified the language in the preamble about California privacy rights (changing “or jump to” to “For more information about California privacy rights, jump to …” and making the latter a separate sentence). In the Disclosure section, clarified the example about car shows (changing “obtain, publish, and/or otherwise disclose” to “take, obtain, publish, and/or otherwise share”).
- November 16, 2019: Fixed the capitalization of Online Certificate Status Protocol. Under Disclosure of Personally Identifying Information, changed the phrase “the makers of software/apps and/or electronic devices I use that incorporate information-gathering telemetry or other surveillance features, some of which cannot be completely disabled without simply ceasing to use that software, app, or device” to “services, software, apps, and/or electronic devices I may use that could gather personal information through telemetry and/or other integrated information-gathering and/or surveillance features, some of which cannot be disabled without simply ceasing to use that service, software, app, or device.” Further refined the language of the Certificate Authority Service section. Updated the reference to my Internet service provider in the Disclosure of Personally Identifying Information section from “Spectrum/Time Warner Cable®” to “Spectrum Internet® (formerly Time Warner Cable®).” Updated the description of my mobile carrier in that same bullet point and rearranged its order. Also updated the description of Bitdefender Mobile Security in the same bullet point to note that this includes the app’s associated services and correct the accidental use of “we”/”our” rather than “I”/”my.”
- November 15, 2019: Further updated the Certificate Authority Service section to define OCSP requests. Added Bitdefender to the list of examples of third-party service providers under Disclosure. Under Embedded Content, clarified the language about Google Hosted Libraries to better match the description of Google Fonts in the same bullet point.
- November 14, 2019: Added a new “Certificate Authority Service” section to Information Collected Automatically Through This Website and added Let’s Encrypt to the list of examples of third-party service providers under Disclosure. Updated the reference to Signal in Disclosure to note that Signal uses subprocessors/service providers that may include (without limitation) services provided by Google and/or Amazon Web Services, and added links to the relevant privacy information pages. Further refined the Certificate Authority Service language (also updating the reference to Let’s Encrypt in the Disclosure of Personally Identifying Information section) and added another example to Other Information You Provide to Me, refining some language in that section (adding “(but without limitation)” after “for example”; noting that the examples are just a few hypothetical possibilities; and changing the phrase “My use of such site-related information …” to “My use of personal information you provide me in such ways …”). Updated Information I Receive from Other Sources to note that my firewalls and/or other security apps/services may provide may provide me with information about any online servers or resources to which my devices connect or try to connect.
- November 13, 2019: Updated Other Information You Provide to Me section to better reflect the framing of the current preamble, changing “site visitors may provide me with personal information” to “you may provide me with personal information through or in connection with this website” and changing “inquiry about this website” to “inquiry about this Privacy Policy.” Added the manufacturers of my wireless routers to the list of examples of third-party service providers under Disclosure. Added an internal anchor link in the preamble to the California section of this policy.
- November 11, 2019: Updated Data Retention to clarify that my retention of email generally also includes files/file attachments (other than spam or suspected malware) and add language to that section about site-related text messages. Added OsmAnd as an example of mapping/navigation services in the list of examples of third-party service providers under Disclosure. Updated Information I Receive from Other Sources to note that I may receive personal information about the developers of software/apps/services/themes/add-ons I install for use in my work and/or the management of this website. Added bookstores and/or other retailers or vendors through which I may search for and/or purchase site-related materials to the list of examples of third-party service providers under Disclosure. In the same section, changed “libraries and/or archives” to “libraries, archives, and/or databases.” Added Perishable Press and the Mozilla Firefox browser to the examples of sources of third-party security-related data under Information I Receive From Other Sources.
- November 10, 2019: Updated the reference in Disclosure to TCL Communications to note that they make not only the BlackBerry device, but also its suite of associated BlackBerry apps and services. Added OpenKeychain (and/or other encryption software/services) and Open Camera to the list of examples of third-party service providers under Disclosure.
- November 9, 2019: Added libraries and archives (including librarians/archivists/their staff) and providers of public computers and/or wireless networks I may periodically use to the list of examples of third-party service providers under Disclosure. Fixed some typos in that section and changed “Examples of my third-party vendors/service providers may include” to “Examples of such third-party vendors/service providers may include …” In the California Privacy and Data Protection Rights section, changed “starting in January 2020” to “starting January 1, 2020” and “will give” to “give.” Also in the Your California Privacy Rights section, changed the heading “California Information-Sharing Disclosure” to “California Information-Sharing Disclosures (Shine the Light Law).” Under Disclosure, revised the language about information I may be required by law to disclose in order to streamline the language and better reflect the range of possible scenarios. Updated Data Retention to note that I normally retain indefinitely research notes and information related to my freelance writing and editing work, and changed the phrase “Any other type of data I may gather on visitors to this website …” to “Any other type of data I may gather through or in connection this website …”
- November 8, 2019: Updated Disclosure to note that third-party service providers may include the makers of software/apps and/or electronic devices I use that incorporate information-gathering telemetry or surveillance features, rearranging the text of that bullet point to make it easier to decipher and emphasize that the examples listed are not an exclusive list.
- November 7, 2019: Updated Data Retention to remove a confusing reference to a now-deleted section of the preamble. Made some adjustments to the list under Embedded Content to fix some grammatical issues, clarify the text, and arrange the items in a slightly different order. Changed some stray instances of “we” and “our” to “I” and “my” for consistency. Added the Google Play Store and its related services to the list of examples of third-party service providers under Disclosure, rearranging the list of Google-provided services in that section for better grammatical flow.
- November 5, 2019: Further updated Disclosure of Personally Identifying Information section to clarify that I may not always be aware of having gathered information about a site visitor in some other context. Fixed a spelling error in this revision list. Revised Security Scans to update description of the EU-US Privacy Shield framework in that section to match the reference under Disclosure of Personally Identifying Information and slightly clarified the description of the Sucuri Security plugin’s functions. Updated Comments and Personal Information to change “you can choose to save …” to “you may have the option to save …” (regarding saving the information you enter for future comments, an option that may not always be offered), change “URL” to “website,” and change “each time a reply or follow-up comment is posted” to “each time a reply and/or follow-up comment is posted.”
- November 4, 2019: Attempted to fix a technical issue with the bookmark/anchor links throughout. In Disclosure of Personally Identifying Information, changed “de-identified or aggregated” to “de-identified, anonymized, redacted, and/or aggregated.” Under California Privacy and Data Protection Rights, changed “To exercise your California privacy rights, visit …” to “To exercise your California privacy rights, please visit …” Changed several instances of “… and as otherwise described” to “… and/or as otherwise described.” Updated Information I Receive from Other Sources to note that I also get blacklist information via Spybot. UUpdated and simplified the preamble and revised text of the Disclosure of Personally Identifying Information section to add language about information I may gather or release that is NOT obtained through/in connection with this website.
- November 3, 2019: Added TinyWall to the list of examples of third-party service providers under Disclosure and updated the Information I Receive from Other Sources section to add the MVPS HOSTS file to the examples of third-party blacklists I may use and note that I may also use that information to block access to my system and/or devices as well as the website. Updated the Your California Privacy Rights section to enumerate the list of CCPA rights rather than referring to the GDPR section, changing the “Other California Privacy Rights” heading to “California Privacy and Data Protection Rights,” and making some minor clarifications to the language of that section (including noting that California Civil Code § 1798.83–84 is known as the “Shine the Light” law). Updated the GDPR section wording to refer to the Controllers, Questions, and How to Reach Me section rather than just “below” and updated the internal anchor links to that section. Updated the Not for Children Under 18; Age Verification section to clarify that the references to children refer to minor children and that parents have the right to request the removal or deletion of information about their minor children. Fixed a couple of very minor grammatical issues.
- November 2, 2019: Added HP to the list of examples of third-party service providers under Disclosure, noting that they comply with the EU-US Privacy Shield framework. Reordered several items in that section, also adding the word “other” to “printers/print services” and placing it immediately after HP. Fixed a stray incidence of “our” rather than “my” for consistency. Updated Security Scans to note that security/anti-spam scans of messages I send or receive may be performed on text messages as well as email, and that security scans may include submitting the messages, file attachments, and/or other relevant data to third-party services such as cloud-based malware-detection services.
- November 1, 2019: Fixed the date formatting and a capitalization problem in the previous entry on this list. Added Piriform (CCleaner), a subsidiary of Avast, to the list of examples of third-party service providers under Disclosure.
- October 31, 2019: Added Artifex (maker of the SmartOffice app), Mozilla (maker of the Firefox web browser(s)), and Safer-Networking Ltd. (maker of Spybot) to the list of examples of third-party service providers under Disclosure. Added Google Safe Browsing to the list of examples of Google services I may use/offer.
- October 30, 2019: Added the Guardian Project’s Orbot and Tor Browser to the list of examples of third-party service providers under Disclosure. Clarified the description of Cloudflare 1.1.1.1 in that section, adding links to the applicable privacy policies in addition to the privacy statement links.
- October 27, 2019: Added trademark notice language for the Google services specified herein, adjusting some adjacent language for readability. Clarified the wording of the reference to Gmail in the list of examples of third-party service providers under Disclosure, and added Google Hosted Libraries there in addition to the existing description under Embedded Content.
- October 25, 2019: Added Cloudflare’s WARP service (associated with the Cloudflare 1.1.1.1 service already listed), NetGuard firewall/traffic monitor, and CompanionLink to the list of examples of third-party service providers under Disclosure. Fixed some incorrect punctuation in that section.
- October 19, 2019: Added TCL Communication Limited (current owner of BlackBerry) to the list of examples of third-party service providers under Disclosure.
- October 17, 2019: Moved Effective Date to the top of the document to make it easier to see. Reworded the preamble, Revisions section, and License for This Policy sections accordingly, also fixing a capitalization inconsistency. Updated the description of this list for clarity.
- October 16, 2019: Updated the description of Yoast under Embedded Content to indicate the presence of the Yoast SEO plugin’s Algolia search functions.
- October 14, 2019: Updated the description of Epic Privacy Browser in the list of examples of third-party service providers under Disclosure to reflect that the browser also has an associated Epic Search Engine (which submits anonymized queries to Yandex) and to change “in connection with their …” to “through my use of their …” for greater clarity.
- October 9, 2019: Updated the Cookie Policy section to include a link to the Cookie Notice, which is now a separate page as well as being incorporated into the privacy preferences tool. Slightly adjusted the description of that list to note that these are cookies the site may use.
- October 3, 2019: Fixed the effective date (which had incorrectly described October 2, 2019, as a Tuesday rather than a Wednesday). Added data and/or document destruction/shredding services to the examples of third-party service providers under Disclosure.
- October 2, 2019: Amended the Your Rights (GDPR and California Privacy Rights) section to note that I may ask you to verify your identity and/or residency before processing data-related requests and that you need not be present in California to exercise your CCPA rights provided that you have a current California residence. Made few minor wording adjustments in that section to accommodate the new language and changed the phrase “… and its associated regulations” to “… and/or its associated regulations.” Revised the “Do Not Sell My Personal Information” and preamble text wording to match the wording on the Privacy Tools page.
- September 29, 2019: In the list of examples of third-party service providers, changed several instances of the phrase “I may use or offer” to “I may use and/or offer” (since in some instances I may do both). In the language about Adobe in that section, changed the phrase “may collect data about such use” to “may collect related and/or associated data” to avoid confusion. Update the Your California Privacy Rights and added links to the Do Not Sell My Personal Information page. Added Hidden Reflex’s Epic Privacy Browser to the list of examples of third-party service providers under Disclosure.
- September 15, 2019: Added website speed testing services/tools to the list of examples of third-party service providers under Disclosure.
- September 14, 2019: Added Adobe to the list of examples of third-party service providers under Disclosure.
- September 7, 2019: Added printers/print services, photo development, photo processing, video conversion, and other audiovisual material processing services to the list of examples of third-party service providers under Disclosure. In the description of the WAVE accessibility tool in that subsection, changed “am using” to “may use.” Struck the phrase “Since I don’t have employees” from the Information-Sharing Disclosures section. Throughout this policy, changed several instances of “we” and “our” to “I” and “my” for consistency.
- August 11, 2019: Under Disclosure, clarified that third-party service providers may use their own subcontractors, data subprocessors, or other third-party vendors or partners, who may be located in other countries or regions. Under Embedded Content, struck the phrase “in the United States” in the bullet point regarding BootstrapCDN/Stackpath.
- July 8, 2019: Under Disclosure, added transcription and translation to the examples of independent contractors/employees and added translation, transcription, mapping, and navigation services to the examples of third-party service providers.
- June 20, 2019: Clarified that the section of Data Retention dealing with log data refers specifically to logs for this website.
- June 7, 2019: Added Malwarebytes to the list of third-party service providers under Disclosure and updated the description of Avast in that list. Further updated the description of “browser fingerprinting” under Embedded Content.
- June 3, 2019: Made some updates to the wording of Embedded Content to better explain what other information third party content providers may be able to detect (the process of so-called “browser fingerprinting”) and add a link to the EFF’s Panopticlick website.
- April 29, 2019: Under Disclosure, changed “my independent contractors” to “my independent contractors and/or employees (if any).” (I still don’t have any employees, but I want to make sure it’s included in this language in the event that changes at some future date.)
- April 2, 2019: Updated Legal Bases for Collecting and Using Information to add the item about protection of vital interests (taken directly from the latest version of Automattic’s Privacy Policy).
- March 25, 2019: Updated Security Scans to make clearer that some Sucuri data and logs may be processed and/or stored by Sucuri as well as by me. Added an applicable ® symbol in that section.
- March 23, 2019: Rearranged some text under Comments for more logical flow.
- March 14, 2019: Added some ® symbols. Amended “Dreamhost, LLC” to just “DreamHost” (removing duplicate text were applicable) and the second instance of “T-Mobile USA, Inc.” to just “T-Mobile.” Throughout, slightly clarified the descriptions of what user agent information may include.
- March 10, 2019: Under Information I Receive from Other Sources, added The Spamhaus Project as another example of where I may obtain block lists for spam and malware prevention, and added links to that and HackRepair.com.
- March 4, 2019: Fixed some tag closing issues. Under Privacy Policy Changes, changed “the terms have changed” to “the policy has changed” for clarity.
- March 3, 2019: Updated Embedded Content to note that you may be able to selectively disable some forms of embedded content. Fixed some inconsistent usage of “administrator dashboard” vs. “administrative dashboard.” Under Legal Bases for Collecting and Using Information, changed “financial transactions or image usage rights” to “financial transactions and image usage rights.”
- February 27, 2019: Moved the first references to DreamHost and the link to the DreamHost privacy policy from the Server and Error Logs section to the Who I Am section, adding a note that DreamHost also hosts my email servers. In Server and Error Logs, changed “this site” to “the aaronseverson.com site” for clarity.
- February 26, 2019: Updated Server and Error Logs, splitting the first paragraph into two for readability; rearranging and clarifying the language; adding the phrase “(as applicable, but without limitation)” before the listed examples; adding “that uses certain site features” to the list; and adding the following text after the list: “(These examples are a representative sampling, but not an exhaustive list; we may also use or add other logs not specified here, and not all logs are necessarily in use at any given time.).” Moved the language about logging privacy consents and acceptance of terms to a new subsection under Information You Provide to Me called “Consents and Agreements.”
- February 22, 2019: Under Comments, changed “I may email you at that address to respond to your comment (or the associated comment thread, if any), particularly if it includes a question or if I need to clarify some aspect of your comment (for example, if you have posted two very similar comments, I may email you to ask which one you want me to publish)” to “I may respond via email in addition to or instead of publishing the comment on this website, particularly if your comment includes a question or offer of assistance or if I have questions about any pertinent details — for example, if you have submitted two very similar comments, I might email you to ask which one you want me to publish.” to match the language in the Terms of Use.
- February 19, 2019: Under Disclosure of Personally Identifying Information, changed “If I have received your express authorization to do so” to “If you have asked or authorized me to do so.”
- February 18, 2019: Added Cloudflare DNS resolver services to the list of third-party service providers under Disclosure. Fixed some link relationship errors in that section and noted that Cloudflare also complies with the EU-US Privacy Shield framework.
- February 17, 2019: Amended the preamble and Other Information You Provide to Me to emphasize that this policy does NOT apply to my personal correspondence or communications.
- February 14, 2019: Made a further amendment to Information I Receive from Other Sources to add another example of looking up third-party information on site visitors (making some minor amendments to the surrounding text for clarity) and reiterate that the examples presented in this section are not an exhaustive list. Also changed “How I use information gathered from other sources …” to “How I use information gathered from these or other sources …” Changed the wording of the WHOIS lookup services item under Disclosure to make it more generic. Amended Data Retention language to clarify and reiterate that legal and financial transaction records often necessarily include some personal data; split part of that paragraph into a separate paragraph for clarity (amending its text slightly to avoid confusion).
- February 13, 2019: Added spell-checking to the listed ways I may use personal information I collect from or about you and updated Data Retention to note that I typically retain indefinitely names I add to my spelling dictionaries, and that to understand your comments or inquiries/messages, I may use information you submit to seek additional information from third-party sources. Added ICANN and other WHOIS lookup services to the third-party service providers under Disclosure and inserted a note about WHOIS lookups under Information I Receive from Other Sources. Fixed some minor editorial errors I made in the above changes.
- February 7, 2019: Updated the Sucuri description in Security Scans to add the phrase “(without limitation)” after “such as,” since the listed examples are not an exhaustive list.
- February 7, 2019: Updated the Sucuri description in Security Scans to add the phrase “(without limitation)” after “such as,” since the listed examples are not an exhaustive list.
- February 6, 2019: Added Google Hosted Libraries to Embedded Content (in the same bullet as Google Fonts, since they operate similarly), revising/restructuring that bullet point’s language accordingly and adding a link to the Google Developers Google Fonts page.
- February 3, 2019: Under Disclosure of Personally Identifying Information, revised the item on information that was already public, changing the first word of that bullet from “If” to “Where”; changing “was or is” to “is or was”; changing “e.g., …” to “such as — but without limitation — …”; and adding to and clarifying the listed examples. Also adjusted the text style of that item and moved it higher on the list. Revised the preamble of that section.
- February 2, 2019: Updated Cookie Policy section to note that some accessibility features may use cookies to save your settings/preferences. At the beginning of that section, also replaced the words “each time” with “when.”
- February 1, 2019: Fixed some typos, updated text styles, and edited link titles and anchor text on this page for better accessibility. Added WebAIM to the list of third-party service providers under Disclosure.
- January 31, 2019: Amended Not for Children Under 18; Age Verification to indicate that the website may place a cookie on your device if you fail the age verification test and that you may have to reenter your birth date if the verification cookies have expired.
- January 29, 2019: Clarified the language under Not for Children Under 18; Age Verification and moved that subsection to under Information You Provide to Me. Added an internal link to it from the Cookie Policy section and amended that text to reflect the subsection’s new relative position.
- January 27, 2019: Under Disclosure of Personally Identifying Information, changed “(such as information that you have published on your official website or that is included in published interviews or news articles about you)” to “(e.g., information that’s available on your website; that you included in public comments or public posts on this or other websites; or that appears in published interviews, books, or news articles about you).” Updated Embedded Content to note that the Google Fonts servers may be operated by Google’s subprocessors as well as Google and that they may not necessarily be in the U.S., adding a link to their list of subprocessors. Made a slight change to the preamble to put the sentence about third-party websites on a separate line and reworded that sentence as: “Your use of any third-party websites or services, including those linked from the aaronseverson.com website or on which I may have accounts, is subject to the individual privacy policies and terms of use/terms of service, if any, of those sites or services.” Slightly adjusted the text in Who I Am for clarity and consistency. Added “messaging services, apps, and/or clients” to the list of third-party providers under Disclosure.
- January 25, 2019: In the California Do Not Track Disclosure section, under Your California Privacy Rights, added spaces to “Do Not Track.”
- January 22, 2019: Updated Disclosure of Personally Identifying Information language about legal requirements to clarify that I may disclose information where I deem it reasonably necessary to ensure my compliance with applicable law or regulation, even if the specific disclosure isn’t expressly required (e.g., to look up an applicable tax rate for your address). Added common carriers/shipping agencies to the list of third-party service providers. Clarified Other California Privacy Rights by putting “subject to any exemptions provided by the law” in parentheses and moving that phrase to earlier in the applicable sentence.
- January 3, 2019: Updated Disclosure of Personally Identifying Information to clarify that the circumstances under which I may be legally required to disclose information may include (without limitation) providing certain information to relevant government agencies (e.g., tax or customs agencies) for compliance purposes or in connection with audits or official investigations, as well as in connection with a subpoena or court order.
- December 30, 2018: Added Startpage.com and DuckDuckGo to the list of third-party service providers under Disclosure of Personally Identifying Information.
- December 29, 2018: Updated third-party service providers list under Disclosure to include my bank(s)/financial institution(s), and/or applicable payment processor(s). Added an additional bullet point regarding contractual obligations for disclosure of information to third-party service providers. Minor editorial correction to remove some unnecessary spaces.
- December 19, 2018: Updated Embedded Content to note that WordPress may gather information in the course of installing, removing, or updating plugins, themes, and add-ons from WordPress.org. Updated Disclosure’s list of third-party vendors and service providers to include Microsoft and WordPress.org. Slightly amended the description of my mobile provider to change “emails and texts sent to and from … to “emails, texts, and other messages sent to and from …” ETA: Amended the Microsoft description from “software, apps, and tools” to “software, apps, tools, and services” and the Spectrum/Time Warner Cable description from “and thus has access to …” to “and thus has information about …”
- December 10, 2018: Rearranged the text of the preamble for clarity, moving the licensing information into a new heading called License for This Policy (and striking the potentially confusing word “originally” from that text).
- December 9, 2018: Made a minor clarification to Data Retention regarding consent logs: changed “… after which I may retain some logs for audit and compliance purposes” to “… after which I may retain some related records for audit and compliance purposes” and put that phrase in parentheses.
- December 2, 2018: Updated Information I Receive From Other Sources to clarify what kind of information I may receive in connection with security and anti-spam measures and how I use it (adding email filtering as an additional example).
- November 27, 2018: Updated Embedded Content to add Vimeo to the list of content providers and updated Disclosure to add my Internet service provider with a link to their customer privacy policy.
- November 25, 2018: Clarified Data Retention regarding the retention of email and image files.
- November 19, 2018: Updated Disclosure to note that I may periodically use Gmail, which is owned by Google.
- November 17, 2018: Minor wording adjustments in Disclosure: changed “or is included in published interviews or news articles about you” to “or that is included in published interviews or news articles about you” and changed “their own, comparably strict confidentiality policies” to “their own, comparably strict (or stricter) confidentiality policies.”
- November 15, 2018: Clarified the preamble, Other Information You Provide to Me, and Data Retention sections regarding my work and professional relationships separate from this website. Updated Data Retention to further clarify my retention of log data.
- November 13, 2018: Changed references to Google LLC to just “Google” to avoid confusion with their shifting corporate usage. Updated Data Retention to clarify retention of privacy/consent logs and comments. Updated Server and Error Logs, Security Scans, and Comments to make clear that I may also use the data to troubleshoot technical problems and improve the functionality of the site. Added Flickr to the list of third-party service providers under Disclosure and added “website development/improvement” to the list of possible functions of independent contractors. Made a capitalization change to the Google Fonts description under Embedded Content and a minor clarification of the description of Flickr’s corporate ownership.
- November 11, 2018: Updated Data Retention to clarify that logs of some administrative functions (which contain no user data) may be retained for longer periods.
- November 8, 2018: Moved the reference to displaying specific notifications or content based on IP address or user agent from the WordPress section of Embedded Content to Server and Error Logs, since that function appears to mostly be performed locally (i.e., by this website rather than an external one). Added notes to Server and Error Logs, Security Scans, Embedded Content, and Comments sections indicating that your IP address may reveal your geographical location and in some cases also your Internet service provider.
- November 7, 2018: Updated Embedded Content to better describe information gathered by WordPress. Added an item to that section about FeedBurner blog feeds on the administrative dashboard.
- November 5, 2018: Fixed a typographical issue with this list (the inadvertent substitution of em dashes for ellipses).
- November 4, 2018: Updated Comments, changing “… record and use the information in and associated with your comment … ” to “… record and use personal information in and associated with your comment … “; “… it can be found using the website’s search function” to “… it appears and/or can be found using the website’s search function and other internal indexing tools”; and “publish and/or respond to your comment” to “publish and respond to your comment.”
- October 22, 2018: Updated this page’s hyperlinks with “rel=noopener” or “noopener noreferrer” attributes for security purposes.
- October 19, 2018: Updated Data Retention section with information about photos or other images (revising some related existing language for clarity). Also, clarified some cumbersome wording about retention of anonymous or de-identified log data. Added “but without limitation” to the example under Information I Obtain from Other Sources. Updated and rearranged the list of grounds in Legal Bases for Collecting and Using Information, changed “… to safeguard the integrity of this website” to “… to safeguard the integrity of this website and its data,” and changed “to better understand how many people access my content” to “to better understand how people access my content.”
- October 16, 2018: Updated the Who I Am section at the top to emphasize that I’m based in the U.S. Changed the name of the contact info HTML anchor from “ReachUs” to “ReachMe.” Added links to it from Who I Am and Not for Children Under 18; Age Verification sections.
- October 14, 2018: Updated Embedded Content to change “… that loads the embedded content” to “… that loads and/or interacts with the embedded content”; “and/or include other mechanisms that allow the third-party hosting site to gather certain information about you” to “and/or use other mechanisms that enable the third-party site to gather information about you”; and “geographical location” to “your geographical location” for clarity. Updated the YouTube description in that section to note that YouTube players may check whether you are logged into a Google account and added an extra link to their privacy policy.
- October 12, 2018: Updated Embedded Content and Disclosure to indicate that I may also use or offer other Google tools or services.
- October 10, 2018: Clarified Disclosure section to note that my web host also hosts the mail servers for my associated email addresses.
- October 7, 2018: Further clarified Disclosure provisions about contractors and third-party vendors/service providers. Minor editorial correction to this revision list. Updated Data Retention to note that I may retain some anonymous or de-identified log data for longer periods. Clarified Disclosure provisions regarding business transfers. Updated Comments to note that special characters, HTML/PHP code, and emojis in comments may be removed.
- October 4, 2018: In Disclosure of Personally Identifying Information, changed “release” to “release or disclose.” Added a note about T-Mobile’s scam warnings to Security Scans and noted in Disclosure that my mobile carrier also, obviously, processes my phone calls.
- October 3, 2018: Amended the third-party vendors/contractors/employers language in Disclosure of Personally Identifying Information for greater clarity, including separating independent contractors and vendors/service providers into two bullet points rather than one, explaining that the purposes for which I may share information may include addressing technical and/or legal issues (as well as the other purposes already specified) and repeating some of the links to third-party privacy policies. Made minor editorial changes throughout to fix instances where I had mistakenly switched from first person singular to first person plural. Inserted “(see “Other California Privacy Rights” below)” to the text of GDPR and State Law. Made some minor clarifications to the language in the Cookie Policy section. Made some minor clarifications to the language in the Cookie Policy section, including reordering two paragraphs.
- October 2, 2018: Added a separate sub-section, “Other Information You Provide to Me.” Added the word “NOTE” to the note in the preamble.
- October 1, 2018: Clarified language about ban lists/blacklists, noting that some may include email addresses and which I may use to protect my system and devices as well as preventing spam and protecting the site and its data.
- September 30, 2018: Renamed Cookies section “Cookie Policy” and added a hypertext anchor to it. Added a Your California Privacy Rights header to the California rights section and added a hypertext anchor to it for easier navigation. Updated Comments and Information I Receive from Other Sources to note that I may obtain or receive ban lists of IP addresses and/or user agents commonly associated with spam and/or malware.
- September 29, 2018: Updated the Comments section to note that published comments may appear in search results made using the website’s search function and that I may index them for that purpose. Clarified Disclosure and California Information-Sharing Disclosure sections to note that embedded content providers may use the information they gather for advertising/marketing purposes.
- September 28, 2018: Updated and clarified the Comments section (and the Comments item in Disclosure) to reflect recent updates to the Terms of Use, including hopefully clearer language about email notifications and modifying/deleting comments.
- September 26, 2018: Updated the Comments section to mention the Recent Comments widget.
- September 25, 2018: Updated Server and Error Logs and Data Retention to clarify the types of data the logs include and how long I retain it. Added Other California Privacy Rights section.
- September 21, 2018: Updated GDPR and State Law bullet point on data portability to add “(starting in 2020, California residents may request this up to twice per year).”
- September 18, 2018: Added note about California’s information-sharing disclosures to Your Rights section (altering the heading of that section accordingly), rearranging some text and adding subheadings to that section. Updated Disclosure to clarify that I don’t share information for direct marketing purposes.
- September 17, 2018: Updated Your Rights section to note that some of these rights apply to residents of some U.S. states, including California. Updated Disclosure section regarding security measures.
- September 16, 2018: Amended Embedded Content to change “The third-party host may also detect …” to “In some cases, the third-party website may also be able to detect …” and “This information is collected and processed …” to “Such information is collected and process …” Fixed error in link tags.
- September 15, 2018: Added links to Gravatar and their TOS under Embedded Content and noted that Gravatar may now be integrated with WordPress.com
- September 14, 2018: Updated Embedded Content to include Gravatar and note that Google Fonts may cache data on your device browser as well as gathering certain information about your device.
- September 13, 2018: Updated Embedded Content to note that there may be PayPal-served content on the administrative dashboard. Struck the item in that section about Google Drive and Amazon Web Service embedded graphics, which have now been removed. Clarified WordPress data-collection language, including noting that back-end content may be loaded from several domains owned by WordPress.org (e.g., s.w.org, ps.w.org, and ts.w.org).
- September 12, 2018: Updated Embedded Content to include remotely served Google Drive and Amazon Web Services graphics. Clarified that some back-end administrator components also embed YouTube videos.
- September 10, 2018: Added link to AboutCookies.org under Cookies. Fixed a minor formatting error. Added YouTube to Embedded Content and updated links to the Google Privacy Policy.
- September 9, 2018: Further clarified Cookies section to better explain cookie duration.
- September 8, 2018: Renamed the button to access privacy/cookie settings from “Change Your Privacy Preferences” to “Access Your Privacy and Cookie Preferences” for clarity and added that button here rather than simply a link to it.
- September 7, 2018: Further amended Cookies to clarify cookie durations. Updated Comments section to include note about saving your information with cookies for future comments and update info on deleting comments.
- September 6, 2018: Updated Embedded Content with a link to Yoast’s GDPR page. Updated Cookies to better explain how you can find out about the specific cookies the site uses. Added WordPress to Embedded Content list.
- September 5, 2018: Updated links to external privacy policies/statements (including adding links to the Google Privacy Policy); updated the ownership descriptions for BootstrapCDN/MaxCDN (which are now part of StackPath), DreamHost, and T-Mobile; added a smattering of ® symbols throughout; hyphenated “back-end” for editorial consistency; and fixed some inconsistent capitalization. Clarified the duration of some cookies in Cookies section.
- September 4, 2018: Updated Embedded Content to indicate that some backend (administrative dashboard) features may be served by Yoast.
- September 1, 2018: Updated Disclosure to include a note about transfers of this website due to sale or death.
- August 18, 2018: Added additional information to Cookies and Data Retention regarding cookie duration.
- August 15, 2018: Added additional notes to Security Scans and Comments to indicate that I may also perform security scans on emails, including comment notifications, for spam and malware. Added a note to Disclosure about Avast, the current provider of some of my security, antivirus, privacy, and administrative tools, including a link to their privacy policy. Minor tweak to Security Scans to note that Sucuri “can detect security vulnerabilities and some forms of malware by scanning the files and public areas …”
- August 14, 2018: Updated Data Retention to clarify retention of log and scan result data, email alerts, and notifications. Updated Disclosure to note that I may share information that’s already publicly available.
- August 13, 2018: Updated Server and Error Logs to note that the website also keeps logs to record your consent to the Privacy Policy, other legal terms, and/or to my gathering certain types of personal information. Also inserted “I, or where applicable my web host, may use …” (since some of the logs described are maintained solely by me and other by my web host). Also added a note about retention of consent logs to Data Retention. Updated Security Scans to note that I also use various measures to protect my local systems, devices, and offline data against malware and other security threats.
- August 12, 2018: Updated Comments to add “without limitation” to the examples following “… the information in and associated with your comment” and note that comment notification emails may include the website/URL you listed in your comment. Removed the reference to WP DoNotTrack (I still use it, but its inclusion here was more confusing than helpful). Added a mention of the email notifications for comments to the applicable point under Disclosure.
- August 11, 2018: Updated Security Scans to note that the site’s security measures may automatically block certain suspicious actions or queries. Updated Cookies section to clarify that embedded third-party content may use cookies. Minor edit in Disclosure section to the language about third-party vendors, service providers, and independent contractors to make the wording more consistent. Updated Comments section to reiterate that I take no responsibility for what third parties do with any personal information contained in posted comments.
- August 10, 2018: Updated Comments section to explain that the website may perform automated tests on comments to filter spam (and my web host and mobile provider may do the same with comment notification emails) and that I may use data associated with comments to record your acceptance of the Privacy Policy and other legal terms. Rearranged and made some minor amendments to the text of that section for clarity, including adding language about providing a URL, restoring earlier language about comment notifications, and changing “By posting a comment …” to “By submitting a comment …” Minor correction to an earlier item on the revision list. Clarified the language in Security Scans about my web host/mobile carrier scanning emails for spam and malware. Clarified and expanded Data Retention section. Added links to DreamHost and T-Mobile privacy statements to Disclosure section for ease of reference. Updated Information I Receive from Other Sources.
- August 8, 2018: Minor revision to Data Retention: “… relevant log or alert data may be retained for longer periods” → “… relevant data may be retained for longer periods.”
- July 27, 2018: Clarified that archival copies of deleted comments may remain in my records or backups. Minor editorial correction.
- July 26, 2018: Minor editorial revision: changed “Google” or “Google Inc.” to “Google LLC” where applicable. Removed accidentally duplicated line in Disclosure of Personally Identifying Information.
- July 16, 2018: Updated description of user agent information and that it typically includes browser settings such as language preferences. Updated Not for Children Under 18; Age Verification language.
- July 15, 2018: Streamlined Embedded Content section to make it clearer and less repetitive. Minor editorial corrections.
- July 14, 2018: Further adjustments to preamble wording.
- July 13, 2018: Various minor revisions to emphasize that this policy applies strictly to information gathered through this website, not to any separate business arrangements (if any) with me.
- July 12, 2018: Clarified language of Not for Children Under 18; Age Verification section. Further clarified log retention periods based on an updated from Sucuri. Fixed some minor formatting problems. Reworded How to Reach Me and made other minor adjustments to Data Retention.
- July 11, 2018: Clarified how long I retain logs and that some security audit logs may be retained by me, Sucuri, or my web host for longer than 30 days. Added notes about my web host and mobile carrier doing security and anti-spam scans of email, and that (obviously) my mobile carrier may manage site-related texts as well as emails sent to my phone or phones. Amended Disclosure of Personally Identifying Information to include a provision about publishing excerpts of support requests (such as reports of technical problems) you send me privately. Minor formatting changes. Clarified language of Not for Children Under 18; Age Verification section.
- July 10, 2018: Clarified that, obviously, my and my web host’s security scans look for the presence of potentially malicious code. Noted that the admin login page sets cookies and made minor clarifications to the Security Scans section.
- July 4, 2018: Clarified that I may also use information from comments for the other purposes outlined in Disclosure of Personally Identifying Information. Noted that I may add or alter filenames and/or metadata to indicate the provenance and attribution of images or other content (as well as retaining any personal information that might already be contained in that content). Minor editorial corrections.
- June 24, 2018: Clarified that comments record your browser’s user agent information (browser and operating system type/version) as well as your IP address. Changed description of user agent info from “browser type/version and operating system” to “browser and operating system type/version” throughout for clarity.
- June 21, 2018: Noted in Comments that I may use information associated with your message to verify your identity as well as confirming that you’re not a bot.
- June 21, 2018: Updated Comments section to indicate that I may use information associated with your comment to verify your identity as well as whether you’re a real human being rather than a bot.
- June 19, 2018: Added comments to Disclosure of Personally Identifying Information, for completeness.
- June 18, 2018: Updated Comments section to clarify that notifications emailed to the administrator include your IP address, a point inadvertently dropped in an earlier revision. Changed “user name” to “name” for clarity. Updated Comments section to clarify that I may use your information to protect my accounts, systems, and devices (as well as the website itself) against spam, fraud, abuse, or electronic attacks.
- June 16, 2018: Updated Disclosure of Personally Identifying Information to note that I may disclose personal information to appropriately credit people for the use of their content or intellectual property. Updated Data Retention to note that I retain dispute-related information indefinitely. Added note at the top clarifying that this policy does not apply to any third-party websites linked here.
- June 8, 2018: Corrected “Information We Receive from Other Sources” to “Information I Receive from Other Sources” and updated that section to explain disclosure. Renamed “Information We Collect” to “Information I Collect.” Minor editorial corrections throughout.
- May 30, 2018: Minor editorial clarification in Security Scans: “That alert would typically include the unauthorized visitor’s IP address, browser type/version, and possibly their operating system …” –> “That alert would typically include the unauthorized visitor’s IP address and possibly their user agent information (browser type/version and possibly operating system) …”
- May 26, 2018: Updated Security Scan and Disclosure sections to reflect current Sucuri terms. Clarified Embedded Content wording. Added link at the top to the revisions list.
- May 24, 2018: Various minor clarifications, including revised Cookies, Security Scan, Data Retention, and Revisions language and the removal of Other Information You Provide to Us.
- May 23, 2018: Updated http links to https as applicable. Updated cookie language. Updated disclosure language. Clarified Security Plugins section and renamed it Security Scans. Minor amendments to Server and Error Logs to correspond with these changes.
- May 21, 2018: Clarified embedded content language, adding Cloudflare, and added note about Sucuri scanning. Streamlined and amended cookie language.
- May 20, 2018: Added language about Google Fonts, mobile carrier, clarified location, added date retention information.
- May 19, 2018: Clarifications for GDPR compliance (based in part on latest Automattic terms effective May 25, 2018).
- May 1, 2018: Clarified that the Disclosure of Personally Identifying Information section applies to information gathered through this website.
- January 13, 2016: Added note to preamble clarifying that variations in text style have no legal significance.
- January 8, 2016: In Disclosure of Personally Identifying Information, changed “contractors, business partners, and affiliated organizations …” –> “contractors, service providers, business partners, and affiliated organizations …” and “Some of those contractors and affiliated organizations may be located … –> “Some of those contractors, service providers, business partners, and affiliated organizations may be located …”
- January 7, 2016: Removed references to third-party font API service, which I have discontinued using. ETA: Editorial changes and corrections. ETA: Added BootstrapCDN info to Embedded Content section. Updated Server and Error Logs: “(such as, but not limited to, the IP address and in some cases the browser type and referring site, if any)” –> “(such as, but necessarily not limited to, the IP address; the user agent information supplied by the browser, which typically includes the browser type/version and operating system; and in some cases the referring site, if any)” and added “to improve the functionality of the site” to the list of uses.
- January 6, 2016: Clarified previous revision information. Editorial correction (removed outdated contact form reference). Editorial corrections. In Disclosure of Personally Identifying Information, changed “other court order” –> “other court or government order.” ETA: Amended Server and Error Logs: “such as the IP address” –> “such as, but not limited to,”. ETA: In Embedded Content section, changed “I do not receive or have access to any user data related to these fonts” –> “I do not collect or receive any user data related to these fonts.” Editorial corrections.
- January 2, 2016: Clarified Comments section to note that I will assume you are authorizing me to publish any information you include in a comment you post (ETA: including the name/screen name you supply). (I would hope this would be obvious, but I note it here for the avoidance of doubt.)
- December 31, 2015: Editorial corrections.
- December 29, 2015: Editorial corrections. Clarified that this entire policy is available under CC BY-SA 4.0 and clarified licensing language. Amended Disclosure of Personally Identifying Information: “I will not publish or release personally identifying information such as your email address …” –> “I will not publish or release personally identifying information associated with your request, such as your email address, …”
- December 28, 2015: Added note about Automattic revision history; editorial corrections. Clarified licensing language.
- December 25, 2015: Editorial correction.
- December 24, 2015: Added link to Automattic Inc. main site. Reworded Server and Error Log language: “As part of their normal operations, my web host (which is located in the United States) and the security systems of this website automatically generate access and error logs” –> “Like most websites, this site and my web host (which is located in the United States) maintain various logs that collect certain information”.
- December 23, 2015: Minor change in Server and Error Log: “to block spam and unauthorized “hotlinking” to … –> “to block spam and hotlinking or other unauthorized use of …” Editorial corrections.
- December 22, 2015: Editorial and formatting changes; added more detailed recent revision list. Clarified licensing language.
- December 21, 2015: Minor editorial changes. Clarified licensing language.
- December 19, 2015: Updated language regarding use of information related to comments and form submissions. Updated language clarifying that log information may be used to prevent hotlinking and/or electronic attacks.
- December 16, 2015: Clarified language regarding use of personally identifiable information in comments.
- December 10, 2015: Clarified that third-party font API service servers are located in the U.S. Added credits to note about WP DoNotTrack.
- December 9, 2015: Clarified Server and Error log information. Editorial changes, including rearranging some sections. Editorial and formatting changes.
- October 23, 2015: Editorial corrections. Added “and/or” to Disclosure of Personally Identifying Information stipulations.
- October 10, 2015: Editorial and formatting changes. Clarified Online Tracking section.
- August 24, 2015: Split from Privacy & Legal to separate document. Added Server and Error Logs information; editorial changes. Updated the Creative Commons license for the policy from Attribution-ShareAlike 2.5 Generic to Creative Commons Attribution-ShareAlike 4.0 International.
Please contact me if you need information on earlier revisions.