Privacy Policy

This Privacy Policy explains what personal information I may collect through and/or in connection with this website and how I use that information. Please read this policy before using the site. By using the aaronseverson.com website, you indicate your acceptance of the policy described below and of the Cookie Notice (which forms part of this Privacy Policy and is incorporated by reference herein).

Please note that your use of any third-party websites or services, including those linked from the aaronseverson.com website or on which I may have accounts, is subject to the individual privacy policies and terms of use/terms of service, if any, of those sites or services. My automotive website, Ate Up With Motor, has its own privacy policy, as does my professional writing/editing/writing consultation website, 6200 Productions (whose privacy policy also applies to my writing/editing/writing consultation services outside of Ate Up With Motor). Those policies are separate from this one.

EFFECTIVE DATE: This version of the Privacy Policy is effective Friday, July 10, 2020. If this policy has changed since you last reviewed it, or if you received a notice indicating that the Privacy Policy has changed, you may want to jump directly to the “Recent Revisions” section at the bottom of this page, which summarizes recent modifications in reverse order by date.

Variations in text style (such as different font weights, sizes, or colors) are used throughout this Privacy Policy to improve readability, but have no legal significance or effect.

Table of Contents

Who I Am

For purposes of this Privacy Policy, the terms “I,” “me,” and “my” shall be deemed to signify Aaron Severson, the owner of this website, an individual U.S. citizen residing in Los Angeles, California, U.S.A. I, along with my web host, DreamHost® (which also hosts the mail servers for my aaronseverson.com email addresses — here’s DreamHost’s Privacy Policy), and many of the vendors and third-party service providers I use in connection with this website, are located in the United States and are subject to U.S. law, which may differ from the laws of your area. Click here to jump to my contact information toward the bottom of this page.

License for This Policy

Portions of this Privacy Policy were adapted from the Automattic Inc. Privacy Policy (which you can also find at their Legalmattic repository) under a Creative Commons Attribution-ShareAlike 4.0 International license. This policy (including both my adaptation of the Automattic terms and my additions) is offered under the same license. If you elect to use or further adapt my version, please credit Automattic Inc. as well as me (Aaron Severson). I also strongly recommend that you note the effective date shown above and include that date in your attribution if it is reasonably practical to do so. (See the change log at the bottom of the Automattic policy linked above for their revision history; both the original and this document have been modified many times!)

Information I Collect

I may collect information on you in three ways: automatically through this website; if and when you supply information to me; and from other sources. Each of these three types of data collection, and my use of that information, will be further explained below.

Legal Bases for Collecting and Using Information

If you are in an area that is subject to European data protection laws, my legal grounds for collecting and using your information are that:

  1. The use is necessary to provide the functions of the website (such as comments); or
  2. The use is necessary for compliance with a legal obligation (such as my need to maintain reasonable records of financial transactions and image usage rights); or
  3. The use is necessary to fulfill a contractual obligation (such as complying with the terms of a Creative Commons or other license for the use of your content); or
  4. The use is necessary in order to protect your vital interests or those of another person; or
  5. I have a legitimate interest in using your information — for example, to safeguard the integrity of this website and its data, to troubleshoot technical problems, and/or to appropriately respond to your inquiries regarding my work; or
  6. You have given me your consent.

Notice to Parents Regarding Children Under 18; Not for Children

This website is in no way intended for or directed at children. Except as otherwise required by law, in the event I receive any personally identifying information through this website that I know to be from a child under the age of 18 (e.g., a message to the administrator email or a comment), it is my policy to promptly delete such information or, if complete deletion is not possible, to take whatever steps I reasonably can to de-identify or anonymize that information.

If you have questions, if you are a parent or legal guardian and believe that this website may have collected personal information about your minor child, or if you wish to exercise your right to remove or delete such information, please contact me via one of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below.

Definitions

To help simplify and clarify the rest of this policy, the following definitions will be used throughout this document:

  • User(s) and visitor(s): For the purposes of this policy, I use the terms “visitor” and “user” synonymously to mean any individual who accesses this website. This policy assumes that you, the reader, are such a visitor/user.
  • Personal information/personally identifying information: Different jurisdictions have different definitions of “personal information” and “personally identifying information” (terms this policy uses synonymously), but in general, it means any information that could be used to individually identify you and/or your “household” (another term that may have different legal meanings depending on the jurisdiction). Information doesn’t have to identify you by name to be considered personal information or personally identifying; information that describes or could be associated with you can also constitute personal information. In this policy, I also use the term “potentially personally identifying information” to describe information that might identify you and/or your household in certain contexts (and/or in combination with certain other information).
  • Gather and collect: This Privacy Policy treats the terms “gather” and “collect” synonymously.
  • Identifiers: “Identifiers” are pieces of personal information that expressly identify an individual, household, or specific device, such as (though not limited to) real names, postal mailing addresses, email addresses, driver’s license numbers, Social Security Numbers, or unique device ID numbers. Some jurisdictions also consider IP addresses to be identifiers.
  • Protected classifications: Some pieces of personal information are characteristics of one or more classifications that are protected by civil rights law and/or other nondiscrimination laws, such as race, religion, gender, or medical conditions.
  • IP address: An Internet Protocol (IP) address is the numerical address of any device capable of accessing the Internet. If you use several different Internet-capable devices, their individual IP addresses are typically all different (although if you have several devices connected to the same router or tethered together, they might share the same IP address so long as they remain connected or tethered). An IP address typically reveals the Internet service provider or mobile carrier the device is using. A given device’s IP addresses may change periodically (especially if the device is configured to use “dynamic” IP addresses assigned by the Internet service provider or mobile carrier). It is possible to hide a device’s IP address and Internet service provider/mobile carrier by using a virtual private network (VPN) or proxy service; with these services, you first connect to a computer server provided by the VPN/proxy service and that proxy server then connects to other Internet sites and resources, which “see” only the IP address of the proxy server. For the purposes of this policy, when I refer to IP addresses, I mean the IP address that actually connects to my website or that I otherwise receive, whether that is your device’s actual IP address or a proxy. (In many cases, I have no way to tell the difference.)
  • User agent information: A “user agent” is any software program, service, or system that allows a user to access web content. This can mean a web browser, an email client, or a web “crawler” of the kind used by search engines. User agents automatically reveal certain information about themselves — and therefore about the user — to any online resource they access, enabling that resource to deliver its content in a way the user agent can correctly handle. At a minimum, a browser’s user agent information typically reveals the browser type and version, the operating system in which the browser is running, and certain settings such as preferred language and time zone; if you’re using a mobile browser, the user agent information may also reveal the specific type of mobile device you’re using. User agent information is typically not personally identifying by itself, but it is sometimes possible to identify an individual user based on their specific combination of browser characteristics, a technique called “browser fingerprinting.” The Electronic Frontier Foundation (EFF) has created a website called Panopticlick that offers more information about this complicated subject, including a tool that lets you test what “fingerprints” your browser may have. (I am not affiliated in any way with the EFF and offer this link purely for your information.)
  • Domain name: A domain name is the name of an online resource such as an email server or a website; for example, “aaronseverson.com” is a domain name. The ownership of domain names is registered through the Internet Corporation for Assigned Names and Numbers (ICANN), which maintains a directory of registered owners and their contact information. Most websites have a domain name, as do nearly all email addresses. When you access an online resource by its domain name, your device first accesses a domain name system (DNS) server, which is a directory that looks up that resource’s IP address so your device can connect to it. Mechanisms that collect website visitors’ IP addresses sometimes also record a domain name in connection with that IP address; this is typically the domain name of the Internet service provider or mobile carrier with which that IP address is associated.
  • Embedded content: Most web pages consist of many different elements, including not only the HTML code, but also various images, other media files, fonts, and scripts. For this website, most of those elements reside on and are served (i.e., loaded and run in your browser) by web servers owned by my web host, DreamHost®; this policy describes such elements as “local,” “locally served,” or “locally hosted” content (these terms are used synonymously). Certain elements of the website, such as (without limitation) images, scripts, fonts, or video players, may reside on and be served by systems not owned by DreamHost, such as third-party hosted libraries or content delivery network (CDN) servers; this policy describes such elements as “embedded content.” Whenever you access a page that includes embedded content, the page instructs your browser to contact the servers of the embedded content provider to retrieve and load those elements. Some types of embedded content (e.g., fonts) may be cached (stored) in your browser for faster loading; additionally, your browser may store certain associated data such as (without limitation) the date and time the embedded content was loaded and/or last updated. With most modern web browsers, this process is completely automatic, although it can sometimes be managed through the browser’s advanced settings and/or the use of browser add-ons.
  • Visitor activity: For purposes of this policy, “visitor activity” refers to any information I may collect about my visitors’ online activity and/or actions, whether on this website or elsewhere online, such as (without limitation) web pages they’ve visited, links they’ve clicked, or search terms they have looked for.
  • Malicious activity: I define “malicious activity” as any activity or action intended to harm, abuse, compromise, or disrupt the functions of this website, its data, my web host, my embedded content providers, my visitors/users, my system and device(s), and/or me, or defraud or attempt to defraud me, my service providers and/or vendors, and/or my visitors/users.
  • Errors and suspicious activity: For purposes of this policy, “errors” means any error messages your visits to this website may generate, such as when some of the images or elements that should appear on a particular page fail to load. (“Error” doesn’t necessarily mean that you’ve done anything wrong!) “Suspicious activity” means any access to or actions involving this website that could be a sign of malicious activity. Of course, not all suspicious activity is actually malicious; often, it results from an error beyond the visitor’s control or from a harmless mistake.
  • Names: Unless otherwise specified, where I refer to “names” in this policy, it includes both real, legal names and pseudonyms/aliases. In general, I only require your legal name in certain circumstances (such as financial transactions or legal agreements). Otherwise, you are free to communicate with me using only a pseudonym or alias, although if you do so, I may have no way of associating those communications with information I may have about you under your real name and/or other pseudonyms or aliases. (Also, if your pseudonym or alias looks like a real name, I may have no way to know it isn’t one!)
  • Email address(es): Email is the main means by which I respond to visitor/user questions and inquiries, as well as how this website associates posted comments with the people who made them. For purposes of this policy, I assume that email addresses naturally include domain names even where I don’t expressly specify “domain names” in the list of information collected. (I may sometimes collect domain names that are not associated with a single email address.)
  • Email header information: All email messages include email headers (sometimes called “Internet headers”) that contain not only the sender and recipient email addresses, but also the names and IP addresses of the mail servers that sent and received the message, routing information, encryption and security protocols, and other technical details. (The precise details vary depending on your email client and provider.) Although email headers always include your email address, there are situations where I may have your email address, but not your email header information, usually because I have never actually exchanged any email messages with you.
  • Other contact information: This means any contact information other than email, such as a telephone number or postal mailing address.
  • Images and/or other media: “Images” is hopefully self-explanatory; for purposes of this policy, “other media” (or “other media files”) is a blanket term intended to encompass any audio, visual, or multimedia content that is not an individual image, including, but not limited to, videos, audio recordings, broadcasts or streams, comic books, presentations, and/or slide shows.
  • Other documents/materials: This includes any type of physical or electronic document or material, such as books, magazines, letters sent via postal mail, newsletters, or clippings.
  • Metadata: Any electronic file, document, or communication contains metadata, which is data about that file, document, or communication, such as its file size, type, creation date, and technical details such as bit rate or pixel dimensions. The information in telephone records (such as the phone numbers of the callers, the date and time of each call, the call durations, etc.) can also be considered metadata. Metadata is not necessarily personally identifying in and of itself, but may sometimes contain personal information (e.g., the author’s name or contact information) and/or potentially personally identifying information.
  • Geolocation data: Geolocation data means information about an individual or household’s physical location and/or movements, such as the fact that an individual is or was present in a particular geographical location or traveled between two or more geographical locations. I may receive geolocation data from you directly, such as when you tell me your location in a comment or other communication (or, obviously, if I meet you in person), but I (and/or my service providers, where applicable) may also determine or estimate your geographical location or movements based on other data such as your IP address, the area code of your telephone number, or GPS coordinates in the metadata of your submitted images. Although some jurisdictions regard geolocation data as personal information, it doesn’t necessarily reveal where you live or work, and in some cases may not reflect your actual location at all, particularly if you use a VPN or proxy service.
  • Websites/URLs: “URL” (an acronym for Uniform Resource Locator) is the technical term for a web address. A website URL isn’t necessarily personally identifying, at least by itself, but the URL such as your social media profile or online resume/CV would probably be considered personal information. Where this policy refers to “websites/URLs” as a category of personal information, I mean URLs that may contain (or that link to) personally identifying information about individuals or households.
  • Referring site: When your browser or other user agent connects to some online resource — such as when you click a link or access embedded content on a web page or in an email message — that online resource can generally see the website or other online location, if any, from which the request originated, which is known as the “referring site” or “referer” [sic — some sources use the correct spelling, referrer, although the actual name of the HTTP header that conveys this information is (mis)spelled “referer”]. If the referer is the results of a search query (for example, when you click on a link from search engine results), the online resource you access can typically see not only the referring site, but also the specific search terms you were looking for. (Some privacy-focused search engines take steps to remove this referer information so the destination site can’t see it, but most popular search engines do not.)
  • Other personal information: This includes any other information about an individual or household that could be considered personal information or personally identifying information. As noted above, some jurisdictions now regard nearly any piece of data about an individual or household as “personal information,” from the career history of a public figure to the fact that a website visitor once owned a car of a particular model.
  • Special: This policy uses this term to denote certain unusual categories of information not easily categorized, which may or may not be personally identifying.
  • Administrative dashboard/backend: Like most modern websites, this site has both a public-facing (“front-end”) portion and a “backend” administrative area that includes various controls for managing the site and its content. The content management system WordPress, which this website uses, describes the administrator backend as the “dashboard,” so this policy uses “administrative backend” and “dashboard” synonymously. The administrative dashboard is not normally accessible to visitors other than authorized administrators (meaning me!), and I take various measures to guard against unauthorized access to it.
  • Cookies and similar technologies: A cookie is a small text file — a string of information — that a website or online service places (or “sets” — these terms are used synonymously) on your browser or device and that your browser or device then provides to that site or service when you access it. (It is sometimes also possible for a website or service to detect cookies set by other sites/services.) Cookies may be used in many different ways, but the most common uses are to save your settings or preferences, to manage logins, and to help identify specific users or devices for analytics and/or advertising purposes. Most cookies are specific to each browser and device; if you access a website from multiple browsers and/or multiple devices, the website may place cookies on each browser on each device. A cookie set by the website or service you are currently visiting is called a “first-party” cookie while cookies set by other services or domains (e.g., the cookies set when you access an embedded video player) are known as “third-party” cookies. You can learn more about how cookies work and how you can manage or delete them on different browsers by visiting AboutCookies.org. (I am not affiliated in any way with that website, which is run by the law firm Pinset Masons LLP, and offer this link purely for your information.) Some online services may also use similar technologies, such as storing certain information in your browser’s local storage and/or plugins; local storage information and so-called “local storage objects” aren’t cookies in the usual sense, but they may perform similar functions and may be used instead of or in addition to cookies. Such technologies are often used to manage functional details such as settings and preferences, but are sometimes also used to help the service to identify you. Online services may also use “web beacons,” which are small code blocks or tiny image files (sometimes called “tracking pixels” or “pixel tags”) that transmit certain information about you and your user agent (as defined above) to the service from which the web beacon is loaded. Web beacons (which are a form of embedded content) are sometimes also used instead of or in conjunction with cookies to identify users and track their behavior online.

Categories of Information and Purposes for Collection

In each of the sections below, I indicate the categories of personal information I may collect and the categorical purpose or purposes for which I may collect that information.

Those possible purposes include:

  • Functionality: I use the information so that this website, or certain specific functions thereof, can work properly. For example (but without limitation), none of the pages or content on this website will load if the web server doesn’t have a valid IP address to which to transmit the necessary data.
  • Providing services: I use the information to perform some action you have asked me to perform, provide some service(s), and/or conduct the normal activities involved in running this website and its associated business operations. For example (but without limitation), I probably couldn’t send you a physical document without your mailing or delivery address.
  • Completing a transaction: I use the information to conduct or complete financial transactions with you.
  • Fulfilling a contractual obligation: I use the information to meet the requirements of some contract or legal agreement, whether with you or a third party.
  • Legal compliance or audit: I use the information to ensure my compliance with applicable laws or regulations, and/or so that I can demonstrate my compliance to an auditor or investigator if needed.
  • Research and publishing: I use the information as part of the research involved in creating and publishing my content, my other other other writing/editing/writing consulting work, and/or other creative endeavors, and/or to help me decide what content and/or other work to create and/or publish in the future.
  • Security, troubleshooting, quality control, and technical improvement: I use the information to help me protect this website, its users, my data, my systems/devices, my business, and/or me from malicious activity; troubleshoot and resolve technical problems; and/or maintain and/or improve the quality and functionality of the site and/or my services.
  • Recruitment/hiring or business partnerships: I use the information in recruiting/hiring employees, independent contractors, and/or interns, and/or in entering or considering entering business partnerships or other formal professional relationships with someone.
  • Advertising and other commercial purposes: I use the information to promote or advertise my content or services, sell advertising on this website, monetize the site and/or my content in other ways, and/or achieve some other commercial purpose(s).

In many cases, information I collect may have several purposes or possible purposes. Obviously, not every individual piece of information in a particular category will necessarily be used or even useful for each listed purpose.

(Where the sections below list multiple purposes or possible purposes, separated by semicolons, the order does not signify any comparative priority or significance.)

In some cases, I may collect certain types of information in certain circumstances and not in others. In those cases, the information category shown below will be followed by a single asterisk (*). (For example, but without limitation, I generally don’t need your postal mailing address except in connection with certain financial transactions or if you ask me to send you some physical letter or parcel, so I only collect mailing addresses from certain visitors, not from everyone.)

Keep in mind that the categories of information listed in each section below are just the types of information I may collect in the specific context described in that section. Depending on how you use my website, several or all of these sections may apply to you.

Cookies and Similar Technologies

The aaronseverson.com website uses cookies and similar technologies (e.g., local storage objects) for a variety of purposes. Some are placed on your device/browser automatically while others are only set when you perform certain actions.

In general, this website sets cookies and/or stores information on your browser in circumstances where I need to identify a specific device and/or store visitor choices/preferences, including certain accessibility settings and privacy choices like your acceptance of this Privacy Policy. The use of cookies also allows me to determine which content to show you (e.g., whether to display or hide banners intended for first-time visitors), and to help ensure that administrative areas of the site are not accessible to unauthorized visitors. Certain other site functions and/or site content may require the use of cookies and/or similar technologies to function properly.

If you visit some portion of the website that contains third-party embedded content (see “Embedded Content” below), that content may also place cookies on your device.

Some of the cookies set by this website or its embedded content providers are “session cookies” that expire (cease to function) when you close your browser. Others are “persistent cookies” that remain on your device and expire after a certain amount of time, such as 30 days or one year. Certain cookies will persist for as long as your browser permits unless you manually delete them.

For more specific information about the cookies the site may use, what purposes they serve, and how long they normally last, see the Cookie Notice page or click the “Access Your Privacy and Cookie Preferences” button below and review the summaries under “Cookie Settings”:

(You can also access this button via the Privacy Tools page.) As noted in the preamble above, the Cookie Notice forms part of this Privacy Policy.

(While the list shown on the above pages describes the specific cookies that are typically used on this website, embedded content providers may sometimes change the cookies they use or add new ones not currently listed, which is outside of my control. Also, certain portions of the website’s administrative dashboard (which is not normally accessible except to logged-in administrative users) might sometimes set additional cookies not included in these lists, especially if I have just added or am testing some new plugin or other site component.)

Please keep in mind that your subsequent actions or choices on this website may set additional cookies or change the duration of the existing ones. For instance, saving your comment information where you hadn’t previously done so will place additional cookies, and changing or updating your privacy preferences (such as accepting changes to this policy) may effectively “reset the clock” on the cookies that store that information. Your individual browser configuration may also affect how long a particular cookie remains on your computer or device; for instance, most browsers can be set to automatically delete cookies each time you close your current browser session, regardless of the cookies’ normal duration.

You are free to block or remove any cookies set by the aaronseverson.com website. However, please note that some site features and/or site content may not function without cookies. For example, you may not be able to hide the notification banners or change certain accessibility settings, and previously saved preferences may be lost. (Again, if you use multiple devices or browsers, deleting or blocking cookies on one browser does not usually affect cookies on the others.)

Third-party websites and/or services (including, without limitation, ones I may use in connection with this website) may also use cookies and/or similar technologies, depending on the nature of the service and who provides it. The use of cookies and/or similar technologies by third-party websites and/or services is subject to the applicable site or service’s privacy policy and/or cookie policy, and in most cases is outside of my control.

Information I Collect Automatically

Certificate Authority Checks

  • Categories of information gathered: IP addresses; user agent information; visitor activity (referring site); geolocation data (estimated from IP addresses and/or inferred from other data)*; special: mobile phone types/models (determined from user agent information)*
  • Purpose(s): Functionality; fulfilling a contractual obligation; legal compliance or audit; security, troubleshooting, quality control, and technical improvement
  • Data retention: Typically less than seven days.

To allow visitors (and me!) to connect to the site securely (via HTTPS rather than HTTP), this website uses domain validation (DV) certificates issued by Let’s Encrypt®, a certificate authority (CA) service of the nonprofit Internet Security Research Group™. These encryption certificates enable your browser to confirm that it has an SSL/TLS (Secure Sockets Layer/Transport Layer Security) connection to the correct website, an important security measure. (For a further explanation, see the Let’s Encrypt How It Works page.)

When you access this website, your web browser may check whether the aaronseverson.com certificate is valid by briefly connecting to the servers of the Let’s Encrypt certificate repository to perform an Online Certificate Status Protocol (OCSP) check (sometimes called an OCSP request or an OCSP query &mdash: these terms are synonymous). This OCSP check provides those servers with your IP address and user agent information; for obvious reasons, it also informs those servers that you have accessed the aaronseverson.com website. Let’s Encrypt may log and use such data for operational, troubleshooting, and security purposes and/or in compiling de-indentified, aggregated statistics, as described in the Let’s Encrypt Privacy Policy. Any further questions about their use and/or retention of public repository log data should be directed to Let’s Encrypt, as it is outside of my control.

Browser Tests

  • Categories of information gathered: User agent information; special: browser technical capabilities and/or settings
  • Purpose(s): Functionality; security, troubleshooting, quality control, and technical improvement
  • Data retention: Your current visit.

Each time you visit this website, the site may perform certain automated tests to determine your web browser’s specific technical capabilities, allowing the website to adjust the presentation and functionality of the site to be more compatible with your browser. (Different browsers, and even different versions of the same browser, may handle certain content in different ways, which can create problems if content is not correctly tailored for that browser.) The results of the tests may be stored in your browser’s local storage for the duration of your visit.

I don’t use this stored information to track or individually identify you, but the site may show you specific messages or other content based on this information, such as displaying a warning notification that your current browser is incompatible with some site features.

Online Tracking

As of January 29, 2012, I have discontinued the use of web analytics tools on this site.

Website Server, Error, and Security Logs

  • Categories of information gathered: IP addresses; user agent information; visitor activity; errors and suspicious activity; geolocation data (estimated from IP addresses and/or inferred from other data); URLs/websites*; special: mobile phone types/models (determined from user agent information)*; special: other technical details*
  • Purpose(s): Functionality; fulfilling a contractual obligation; legal compliance or audit; security, troubleshooting, quality control, and technical improvement
  • Data retention: Varies, but typically no more than about 90 days, except for recent data captured in backups or specific data for which I have some ongoing need.

Like most websites, I and my web host maintain various logs that may collect certain information about each computer or device that (as applicable, but without limitation) accesses the site and/or its content; uses certain site features, such as submitting comments; is redirected from an outdated link to a current one; generates an error (such as attempting to access a nonexistent page or file); or attempts to interact with the site in any unusual or suspicious way (such as trying to access the site’s administrative area or run an unauthorized script). (These examples are a representative sampling, but not an exhaustive list; I may also use or add other logs not specified here, and not all logs are necessarily in use at any given time.) Most such logs also include the date and time each logged event took place. These logs are part of the routine operation of the website and its host and are not in any way connected to or associated with any web analytics service.

Most of the routine website log data I and my web host collect is retained on a rolling basis — that is, we customarily retain only the most recently collected data. Typically, website log data is retained for no more than 30 days (and often only a fraction of that time) before being automatically overwritten by newer data or otherwise deleted. Security audit log data stored by the Sucuri Security plugin (further described in the “Security Scans” section below) is normally retained for about 90 days. Certain website logs that contain only anonymous and/or administrative data (e.g., hit counters) may be retained for longer periods. For example (but without limitation), logs showing the last access dates of certain resources may remain unchanged until that resource is accessed again or I manually delete the logs.

Naturally, I may retain certain specific information from the website’s logs if I still need it for ongoing security, troubleshooting, and/or technical improvement purposes. For example, but without limitation, if the logs indicate that a specific IP address has been used in repeated attempts to attack this website, I may take steps to block that IP address or otherwise impede future malicious activity from it.

Also, some recent log data may be captured in backups created by me and/or my web host, which in some cases may be retained for a year or more.

Certain events may trigger automated email alerts that are sent to me as the site administrator, notifying me of potential threats, errors, or the status of some automated operation. If the event is a potential threat, it may include the IP address of the device involved (which is also recorded in the website logs). Such email alerts may be scanned for spam and/or malware, as explained in the “Security Scans” section below. I may retain these email alerts for as long as I need the information they contain.

Please keep in mind that, because my web host owns the servers on which this website runs, they have full access to the site’s server and server error logs. (My access to those logs is read-only, so I cannot redact or remove any of that log data without the aid of my web host’s technical support staff, and my service agreement prohibits me from tampering with the logs or other normal functions of the DreamHost servers.) In general, DreamHost has access to any data or files on any server they own — except in cases where I have specially encrypted such file(s) or data — subject to the DreamHost Privacy Policy. I may also share additional data with them if I deem it appropriate for security and/or troubleshooting purposes.

Otherwise, I only disclose website log data as described in “Disclosure of Personally Identifying Information” below.

Security Scans

  • Categories of information gathered: IP addresses*; domain names*; user agent information*; visitor activity*; errors and suspicious activity; geolocation data (estimated from IP addresses and/or inferred from other data)*; URLs/websites*; special: visitor mobile phone types/models (determined from user agent information)*; metadata*; special: other technical details relevant for security purposes*
  • Purpose(s): Fulfilling a contractual obligation [see below]; legal compliance or audit; security, troubleshooting, quality control, and technical improvement
  • Data retention: Varies; potentially indefinite.

I and my web host use a variety of security measures to protect this website and its data, including, but not limited to, scanning the site, site-related files, and/or the site database for malware and/or signs of other malicious activity. Some of these scans are purely automated, but in some cases, I may initiate additional manual scans or request that my web host’s technical support staff conduct a more thorough active scan to help me root out a possible security threat or troubleshoot a technical problem.

Among the security measures I use on this website is the Sucuri Security plugin, provided by Media Temple, Inc. d/b/a Sucuri, a subsidiary of Go Daddy Operating Company (Sucuri), which includes activity monitoring, notifications, security auditing tools, and a remote scanning feature that can detect security vulnerabilities and some forms of malware by scanning the files and public areas of the website. (A complete list of the features of the plugin can be found in the “WordPress plugin & API Key” section of the Sucuri Security Terms of Service.) Data gathered through this plugin and/or the scanning service — which may sometimes include personal information such as (without limitation) IP addresses that perform certain suspicious actions and/or information in comments or other published content — may be processed and/or stored by Sucuri as well as me and/or my web host and is subject to the Sucuri Security Privacy Policy and the Data Processing Addendum to their Terms of Service. As explained in the Sucuri Privacy Policy, Sucuri complies with the EU-U.S. Privacy Shield framework, as does Cloudflare®, which serves certain plugin components.

I also use a variety of other anti-malware tools and security measures to protect my device(s), software, and data. A representative sampling of the providers of these tools and security measures is included among the examples of third-party service providers listed under “Disclosure of Personally Identifying Information” below. (Since the specific tools, devices, and security measures I use may change over time, this is not an exhaustive list.)

In addition, my web host also hosts the email servers for many of my email addresses and may scan incoming, outgoing, and/or stored messages for suspected spam and/or malware. My Internet service provider(s), mobile carrier(s), and/or other applicable service provider(s) (e.g., the various Google services I use, such as (without limitation) the Google Voice communications service, a Voice over Internet Protocol service provided by Google Voice, Inc., a subsidiary of Google LLC; Google Voice is a trademark of Google LLC) may also use their own security tools to scan for different types of suspicious activity involving my account(s) and/or connections. (For example, but without limitation, my mobile carrier sometimes flags certain incoming voice calls and/or text messages with warnings such as “scam likely.”)

By their nature, some anti-malware scanners and other security tools routinely access almost any file or data on the systems or devices they protect. Since modern security tools sometimes incorporate web- or cloud-based scanning features, and/or may transmit samples of suspicious files or code to such services for analysis, this means a certain amount of personal information (e.g., names, contact information, and/or other personal details contained in scanned email messages or electronic documents) could be disclosed to the scanning service and/or other third parties in the course of a scan or security analysis. The likelihood and possible extent of such disclosure is difficult to predict or quantify, but it cannot be completely avoided without greatly compromising the security of my system, devices, and data. Furthermore, tampering with the normal operation of such services or tools is typically a violation of their terms of use/terms of service (or, in the case of tools operated by my web host, the terms of my service agreement).

(Naturally, malware scanning services and other security tools may also provide me with additional security-related information, such as “signatures” of known malware types. Much of this information is of a technical nature and is not personally identifying, but it may sometimes include certain personal information; see the “Information I Receive from Third Parties for Security Purposes” section below.)

Some of the security measures I use to protect my device(s) from loss or theft may collect additional personal information under certain circumstances. For example (but without limitation), anti-theft/loss-protection features I use for my smartphone(s) might automatically photograph anyone attempting unsuccessfully to unlock the device, and/or remotely track the device’s location to help me find or recover the device in the event of loss or theft. Many (though not necessarily all) of the anti-theft/loss-protection features I currently use for my smartphone(s) are provided by Bitdefender® (whose apps and services are subject to the Privacy Policy for Bitdefender Home Solutions) and/or Google (whose products and services are subject to the Google Privacy Policy). These are representative examples, but not an exhaustive list. As noted above, the tools, devices, and security measures I use may change over time, so I may also use and/or add other security measures from different providers, and/or that have other features not specified here.

My retention of data related to security scans and/or other security measures varies depending the tools involved, whether they are operated by me or a third party, and the context. As noted in the “Website Server, Error, and Security Logs” section above, log data stored by Sucuri is normally retained for about 90 days while most other website security log data is typically retained for 30 days or less. Security data for my devices (e.g., malware scan results, system error logs, logs of traffic blocked by a firewall) may in some cases be retained for at least as long as I own that device and/or use the applicable security tool(s). I also typically retain indefinitely any correspondence regarding specific security threats or problems. The retention and use of security-related data by my web host, Internet service provider(s), mobile carrier(s), and/or other third-party service providers varies, and is generally outside of my control.

I may share information from security scans and/or other security measures with third parties, and/or post such information publicly, if I need additional technical assistance, consider such disclosure appropriate for my security and/or the security of others (e.g., to notify DreamHost technical support if I identify malware that might threaten the integrity of their web or email servers), and/or as otherwise described in “Disclosure of Personally Identifying Information” below.

Embedded Content

  • Categories of information gathered: IP addresses; user agent information; visitor activity; geolocation data (estimated from IP addresses and/or inferred from other data); special: login status for certain other websites/services (determined based on cookies)*, the presence of other cookies*, mobile phone types/models (determined from user agent information)*, and/or other browser settings/configuration details/add-ons*
  • Purpose(s): Functionality; providing a service; fulfilling a contractual obligation [see below]; research and publishing; security, troubleshooting, quality control, and technical improvement
  • Data retention: Varies depending on the specific content provider; I do not have access to most such data and so its retention is normally beyond my control.

As explained in the “Definitions” section above, embedded content is content hosted on and served by some server or service other than my web host. If you access a portion of this website that contains embedded content, the embedded content provider can collect information about you.

At a minimum, the information gathered by embedded content providers typically includes your IP address, your user agent information, and the website from which you accessed the embedded content. In some cases, embedded content providers can also detect certain other information, such as (without limitation) the presence of other cookies (such as the ones placed on your device when you log into a specific third-party website or online service); your browser’s settings; and/or whether your browser is using certain add-ons such as ad blockers. Such information is collected and processed by the applicable embedded content provider, not by me, and is subject to the provider’s terms of service/terms of use and privacy policy, which are outside of my control.

Some embedded content providers may also use cookies and/or similar technologies to track and/or identify you, and/or store information on your device that could be used for those purposes. For example (but again without limitation), an embedded video player might place cookies on your device; if you watch the video, portions of the content may also be stored (cached) in your browser to reduce playback interruptions, and certain associated information (e.g., your playback settings and/or how much of the video you’ve watch so far) may be saved in your browser’s local storage and/or plugins. Cookies and/or other information stored on your device in such ways are not necessarily personally identifying (and often have straightforward functional purposes), but some may be used to track you and/or to help identify you. For this reason, they could be considered potentially identifying information.

Since embedded content on this website is served through secure (HTTPS) connections, your browser may also contact the embedded content provider’s certificate authority to check the validity of their encryption certificate. (The “Certificate Authority Checks” section above describes how these certificate checks work, although embedded content providers may use different certificate authorities than the one used by this website.)

In some cases, you may be able to hide or disable certain types of embedded content on this website (for example, by using options I may provide through the Privacy Tools, or through your web browser or browser add-ons). Disabling embedded content may prevent that content from functioning, but will generally also prevent it from gathering information about you, at least as long as the content remains disabled. Please note that this does not remove any data the embedded content previously gathered about you or any cookies or potentially identifying information it may have placed on your device. If you re-enable the embedded content, or if you visit the website from a different device or browser on which that content is not disabled, the embedded content provider may again be able to gather information about you.

Special Note: The reason I include “fulfilling a contractual obligation” among the possible purposes listed above is that the terms of service or terms of use for most embedded content providers typically prohibit me from modifying their embedded content or interfering with the normal function of their servers, which prevents me from (for example, but without limitation) removing tracking features or attempting to block or “spoof” information their servers would otherwise collect.

Third-party embedded content on the aaronseverson.com website may include, but is not necessarily limited to:

  • Fonts from the Google Fonts API and/or scripts from the Google Hosted Libraries API(s), which are sets of resources hosted on and served by content distribution networks (i.e., remote servers and data centers) operated by Google and/or its subprocessors, which may be located in the United States or elsewhere. The Google Fonts service does not place cookies on your device, but may record certain information about your device, including your IP address and user agent information, when you visit a page that uses one or more of those fonts. The service may also store (cache) certain information, such as font data and stylesheet requests, in your browser’s local storage for faster loading. For more information, visit the privacy section of the Google Fonts FAQ. The Google Hosted Libraries service may use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device in addition to logging certain information such as (without limitation) your IP address and user agent information. For more information, see the “What does using the Google Hosted Libraries mean for the privacy of my users?” section of the Google Hosted Libraries Terms of Service. For both of these services (and other Google services I may periodically offer, such as embedded maps served by the Google Maps mapping service, which may gather and/or place information in similar ways; Google Maps is a trademark of Google LLC), you can also review the “How Google Uses Information from Sites or Apps That Use My Services” section of the Google Privacy Policy to learn more about what information Google collects and how they use it. Click here for a complete list of Google’s third-party data subprocessors and their respective locations. (Google is a registered trademark of Google LLC.)
  • Fonts, styles, scripts, and/or icons served by BootstrapCDN, a service of StackPath (formerly MaxCDN) in the United States. Each time you access a portion of the site that includes such elements, BootstrapCDN records certain information about your computer or device, including your IP address and user agent information. BootstrapCDN may use the data they collect for security, troubleshooting, and/or service improvement purposes. In some cases, the service may use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device. For more information, see the BootstrapCDN Privacy Policy, their Cookie Policy, and StackPath’s GDPR page.
  • Certain scripts and/or other content served by the content distribution network Cloudflare®, which may collect visitors’ IP addresses, user agent information, and security-related data. In some cases, the service may use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device. See their GDPR page and the Cloudflare Privacy Policy to learn more about how they use the information they collect.
  • Certain icons (whether on the administrative dashboard, the public-facing portions of the site, or both) served by the Font Awesome content delivery networks, which record your IP address and user agent information as well as which specific icons your browser accesses or downloads. In some cases, the service may use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device. Font Awesome may use the data they collect for service optimization, troubleshooting, and security purposes; to compile usage statistics; and in some cases to calculate fees for users of their paid accounts (which I am not), as described in their Privacy Policy.
  • The payment or donation buttons that some plugins place on the administrative dashboard (not normally accessible to site visitors) incorporate content served by PayPal® that may be used to collect and track data about users who access any portion of the site containing that button. It may also use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device. For more information on what data PayPal collects and what they do with it, visit their Legal Agreements page to review the PayPal Privacy Policy and Statements on Cookies and Tracking Technologies that apply in your location. (Please note that the terms may different depending on where you are.) See the “Financial Transactions Policy” section below to learn more about what information I may collect in connection with PayPal transactions with me that pertain directly to this website.
  • Videos (whether posted, shared, and/or otherwise displayed by me and/or displayed by certain plugins on portions of the administrative dashboard, which is not normally visible or accessible to site visitors) hosted by YouTube, which is now owned by Google (YouTube is a trademark of Google LLC). The embedded video player may use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device as well as recording your IP address, user agent information, and sometimes other information (such as, without limitation, whether you are currently logged into a Google account). The video player may also show you ads, and may use cookies and/or local storage information on your device and/or any information the embedded player gathers about you (e.g., your location) for that purpose. Visit the “How Google Uses Information from Sites or Apps That Use My Services” section of the Google Privacy Policy to learn more about what information Google collects and how they use it. Google’s “Businesses and Data” pages also include additional information about what data they may share with YouTube content creators/publishers.
  • Videos (whether posted, shared, and/or otherwise displayed by me and/or displayed by certain plugins on portions of the administrative dashboard, which is not normally visible or accessible to site visitors) hosted by Vimeo. The embedded video player may use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device as well as recording your IP address, user agent information, and sometimes other information (such as, without limitation, whether you are currently logged into a Vimeo account). The video player may also show you ads, and may use cookies and/or local storage information on your device and/or any information the embedded player gathers about you (e.g., your location) for that purpose. Visit the Vimeo Privacy Policy to learn more about what information Vimeo collects and how they use it.
  • Embedded Tweets and/or other content I may post, share, and/or otherwise display from Twitter. Embedded Twitter content may use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device as well as recording your IP address, user agent information, and in some cases other information (such as, without limitation, whether you are a logged-in Twitter user). See the Twitter Privacy Policy and Twitter’s “Our use of cookies and similar technologies” page to learn more about what information they may collect and how they use it.
  • Certain back-end (i.e., administrative dashboard) features (which are not normally visible or accessible to site visitors other than logged-in administrative users) served by the SEO firm Yoast BV, which provides one or more plugins I may use on the site. It appears that the Yoast-served content may collect the IP addresses and user agent information of logged-in users who access the site’s administrative dashboard; I are uncertain to what extent (if any) that content may also use cookies and/or similar technologies to track and/or identify administrative users and/or store potentially identifying information on their devices. My efforts to obtain more details from the developers proved unsuccessful and I finally disabled the applicable component entirely. See the Yoast Privacy Policy and their “Yoast and your privacy (GDPR)” page to learn more about how Yoast may use any information they collect. Some versions of the Yoast SEO plugin have incorporated search tools provided by Algolia to allow administrative users to search the Yoast knowledge base; the Yoast development team says this search functionality does not gather or transmit users’ personal information. Recent versions of the Yoast SEO plugin also incorporate optional functionality provided by Ryte GmbH, some of which may be served remotely. My efforts to determine what personal information (if any) the Ryte features may collect about administrative users were also fruitless, although any data that service did collect would be subject to the Ryte GmbH Privacy Policy.
  • Blog feeds placed by certain plugins on portions of the administrative dashboard (which is not normally visible or accessible to site visitors) served by FeedBurner, an RSS (Really Simple Syndication) service now owned by Google. Please review the “How Google Uses Information from Sites or Apps That Use Our Services” section of the Google Privacy Policy to learn more about what information Google collects and how they use it. Please note that accessing areas of the dashboard containing these blog feeds may also use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device. These cookies and/or other technologies are used primarily for bookmarking purposes, allowing you to return to the same point in the feed where you previous left off. Again, these feeds are normally only visible (and thus can only collect information about) administrative users, not site visitors who aren’t logged into the administrative dashboard.
  • Administrative dashboard menus that may load icons or other images from Gravatar via secure.gravatar.com. Although I have disabled support for user avatars, some administrative dashboard menus may use them, and the loading of those images may allow Gravatar to record a user’s IP address, user agent information, and in some cases their hashed email address, which the Gravatar service uses to check for a current Gravatar or WordPress.com account. The service may also use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device. (I believe I have limited the Gravatar service to backend administrative pages not normally accessible to site visitors and I am endeavoring to remove it there as well.) Gravatar — like WordPress.com, with which it’s now apparently being integrated — is a service of Automattic Inc. and is subject to their Privacy Policy and the same Terms of Service as WordPress.com.
  • Some components of the Sucuri Security plugin described in the “Security Scans” section above are served remotely (and/or involve communication with a remote server) and thus qualify as embedded content. In the course of monitoring the site for possible malicious activity, this security plugin may log and transmit to Sucuri certain personal information about visitors and/or logged-in administrative users who perform certain actions (e.g., adding or editing a post, updating or installing a plugin). Such information may include, but is not necessarily limited to, those users’ IP addresses, the specific actions they performed, and the times and dates of those actions. Embedded content incorporated into the plugin’s dashboard controls may also record the IP addresses and user agent information of administrative users who access the plugin controls, and/or may use cookies and/or similar technologies to track and/or identify such users and/or store potentially identifying information on their devices. As noted in the above section, the plugin and its associated services are provided by Media Temple, Inc. d/b/a Sucuri, a subsidiary of Go Daddy Operating Company (Sucuri), and are subject to the Sucuri Security Privacy Policy and the Data Processing Addendum to their Terms of Service. As explained in the Sucuri Privacy Policy, Sucuri complies with the EU-U.S. Privacy Shield framework, as does Cloudflare, which serves certain plugin components.
  • Portions of the administrative dashboard (which is not normally accessible to site visitors) that periodically communicate with WordPress.org and/or other domains owned by WordPress, such as (without limitation) s.w.org, ps.w.org, and ts.w.org, to check for updates, announcements, warnings, or other WordPress-related messages; to install, remove, or update plugins, themes, or other add-ons available through WordPress.org; and/or to serve certain images, scripts, and other elements on the administrative back-end. While this communication primarily involves WordPress-specific information (such as the current version numbers of the WordPress installation and any installed plugins and themes), in some cases, WordPress.org may collect the IP addresses and user agent information of users who access the site’s administrative dashboard. Some WordPress.org content may also use cookies and/or similar technologies to track and/or identify you and/or store potentially identifying information on your device. For more information on how WordPress.org uses the information they gather, please consult the WordPress Privacy Policy. (Again, this data collection normally only affects me as the administrator, not my visitors.)

Not all of the above embedded content is necessarily used on the site at any given time, and from time to time, I may post embedded content hosted and served by other third-party websites or services not listed above — for example (but without limitation), an embedded player showing an externally hosted video or audio file, or an embedded map provided by some external mapping service. To learn more about what user information such third-party websites collect and how they use it, click the links on the applicable player or display window to go to that hosting site and review their privacy policy and associated terms and conditions.

Please note that the types of information embedded content providers may collect (and/or may place on your device) and the technologies they may use to identify and/or track users are constantly evolving in ways that are outside my control (and sometimes outside my technical understanding). This means that my embedded content providers may also use and/or add other information-gathering and/or tracking technologies to their embedded content beyond what I can reasonably hope to specify in this section.

I do not have access to the data embedded content providers gather about my visitors/users, nor do I usually have any control over those providers’ use and/or retention of that data. Some embedded content providers may use the information they collect about you through your access to or interaction with that content for a variety of commercial purposes, such as showing you advertising or providing information about your online habits to the provider’s clients and customers. The only way I could completely avoid the possibility of such commercial use would be to cease using or offering embedded content and the functionality it provides.

Advertising

Advertisements (including sponsored links), if any that appear on the publicly visible/publicly accessible portions of this website are served by me — that is, the advertisement content is hosted on my website server along with the other site content rather than being served by some external provider. I do not permit my advertisers to use scripts, cookies, web beacons, or other such technologies to collect information about you through the publicly visible/publicly accessible portions of the site. (Advertisements, banners, or donation boxes on the site’s administrative dashboard may sometimes collect personal information, but since the dashboard is only accessible to logged-in administrative users, such information-gathering and disclosure normally only involves my information, not that of other site visitors.) However, if you click on advertising links or otherwise patronize my advertisers’ businesses, they may gather information about you as described in their respective privacy policies (and may be able to tell that you came from this website), which is outside of my control.

The developers of some of the plugins, themes, and/or other components I use on this website may sometimes display advertisements, donation boxes, or other commercial messages on portions of the site’s administrative dashboard, which is not normally visible or accessible to visitors other than logged-in administrative users. For example, the settings menu for a particular plugin might display an advertisement for a premium version of that plugin or for the developer’s other products or services. Such dashboard advertisements may set cookies and/or incorporate embedded content and/or other information-gathering mechanisms, which may gather information about administrative users who access that content (such as their IP address, user agent information, and/or browser settings/configurations/addons) in the manner described in the “Embedded Content” section above. The collection, use, and retention of such data is controlled by the applicable developers and/or their respective service providers and is typically outside of my control. Because these advertisements are usually not publicly visible or accessible, this information-gathering normally affects only site administrators — meaning me — NOT other site visitors.

Information You Provide to Us

Through your use of this website, you may provide me with personal information in a number of different ways, described in the sections below.

For obvious reasons, I cannot provide certain services or functionality if you don’t provide me with at least a certain amount of accurate information — for example, I can’t respond to your inquiries if I don’t have a valid email address or other contact information for you. I typically also need your legal name and certain other personal information for financial transactions (see the “Financial Transactions Policy” section below) and for communications pertaining to financial or legal matters (e.g., copyright inquiries).

Otherwise, you’re under no obligation to share personal information with me beyond what the site collects automatically.

Consents and Agreements

  • Categories of information gathered: IP addresses*; user agent information*; visitor activity; names*; email addresses*; geolocation data (estimated from IP addresses and/or inferred from other data)*; special: mobile phone types/models (determined from user agent information)*
  • Purpose(s): Fulfilling a contractual obligation; legal compliance or audit; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships
  • Data retention: Typically indefinite.

When you click “Accept” on the privacy banner(s) and/or use certain site functions, the website may automatically log your acceptance of this Privacy Policy and/or, where applicable, other applicable legal terms, such as the
Terms of Use and/or your consent to my gathering certain other types of personal information. Some consent-related information may also be saved in cookies placed on your computer or device (see the “Cookies and Similar Technologies” section above). Certain site functions or content may not be available unless you indicate your consent to the Privacy Policy and/or other terms.

Some consents are stored only in cookies and are not associated with your name or other personal information. Other consents may be logged in the database in conjunction with other information I have gathered or that you submit to me (such as a comment). Where I compile logs of user consents and/or privacy choices, those logs are usually maintained indefinitely unless a user requests removal of their data (after which I may retain some related records for audit and compliance purposes). However, I may periodically delete stored consents and privacy choices if they appear to have come from bots rather than human users, or, in some cases, if the consents were logged in conjunction with some plugin, service, or tool I no longer use (in which case the consent log may no longer be usable).

I may disclose saved consent data in connection with a related dispute or legal action, and/or as otherwise described in “Disclosure of Personally Identifying Information” below.

Age Verification

  • Categories of information gathered: Other personal information (birth dates/ages)
  • Purpose(s): Functionality; providing a service; legal compliance or audit; security, troubleshooting, quality control, and technical improvement
  • Data retention: None, although age verification cookies (which do not contain your birth date or age, just whether or not you’ve passed the verification test) may remain on your device for up to 14 days.

Before you access certain content on this website, you may be asked to enter your birth date to verify that you are at least 18 years old. The birth date you enter is used only to calculate your age, perform a single logical test (are you at least 18, yes or no), and then place a cookie (see the “Cookies and Similar Technologies” section above) on your computer or device that indicates whether or not you have passed this age verification test. If you fail the verification test, the website may place a cookie on your computer or device to prevent you from trying again to access any age-restricted content.

Each time you access age-restricted content on this site, the website will check for these cookies. If you delete the age verification cookies or if they expire, you may be prompted to enter your birth date again.

The website does not retain either the birth date you enter or the age the verification system calculates, and I do not use that information for any other purpose. (If you access or somehow indicate to me that you’ve accessed age-restricted content on this site — for example, if you leave a comment on an age-restricted post — I will reasonably assume that you are over 18, but the age verification system itself does not store or tell me your actual age or date of birth.)

If you have questions about the age verification system, please contact me via one of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below.

Comments

  • Categories of information gathered: IP addresses; user agent information; visitor activity; names; email addresses; email header information*; other contact information (e.g., phone numbers, postal mailing addresses, and/or other street addresses)*; images and/or other media (including metadata)*; other documents/materials (including metadata)*; geolocation data*; URLs/websites*; other personal information*; special: mobile phone types/models (determined from user agent information)*
  • Purpose(s): Functionality; providing a service; legal compliance or audit; research and publishing; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships; advertising and other commercial purposes
  • Data retention: Typically indefinite, although I promptly delete spam/abuse, comments the submitter asks me to delete, and/or comments on or in reply to a comment or other content that has been deleted. IP address and user agent information of published comments may be redacted after publication.

Note: Although the comment function includes a box for your name, you are perfectly free to comment me using only a pseudonym. However, without a valid email address, I won’t be able to contact you with any questions about your comment and I may not be able to associate that comment with any other personal information about you (so, for example, it won’t be included if you use the data retrieval tools on the Privacy Tools page).

Comments you submit are usually moderated, meaning they are not published until I approve them. Any comment you submit may also be subjected to certain automated tests for security purposes. For example (but without limitation), if your IP address was previously used to spam this website; if your IP address and/or user agent appear on ban lists/blacklists I have obtained; if your comment contains hyperlinks, common spam keywords (such as the trade names of certain well-known prescription pharmaceuticals), or suspicious code; or if you posted the comment using an automated script rather than the normal comment form, your comment may be flagged as spam or automatically deleted. Also, if your comment contains HTML/PHP code (including hyperlinks), emojis, and/or special characters, they may be removed (“stripped”) prior to publication.

Each time a comment is submitted, the website automatically forwards that comment to me as an email notification so that I can review the comment and decide whether or not to approve and publish it. (As noted in “Security Scans” above, this means that any information in your comment may be scanned for spam and/or malware by me and/or my web host, Internet service provider(s), mobile carrier(s), and/or other applicable service provider(s).)

By submitting a comment, I will assume that you are expressly authorizing me to publish and use the contents of that comment (including any images, other media files, and/or links the comment may contain) Comment Policy section of the Terms of Use. If your comment is approved and published, any information you entered in the “Name” and “Comment” fields (and/or the “Website” field, if I have enabled it) will become publicly visible. The email address you entered in the “Email” field will not be published, nor will your IP address, although any contact information you may have included in the “Comment” field will be, as will any images and/or other media files you include and the metadata of those files. (See the “Data in Submitted Images” section below.) If the site’s “Recent Comments” widgets are enabled, your name/pseudonym and a link to your comment may also be visible on the home page and other areas of the website as well as the specific article you commented on; the contents of published comments may also appear in search results of the website’s search function. If I have enabled the option that allows visitors to request email notifications of replies or follow-up comments, copies of your published comment may also be emailed to visitors who have requested such notifications. Once your comment is published, I cannot control and take no responsibility for what third parties may do with any publicly visible personal information that comment contains!

As noted in “Cookies and Similar Technologies” above, when you submit a comment, you may have the option to save your name, email, and URL for use in future comments. Doing so places a set of cookies on your device to store that information; these cookies are browser-specific (that is, they work only in the web browser in which you set them) and normally remain on your device for a little less than one year unless otherwise deleted. These cookies are not placed at all unless you click the appropriate box when submitting a comment and you are free to delete them at any time through your web browser.

When you submit a comment, you may also have the option to request email notifications each time a reply and/or follow-up comment is posted. If you have previously requested such notifications and wish to stop receiving them, please contact me via email (to admin (at) aaronseverson (dot) com) or by leaving a comment elsewhere on the site asking me to disable the notifications or remove that comment.

If you submit a valid email address with your comment, I may email you at that address prior to or instead of publishing the comment, particularly if I have questions or need to clarify some aspect of your comment. For example (but without limitation), if you have submitted two very similar comments, I might email you to ask which one you prefer me to publish, and if your comment contains what appears to be particularly sensitive information, I typically try to double-check that you wish to publish that information before approving it.

From time to time, I may gather additional personal information about you in connection with your submitted comment(s). For example (but without limitation), I might look up your name in a search engine to better understand who you are and the context of your comment.

Although the website automatically collects the IP address and user agent information of anyone who submits a comment (information I need for security and troubleshooting purposes and to distinguish human users from automated “bots”), I typically redact that information after a comment is published. I retain the email address along with the comment in case I need to contact the person who submitted it with any questions or issues related to the comment; email addresses are also my primary means of associating comments with the people who submitted them in the event I receive a request to retrieve, delete, or amend personal information.

If you would like to edit or remove any of your published comments, please let me know by leaving another comment or emailing me at admin (at) aaronseverson (dot) com, specifying the comment(s) in question and explaining what you want me to do. (I may ask you to clarify or confirm your request before making the change or deletion, especially if I’m not sure exactly what you want me to do or if I need to take additional steps to verify your identity.)

The deletion of a comment (whether at your request or at my discretion) typically also deletes its associated information, although I may retain that information if I still need it for some specific purpose (e.g., for security or troubleshooting, for legal reasons, or because it contains information pertaining to my content or research), and copies of the comment and its associated information may remain for a time in backups or archives created by me and/or my web host. Keep in mind that even if a previously published comment is deleted, any publicly visible information in that comment (and/or any image(s) or other media it may have included) may have been accessed and/or used by third parties prior to its removal, which is beyond my control.

Obviously, if you’ve left multiple comments and/or communicated with me in other ways, I may still retain your email address and/or other information in connection with your other comments/messages even if certain of your individual comments are deleted.

I may disclose non-public information related to user comments as described in “Disclosure of Personally Identifying Information” below.

Contact Forms

  • Categories of information gathered: IP addresses; user agent information; visitor activity; names; email addresses; email header information*; other contact information (e.g., phone numbers, postal mailing addresses, and/or other street addresses)*; images and/or other media (including metadata)*; other documents/materials (including metadata)*; geolocation data*; URLs/websites*; other personal information*; special: details of legal agreements (where applicable)* and/or mobile phone types/models (determined from user agent information)*
  • Purpose(s): Functionality; providing a service; completing a transaction; fulfilling a contractual obligation; legal compliance or audit; research and publishing; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships; advertising and other commercial purposes
  • Data retention: Typically indefinite, although I promptly delete obvious spam/abuse, duplicates, blank or unreadable submissions, and/or any submission containing suspicious code and/or suspicious links. Form submission data I retain is normally removed from the website server(s) to local and/or offline storage after receipt (although in some cases it may be captured in routine database backup files created by me and/or my web host, which may remain on the server(s) for longer periods) and I may sometimes redact certain portions that I no longer need. Information from California Privacy Request Form submissions must be retained for at least 24 months for compliance purposes. See also the “Additional Information About Data Retention” section below.

This section applies to California Privacy Request Forms submitted through the Do Not Sell My Personal Information page, and/or any other contact or feedback forms I may add or offer on the aaronseverson.com website.

This website may perform certain automated tests on form submissions in order to filter out submissions made by automated bots and discourage spam and other malicious activity. For example (but without limitation), if your IP address was previously used to spam this website; if your IP address and/or user agent appear on ban lists/blacklists supplied by my security and/or anti-spam plugins; if your submission contains hyperlinks, common spam keywords (such as the trade names of certain well-known prescription pharmaceuticals), or suspicious code; if you submit the form using an automated script; if you incorrectly answer a captcha or math challenge; and/or if you fill in certain “honeypot” fields not intended to be completed by human users, your submission may be flagged as spam or automatically deleted. If your form submission contains HTML/PHP code, emojis, and/or special characters, they may be removed. This automatic filtering is in addition to human moderation of form submissions; I routinely delete submissions that appear to be spam or contain suspicious code.

Because the website forwards new form submissions to me as email notifications, your submitted information may also be scanned for spam and/or malware, as described in the “Security Scans” section above.

When I receive your submission, I may gather additional personal information about you to verify your identity and/or help me better understand the context of your inquiry. For example (but without limitation), if you send me a message containing a business offer or advertising inquiry, I might look up your company name and/or visit your website to learn more about the nature of your business.

If I reply to your submission, I will normally do so via the email address you submitted unless you indicate that you wish me to respond in some other way.

If you use the California Privacy Request Form on the Do Not Sell My Personal Information page to submit a request to exercise your privacy rights under the California Consumer Privacy Act (CCPA) (see “California Privacy and Data Protection Rights” below for more information about this law), or if you submit a CCPA request on behalf of someone else for whom you are acting as an authorized agent, I will contact you to discuss the next steps involved in processing your request, which may require me to verify your identity.

For contact or feedback form submissions OTHER than California Privacy Request Forms, I may publish your message or portions of it under the following circumstances:

  • If your inquiry includes corrections, clarifications, and/or suggestions pertaining to my content, I may amend and/or update the applicable content to incorporate and/or reflect the factual substance of your corrections, clarifications, and/or suggestions (e.g., to correct or clarify factual or typographical errors you identified).
  • If you ask a general question or report some functional or technical issue with the site, I may (unless you ask me not to) publish excerpts of your question or report on the aaronseverson.com website to respond to your inquiry and/or support other users with similar concerns. I will redact any information that appears to be personally identifying other than your name or pseudonym. If I have published your inquiry in this manner and you wish me to amend or further redact it (for example, to remove your name and substitute a pseudonym), I will make all reasonable efforts to accommodate your request provided that it does not infringe upon the rights of others or attempt to impersonate some other individual or organization.
  • In the event your message identifies a technical problem that I am unable to fix, I may publish or otherwise communicate the substance of your reported issue (but NOT your name or other personal information) on this website in other public forums (e.g., the WordPress support forums), and/or to other third parties to help me determine how to address or repair the problem you identified.
  • If you ask me to publish some portion of your message, I may do so as I deem appropriate.

I may share information related to CCPA requests to the extent required and/or otherwise permitted by applicable law/regulations for administrative and/or compliance purposes; to respond to subpoenas or other court orders; and/or to publish de-identified and/or aggregated information about requests I receive, as described in “Reports and Aggregated Statistics” below.

Otherwise, I may disclose information I receive through and/or in connection with form submissions as described in “Disclosure of Personally Identifying Information” below.

Other Inquiries, Messages, and Support Requests

  • Categories of information gathered: IP addresses*; user agent information*; visitor activity*; names; email addresses*; email header information*; other contact information (e.g., phone numbers, postal mailing addresses, and/or other street addresses)*; images and/or other media (including metadata)*; other documents/materials (including metadata)*; geolocation data*; URLs/websites*; other personal information*; special: information on or information on or provided by third-party services (as applicable)* and/or mobile phone types/models (determined from user agent information)*
  • Purpose(s): Functionality; providing a service; completing a transaction; fulfilling a contractual obligation; legal compliance or audit; research and publishing; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships; advertising and other commercial purposes
  • Data retention: Varies, but potentially indefinite; see “Additional Information About Data Retention” below.

This section refers to messages or communications I receive about or in connection with this website OTHER than through comments or Contact Forms (such as, without limitation, support requests sent via email, site-related inquiries sent via postal mail, and/or site-related calls to my Google Voice number).

Special Note: In general, you’re perfectly free to contact me using a pseudonym unless your message is a privacy request or pertains to a specific legal or financial matter. Obviously, some modes of communication are better suited than others for anonymity.

The types of personal information I collect in connection with such messages can vary significantly depending on the specific mode of communication. For example (but without limitation), a text message is unlikely to include your IP address or user agent information, but will almost certainly reveal your phone number, and a voice mail message will obviously record your voice (which with Google Voice messages may be automatically transcribed). Email messages typically include a variety of potentially identifying metadata in the email headers and any file attachments, such as images (see “Data in Submitted Images” below). If you contact me via a third-party website or service such as social media, the message will likely include your account name, profile picture, and potentially information in your public profile or that you otherwise make visible to me; the messages themselves might also be publicly visible.

As noted in the “Comments” section above, when you contact me, I may sometimes gather additional information about you to help me better understand who you are and the context of your message. For example (but without limitation), if I receive a telephone call from an unfamiliar number, I might look up the number in a search engine or reverse telephone directory, and if you email me a business proposition, I might visit your website to learn more about your business before replying.

If I reply to your message, I will normally do so via the same means you used to contact me unless you indicate that you wish me to respond in some other way. In some cases (such as if I receive messages related to one of my other websites through the admin address for this one, or if you send me site-related email through one of my personal accounts or addresses), I may, if possible, forward the message to an appropriate administrative account or address and respond from there instead.

Keep in mind that messages exchanged via a third-party site or service are subject to the terms of service/terms of use and privacy policy of the applicable service, which are outside of my control. This includes (without limitation) calls and/or texts made or received using the Google Voice communications service and/or any messages sent or received via my personal accounts on the Gmail mail service and/or Yahoo! Mail. Although I now strive to limit my use of third-party webmail accounts for site-related business, some messages related to this website (such as, without limitation, notifications, call and/or voice mail transcripts, texts, and/or other messages made or received via my Google Voice number, and/or notifications or other messages pertaining to other Google and/or Yahoo! services I may use) may occasionally be sent/received via and/or remain archived in those accounts, which are subject to those services’ respective privacy policies. (Gmail is a trademark of Google LLC; Google Voice is a service provided by Google Voice, Inc., a subsidiary of Google LLC; both are subject to the Google Privacy Policy, and the use of Google Voice is also subject to the Google Voice Privacy Disclosure. Yahoo! and Yahoo! Mail are trademarks of Yahoo! Inc., which is now part of Verizon Media®; their services are subject to the Verizon Media Privacy Policy. I initiated the closure of my Yahoo! account on November 11, 2019, although I retain my personal Gmail accounts.)

As explained in the “Security Scans” section above, messages I send or receive via email or text may be scanned for spam and/or malware by me and/or (as applicable) my web host, Internet service provider(s), mobile carrier(s), and/or other applicable service provider(s). This may include messages I receive through a third-party website or service if I have message notifications forwarded to me via email or text message. (With some services, notifications include only the fact that a new message was received from a particular sender; other services include some or all of the message in the notification.)

If you communicate with me by some means or medium that is shared by (and thus accessible to) multiple users, and/or that is publicly accessible — for example (but without limitation), via an email discussion group or group chat, on social media, and/or by transmitting electronic files via shared FTP folder(s) — those communications and any personal information they contain may be visible or otherwise accessible to anyone with access to the shared medium. I cannot control and take no responsibility for what third parties may do with any personal information in shared and/or publicly accessible communications, so you should exercise caution when sharing sensitive information in such ways.

I may publish your messages or other communications, or portions thereof, under the same circumstances as those described in the examples listed in the “Contact Forms” section above. Otherwise, I may disclose personal information I receive through and/or in connection with inquiries, messages, and support requests as described in “Disclosure of Personally Identifying Information” below.

See the “Additional Information About Data Retention” section below to learn more about my typical data retention practices. The data retention and data use policies of any third-party websites or services you may use to contact me are generally outside of my control.

Other Information You Provide to Me

In certain cases, you may provide me with personal information through and/or pertaining to this website in ways not specifically mentioned above. For example (but without limitation), if you send me an inquiry about this Privacy Policy via postal mail, it will likely include your mailing address as well as any information in your inquiry itself; if for some reason you visit my home and connect your mobile device to my personal wireless network (which is not available to the general public), my wireless router may log certain information about your device and/or its Internet connections. Any images and/or other media you provide to me may contain a variety of personal information; see “Data in Submitted Images” below. (These are just a few of the many possibilities.)

My use and retention of personal information you provide to me in such ways will depend on the nature of the information and the context in which I received it, although in general, I only disclose such information as described in “Disclosure of Personally Identifying Information” below. See the “Additional Information About Data Retention” section below to learn more about my typical data retention practices.

Data in Submitted Images

  • Categories of information gathered: Names*; email addresses*; other contact information*; images and/or other media (including metadata); other documents/materials (including metadata)*; geolocation data (provided by the creator/rights holder/repository, determined from metadata, and/or inferred from other data)*; URLs/websites*; other personal information*; special: camera and/or mobile phone types/models (determined from metadata or inferred from other data) and/or potentially personally identifying information such as (without limitation) license plate and/or vehicle identification numbers*
  • Purpose(s): Functionality; providing a service; fulfilling a contractual obligation; legal compliance or audit; research and publishing; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships; advertising and other commercial purposes
  • Data retention: See below.

Photographs and other images or media I collect for use on this website (or for some related purpose) — whether submitted by you in connection with a comment or other communication; created by me; or obtained from some other source — may contain an assortment of personal information.

First, the recognizable likeness of any individual person in an image or video (and/or their voice in a video or audio recording or broadcast) is usually considered to be personal information about that individual. The image might also contain and/or allow me to infer other types of personal information.

Second, digital files contain metadata (such as EXIF information) added by the camera or device that originally generated the file and/or by any software used to edit it, some of which may be personally identifying. At a minimum, metadata normally includes the filename, type, size, creation date/time, and the date/time of the most recent modification of that file. For digital photos, metadata typically also includes the make and model of the camera/device, camera and image settings (e.g., shutter speed, F-stop, color profile, whether the flash fired), and sometimes the type and version of any editing software used. Depending on the type of camera/device, the software used, and the individual settings, the metadata could also include other personal information, such as the photographer’s name and/or the location where the photo was taken, based on GPS coordinates (a common option on modern GPS-equipped cameras and mobile devices). The number of potential variations is too great to detail here, so you should consult the documentation and settings for your individual device.

Naturally, if you submit an image or other media file to me, you are providing me with any information contained in the image or media file and its metadata. When the image or media file is published on this website, this information may be included, making it publicly available. I cannot control and take no responsibility for what third parties may do with any personal information a published image/other media file or its metadata may contain.

If I use your images and/or other media on this website, I may also ADD metadata to the file(s) and/or alter the filename(s) to indicate your copyright and license information (e.g., “© 2018 John Doe; used with permission”). This helps me to keep track of the provenance of the media files I use.

I typically also gather additional information about the images and/or other media I use and any subjects and/or settings they depict or illustrate so that I can correctly identify and describe them.

If you submit an image or other media file to me, you are free to remove or redact any personally identifying metadata it may contain — and/or to obscure personal information in the image or media itself — prior to submitting it to me. (Certain types of metadata (e.g., file extensions) are necessary for an electronic file to function properly, but other metadata can be edited or redacted, either through your computer’s file system or by using appropriate editing tools.)

In some cases, I may be able, upon your request, to remove or obscure personal information from the images or other media files you submit to me or from specifically previously submitted ones. I may also elect to remove certain data on my own initiative and/or do so incidentally in the process of preparing the images/media files for use (e.g., by creating a resized copy of an image that omits some or all of the original image file’s metadata). However, please note that this is not always feasible. Also, if the image is owned by someone else, I might need the rights holder’s advance permission to alter it.

If I remove or obscure information from an image or other media file that has already been published on this website, copies of the original version (with personally identifying information intact) may remain for a time in cached pages and/or backup files created by me and/or my web host. Again, please keep in mind that any personal information contained in the earlier version of the image or media file may already have been accessed and/or used by third parties during the time it was publicly available, which is beyond my control.

I typically retain indefinitely offline copies and archival backups of the photos, images, and other media files I publish on this website, including, where possible, the associated work files and editing stages, if any, for images or files I have modified. However, I may delete, destroy, or discard certain specific images and/or other media files if they are duplicates; if I deem them unusable (e.g., photos that are out of focus, badly cropped, or too dark to see clearly); if the files are damaged or corrupt; if I have agreed and/or have some contractual or legal reason to delete them (e.g., if I have agreed to delete all copies of a particular image); or if I elect to not use them (or to discontinue using them) for some other reason. If I have contact information and/or other relevant data pertaining to the creator(s) and/or subject(s) of a particular photograph, image, or other media file, I customarily retain that data for at least as long as I retain the file itself.

If you have questions about image-related data, please contact me through one of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below.

Data Related to Recruitment/Hiring or Business Partnerships

  • Categories of information gathered: IP addresses*; user agent information*; visitor activity*; names; email addresses; email header information*; other contact information (e.g., phone numbers, postal mailing addresses, and/or other street addresses); images and/or other media (including metadata)*; other documents/materials (including metadata); geolocation data*; URLs/websites*; other personal information; special: information provided by third-party services (as applicable)* and/or mobile phone types/models (determined from user agent information)*
  • Purpose(s): Providing a service; fulfilling a contractual obligation; legal compliance or audit; research and publishing; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships
  • Data retention: Potentially indefinite, although I may delete or discard unsolicited offers or inquiries, spam, inquiries or applications that I believe to be fraudulent or submitted by bots, and/or information I have some legal or contractual obligation to delete or discard; see below for more details.

From time to time, I may seek to recruit and/or hire temporary or permanent employees, interns, and/or independent contractors to help me provide my services and/or perform specific tasks or functions for me. In some cases, I may enter or contemplate entering some other type of professional relationship with some other individual or entity: for example, a formal business partnership or joint venture (JV).

Please note that the inclusion of this section DOES NOT necessarily mean that I am hiring, soliciting partnership or JV proposals, or likely to do so in the immediately foreseeable future. The purpose of this section is to describe my policy for handling information in such situations.

In such situations, I may collect (to the extent permitted by applicable law/regulations) a broad range of personal information about any prospective employees, contractors, or business partners, such as (without limitation) contact information; resumes/CVs; education information; professional certification and/or licensure information; employment history; professional references or information about previous clients and/or business ventures; professional portfolios and/or other samples; skill or aptitude test results; government-issued identification; information about their authorization to work in my locale; salary or compensation information and/or history; tax-related information; and/or the various types of information revealed in a typical background check or investigation. (This is not an exhaustive list; the types of information I collect may vary depending on the context, and applicable law/regulations may dictate what types of information I must and/or must not collect or consider.) Obviously, I may also make various inferences based on the information I collect, such as my judgment of a candidate or applicant’s suitability for a specific role or whether a proposed venture is in my interests.

The information I collect may come from the candidates/applicants/contractors/prospective partners themselves and/or from a variety of third-party sources such as (again without limitation) employment agencies, background check services, professional references or previous clients, subject matter experts, public records, news stories, and/or other publicly available information or records.

My retention of such data varies depending on the context in which I received it. I may promptly delete unsolicited offers or solicitations as spam, although I typically retain inquiries to which I respond, even if I decline them. If I advertise a job opening, I may indefinitely retain applications I receive, whether or not the opening is filled, although I may discard applications that appear to be fraudulent or that were obviously generated by bots rather than people. My retention of applications or related information I receive through third parties such as employment agencies, and/or information I receive in connection with an offer of partnership or other business proposal, may be subject to certain contractual requirements (e.g., an obligation to return or destroy certain information after a specific period of time). Applicable law/regulations may also govern whether and for how long I retain employment, hiring, application, and/or related information.

I may share information pertaining to prospective employees, contractors, business partners, and/or other proposals or business ventures as I deem reasonable and appropriate (and to the extent permitted by applicable law/regulations and/or any relevant contractual obligations) for me to make informed hiring, employment, and/or other business decisions. For example (but without limitation), I might share a job applicant’s information with a service that performs background checks for me, discuss a prospective independent contractor’s work and professional reputation with their previous clients, or seek financial and/or legal advice regarding a possible partnership or other business venture. I may also share or disclose the information as otherwise described in “Disclosure of Personally Identifying Information” below.

Financial Transactions Policy

  • Categories of information gathered: IP addresses*; user agent information*; visitor activity*; names; email addresses; email header information*; other contact information (e.g., phone numbers, postal mailing addresses, and/or other street addresses)*; geolocation data*; URLs/websites*; other personal information*; special: amounts and other transaction-specific details and/or other financial information such as transaction IDs, checks, and/or tax forms* (Please note that the applicable payment processor(s) and/or bank(s)/financial institution(s) may also collect other types of information not listed here.)
  • Purpose(s): Providing services; completing a transaction; fulfilling a contractual obligation; legal compliance or audit; security, troubleshooting, quality control, and technical improvement; advertising and other commercial purposes
  • Data retention: Typically indefinite; see below.

The following policy applies to financial transactions with me that pertain to the aaronseverson.com website, such as (without limitation) the purchase of advertisements on this website.

Please note that this policy applies only to transactions pertaining directly to the aaronseverson.com website, and then only to transactions you enter into with me, NOT to your transactions with third-party vendors, retailers, or services, which are outside of my control. For example, if you purchase a copy of some work I have written through an online bookseller, the bookseller’s policies will apply, NOT this Financial Transactions Policy. Transactions related to my professional writing/editing/writing consulting business, 6200 Productions, will be subject to its separate Financial Transactions Policy, while transactions related to my automotive website, Ate Up With Motor, will be subject to the Ate Up With Motor Financial Transactions Policy, not this one. (You should refer to those separate policies where applicable; while the policies are generally similar, they are not identical.)

Transaction-Related Information Gathering

If you enter into a financial transaction with me that pertains directly to the aaronseverson.com website — whether to make a payment to me or for me to pay you for goods, services, or some other purpose — I may collect certain personal information from you, such as (without limitation) your name, company name (if applicable), email address, billing address and/or other contact information, transaction details, payment information, invoice numbers and/or other transaction identifiers, and (where applicable) relevant tax documents such as (again without limitation) Form 1099-MISC and/or Form W-9. I may use this information for billing/invoicing; so that I can process and complete your transaction(s); to respond to your transaction-related questions, inquiries, and/or comments; for my administrative, accounting/bookkeeping, tax reporting, and/or legal compliance purposes; for service improvement purposes; for fraud prevention and/or other security purposes; and/or to fulfill my contractual obligations to the applicable payment processor(s), financial institution(s), and/or other relevant third parties (e.g., my agent(s) and/or manager(s), if any).

If your transaction is via a third-party payment processing service such as PayPal®, much of this information, including payment details such as bank account or credit card numbers, will be collected and processed by the payment processor rather than by me. For other types of transactions, that information may be collected and processed directly by me and/or the relevant financial institutions. (For example, if you make a payment to me by check, the check will necessarily include the routing and account numbers so that the applicable banks or other financial institutions can process the deposit and the transfer of funds.)

Transactions made via PayPal® are subject to PayPal’s User Agreement, Privacy Policy, and any other applicable PayPal policies or requirements. (Please note that these may differ depending on where you are.) PayPal may also use cookies and/or similar technologies in the payment button and/or the shopping cart to collect information about, track, and/or identify users, in addition to whatever information the service may collect to log you into your PayPal account (if any) and/or complete your transaction. I do not have access to user data gathered by PayPal except for the information I receive in connection with a completed PayPal transaction, which is described in the following paragraph.

If you make a payment to me via PayPal, I receive a standard transaction report (which is sent to me via email as well as being stored in my PayPal account) that contains various personal information, including (though not necessarily limited to) a unique transaction ID number, your name, email address, mailing address, the date and amount of your payment, whether or not you are a Verified PayPal user, and any notes or additional instructions you provided. If your payment was for a PayPal invoice, a copy of that invoice will be appended to the report. This transaction report does NOT include your bank account or credit card numbers — PayPal does not provide and I do not have access to the credit card or bank information you use with your PayPal transactions or have associated with your PayPal account.

In some cases, I may seek additional information about you in connection with your transaction, either from you directly and/or from third-party sources. Some examples might include (without limitation) looking up your address in a mapping or navigation service to clarify delivery instructions for a courier or other delivery provider; checking with the applicable postal service to verify your ZIP Code or other postal code; inquiring whether payments made from a business account or business email address are for the business or for the individual; and/or investigating suspected fraud and/or other security issues. (These are just a few representative examples, not an exhaustive list.)

Currency

Payments to me should be in U.S. funds, with any exceptions to be discussed in advance and subject to my prior approval.

Some payment processors, including PayPal, will automatically convert payments or funds transfers to the recipient’s preferred currency, or at least give you the option to do so. If your transaction is via PayPal, you may assume any non-U.S. funds will be appropriately converted unless PayPal warns or notifies you otherwise.

For other types of transactions drawn on non-U.S. funds, such as international wire transfers, please contact me in advance so that we can discuss appropriate arrangements for currency conversion.

Checks and Money Orders

Unless I indicate otherwise, payments by check, money order, or bank draft/cashier’s check/teller’s check should be made payable to Aaron Severson.

Taxes

For certain types of transactions, I may be required to collect tax (such as sales or use tax) from you and pay it directly to the applicable tax agency or agencies. Please note that you may owe tax (e.g., sales/use tax, VAT, or other tax) on transactions with me even if I do not collect such tax from you. Any applicable taxes you may owe that I do not collect from you are your sole responsibility.

Returned Check Fees

Payments you make to me by check or bank draft that are rejected or returned by my financial institution(s) for insufficient funds or for any other reason shall be subject to a $35 returned check fee. (This fee is to cover the fees my financial institutions charge me in such circumstances.) I reserve the right to waive this returned check fee at my sole discretion.

Refunds and Returns

The following refund and return policy shall apply to payments you make to me pertaining directly to aaronseverson.com:

  • Advertising Purchases: You may cancel your ad on aaronseverson.com for a full refund within five days of your payment. If you choose to cancel your ad after five days but prior to the expiration date, I will credit the prorated remainder of the commitment period toward a future ad, but cannot provide a cash refund except where I are required to do so by the applicable payment processor(s) and/or financial institution(s) or as otherwise required by law. Notwithstanding the foregoing, I reserve the right to refuse and/or refund any individual advertising purchase or purchases at my sole discretion.
  • Other Purchases: Purchases of goods or services other than advertising are fully refundable prior to the delivery by me of the applicable good(s) or the performance by me of the applicable service(s). In the event you purchase tangible good(s) (e.g., a printed book) from me, you may return the purchased good(s) for a full refund, less any applicable shipping costs, within 21 days of the date of your payment or the period allowed by the applicable payment processor(s), whichever is greater. Purchases of digital goods or services other than advertising (e.g., the purchase of an ebook) are nonrefundable once the applicable good(s) or service(s) have been delivered or performed (as applicable) by me, except as otherwise required by the applicable payment processor(s) and/or financial institution(s) or otherwise required by law. Notwithstanding the foregoing, I reserve the right to refuse and/or refund any individual purchase or purchases, and/or any applicable shipping costs, at my sole discretion.
  • Other Types of Transactions: For transactions that do not fit any of the above categories, eligibility for refunds or returns shall be determined on a case-by-case basis and shall be at my sole discretion, except as otherwise required by the applicable payment processor(s) and/or financial institution(s) or otherwise required by law. I reserve the right to refuse and/or refund any individual transaction at my sole discretion.

Information Sharing

By making a payment (whether by check or money order, via PayPal, or by any other means), you grant me express permission to disclose information associated with your transaction(s), including, where appropriate, copies of any applicable invoices, checks and/or receipts, PayPal transaction reports (if applicable), shipping records (if any), and/or related tax documents:

  1. To the applicable email and/or telephony provider(s), so that I may communicate with you regarding your transaction; and/or:
  2. To the applicable postal service(s), common carrier, or shipping agency, in the event I must mail, ship, or deliver anything to you in connection with your transaction; and/or:
  3. To the applicable third party or parties, in the event the transaction is for or on behalf of some other person(s) or entity (e.g., a purchase made as a gift for someone); and/or:
  4. To my legal counsel, accountant/bookkeeper, tax preparer, and/or tax attorney, as I deem reasonably necessary to my routine business operations and/or for my legal protection; and/or:
  5. To my independent contractors, employees, agents, and/or business partners (if any) that need to know the information in order to complete your transaction, support my routine business operations, and/or otherwise perform services for me or on my behalf; and/or:
  6. To my applicable payment processor(s) and/or bank(s)/financial institution(s); their legal counsel, auditors, and/or fraud protection services (for example, if I must provide information for a dispute or fraud investigation); and/or as otherwise required by my contractual agreements with said payment processor(s) and/or bank(s)/financial institution(s); and/or:
  7. To any applicable federal, state, local, or other tax agency (whether within or outside the United States), where I deem it reasonably necessary to ensure my compliance with applicable tax laws and/or regulations (e.g., to calculate or estimate applicable tax rates and/or in connection with tax returns, filings, withholding, and/or estimated tax payments), or in connection with audits or other official investigations; and/or:
  8. As otherwise required by law (e.g., to comply with applicable government reporting or disclosure requirements, such as customs inspections; in connection with a civil or criminal trial or other official investigation or proceeding; or if I have received a subpoena or court order requiring me to disclose certain information); and/or:
  9. As otherwise described in “Disclosure of Personally Identifying Information” below.

Where applicable, I may also disclose in any or all of the above-listed ways personal information related to payments I make to you that pertain directly to the aaronseverson.com website.

By making a payment, you also grant me express permission to contact you via email and/or postal mail to acknowledge, complete, and/or address questions or issues related to your transaction(s) with me, and, if you call or text me regarding your transaction, to respond to your calls and/or texts via the same means.

As explained in the “Security Scans” section of the Privacy Policy, messages and/or notifications that I send or receive via email or text, including transaction-related notifications and/or messages, may be scanned for spam and/or malware by me and/or (as applicable) my web host, Internet service provider(s), mobile carrier(s), and/or other applicable service provider(s).

Data Retention

I must retain information about financial transactions — including ones I refuse and/or refund — so that I can respond to your transaction-related questions, inquiries, and/or comments; for administrative, accounting/bookkeeping, tax reporting, and/or legal compliance purposes; for service improvement purposes; for fraud prevention and/or other security purposes; so that I can respond appropriately in the event of a payment dispute, audit, or other investigation; and/or to otherwise fulfill my contractual obligations to the applicable payment processor(s), financial institution(s), and/or other relevant third parties (e.g., my agent(s) and/or manager(s), if any). (My service agreements with my payment processors and/or financial institutions typically require me to cooperate with their investigations and to respond promptly to their requests for relevant information.) See the “Additional Information About Data Retention” section below to learn more about my typical data retention practices.

Customer Service Information

If you have questions about this Financial Transactions Policy or need help with a transaction, you can reach me via email at admin (at) aaronseverson (dot) com; by using the Contact Form (if available); or by calling or texting my Google Voice number, (310) 909-7846‬. (IMPORTANT NOTE: Calls or messages to this number may be transcribed and/or recorded, and transcriptions, recordings, call notifications (including notifications of missed calls), texts, and/or other messages may be forwarded to me via email. This telephone number is provided by the Google Voice communications service, a Voice over Internet Protocol service provided by Google Voice, Inc., a subsidiary of Google LLC. All communications made or received through this number are subject to the Google Privacy Policy and the Google Voice Privacy Disclosure as well as to this Privacy Policy. Google Voice is a trademark of Google LLC.)

You can also contact me via postal mail:

Aaron Severson
Attn: Customer Service
11100 National Bl. #3
Los Angeles, CA 90064

Information I Receive from Other Sources

Transaction-Related Information I Receive from Third Parties

  • Categories of information gathered: Visitor activity*; names*; email addresses*; email header information*; other contact information (e.g., phone numbers, postal mailing addresses, and/or other street addresses)*; geolocation data*; URLs/websites*; other personal information*; special: amounts and other transaction-specific details and/or other financial information such as transaction IDs and/or payment amounts* (Please note that the applicable vendor(s), service(s), and/or payment processor(s) may also collect other types of information not listed here.)
  • Purpose(s): Providing services; completing a transaction; fulfilling a contractual obligation; legal compliance or audit; security, troubleshooting, quality control, and technical improvement; advertising and other commercial purposes
  • Data retention: Typically indefinite; see below.

As noted in the “Financial Transactions Policy” section above, I may receive information about you from third parties in connection with your transactions with me (e.g., transaction reports). See that section for more details.

If I offer products or services through some third-party vendor or service (e.g., if I offer a book I’ve written through a third-party publisher), that vendor or service may provide me with information about completed sales or or transactions, which in some cases may include personal information about individuals or households who purchase my products or services (rather than just aggregated statistics such as total sales). Where I receive personal information about individual purchasers, I may use that information so that I can (if applicable) process and complete the relevant transactions; to respond to transaction-related questions, inquiries, and/or comments; for my administrative, accounting/bookkeeping, tax reporting, and/or legal compliance purposes; for service improvement purposes; for fraud prevention and/or other security purposes; and/or to fulfill my contractual obligations to the applicable third-party vendor or service and/or any other relevant third parties (e.g., my agent(s) and/or manager(s), if any). I typically retain such information indefinitely; see the “Additional Information About Data Retention” section below to learn more about my typical data retention practices. I may disclose such information as described in “Disclosure of Personally Identifying Information” below.

Information I Receive from Third Parties for Security Purposes

  • Categories of information gathered: IP addresses*; domain names*; user agent information*; email addresses*; other contact information (e.g., phone numbers, postal mailing addresses, and/or other street addresses)*; geolocation data (estimated based on IP address/domain name and/or inferred from other data)*; URLs/websites*; other personal information*; metadata*; special: other security-related technical details*
  • Purpose(s): Fulfilling a contractual obligation [see below]; legal compliance or audit; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships
  • Data retention: Varies, but potentially indefinite.

Some of the security measures I use to secure this website, its data, and/or my system and devices periodically supply me with ban lists/blacklists/block lists of IP addresses, domain names, email addresses, user agents, and/or other such information that may be associated with malicious activity such as (without limitation) spam and/or attempts to transmit or otherwise propagate malicious code. I may also obtain similar information or lists from sources such as (again without limitation) HackRepair.com; the MVPS HOSTS file; Perishable Press; The Spamhaus Project; through the security components of the Microsoft® Windows® operating system; via Avast Software s.r.o and/or their subsidiary Piriform (CCleaner®); through Bitdefender®; via Malwarebytes; via Mozilla Firefox and/or other web browsers; via the NetGuard mobile firewall; through Safer-Networking Ltd.‘s Spybot® software; from the StevenBlack hosts file; via the TinyWall firewall; through the security features, firmware, software, and/or services of my ASUS (ASUSTeK Computer Inc.) and/or Netgear Inc. wireless router(s); via social media services; via the Google Safe Browsing API (which is used by Bitdefender, Mozilla Firefox, various other web browsers, and some other apps and online services), the Play Protect feature of Google Play, and/or the Google Voice communications service (which are subject to the Google Privacy Policy and, for Google Voice, the Google Voice Privacy Disclosure; Google Play, Google Safe Browsing, and Google Voice are trademarks of Google LLC); through browser extensions such as (without limitation) eyeo’s Adblock Plus, EFF‘s Privacy Badger, the NoScript extension developed by Giorgio Maone of InformAction; and/or the uBlock Origin extension developed by Raymond Hill; and/or through other filter list providers such as (without limitation) EasyList and/or Hosh Sadiq (who maintains the adblock-nocoin-list). From time to time, I may also receive additional security-related information from my web host, Internet service provider(s), mobile carrier(s), bank(s)/financial institution(s), and/or other sources not specified above.

Naturally, my security software and/or services also maintain regularly updated lists of virus signatures and other detection data to identify and prevent malicious activity. I may also receive alerts and/or other security-related information from various sources regarding third-party data breaches that could potentially expose my online credentials and/or other personal information to malicious actors.

Such security-related information is not necessarily personally identifying (for example, the IP addresses included on spam block lists are typically for email servers rather than individual users), but certain information may be personally identifying or potentially personally identifying (e.g., email addresses associated with spam or telephone numbers used by telemarketers or as part of scams or other malicious activity).

In some cases, I may perform WHOIS or similar lookups on visitors’ IP addresses and/or domain names, especially if they have been used for suspicious or malicious activity directed at the website or at me. Such lookups may enable me to determine information such as (though not limited to) the owner of a particular domain registration or the geographic location associated with a particular IP address. My firewalls and/or other security applications/software/services may provide me with similar information about any online servers or resources to which my devices connect or try to connect. (For example, but without limitation, the NetGuard firewall app retrieves such info via IPinfo to help me understand and control the Internet connections my mobile apps make or attempt to make.)

As noted in the “Data Related to Recruitment/Hiring or Professional Partnerships” section above, I may also commission background checks on candidates I am considering hiring and/or individuals or entities with whom I am considering entering a business partnership or other formal professional relationship, to help me make informed decisions about whether that hire or relationship would present an undue risk to my security.

My retention of such data varies. Much of the information I collect of this kind is managed automatically by my security tools, which regularly update the associated data, adding new information and sometimes changing or removing older data. Also, I periodically make manual changes to that information, such as (without limitation) when I whitelist an email address that was wrongly flagged for spam or blacklist an email address or domain that has sent me suspicious emails.

Special Note: The reason I include “fulfilling a contractual obligation” among the possible purposes listed above is that certain sources from which I obtain security information may impose contractual limits on how I collect and handle that information (e.g., terms of service prohibiting me from altering security update data or interfering with the normal update process) and/or may not permit me to pick and choose which data I do or do not add.

In many cases, such data is already publicly available (for instance, the HackRepair.com list is readily available at their website). I may also share or otherwise disclose such information if I need additional technical assistance and/or otherwise consider such disclosure appropriate for my security and/or the security of others. For example (but without limitation), I might submit to the maintainers of these lists or databases certain email addresses or domain names that have been used in malicious activity directed at me.

I may also disclose such information in connection with legal action involving malicious activity, and/or as otherwise described in “Disclosure of Personally Identifying Information” below.

Other Information I Receive from Third-Party Sources

  • Categories of information gathered: Names; email addresses*; other contact information*; images and/or other media (including metadata)*; other documents/materials (including metadata)*; geolocation data (provided by sources and/or inferred from other data)*; URLs/websites*; other personal information*
  • Purpose(s): Functionality; providing a service; fulfilling a contractual obligation; legal compliance or audit; research and publishing; security, troubleshooting, quality control, and technical improvement; recruitment/hiring or business partnerships; advertising and other commercial purposes
  • Data retention: Varies depending on context; see below.

  • From time to time, I may receive personal information about site visitors or otherwise related to this website from other third-party sources. The following are some representative examples of this information-gathering:

    I routinely gather information about the content I write and/or edit (and/or on which I consult) — whether for this website or in connection with my work and/or other creative endeavors, professional or otherwise — including information about people involved with and/or otherwise relevant to that content. My research, writing, and editing process often involves discussing and sharing such information with third parties such as (without limitation) subject matter experts, other writers, historians, journalists, enthusiasts/collectors, librarians, archivists, observers, eyewitnesses, and/or other knowledgeable parties (and/or, in the case of work I perform for others, the applicable client(s) or employer(s)), as well as looking up names and other relevant personal details in sources such as (without limitation) books; magazines; newspapers; films or other videos; audio recordings; and/or online or offline electronic resources such as search engines, library catalogs, websites, and/or databases. My research, writing, and/or editing may sometimes also include inviting comment from and/or presenting questions to the public regarding related topics. If you are or were involved with the subject(s) of my content, and/or are a public figure, some of the information I gather may be about you, your work, and/or your career. In many cases, this information is drawn from sources that were already publicly available at the time of writing, but it may also include non-public information obtained from a variety of sources. It may also include images, such as (without limitation) publicity photos or official portraits, and/or other media, such as (again without limitation) videos, audio interviews, and/or podcasts. In some cases, I may look for your contact information so I can ask you questions related to my content, request an interview, and/or let you know about content in which you were mentioned. (Naturally, certain information I gather in connection with content I write, edit, and/or otherwise research may also come from you if I communicate with you in connection with my research and/or if you have disclosed the information in some other context known to me.)

    Published works (e.g., books, magazines, CDs, DVDs) I use and/or access in connection with this website, its content, and/or my other creative endeavors often contain an assortment of personal information, both about the subjects of the work and about the people who created, produced, and/or published it. I may also gather additional information about the people described, depicted, or involved with such published works, such as (without limitation) seeking to identify pictured individuals not named in a photo caption, the names of contributors not credited in the work itself, or the contact information of an editor or publisher.

    Similarly, whenever I install software/apps, services, themes, and/or add-ons — particularly software/apps/services/themes/add-ons I use under open source licenses — the software and/or installation files (and/or the website or other source from which I obtained them) may provide me with personal information about the developer/development team (e.g., names, contact information, digital signatures). If you’re a developer, I may collect or have collected information about you in such contexts. Software licenses typically prohibit altering or deleting the credits, copyright notices, and/or other developer information contained in the software, even where the license otherwise permits modification.

    If I use an image or other content you have offered under a Creative Commons or similar license, I typically gather certain publicly available information about you for the purposes of properly attributing that content and otherwise complying with the applicable license terms. (Where I deem it appropriate, I sometimes do the same with content that is in the public domain in my jurisdiction, such as works created by U.S. federal employees in the context of their official duties.) This may include any creator information listed on the hosting service, archive, or repository from which I obtained the content as well as other relevant information I may find in various print or online sources.

    As noted in the “Data in Submitted Images” section above, when I gather photographs, other images, and/or other media intended for use on this website or for some related purpose (whether those images were created by me or obtained from others), I typically look for additional information about the subjects of those images. This information, which may come from a variety of public and/or private sources, may sometimes include personal information and/or potentially personally identifying information, such as (without limitation) biographical details about the famous owners of a particular object shown in a photograph.

    Third-party services and/or service providers may sometimes provide me with personal information about other people who use that service, particularly if those people interact or have previously interacted with me in some way. For example (but without limitation), a messaging service might notify me that someone listed in my phone’s contacts has joined that service, is typing, and/or has seen a particular message. The precise nature and extent of such information naturally depends on the specific service(s) involved.

    Social media services typically offer a variety of information and insights about the people who interact with you and/or the content you post on those services and/or with whose content you interact — for example, sending notifications when someone “likes” or comments on your content or providing insights such as summaries of how many people have viewed or otherwise interacted with a specific post. Again, the precise nature and extent of such information and/or insights obviously varies depending on the specific service and the context, but it may include (or at least make readily available to me) any information about the applicable person or entity that is publicly visible (e.g., their user name/account name, profile picture, and public profile information) and/or that the person or entity has otherwise made visible to me through their individual settings. Such information typically includes, but is not limited to, details about the individual or entity’s connections with other users of that social media service and/or about the individual or entity’s other activity on that service (e.g., other posts on which they have just commented), and may also reveal a variety of other personal information.

    From time to time, visitors or other personal or professional acquaintances may provide me with personal information about someone. For example (but without limitation), another site visitor might provide me with your contact information for some specific purpose, send me a clipping of a newspaper interview with you, or submit photographs or other media in which you are visible.

    As noted in the “Comments” and “Other Inquiries, Messages, and Support Requests” sections above, I may sometimes gather additional information about individuals who contact me in order to better understand who they are and the context of their inquiries.

    As noted in the “Data Related to Recruitment/Hiring or Professional Partnerships” section above, if I contemplate hiring or entering into a business partnership or other professional relationship with someone, I may collect a range of personal information about them so that I can make informed hiring, employment, and/or business decisions.

    (Again, the above scenarios are just some representative examples, not an exhaustive list. The disclosures in the “CCPA Information Collection and Sharing Notice” section below will give you a sense of what kinds of personal information I may collect.)

    My retention of such information varies depending on the nature of the information and the context in which I received it. I normally retain indefinitely my research notes and other information relevant to my past, current, or possible future articles or content, including image-related information. (Obviously, I can’t and don’t retain or remember every fact I see, read, or hear, but I do typically retain my notes in some form or other, although I may delete or discard certain research notes, materials, and/or information that I deem unusable, elect not to use, and/or no longer need.) Since software licenses typically prohibit redacting or altering any of the developer credits or copyright information, I usually retain that information for at least as long as I continue using the applicable software. With some social media platforms, certain types of information, insights, and/or notifications can be muted or hidden, but cannot normally be deleted, and may still remain in the social media service’s files even if the applicable content and/or users have been removed, whether or not I separately retain such information. See the “Additional Information About Data Retention” section below to learn more about my typical data retention practices.

    Obviously, information I gather for my articles or other content may be published or disclosed in that context; other, non-public information generally will not be except as otherwise described in “Disclosure of Personally Identifying Information” below.

    Additional Information About Data Retention

    In addition to the data retention practices described in the various sections above, I typically retain indefinitely:

    • Information pertaining to my professional writing/editing/writing consulting work and/or other creative endeavors, including — except as otherwise stipulated by a specific client or employee agreement and/or other applicable legal requirement(s) — research notes, drafts, and/or other relevant data, which may sometimes include information about or in some way connected with visitors to this website. (I may delete or discard certain drafts and/or research notes, materials, and/or information that I deem unusable, elect not to use, and/or no longer need.)
    • Information pertaining to any financial transactions and/or legal agreements involving this website, including (but not limited to) records of purchases or payments I make or receive in connection with the website or related matters. (Obviously, my financial and legal records often necessarily include some personal data.) I must also retain my tax records for bookkeeping and compliance purposes.
    • The contact information of individuals with whom I repeatedly or regularly correspond regarding this website and/or related matters.
    • Names and/or company/domain names I’ve entered into my spell-checking dictionaries (which I retain for what I hope are obvious reasons!).
    • Copies of published works (e.g., books, magazines, CDs, DVDs, software) that I own or for which I have a perpetual license, along with (where applicable) associated documentation and/or notes and any inventories, catalogs, and/or lists that I may create and/or utilize to manage my collection of such works. (I may dispose of copies that are duplicates, that are damaged or otherwise unusable, and/or that I no longer need; naturally, copies of published works that I have borrowed or rented are eventually returned as appropriate.)
    • Information pertaining to my licenses/authorizations for the use of intellectual property owned by others, including any relevant contact information. (I may discard this information if I discontinue using that intellectual property, e.g., if I uninstall a particular app or other software.)
    • Information pertaining to site-related technical or legal questions.
    • Any information pertaining to a site-related dispute or legal issue. Similarly, for compliance purposes, I must retain information pertaining to privacy-related requests to the extent required by applicable law and/or regulation. (For example, if you send me a request to exercise your rights under the California Consumer Privacy Act (CCPA), I am legally required to retain records of that request for at least 24 months.)

    Even where it is my customary practice to indefinitely retain certain information, my retention of individual communications/messages may vary based on the medium and/or format of those communications/messages:

    • Email: I typically retain indefinitely most site-related emails, excepting obvious spam, mass mailings, messages and/or attachments that contain suspicious code, and/or certain automated notification/alert emails (which I may delete if they are no longer needed and/or relevant).
    • Communications/messages via third-party services (including, without limitation, calls and/or texts made or received through the Google Voice communications service, social media accounts, and/or social media services): Most site-related communications/messages that I send and/or receive via third-party services are retained indefinitely in some form, although in such cases, I may, to the extent possible, retain local and/or off-line copies in addition to (or instead of) leaving the original communication/message(s) on the applicable third-party service. For example (but without limitation), if I receive Google Voice messages, I may remove the original messages from my Google Voice account, but retain the notification emails and/or other local copies of those messages. Recordings of calls (if any) made via Google Voice or other third-party services, and/or voice mail messages received through such services, may be retained for as long as I reasonably need those recordings, except as otherwise required by law and/or the applicable service’s terms of use/terms of service. Please note that in some cases, third-party services may retain records of messages sent via those services even if the users who sent and/or received those messages delete their copies and/or their accounts, which is outside of my control. (As noted elsewhere in this policy, Google Voice is a trademark of Google LLC.)
    • Text messages: My retention of site-related SMS/MMS text messages and/or other, similar non-voice direct messages that I send and/or receive via my phone(s) is highly variable. (My older smartphone(s) could be set to automatically delete older messages after a certain period of time — I normally set that interval to 60 days — unless they were deliberately saved, but some of my current devices and apps no longer provide that functionality, at least not in the same global manner.) Depending on the nature and context of the specific message(s), I may delete them immediately, retain them indefinitely, or something in between; in some cases, I may set messages to automatically delete themselves after a certain period of time, and/or retain only a certain number of messages in any particular text “conversation.” In any event, even if I delete a text message or messages, any included information and/or attachments for which I have some ongoing need may be transferred to other records before the deletion of the original message(s). (For example, if you send me a text message asking me to contact you via postal mail, I typically will separately record your mailing address in order to comply with and retain records of your request.) Text messages may also be captured in periodic phone backups, which I may retain for a year or more. Please note that my mobile carrier(s) and/or other service providers may also retain records of text messages sent or received via my phone(s), which is outside of my control.
    • Phone calls: Records of calls I make or receive via my phone(s) (i.e., NOT via Google Voice or some other third-party service) are typically included in my phone bills and/or other phone usage records, which I customarily retain indefinitely. (My phone company/mobile carrier may also retain such records, which is outside of my control.) My retention of call logs or records on my phone(s) is typically determined on a case-by-case basis and is highly variable. Recordings of phone calls (if any) and/or voice mail messages may be retained for as long as I reasonably need them, except as otherwise required by law (and/or, in the case of voice mail messages, the policies of the applicable phone company or mobile carrier).
    • Postal mail and/or physical documents: I promptly discard most mass mailings and unsolicited business inquiries (“junk mail”) I receive via postal mail or other physical means. Where I receive legitimate correspondence or business documents pertaining to this website and/or related matters (e.g., copies of contracts or receipts) by mail or some other physical means, I typically retain them, although, where possible, I may scan, photograph, or photocopy them (and/or retain the electronic versions, if I have received both electronic and physical copies) in addition to (and in some cases instead of) retaining the original physical copies. Naturally, if I have agreed and/or have some contractual or legal obligation to return or destroy specific business documents, I will do so as appropriate.

    Personal information I may collect in connection with this website that is not specified above or mentioned elsewhere in this Privacy Policy is normally retained only as long as I reasonably need that information, which is determined on a case-by-case basis depending on the nature of the information and how and why I received it. In some cases, my retention of certain information may be dictated by applicable law/regulations and/or other legal obligations (e.g., a contractual obligation to return or destroy certain information after a specific period of time).

    In all cases (even circumstances where I typically retain information indefinitely), I may delete, discard, or destroy specific messages, communications, documents, files, records, and/or data (of any type, format, and/or medium) if:

    • They are duplicates, and/or:
    • I reasonably believe that they are substantially redundant of other data I still retain (e.g., an “order shipped” notification for an order for which I also have a delivery receipt), and/or:
    • They are unreadable, inaccessible, and/or otherwise unusable, and/or:
    • They are corrupted, contaminated, or otherwise damaged, particularly if I reasonably believe that the corruption, contamination, or damage poses a danger to health, safety, security, and/or the integrity of other data and/or property, and/or:
    • I have agreed and/or have some contractual or legal obligation to delete, discard, or destroy them, and/or:
    • I have some other compelling reason to do so.

    Even where it is my normal practice to retain personal information about site visitors, I periodically remove certain personal data from the website’s online database(s) and/or mail servers, transferring the data to local and/or offline storage for greater security and/or redacting portions of the data that I no longer need.

    Special Note on Subpoenas, Court Orders, and Preservation Requests: In certain cases, I may be legally compelled to retain and preserve certain data, even data I would not otherwise retain, pursuant to a subpoena, a valid court order, or a preservation request from a government or law enforcement agency. In such event, I will preserve the specified information (and may disclose it to the requesting party) to the extent required by applicable law, which in some cases may also require me to keep the order or request confidential.

    Reports and Aggregated Statistics

    From time to time, I may compile and publish aggregated statistical information about users of the website. For example, I may create reports on trends in the usage of the website, such as total page views, the average number of unique visitors per month, the most popular pages on the site, and/or the average time visitors spend on the site.

    I may also, to the extent required and/or otherwise permitted by applicable law and/or regulations, publish de-identified information and/or statistics about requests I receive under the California Consumer Privacy Act (CCPA) (as described in “California Privacy and Data Protection Rights” below) and/or other privacy laws (e.g., how many requests of a particular type I received in a given period).

    Aggregated reports and statistics — which I may display publicly and/or otherwise share with third parties (including, where applicable, potential advertisers and/or other commercial partners) — will not include personally identifying information about any individual or specific household.

    Information Captured by Service/Software/App/Device Telemetry

    Many modern electronic services, software programs, apps, and devices, from operating systems to office software and even printers/print drivers, now incorporate surveillance mechanisms (often called “telemetry”) that gather information about the use of that service/software/app/device and then transmit that data to the manufacturer/developer and/or other third parties. The information collected by these mechanisms can sometimes include personal information or potentially personally identifying information about me and/or other individuals and/or households.

    Here are some examples of how this might occur:

    • If a service/app/software/device crashes while I am accessing a file or website containing personal information, details about that file or website and its contents might be captured and transmitted as part of a crash report.
    • If a website or online service I access uses Google’s familiar reCAPTCHA security service, the reCAPTCHA service may collect detailed information about my activity on that site or service, including (but not limited to) taking snapshots of my browser window and any personal information that may be visible there. Google provides no way to opt out of this data collection, which with current versions of reCAPTCHA is not limited to interactions with the reCAPTCHA interface itself. (Google is a registered trademark of Google LLC.)
    • Security features incorporated into my web browsers and/or devices might capture personal information contained in the filenames, metadata, and/or contents of documents or other files I download from or upload to the Internet.
    • My antivirus software and/or other security services/software/apps might capture personal information in scanned email messages and/or other electronic files.
    • My office software might record the filenames and/or other metadata of files I access, and/or capture any text on which I use the software’s spelling and/or translation features.
    • Mapping or navigation services/software/apps I use, particularly ones with access to my mobile phone’s location data, might record the geographical locations and/or addresses of people I meet or visit.
    • Services/apps/software/devices with access to device microphone(s) might overhear and/or record my calls or other conversations.
    • Certain services/apps/software/devices might record what I type while using that service/app/software/device.

    Again, these examples are just a small sampling of the possible scenarios. The specifics of device and software telemetry vary widely, and manufacturers/developers are not always forthcoming about the details of their information-gathering.

    Such surveillance can be difficult or impossible to escape. Certain services/software/apps/devices, like malware detection services, cannot adequately perform their intended functions without full access to device/system data. Some information-gathering features (like the telemetry incorporated into recent versions of the Microsoft® Windows® operating system) can’t be completely disabled without modifications that would violate the license agreement or terms of service. Even where it is theoretically possible to disable the telemetry features of a specific service/software/app/device, doing so may require advanced technical knowledge and/or special tools. Also, my work and research sometimes involves my using devices, software, and/or apps controlled by third parties — e.g., the computers offered to patrons of public libraries — that may incorporate telemetry or other surveillance mechanisms that I cannot disable or with which I am not familiar.

    While I have made an effort to block and/or minimize such surveillance — for my privacy and security as well as yours — the bottom line is that some of the services/software/apps/devices I use retain at least the potential to collect and transmit personal information about me, the subjects of my writing/editing/writing consulting work, and/or the people with whom I interact in the course of operating this website.

    The examples of third-party vendors and service providers listed in the “Disclosure of Personally Identifying Information” section below include a representative sampling of services, software, apps, and/or electronic devices I may use that could gather personal information related to this website and/or its visitors through telemetry and/or other integrated information-gathering/surveillance features. Please note that this is NOT an exhaustive list. I may sometimes use services, software, apps, and/or devices not listed (obviously, it’s not practical for me to list every service, device and/or piece of software I might conceivably use!); certain services/software/apps/devices that did not previously incorporate information-gathering/surveillance features might add them in subsequent updates; and certain services/software/apps/devices may incorporate surveillance features that are not readily apparent to me.

    As noted in the “Security Scans” section above, the likelihood and possible extent of any disclosure of personal information in such ways is difficult to predict or quantify, but it cannot be completely avoided without greatly compromising my security, the functionality of the tools and devices I use, and my ability to perform my work and provide my services.

    Disclosure of Personally Identifying Information

    I may share, release, or otherwise disclose personal information I collect through and/or in connection with this website:

    • To publish your submitted comments (including, as applicable, any images, other media files, and/or links they may contain), as described in the “Comments” section above. As explained in that section, this may include emailing copies of your comment to other users who have requested email notifications of replies/follow-up comments.
    • As part of a public response to an inquiry or support request, as described in the “Contact Forms” and “Other Inquiries, Messages, and Support Requests” sections above.
    • To appropriately credit someone for the use of their photos, fonts, themes/plugins, or other content or intellectual property — particularly where such credit is required by the applicable license terms. As noted in “Data in Submitted Images” above, this may include adding copyright and license information to the applicable filename and/or metadata to ensure that the attribution is clear. If you want to modify or remove your credit information, please contact me!
    • To publicly acknowledge and/or thank someone for their assistance, whether with the management of this website, my content, and/or some related matter(s), except where they have specifically asked me not to or where their communications with me reasonably suggest that they prefer not to be acknowledged or identified. Such acknowledgments will typically be limited to their name/pseudonym, the nature of their assistance, and (where applicable) the date(s), although in some cases, certain other personal information may be obvious or implicit in the nature of the assistance provided.
    • As part of journalistic, historical, critical, or other nonfiction accounts accounts I publish, perform, and/or otherwise disseminate, and/or in the course of researching, writing, and/or editing my content and/or other creative endeavors (which may include, as applicable but without limitation, information contained in associated images, other media, bibliographies, annotations, and/or metadata), if the person(s) to whom the information pertains are and/or were involved with the subject(s) of such content. In many cases, this information is drawn from sources that were already publicly available at the time of writing, but it may also include non-public information obtained from a variety of sources (and may include images and/or other media such as, again without limitation, publicity photos or official portraits, videos, and/or recorded audio interviews). As noted in “Other Information I Receive from Third-Party Sources” above, my research, writing, and editing process routinely involves sharing and discussing this type of biographical information with third parties such as (without limitation) subject matter experts, other writers or historians, journalists, enthusiasts/collectors, librarians, and archivists, as well as looking up names and other relevant personal details in online or offline resources such as search engines, library catalogs, and vendors of published works like books or DVDs, and may sometimes also include inviting comment from and/or presenting questions to the public regarding related topics.
    • If that information is or was already publicly available (such as — without limitation — information that’s available on the website of the person(s) to whom the information pertains; that they’ve included in their published memoirs, books, articles, or other published works, or in public posts or public comments they’ve made on this or other websites; that appears in published interviews or in books, articles, or other works about the person(s) to whom the information pertains; and/or that is otherwise part of the public record, such as court records or transcripts of public hearings).
    • To my independent contractors, employees, agents, and/or business partners (if any) that need to know the information in order to collaborate with me and/or to perform services for me or on my behalf (such as, without limitation, accounting, tax preparation, legal services, translation, transcription, technical troubleshooting, website development/improvement, malware recovery/removal, and/or other types of repair/maintenance/service) and that have agreed to follow this Privacy Policy (or that have their own, comparably strict or stricter confidentiality policies) regarding any personal information that I share with them. Some or all of these contractors, employees, agents, and/or partners may be located outside your home country and/or the European Economic Area; by using this website, you consent to my transfer of such information to them.
    • To my third-party vendors and/or service providers that need to know that information in order to provide services available on this website, support my business operations, or otherwise perform services for me or on my behalf. (As noted in the “Information Captured by Service/Software/App/Device Telemetry” section above, this may include, but is not limited to, services, software, apps, and/or electronic devices I may use that could gather personal information related to this website through telemetry and/or other integrated information-gathering and/or surveillance features, some of which cannot be disabled without simply ceasing to use that service, software, app, or device.) Please note that some or all of those vendors and/or service providers may use various subcontractors, subprocessors, vendors, subsidiaries, affiliates, and/or partners, not necessarily listed here, in order to provide their services for me. Representative examples of my third-party vendors and/or service providers may include (as applicable, but without limitation):
      • Social media services (including, without limitation, chat rooms, online bulletin boards/message boards/discussion groups, and/or similar online forums) on which I have accounts and/or where I might share information related to this website, such as (without limitation) Blogger (a.k.a. Blogspot), which is a Google service (both Blogger and Blogspot are trademarks of Google LLC) and subject to the Google Privacy Policy (I don’t currently have a Blogspot blog, nor do I actively use Blogger, although I could theoretically still use Blogger through my Google account if I chose to do so in the future); Facebook® (I initiated the deletion of my Facebook account on December 11, 2018, and have no intention of reactivating or recreating it, but Facebook likely retains at least some of its data); Flickr (a photo-sharing service — owned until April 2018 by Yahoo! (now part of Verizon Media®), but now owned by SmugMug, Inc., which has moved the service to an Amazon Web Services platform (making Amazon Web Services a principal Flickr subprocessor) — on which I have shared some site-related images and which I use to communicate with some of the people who have allowed me to use their images); IntenseDebate (which is owned by Automattic Inc. and subject to their Privacy Policy); Twitter (which I currently use only through my Ate Up With Motor account, although I have had a personal account in the past and might again at some point in the future); and/or WordPress.com (which is also owned by Automattic Inc. and subject to their Privacy Policy).
      • Providers whose services I may use in operating this website, such as (without limitation) my web host, DreamHost® (which also hosts the mail servers for all email addresses using the aaronseverson.com domain name); the Let’s Encrypt® SSL/TLS Certificate Authority service described in the Certificate Authority Checks section above (and/or other certificate authorities I may use or access); Media Temple, Inc. d/b/a Sucuri, a subsidiary of Go Daddy Operating Company (Sucuri), which provides the Sucuri Security plugin described in the “Security Scans” section above, which is subject to the Sucuri Security Privacy Policy and the Data Processing Addendum to the Sucuri Security Terms of Service); the embedded content providers described in the “Embedded Content” section above; Font Awesome (which, in addition to any embedded content it may serve on this site, may also be used by some of my other vendors and/or service providers in connection with other services I use, such as (without limitation) my web host’s online control panel and webmail interfaces); the Roundcube project and its associated libraries, whose open-source webmail client software my web host uses for my browser-based email access (Roundcube doesn’t appear to have a privacy policy, but the mail client’s source code is freely available for review); WordPress.org (which, as explained in “Embedded Content” above, provides the content management system in which this website runs and may gather certain information about users who access the site’s administrative dashboard in the course of managing the site and its various plugins, themes, and add-ons, as well as about my use of the WordPress website and/or forums to help me manage and troubleshoot this site); the developers of the various plugins, themes, and/or add-ons used on this website (who may gather information via telemetry features incorporated into those plugins, themes, and/or add-ons and/or through my communications with the developers regarding the management, troubleshooting, and/or security of their respective plugins, themes, and/or add-ons; such communications are typically but not always via the aforementioned WordPress forums); PayPal® (which serves the payment buttons that appear on the site and processes some payments for me); my bank(s)/financial institution(s) and/or other applicable payment processor(s) (which process — and may sometimes audit or otherwise investigate — my financial transactions); WebAIM (Web Accessibility in Mind) (whose WAVE Accessibility Tool I may use to improve the accessibility of this website and its contents); website speed testing services/tools (which examine the publicly accessible/visible portions of the website to analyze how quickly they load and identify technical issues that may affect loading speed and/or other functionality); and/or WHOIS lookup providers (if I need to look up an IP address or a domain registration using tools such as ICANN‘s WHOIS Lookup).
      • Google (which provides the Google Fonts, Google Hosted Libraries, Google Maps, Google Safe Browsing API, Gmail, FeedBurner, and Firebase services described elsewhere in this Privacy Policy; the Android platform and the related Google Mobile Services applications and APIs; the Android Open Source Project’s SDK Platform Tools, such as (without limitation) the Android Debug Bridge (adb); Google Play and its related services; the well-known Google search engine; various advertising services such as (without limitation) AdMob, AdSense, DoubleClick, and/or Google Ads (which I don’t use on this website, but may be used by some websites, apps, and/or services I use, and/or may serve advertising through embedded YouTube videos, as noted in the “Embedded Content” section above); the reCAPTCHA security service (which I don’t currently use on this website, but which is found on various websites and/or online services I use and which can gather information about my online activity in those contexts, as noted in the “Information Captured by Service/Software/App/Device Telemetry” section above); the Google Voice communications service (a VoIP (Voice over Internet Protocol) service provided by Google Voice, Inc., a subsidiary of Google LLC, which is subject to the Google Voice Privacy Disclosure as well as the Google Privacy Policy linked above); and other apps, services, and/or tools I may use and/or offer (which are too numerous to list here); and which also owns YouTube, as noted in the “Embedded Content” section above. AdMob, AdSense, Android, DoubleClick, Firebase, Gmail, Google Ads, Google Analytics, Google Maps, Google Play, Google Safe Browsing, Google Voice, G Suite, and YouTube are trademarks of Google LLC (as are many of the names of other Google products and services). Google is a registered trademark of Google LLC.)
      • Microsoft® (which provides some of the software, apps, tools, and services I may use and/or offer — including, but not limited to, the operating systems for some of the devices I use — and gathers certain information about such use as described in the Microsoft Privacy Statement).
      • Other providers whose services enable me to operate and secure my devices, such as (without limitation) TCL Communication Ltd. (a.k.a. TCT), the manufacturer of my BlackBerry® KEY² LE smartphone, which may gather information about the use of that device and/or its associated software and services as described in the BlackBerry Mobile Privacy Policy; BlackBerry Limited (and/or, where applicable, their subsidiaries and/or affiliates), which makes the suite of BlackBerry apps and services used by and with my BlackBerry smartphones; manufactured (under the previous corporate name of Research in Motion Limited) the older of those devices; owns much of the underlying intellectual property of both devices and their associated software; and may gather information related to the use of those devices, software, apps, and/or services as described in the BlackBerry Privacy Policy); Dell® (which manufactured certain of my devices and may gather information about their use and/or the use of their associated drivers and/or factory-installed software as described in their U.S. Privacy Statement); HP®, which may gather certain information about my use of HP printer, scanner, and/or copier devices and their associated software and/or services as described in the HP Privacy Statement; Intel®, which manufactured certain of my equipment and may gather information about the use of that hardware and its associated drivers and/or software as described in the Intel Privacy Statement; LG Electronics (which manufactured certain of my displays and/or other peripheral devices and may gather information about their use and/or the use of their associated drivers and/or software as described in, as applicable, their website Privacy Policy and any applicable product privacy policies); Logitech® (which manufactured certain of my peripheral devices and may gather information about their use and/or the use of their associated drivers and/or software as described in, as applicable, their Product Privacy Policy and Website Privacy Statement); Nuance Communications, Inc., present owner of the VoiceSignal VSuite voice dialing system installed on the older of my BlackBerry devices, which may gather information through and/or about my use of that software (to the extent that software still works, which is unclear) as described in the Nuance Privacy Policy; Qualcomm® (which manufactured some of the components and provides some of the services of my BlackBerry KEY² LE smartphone and my desktop computer and may collect data on the use of such hardware and/or services, and/or any associated software and/or drivers, as described in their Privacy Policy); Realtek Semiconductor Corp. (the manufacturer of certain of my devices and peripherals as well as their associated software and drivers; the Realtek® website does not appear to have any privacy policy); Seagate® (which manufactured certain of my hard drive(s) and their associated software and/or drivers, whose use is subject to the Seagate Privacy Statement); Waves Audio Ltd. (which makes the Waves Maxx® Pro audio processing software I use on some of my devices and may gather information about the use of that software as described in the Maxx Privacy Policy); Western Digital® (which manufactured certain of my hard drives and other memory storage devices and their associated software and/or drivers, whose use is subject to the Western Digital Privacy Statement); Avast Software s.r.o and/or their subsidiary Piriform (CCleaner®) (whose security and maintenance tools I may use on some or all of my systems and devices; their Data Factsheet explains what data their products may gather); Bitdefender® (whose Bitdefender Mobile Security and Bitdefender Central apps and associated services I may use on some of my devices; these apps incorporate the Crashlytics crash reporter service of Google’s Firebase platform and may also use the Google Safe Browsing API (both of which are subject to the Google Privacy Policy; Firebase and Google Safe Browsing are trademarks of Google LLC) as well as various other subprocessors such as, without limitation, Akamai Technologies, Inc. and Amazon Web Services); Malwarebytes (whose security tools I may use on some or all of my systems and devices); Safer-Networking Ltd. (whose Spybot® security and privacy software/tools I may use on some or all of my systems and devices); developers of Internet firewall applications/software/services, such as (without limitation) Károly Pados’ TinyWall and/or Marcel Bokhorst’s NetGuard mobile firewall and Internet traffic monitor (you can read the NetGuard privacy statement here; NetGuard may also connect to IDB LLC’s IPinfo service to obtain information about IP addresses and/or domains to which mobile apps attempt to connect); and/or encryption software and/or services such as (without limitation) the open-source GNU Privacy Guard for Windows (Gpg4win) and the software included with it, including (again without limitation) GnuPG (the encryption backend) and the GNU Privacy Assistant (GPA), the GpgOL and GpgEX plugins, and KDE Software‘s Kleopatra certificate management application; the OpenKeychain open-source mobile encryption app; and/or IDRIX’s open-source VeraCrypt disk encryption tool (portions of which were developed by various others, summarized in the VeraCrypt Copyright Information notice).
      • Other providers whose services I may use in accessing the Internet, such as (without limitation) my home Internet service provider, Spectrum Internet® (formerly Time Warner Cable®) (which processes and thus has information about much of my online activity); my mobile carrier, T-Mobile® (which provides my mobile voice, text, and data plan and processes certain emails sent to and from my phone(s), and thus has information about voice calls, texts, and online activity made, received, or otherwise conducted on my mobile device(s)); other Internet service providers, mobile carriers, and/or wireless network services I may periodically use; ASUS (ASUSTeK Computer Inc.) and/or Netgear Inc. (the manufacturers of my wireless routers and their associated software/services); the open-source Simple DNSCrypt utility developed by Christian Hermann and other contributors (which doesn’t have a privacy policy, although its source code is freely available for review; it implements Frank Denis’s open-source dnscrypt-proxy to allow me to encrypt my domain name system (DNS) queries when I browse the web from my desktop computer(s)); Cloudflare® (through my use of their recursive domain name system (DNS) resolver services Cloudflare 1.1.1.1 (which is a partnership between Cloudflare and APNIC subject to the Cloudflare Privacy Policy), the 1.1.1.1 App and/or its associated WARP mobile security/encryption service (which are subject to the Cloudflare Application Privacy Policy), and/or the Cloudflare Resolver for Firefox® (which has its own privacy policy); Cloudflare also provides the content delivery network (CDN) and distributed denial-of-service (DDoS) protection services used by some websites or online services I use/visit, also subject to the Cloudflare Privacy Policy); any other DNS resolver service(s) I may use; the Guardian Project, through my use of their Orbot app and Tor Browser apps (which connect to the Tor® network developed by The Tor Project, Inc.), which is subject to the project’s Data Usage and Protection Policies; Hidden Reflex Inc. (through and/or in connection with my use of their Epic Privacy Browser, integrated proxy/VPN service, and associated EpicSearch.in (which submits anonymized queries to the Yandex search engine as an alternative to Epic Privacy Browser’s default search function, which now submits anonymized search queries to the Yahoo! search engine (Yahoo! is a trademark of Yahoo! Inc., which is part of Verizon Media Services® and subject to the Verizon Media Services Privacy Policy)), which I may use on some or all of my systems and devices); Mozilla Corporation (which may gather certain information about my use of their Firefox®, Firefox Focus, and/or Fennec F-Droid web browsers (whether for desktop, mobile, or both) as described in the Mozilla Privacy Policy; the Phishing and Malware Protection features of these browsers may also use the Google Safe Browsing API, which is subject to the Google Privacy Policy — Google Safe Browsing is a trademark of Google LLC); Opera Norway (through and/or in connection with my use of the Opera web browser and/or its integral VPN/proxy service; providers of other web browsers I may use; and/or the providers and/or developers of browser add-ons I may use, such as (without limitation) Abine Inc.’s Blur (formerly known as DoNotTrackMe) — I’ve also used their email masking tool in an effort to reduce the spam and mass mailings I tend to receive after filling out comment or petition forms; the Cookie AutoDelete browser extension developed by Kenny Do and CAD Team (which does not appear to collect usage data; its source code is freely available for review); Cliqz International GmbH’s Ghostery® browser extension; Francesco De Stefano’s Opena11y Toolkit browser extension (which doesn’t appear to have a privacy policy, although its source code is freely available for review; the extension facilitates use of the Khan Academy’s open-source tota11y accessibility visualization tool to assess potential accessibility issues in a website); EasyList‘s various adblocking and other filter lists; eyeo’s Adblock Plus browser extension and its related lists; the Electronic Frontier Foundation (EFF)’s browser add-ons and/or other privacy tools (which are subject to the EFF Privacy Policy: Software and Technology Projects); the NoScript extension developed by Giorgio Maone of InformAction (which, according to the developer, does not collect personal information); Nodetics’ Cookiebro – Cookie Manager browser extension (which currently asserts that it does not collect personal information); Thomas Rientjes’s open-source Decentraleyes browser extension (whose Privacy Policy says the extension does not collect user data); Hosh Sadiq’s adblock-nocoin-list); the uBlock Origin browser extension (which is developed by Raymond Hill) and its related lists (which are developed and maintained by a variety of people); and/or Ysard’s Cookie Quick Manager.
      • Other providers of apps, tools, and/or services I may use in connection with this website, its content, the management of my business operations, and/or my other creative endeavors, such as (without limitation) Adobe® Inc. (which provides some of the apps, software, and other services and/or tools I may use and/or offer and may collect information about the use of such apps, software, services, and/or tools as described in the Adobe Privacy Policy); Apple Inc. (which may gather information about my use of iTunes, the iTunes Store, and/or other Apple products and/or services as described in the Apple Customer Privacy Policy; Apple and iTunes are registered trademarks of Apple Inc.); Artifex Software, Inc. (which may gather certain information about my use of their SmartOffice® mobile app as described in their App Privacy Policy); the Audacity® open-source audio editing software (which doesn’t appear to have a privacy policy, although its source code is freely available for review); Peter Batard’s open-source Rufus utility (whose source code is freely available for review); Cannaverbe Limited (in connection with the use of their CDBurnerXP software); the open-source CDex audio utility developed by Georgy Berdyshev, Ariane Paola Gomes, and Albert L. Faber; CompanionLink Software, Inc. and their associated subprocessors (whose CompanionLink® and/or DejaOffice® CRM products/services I may use to synchronize data and manage contacts, calendar entries, tasks, and notes on my mobile device(s); the CompanionLink Data Processing Agreement applies to data the service processes that may be subject to European Union data protection laws); Pavel Cvrček’s open-source MozBackup utility, (whose source code is freely available for review); cYo Soft’s ComicRack comics reader; DataViz®, Inc. (which might gather information about the use of the Documents To Go app on the older of my BlackBerry® devices); the Document Foundation (which may gather information related to my use of their LibreOffice software as described in their Privacy Policy); the open-source F-Droid repository and client app (which may gather a limited amount of information about and/or in connection with my use of the repository and/or app, as described in the “Terms, etc.” section of their About page); Shahin Gasanov’s ZoneIDTrimmer tool; the open-source GNU Image Manipulation Program (which doesn’t appear to have a privacy policy, although the source code is freely available from their downloads page) and plugins for it, such as (without limitation) Alessandro Francesconi’s open source Batch Image Manipulation Plugin (whose source code is also freely available); Kovid Goyal’s calibre ebook management software (which lacks a privacy policy, although its code is open-source and publicly available; Christopher Gurnee’s open-source HashCheck Shell Extension; Mark Harman’s open-source Open Camera mobile app; Phil Harvey’s ExifTool utility and Bogdan Hrastnik’s related ExifToolGUI user interface for it; Florian Heidenreich’s Mp3tag utility; Don Ho’s open-source editing tool Notepad++ (which doesn’t appear to have a privacy policy, although again its source code is freely available for review); Ivan Ivanenko’s open-source Librera Reader app (the F-Droid version, which omits the Internet access features, ads, and analytics of the Google Play version and to which I have granted no Internet access privileges; the F-Droid version does not appear to gather personal information except to the extent necessary to manage updates, but the technically inclined can always browse the source code to be sure); JoeJoe‘s Rename Master utility; Tibor Kaputa’s Simple Mobile Tools Voice Recorder app (whose source code is freely available for review); Tim Kosse’s open-source FileZilla® FTP client (which doesn’t have a privacy policy, but whose source code is freely available from the downloads page); Petr Lastovicka’s open-source Precise Calculator utility (which doesn’t have a privacy policy, although its source code is freely available for review); Lightning UK’s ImgBurn freeware disc-burning utility; the open-source Media Player Classic – Black Edition (MPC-BE) (which doesn’t have a privacy policy, although its source code is freely available for review); Igor Pavlov’s 7-Zip utility (which doesn’t have a privacy policy, but whose source code is freely available for review); Dương Diệu Pháp’s open-source ImageGlass (which doesn’t have a privacy policy, but whose source code is freely available for review); the open-source PuTTY SSH/Telnet client utility (whose source code is freely available for review); SalSoft’s open-source SQLite Studio (whose source code is freely available for review); JHM Schaars’ vDos DOS emulator (which doesn’t appear to have a privacy policy); Ted Smith’s open-source QuickHash utility (which doesn’t have a privacy policy, although its source code is freely available for review); Tracker Software Products (Canada) Ltd.‘s PDF creation and editing software; Jesse van den Kieboom’s open-source gitg GNOME GUI client for viewing git repositories (which doesn’t appear to have a privacy policy, although its source code is freely available for review); and/or VideoLAN‘s open-source VLC media player (which doesn’t appear to have a privacy policy, although its source code is freely available for review).
      • Manufacturers of other electronic devices I may use, such as (without limitation) cameras, recorders, or memory storage devices, either through my direct interactions with those manufacturers (e.g., my use of their customer service and/or technical support resources) and/or through telemetry or other information-gathering mechanisms incorporated into the devices and/or their associated software, firmware, and/or drivers. I don’t believe that my current Canon® or FUJIFILM® digital cameras; SanDisk® audio player(s) and/or memory storage devices; Sansui analog television; Sony® digital recorder or DVD player; various USB drives, memory cards, or drive enclosures (which are from an assortment of different manufacturers); or other such devices, equipment, and/or accessories independently transmit personal information to third parties, and I do not presently use these devices’ proprietary software, but any information they did collect would be subject to the manufacturers’ respective privacy policies (and/or any applicable product-specific privacy policies), as is any information they may collect through my use of the manufacturers’ websites, customer service, and/or technical support resources.
      • Providers of other search engines and/or other research tools I may use, such as (without limitation) DuckDuckGo and/or StartPage.com (the search engines I most commonly use; I also use StartPage’s associated “Anonymous View” proxy service); Yahoo!, whose search engine, email service, and/or other services and/or tools I may use (Yahoo! is a trademark of Yahoo! Inc., which is part of Verizon Media Services® and subject to the Verizon Media Services Privacy Policy); Microsoft Bing Search, use of which is subject to the Microsoft Privacy Statement (Bing is a registered trademark of Microsoft); any other search engines I may use; the International DOI Foundation, whose servers resolve the DOI® numbers (Digital Object Identifiers) used to identify certain academic papers and other online documents and redirect DOI requests to the appropriate online address(es); the Wikimedia Foundation (through and/or in connection with my use of Wikimedia Commons, Wikipedia®, and/or other Wikimedia projects and services); museums, libraries, archives, and/or databases, public or otherwise, including but not limited to the Los Angeles Public Library and L.A. County Library (through my use of their computers, catalogs, databases, and/or other systems, and/or my communication with their librarians, archivists, and/or other staff); other online information services, repositories, websites, blogs, video blogs (“vlogs”), podcasts, and/or audiovisual streaming services; and/or bookstores and/or other retailers or vendors through which I may search for and/or purchase materials related to my research, my content, and/or this website.
      • Services and/or service providers that help me promote and/or sell (or otherwise offer for commercial advantage) my content, writing/editing/writing consulting services, and/or other creative endeavors, such as (without limitation) literary or talent agents or agencies, publicists, promoters, public relations firms, advertising agencies, brokers, distributors, wholesalers/resellers, booksellers or other retailers, and/or publishers.
      • Other types of service providers, such as (without limitation) other applicable telephony services and/or email providers (through my phone, text, and/or email communications with you and/or others, and/or as appropriate for security and/or troubleshooting purposes); Voice over Internet Protocol (VoIP), voice chat, teleconferencing, and/or video chat services; messaging services, apps, and/or clients such as (without limitation) Signal (a service — and a registered trademark — of Signal Messenger, LLC) and its associated service providers and/or subprocessors (which may include, but are not necessarily limited to, services provided by Google and/or Amazon Web Services); online file transfer, file sharing, and/or file storage services; storage facilities and/or document/information management services; data and/or document destruction/shredding services; third-party printers/print services; providers of public computers and/or wireless networks I may periodically use; photo development, photo processing, video conversion, and/or other processing services for audiovisual materials; repair, maintenance, and/or technical service providers; transcription and/or translation services, automated or otherwise; notaries; insurers (and/or, where applicable, their respective affiliates, agents, brokers, claims adjusters, subcontractors, and/or subsidiaries); employment agencies; background check services; payroll services; bookkeeping, accounting, and/or tax preparation services; auditing services; management consulting services; financial planning, financial management, and/or financial advisory services; brokerages; attorneys and/or law firms; legal aid and/or other legal consulting or legal counseling services; healthcare providers and/or their respective support staffs; cleaning and/or janitorial services; mapping and/or navigation services such as (though not limited to) OsmAnd B.V.’s OsmAnd mobile app; taxi, livery, shuttle, carpool, and/or ride-share services (which I may use if I travel via such means and/or arrange such transportation for someone in the course of my business and/or in some context related to this website); travel agencies, travel bureaus, ticket brokers, and similar services (in connection with trips I take or arrange in the course of my business and/or in some context related to this website); airlines, bus services, and/or rail services (in connection with trips I take or arrange in the course of my business and/or in some context related to this website); hotels, motels, and/or other lodging providers (in connection with trips I take or arrange in the course of my business and/or in some context related to this website); rental services and/or rental agencies for vehicles such as (without limitation) cars, trucks, vans, bicycles, scooters, and/or boats (if I use such services in the course of my business and/or in some context related to this website); movers (professional or otherwise), moving companies, and/or relocation services (in the event I relocate and/or need to transfer some or all of my business assets to some other site); and/or postal services, common carriers, and/or shipping agencies (for the purposes of sending and/or receiving correspondence and/or packages).

      Some or all of my third-party vendors and/or service providers (and/or any subcontractors, subprocessors, vendors, subsidiaries, affiliates, and/or partners those entities may employ and/or utilize in providing their respective services) may be located outside your home country and/or the European Economic Area; by using this website, you consent to my transfer of such information to them. Adobe Inc., Cloudflare, Google, HP, and Sucuri (and probably others among the examples of vendors and/or service providers listed above) comply with the EU-U.S. Privacy Shield framework, which governs the privacy and security of data U.S. companies process from residents of the European Economic Area subject to the European General Data Protection Regulation (GDPR).

    • As I deem reasonable and appropriate (and as permitted by applicable law/regulations) to enable me to make informed hiring, employment, and/or business decisions regarding prospective employees, independent contractors, and/or business partners, as described in the “Data Related to Recruitment/Hiring or Business Partnerships” section above.
    • If I am required by law to do so, such as (without limitation) pursuant to a subpoena, search warrant, or other court order or administrative order; in connection with tax returns or other legally required filings, reports, registrations, or disclosures; or in connection with an audit, civil or criminal trial, or other official investigation or proceeding. In some cases, I may disclose certain information if I deem it reasonably necessary to ensure my compliance with applicable law or regulation, even if the specific disclosure is not expressly required. For example (again, without limitation), if I enter into a financial transaction with you that is subject to sales/use tax, I might provide your address to the applicable tax agency in order to determine the correct tax rate.
    • If I am contractually obligated to do so pursuant to my agreement(s) with my business partner(s), vendor(s), and/or third-party service(s), such as (without limitation) in connection with a dispute, investigation, or audit involving my bank(s)/financial institution(s), payment processor(s), or social media services, or as otherwise described in “Financial Transactions Policy” above. For example, if my payment processor investigates a payment I received that they suspect of being fraudulent, the payment processor’s terms of service may require me to provide relevant information to their investigators. Similarly, third-party services such as social media websites may compel me to provide information related to suspected violations of their terms of service.
    • If I believe in good faith that such disclosure is reasonably necessary to protect my property, rights, security, and/or safety, and/or the property, rights, security, and/or safety of third parties and/or the public at large. Additionally, as noted in the Copyright/Intellectual Property Violations section of the Terms of Use, if you submit a notice asserting that material on or linked to by this website that was provided to me by a third party violates your copyright, I may forward (and you expressly authorize me to forward) your claim to that third party (since such claims may implicate their rights).
    • If the person(s) to whom the information pertains have asked or authorized me to do so.
    • If the information is de-identified, anonymized, redacted, and/or aggregated such that it could not reasonably be used to identify the specific person(s) and/or household(s) to whom the information pertains (other than me, if I am somehow included in that information and elect not to de-identify, anonyimize, redact, and/or aggregate my own information).
    • In the event that I sell or transfer control of this website, or if I enter bankruptcy or cease operating the website due to my death or incapacity, personal information I have gathered through this site would likely be among any assets transferred to the third-party purchaser(s) or acquirer(s) (and/or, where applicable, my heirs, successors, and/or assigns), who could continue to use that information only as set forth in this policy.

    Additionally, if I have roommates, houseguests, other cohabitants, and/or visitors, they may, from time to time, become incidentally aware of certain personal information pertaining to this website and/or my business operations. For example (but without limitation), they might notice the sender and/or recipient information on letters or packages I send or receive via postal mail or common carrier, or overhear some portion of voice calls or video conferences in which I participate. The likelihood and potential extent of any such incidental disclosures are difficult to quantify, but the possibility is hard to avoid with any business activity conducted at home.

    In general, I do not sell or rent the information I collect from individual visitors to the aaronseverson.com website, at least not in the sense most people understand the terms “sell” and “rent.” (Some local privacy laws, such as the California Consumer Privacy Act (CCPA), have greatly complicated this question by expanding their definitions of “sale” to include virtually any disclosure in which any party has any financial stake whatsoever; see the “Information Shared for Business or Commercial Purposes” subsection of the “CCPA Information Collection and Sharing Notice” section below for more information on this issue.)

    There are a number of potential exceptions:

    First, as noted above, if I sell or transfer control of this website, personal information I have collected through and/or in connection with the site would likely be among the assets involved in such sale or transfer (which, surprisingly, the CCPA apparently does not regard as a sale for the purposes of that law).

    Second, if I possess one or more copies of some published work(s) that contain and/or incorporate personal information about certain individual(s) or household(s) who have visited this website (such as, without limitation, a book by or about you, a magazine that published a letter or article you once wrote, or a DVD of a movie in which you appeared), I might sell, lend, donate, or otherwise dispose of my copy or copies of such published work(s).

    Third, as noted elsewhere in this policy, I am a professional writer/editor and writing consultant, so it is conceivable that from time to time, personal information about one or more site visitors may be included in content that I research, write, adapt, edit, share, publish, and/or otherwise disseminate (and/or on which I consult) in other professional contexts. For example (but without limitation), if you are a public figure, it is possible that a client may hire me (or has previously hired me) to research and write a profile about you for a magazine; similarly, if you attend car shows, it is possible that you and/or information about you (such as your car’s license plate number) may be visible or otherwise included in the background of photos and/or other media I create, obtain, share, publish, and/or otherwise disseminate in connection with my automotive website, Ate Up With Motor. (There are many such possibilities — these are only a few representative examples.) Also, as explained in “Other Information I Receive from Third-Party Sources” above, my research, writing, and editing process often involves discussing and sharing relevant information with third parties and sometimes the public.

    Where I become aware of such a case, I will take reasonable efforts to keep separate any information I have gathered through and/or in connection with this website (e.g., the IP addresses in the logs, the email addresses associated with comments and/or form submissions) that was not already publicly available in sources such as (without limitation) news reports, published works, Internet or social media posts, and/or public records, and only disclose such site-related non-public information as described in this section.

    Please note that in many cases, I have no reasonable way of associating data gathered through this website with information I may have collected about you in other contexts, or of associating different types of personal information and/or potentially personally identifying information I may have obtained about a given individual or household. For example (again without limitation), your IP address being recorded in my server logs doesn’t necessarily mean that I know your name or can recognize your face in the background of a photo! (If you have questions about this, please contact me through one of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below.)

    Fourth, as noted in “Advertising” above, I don’t permit the site’s advertisers or sponsors to use scripts, cookies, web beacons, or other such technologies to collect information about you through the publicly visible portions of the aaronseverson.com website. (Advertisements, banners, or donation boxes on the site’s administrative dashboard may sometimes collect personal information, but since the dashboard is only accessible to logged-in administrative users, such information-gathering and disclosure normally only involves my information, not that of other site visitors.) However, if you click on ad links to visit the websites of my advertisers or otherwise patronize their businesses, they may gather information about you as described in their respective privacy policies (and may be able to tell that you came from this website), which is outside of my control.

    Fifth, some of my service providers and/or vendors (including, though not necessarily limited to, providers of embedded content used on this website, as described in “Embedded Content” above) may use and/or disclose — potentially for advertising, marketing, and/or other commercial purposes — personal information they gather through my use of their content and/or services in ways that are beyond my control. (For example, but without limitation, I have no control over how YouTube uses information they collect about visitors who watch embedded videos I share, or how companies such as search engines or social media services use data they gather through the use of their services.)

    While no online website, Internet-accessible device, or data storage system can be 100 percent secure, I take reasonable measures to protect against unauthorized access, use, alteration, or destruction of personal information I collect through and/or in connection with this website, including, but not limited to, the use of encryption and encrypted (https) connections, online and offline malware scans, and appropriate password protection.

    Your Rights (GDPR and State Laws)

    If you are located in certain countries, including those that fall under the scope of the European General Data Protection Regulation (aka the “GDPR”), or in some U.S. states, such as California (see “Your California Privacy Rights” below), applicable data protection laws may give you certain rights with respect to your personal data, subject to any exemptions provided by the law and/or associated regulations. For example, the rights provided by the GDPR include the rights to:

    • Request access to your personal data
    • Request rectification (correction) of your personal data
    • Request deletion of your personal data
    • Object to my use and processing of your personal data
    • Request that I limit my use and processing of your personal data; and
    • Request portability of your personal data.

    Individuals within the European Economic Area subject to the GDPR also have the right to make a complaint to the applicable government data protection authority.

    If you have questions or would like to exercise these rights, you can contact me through one of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below. I’ve also added a Privacy Tools page that will let you automatically request your data based on your email address. (Please note that the data you obtain through this tool does not include personal data not associated with your email address, such as server and error log data; data not stored on this website itself (like emails you send me directly); or any non-electronic data (like physical copies of letters or photographs).)

    To safeguard your privacy and the privacy of others, I may (to the extent permitted — and/or required — by applicable law/regulation) ask you to provide additional information to verify your identity and/or residency before processing any data-related requests.

    Also, please note that I may be obligated to retain certain data (such as financial transaction records) for legal or administrative purposes or to secure this website and its data.

    Your California Privacy Rights

    California Do Not Track Disclosure

    This website does not currently respond to Do Not Track browser settings.

    Information-Sharing Disclosures (Shine the Light Law)

    California Civil Code § 1798.83 et seq. (the “Shine the Light” law) gives California residents who have established business relationships with certain businesses the right to request information about those businesses’ disclosure of the customer’s personal information to third parties for direct marketing purposes.

    The law defines “direct marketing purposes” as “the use of personal information to solicit or induce a purchase, rental, lease, or exchange of products, goods, property, or services directly to individuals by means of the mail, telephone, or electronic mail for their personal, family, or household purposes.” An “established business relationship” is defined as “a relationship formed by a voluntary, two-way communication between a business and a customer” that is either ongoing or was established with a purchase or other transaction within the past 18 months.

    Under the Shine the Light law, if you are a California resident and have an established business relationship with a business subject to the law’s requirements, you may request, once per calendar year, an Information-Sharing Disclosure that details:

    1. What categories of personal information about you, if any, that business shared with third parties for direct marketing purposes in the preceding calendar year, and
    2. The names/identities and addresses of such third parties.

    (The law does not require the business to reveal which specific pieces of information may have been shared, only the categories of information, as defined by the applicable statutes.)

    Although I believe I am exempt from the requirements of this law, since I have fewer than 20 employees, I will nonetheless make every reasonable effort to provide you with such a disclosure within 30 days of my receipt of your request. To submit a request, please contact me through one of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below.

    Please note that this disclosure only covers information shared for direct marketing purposes. See the other sections of this Privacy Policy to learn more about other types of information I collect and how I use it.

    California Privacy and Data Protection Rights

    Starting January 1, 2020, California’s data protection laws, including the California Consumer Privacy Act of 2018 (CCPA), give California residents additional rights with respect to their personal data, including rights similar to those provided by European General Data Protection Regulation (GDPR) rules. The rights the CCPA provides California residents include:

    1. The Right to Know and the Right to Access: You have the right to request access — free of charge, up to two times in a given 12-month period, and (where possible) in “a readily usable format” — to:

      1. The categories and/or specific pieces of personal information I have collected about you in the preceding 12 months, and
      2. The categories of business and/or commercial purposes for which I collected and used the information, and
      3. The categories of sources from which I collected that information, and
      4. The categories of personal information about you that I have shared with third parties for business or commercial purposes in the past 12 months, and
      5. The categories of third parties with whom personal information was shared.
    2. The Right to Delete: You have the right to request the deletion of your personal information.
    3. The Right to Opt-Out of the sale of your personal information.
    4. The right to not be discriminated against or penalized for exercising these rights.
    5. The right to make a complaint to a state government supervisory authority.
    6. The right to take private legal action in the event of a data breach that exposes your personal information to theft or unauthorized access.

    These rights are subject to certain exemptions, exceptions, and restrictions provided by the law and/or its associated regulations. You need not be physically present in California to exercise these rights provided that you have a current California residence. You may designate an authorized agent to act on your behalf in exercising these rights.

    While I believe I do not technically meet any of the applicability thresholds specified by this California law, I am committed to providing visitors with as many privacy choices as I reasonably can.

    You (or your authorized agent) can exercise your California privacy rights via any of the methods specified on the Do Not Sell My Personal Information page.

    Applicable law and/or regulations stipulate the maximum time allowed for acknowledging and/or responding to your request. There is no charge for for making a request.

    In order to better safeguard your privacy and the privacy of others, I may be required to verify your identity before processing certain requests pertaining to your personal information. I may be unable to fulfill your request if I cannot verify your identity to the degree of certainty applicable law and/or regulations require. Also, please note that in addition to any exceptions and exemptions applicable law and/or regulations may provide to the rights provided by the CCPA (particularly with regard to the deletion of your personal information), I may be unable to delete certain information (e.g., my web host’s server and error logs) for technical reasons.

    Except as otherwise required by law, privacy-related requests pertaining to children under 18 should be submitted by a parent, legal guardian, or other authorized adult representative.

    Do Not Sell My Personal Information

    If you are a California resident and would like to exercise your right to opt-out of the sale of your personal information, or any of your other rights under the California Consumer Privacy Act (CCPA), such as the right to access or delete your personal information, you (or your authorized agent) should visit the Do Not Sell My Personal Information page.

    CCPA Information Collection and Sharing Notice

    The California Consumer Privacy Act of 2018 (CCPA) also requires certain businesses to disclose the categories of information that the business has collected about individuals or households during the preceding 12 months; that the business disclosed for business purposes during the preceding 12 months; and that the business disclosed for commercial purposes during the preceding 12 months. These disclosures must be updated at least once a year.

    As noted above, I believe I do not meet any of the CCPA’s applicability thresholds, but for the avoidance of doubt, I make the disclosures listed below.

    Categories of Personal Information Collected

    The following list summarizes the categories of personal information I have collected about individuals and/or households, both through and/or in connection with this website and in the context of my business, which for the purposes of this notice includes both my work as a professional writer/editor and writing consultant (which is subject to the separate 6200 Productions Privacy Policy) and my automotive website, Ate Up With Motor (which also has its own privacy policy).

    Please note that I do not necessarily collect all of these categories of personal information about every individual, or even most individuals. While I collect certain information from all site visitors (e.g., IP addresses, user agent information), the categories listed below also encompass the range of information I gather in connection with the articles and other content I create and/or edit (and/or on which I consult), which is far more extensive than I customarily gather about site visitors. These categories also include information (a) that certain people volunteer to me, whether about themselves or someone else; (b) that I only collect from/about certain people for some specific reason(s); and/or (c) that I infer or surmise from other data (e.g., inferring an approximate geographical location based on an area code or email domain).

    The statutory definitions of some of these categories overlap, with certain types of information (e.g., real names) technically falling into multiple categories; I have tried to limit repetition in the interests of space and comprehensibility. This list also includes some types of information that the law would probably regard as personal information, but that are not specifically described in the applicable statutes.

    The examples listed for each category are intended to be a representative sampling, NOT an exhaustive list of all the specific pieces of information I may have gathered within a particular category. Also, this list describes the categories of information I have collected on individuals and/or households from ANY locale, NOT only from California residents. (In many cases, I have no reasonable way to know whether the individuals and/or households to whom certain personal information pertains are California residents or not.)

    During the past 12 months, I have collected the following categories of personal information in the course of my business:

    • Identifiers, such as:
      • Names, pseudonyms/aliases, nicknames, user names, and/or account names
      • IP addresses
      • Email addresses
      • Postal mailing addresses and/or street addresses
      • Social Security Numbers, taxpayer ID numbers, driver’s license numbers, and/or other government-issued identification information
      • Unique personal identifiers, online identifiers, or other similar identifiers
    • Additional categories of personal information as defined in the California Customer Records statute, California Civil Code § 1798.80(e), such as:
      • Signatures, physical and/or digital
      • Other physical characteristics or descriptions of individuals (e.g., height, weight, hair color)
      • Telephone numbers
      • Other contact information
      • Account numbers
      • Records of financial transactions with me, including, as applicable, transaction ID numbers, tax-related information, and check/bank account information (I do NOT collect any bank account or credit card information in connection with PayPal® transactions)
      • Other financial information (e.g., credit ratings; whether someone has (or had) loans, past foreclosures, and/or declared bankruptcy; or the net worth of public figures)
      • Medical information (e.g., health conditions and/or tests, treatments, and/or therapies received)
      • Health insurance information (e.g., whether or not individuals are insured and with which insurance carrier(s) — I do NOT collect policy numbers or similar data, and much of what insurance-related data I do collect is in aggregated form)
    • Characteristics of classifications protected by law, such as:
      • Age and/or date of birth
      • Race, color, ancestry, national origin, and/or citizenship status
      • Religion or creed
      • Marital/relationship status and/or information about spouses/partners
      • Medical condition and/or physical or mental disability
      • Sex, gender, gender identity, and/or gender expression
      • Pregnancy, childbirth, and/or related medical conditions
      • Sexual orientation
      • Veteran or military status
      • Information about children and/or other family members
      • Language(s) spoken and/or preferred
    • Commercial information, such as:
      • Information about cars and/or other vehicles an individual has owned, rented, otherwise obtained, or considered; that they have indicated they want to buy, rent, or obtain; and/or that they are considering
      • Information about art, books, other publications, films, videos, and/or other media an individual or household has considered, read, watched, or otherwise consumed; desires/intends to consume; and/or is considering consuming
      • Information about personal property, products, goods, and/or services an individual or household owns or uses; has owned, used, obtained, or considered; desires/intends to purchase, obtain, and/or use; and/or is considering purchasing, obtaining, and/or using
      • Information about retailers, vendors, and/or service providers an individual or household has patronized, is considering patronizing or planning to patronize, prefers, and/or disdains
      • Property records (e.g., information about who owns or has owned a particular building or other real property)
      • Information about stocks and/or securities ownership and/or purchases/transfers (e.g., whether an individual owns or has recently purchased or sold shares in a particular corporation or other business entity)
      • Information about other types of purchases or transactions
      • Opinions, critical judgments, tastes, preferences, and/or other information about an individual or household’s purchasing or consuming history and/or tendencies
    • Biometric information, such as if you provide me with information about your sleep and/or exercise habits, or if documents or other physical objects I receive contain visible fingerprints (I have no means of analyzing, identifying, or using fingerprint data, but the law and its associated regulations make no such distinction)
    • Internet or similar network activity information, such as:
      • Web browsing activity and/or history
      • Search history
      • Other information about an individual’s interactions with a website, application, or advertisement (including, but not limited to, errors and/or suspicious activity)
      • Domain names and/or URLs of personal blogs, social media pages/feeds, or other online profiles
      • User agent information
      • Cookies
    • Geolocation information, such as a geographical location estimated based on an IP address, or a location and/or movements that you describe to me
    • Audio, electronic, visual, thermal, olfactory, or similar information, such as photographs, illustrations and/or other images, videos, audio recordings, and/or other media in which recognizable individuals or likenesses are visible and/or their voice(s) audible
    • Professional or employment-related information, such as:
      • Resumes/CVs
      • Current and/or past employer(s) and/or client(s)
      • Job title(s) or position(s)
      • Compensation
      • Business ownership/registration information (e.g., whether an individual has some ownership interest in and/or is an officer of a corporation or other business entity)
      • Other professional relationships (e.g., publishing or licensing deals, management, representation, partnerships)
      • Military service information
      • Other group or organization membership and/or affiliation information
      • Professional certification and/or licensure
      • Skills, aptitudes, abilities, and/or intelligence
      • Publishing histories/bibliographies/discographies/filmographies/performance histories/broadcast histories/portfolios/development credits/patent records and/or similar and/or other comparable information about writers, artists, designers, performers, developers, engineers, scientists, and/or other professionals
      • Authorship, other credits, and/or rights holder information for artwork, books, films, software, photographs, other media, other published works or designs, and/or other intellectual property such as trademarks and/or patents
      • Professional references
      • Performance evaluations and/or information about individuals’ professional reputations
    • Education information, such as schools attended, grades and/or scores on standardized or aptitude/skill tests, degrees and/or credentials earned
    • Inferences I make based on other data, such as my estimation of an individual’s personality, aptitudes, predispositions, psychological trends, and/or behavior.
    • Other types of personal information not specifically described in the applicable statutes, such as:
      • Information about specific vehicles, such as license plate numbers, vehicle identification numbers, related information (e.g., vehicle registration dates), and/or other identifying characteristics or details (e.g., year, make, model, body style, color, equipment, features, distinguishing markings, modifications, customization, damage, repairs, and/or maintenance)
      • Legal information (e.g., information regarding an individual having been accused of, charged with, and/or convicted of a crime, and/or involved in a civil lawsuit)
      • Information about gifts, donations, charitable contributions, and/or political contributions made and/or received
      • Information about political affiliations, opinions, and/or activity
      • Information about membership in and/or affiliation with other types of groups and/or clubs
      • Information about awards, honors, other recognition, prizes, and/or winnings in games of chance or skill
      • Information about individuals’ public and/or personal reputations
      • Information about other household members (e.g., roommates) and/or pets
      • Encryption public keys and similar security data
      • Other potentially identifying information in electronic files and/or associated metadata
      • Other types of personal information, and/or other types of data that could potentially be deemed personal information, that do not readily fit into any of the above-listed categories.

    Although I do not knowingly collect personal information from children under 18 through this website, I may sometimes collect such information as part of my professional writing/editing/writing consulting work. (For example, I might write or edit a news article about a minor child’s notable achievements or involvement in some matter of public interest, which could include personal information obtained through an interview with that child and/or from other sources.) If you have questions, if you are a parent or legal guardian and believe that I may have collected personal information about your minor child, or if you wish to exercise your right to remove or delete such information, please contact me via one of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below. (Parents or legal guardians can also submit CCPA requests on behalf of their minor children via any of the methods specified on the Do Not Sell My Personal Information page.)

    The fact that I collected and/or inferred certain information does not necessarily mean that I still retain it, or that I have any practical way to associate the different categories of information I may have collected about a given individual or household (e.g., to connect a visitor’s name with an IP address in the server logs and/or a face visible in the background of a photograph).

    Keep in mind that if you have interacted with me via some third-party service, that service may have collected and/or shared — potentially for commercial purposes — personal information about you that is not reflected in the above list. The collection/sharing of personal information by third-party services is subject to the applicable service’s privacy policy and terms of use/terms of service, and is outside of my control. (The disclosures above DO include categories of personal information that third-party services have provided to me.)

    Collection Sources

    Personal information I collect about you and/or your household comes from one or more of the following categories of sources:

    • You, whether directly through your communications with me, through other public disclosures you’ve made (e.g., social media posts), or through your use of this website
    • My employees, independent contractors, agents, and/or business partners (as applicable)
    • My vendors and/or service providers
    • Other visitors/users, whether directly or indirectly
    • Published and/or publicly available sources (e.g., books, articles, films, videos television programs, radio programs, podcasts, other audio recordings, social media, online databases, public records)
    • Photographers, videographers, illustrators, podcasters, and/or other media creators
    • Subject matter experts (e.g., historians, biographers), archivists, librarians, observers, eyewitnesses, and/or other knowledgeable parties
    • Clients or employers for whom I provide (or have provided) writing/editing/writing consulting services.

    Each of the above-listed categories of sources may provide me with information that falls into several or all of the categories of personal information listed in “Categories of Personal Information Collected” above.

    Collection Purposes

    Personal information I collect in the course of operating this website and/or my business is collected for one or more of the following purposes:

    • Functionality
    • Providing services
    • Completing a transaction
    • Fulfilling a contractual obligation
    • Legal compliance or audit
    • Research and publishing
    • Security, troubleshooting, quality control, and technical improvement
    • Recruitment/hiring or business partnerships
    • Advertising and other commercial purposes

    These purposes are defined in the “Categories of Information and Purposes for Collection” section above and have the same meanings here as in other sections of this Privacy Policy.

    Information Shared for Business or Commercial Purposes

    The CCPA defines sharing information “for business purposes” as disclosing personal information about individuals or households to third parties such as service providers or independent contractors for any of the following purposes:

    1. Auditing interactions with consumers
    2. Security
    3. Debugging/repair
    4. Certain short-term uses
    5. Performing services
    6. Internal research for tech development
    7. Quality and safety maintenance and verification.

    A disclosure of personal information is considered to be “for commercial purposes” if it serves to “advance a person’s commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction,” with the exception of “engaging in speech that state or federal courts have recognized as noncommercial speech, including political speech and journalism.”

    The CCPA’s definitions are so expansive that almost any disclosure or transmission of virtually any piece of information about any individual or household — even information that was already publicly available — could potentially be considered sharing of personal information for business or commercial purposes if it takes place in any business-related context. Furthermore, by the CCPA’s definitions, a disclosure for commercial purposes may be deemed “selling” personal information even if it does not constitute a sale as most people understand that term.

    I may disclose personal information I collect through and/or in connection with this website as described in the “Disclosure of Personally Identifying Information” section above. Also, as noted in that section and elsewhere in this Privacy Policy, my work as a professional writer/editor and writing consultant and/or other creative endeavors routinely involve collecting and sharing personal information, often for publication. Such information routinely encompasses most or all of the categories of personal information listed in “Categories of Personal Information Collected” above, although I don’t necessarily disclose every type of information that may fall within a particular category, nor do I necessarily disclose every piece of information I collect of a given type.

    Therefore, by the law’s definitions, I may share any or all of the categories of personal information I collect in the course of my business with any or all of the following:

    • My employees, independent contractors, agents, and/or business partners, if any.
    • Service providers and/or vendors I use in connection with this website, my other professional activities, and/or the management or operation of my business.
    • Any government agency, investigator, auditor, court, arbiter, or other official entity that requires or compels me to disclose personal information related to my business.
    • Any individual or entity with whom I communicate, consult, and/or collaborate in the process of researching and developing my content, writing/editing/writing consulting work, and/or other creative endeavors, and/or who communicates and/or consults with me regarding their content and/or other creative endeavors.
    • Editors, publishers, clients, employers, and/or other third parties for whom I provide (and/or to whom I offer) my writing/editing/writing consulting services and/or to whom I may license, sell, or otherwise offer my content and/or other creative work.
    • Individuals or entities who help me promote and/or sell (or otherwise offer for commercial advantage) my content, writing/editing/writing consulting services, and/or other creative endeavors.
    • The public, through the publication, performance, broadcast, other dissemination, and/or public discussion of my content and/or other creative work; my sharing, discussing, and/or otherwise disseminating information that is already publicly available (e.g., in news articles, published works, and/or public records); and/or, as applicable, my publication of your comments, any images and/or other media you submit to me for publication and/or for use in or with my published work(s), and/or your other communications with me.

    As indicated in the “Disclosure of Personally Identifying Information” section above, I may also share personal information:

    • If that information otherwise is or was already publicly available (which is also noted in the list above, but bears repeating for emphasis — I strenuously reject and regard as unconstitutional any attempt to use the CCPA, its associated regulations, and/or similar privacy laws to restrict or limit my right to share, disclose, and/or discuss publicly available information, whether or not that information is offered through official government sources); and/or:
    • To appropriately credit someone for the use of their photos, fonts, themes/plugins, or other content or intellectual property, particularly where such credit is required by the applicable license terms; and/or:
    • As I deem reasonable and appropriate (and to the extent permitted by applicable law/regulations) to enable me to make informed hiring, employment, and/or other business decisions regarding prospective employees, independent contractors, and/or business partners; and/or:
    • If I am legally or contractually obligated to do so (which would typically be to comply with a subpoena, search warrant, or other court order or administrative order; in connection with tax returns or other legally required filings, reports, registrations, or disclosures; in connection with an audit, civil or criminal trial, or other official investigation or proceeding; or in connection with a payment dispute or other contractual dispute, but could also be in other circumstances that I cannot reasonably anticipate; I may also disclose certain information if I deem it reasonably necessary to ensure my compliance with applicable law or regulation, even if the specific disclosure is not expressly required, such as (without limitation) if I need to contact a tax agency to determine the correct sales/use tax rate for a particular address); and/or:
    • If I believe in good faith that such disclosure is reasonably necessary to protect property, rights, security, and/or safety, and/or to forward copyright claims pertaining to material provided to us by a third party to that third party (since such claims may implicate their rights); and/or:
    • If the person(s) to whom the information pertains have asked or authorized me to do so; and/or:
    • If the information is de-identified, anonymized, redacted, and/or aggregated such that it could not reasonably be used to identify specific person(s) (other than me, if I am somehow included in that information and elect not to de-identify, anonyimize, redact, and/or aggregate my own information); and/or:
    • As part of a business transfer (e.g., if I sell or transfer control of this website, enter bankruptcy, or pass my assets to my heirs, successors, and/or assigns through my death or incapacity).

    Additionally, as also noted in the “Disclosure of Personally Identifying Information” section above, if I have roommates, houseguests, other cohabitants, and/or visitors, they may, from time to time, become incidentally aware of certain personal information pertaining to this website and/or my business operations, in ways that are hard to avoid with any business activity conducted at home.

    For what I hope are obvious reasons, it is not feasible for me to enumerate every possible entity or even category of entities to whom I might disclose information in the above contexts, but any such disclosures could also involve any or all of the categories of personal information I collect in the course of my business.

    Much if not all of the personal information I collect or access may be processed by one or more third parties. For example (but without limitation):

    • For obvious reasons, it is impossible for me to call, text, email, or mail any individual or household without disclosing a certain amount of the recipient’s personal information to third parties. For example, making a phone call or sending a text message requires communicating the recipient’s telephone number to the applicable telephone companies or mobile carriers.
    • My web host, DreamHost®, owns the web servers on which this website runs as well as the mail servers for my associated email addresses. Therefore, DreamHost has full administrative access to most files, messages, and data processed by or stored on those servers. (This is in addition to any information I deliberately share with DreamHost for purposes such as troubleshooting or security.)
    • If in the course of my business I access any website or online resource that is not encrypted (i.e., via an HTTP rather than HTTPS connection), any data I access on that site or resource is visible to my Internet service provider and potentially also other third parties. Even if a website or online resource IS encrypted, my Internet service provider and other third parties (such as my DNS (domain name system) server and the website or resource’s certificate authority and embedded content providers) can generally see that I have connected to that site or resource, as can that site/resource’s certificate authority and embedded content providers, if any. If I use a proxy server or VPN, the VPN or proxy server can also see my connections and any unencrypted data I access.
    • Most files and data on my systems and devices are routinely scanned by one or more malware detection and/or other security tools, some of which may incorporate cloud-based scanning or analysis features, as explained in the “Security Scans” section of this Privacy Policy. (As noted in that section, some website security log data is also stored by Sucuri.)
    • Most payments I receive are processed by my bank(s) (or other applicable financial institution(s)) and the applicable payment processor(s), if any (e.g., PayPal®). Those payments and related tax documents must also be disclosed to several different tax agencies, and may be discussed with my tax preparer and/or other financial or legal professionals for administrative and compliance purposes.
    • Some information about my activities and/or data accessed on my systems and devices may be captured by the telemetry and/or other surveillance features of the software, apps, services, and devices I use, as explained in the “Information Captured by Service/Software/App/Device Telemetry” section of this Privacy Policy.

    Any or all of the above would likely be considered sharing information for business purposes by the CCPA’s definitions.

    Actions like the following could also be deemed sharing information “for business purposes” if I do so in some business-related context:

    • Looking up someone’s name in a search engine, library catalog, or other database.
    • Entering someone’s address into a mapping or navigation service to look up driving directions, or meeting with someone face to face while my phone’s geolocation services are turned on.
    • Using an automated translation service to translate text containing any names and/or other types of personal information.
    • Printing a document containing names and/or other types of personal information using a commercial print service or a printer controlled by a third party (e.g., printing a copy of a news article I read at the public library).
    • Performing a WHOIS lookup on an IP address from the website’s security or error logs, or allowing my firewall or other security software to perform such lookups.
    • Storing or transmitting any electronic file containing personal information using any cloud storage service or other online storage system.
    • Sharing links to a news article or online post that contains names and/or other types of personal information.
    • Describing an unusual or distinctive vehicle I saw on the street or in some other public setting.
    • Discussing the life and career of a well-known public figure with other writers, historians, or subject matter experts, whether or not the information discussed is already publicly available.
    • Publishing or submitting for publication any content that contains any personal information such as names, photographs, videos, or biographical information. (Even publishing a bibliography with authors’ names might count.)

    (These are just a few examples, not an exhaustive list.)

    As noted in the “Disclosure of Personally Identifying Information” section above, the CCPA apparently does NOT regard transfers of personal information as part of the sale or transfer of a business (that is, where the information is among the assets of the business being sold or transferred) to be “sales” for purposes of the law. However, it remains unclear how the CCPA and/or its associated regulations will regard sales and/or other commercial distribution or disposal of published works (e.g., books, magazines, CDs, DVDs) that contain and/or incorporate personal information (as most published works do!). I regard as both absurd and terrifying the idea that the CCPA could effectively prohibit me from selling, lending, donating, or otherwise disposing of my copies of published books, magazines, CDs, DVDs, or other such personal property (which I may do from time to time). My assumption is that California’s attorney general and courts will choose not to interpret the law in such a broad and ridiculous way — which would have far-reaching, frightening implications for free speech — but to my knowledge, there has not yet been any official guidance on this point.

    Furthermore, because I am a professional writer/editor and writing consultant and much (though not all) of the information I collect in connection with that work is intended for publication, a variety of activities I routinely undertake in connection with my work could potentially be deemed “commercial” as defined by the CCPA, even if my actual content is deemed “noncommercial speech.” (For writers, photographers, and other creative professionals, the distinction between “commercial” activity and engaging in “noncommercial speech” as an integral part of one’s business is a complicated, muddy legal question mark.) Examples could include:

    • Licensing, selling, or otherwise offering my content or writing/editing/writing consulting services for money or other valuable consideration (including offering the content on this website, which is supported by advertising and user contributions) if that content incorporates or involves any names and/or other types of personal information about individuals or households.
    • Advertising, promoting, and/or marketing my content, or published works incorporating my content, if that content contains any names and/or other types of personal information, and/or if such information is referenced in the promotion or marketing.
    • Proposing or pitching any article, book, and/or other content containing names and/or other types of personal information to editors, agents, and/or publishers.
    • Sharing, exchanging, or discussing with clients, coauthors, and/or collaborators any personal information pertaining to articles, books, and/or other content I am creating and/or editing (and/or on which I am consulting) for commercial advantage.
    • Arranging for people featured and/or quoted in my content to receive complimentary copies of my published work or be notified of its publication or commercial availability.

    Even if disclosures like these are NOT deemed to be “for commercial purposes” (or “sales”) by the CCPA’s definitions, they are certainly “for business purposes.”

    From time to time, I may also facilitate other types of commercial transactions, whether directly or indirectly, such as:

    • By putting into contact (with their mutual consent) parties who have expressed interest in some transaction with one another. For example, if a visitor asks about licensing a photo or other content I have used that is owned by someone else, I might ask the applicable rights holder if they’re comfortable with my putting them in touch with the interested party.
    • By recommending that a professional contact or acquaintance be hired for a job, assignment, or commission, or chosen as a vendor or service provider.
    • By endorsing (explicitly or by implication) some author, artist, service provider, or vendor, and/or their products or services.

    By the CCPA’s definitions, disclosing any personal information in such circumstances might be deemed sharing information “for commercial purposes” whether or not any transaction is actually completed, whether or not I am a party to that transaction, and whether or not I receive any compensation or consideration in connection with it.

    As noted in “Advertising” above, I do not allow my advertisers (if any) to use scripts, cookies, web beacons, or other such technologies to collect information about you through the publicly visible/publicly accessible portions of this website. (Advertisements that appear on portions of the site’s administrative dashboard, which is not normally accessible to visitors other than site administrators, may sometimes include embedded content and/or other information-gathering mechanisms.) However, if you click on advertising links or otherwise patronize my advertisers’ businesses, they may gather information about you as described in their respective privacy policies (and may be able to tell that you came from this website), which is outside of my control. This could conceivably be deemed to constitute sharing information “for commercial purposes” as the CCPA defines it, even if I do not directly provide any information about you to those advertisers.

    Additionally, some of my embedded content providers (described in the “Embedded Content” section above) and/or other service providers might use information collected about my visitors (and/or otherwise obtained from me) for commercial purposes. For example (but without limitation), if you accessed a YouTube video I shared, particularly if you were logged into a Google Account at the time, YouTube may have shown you advertisements and likely added your viewing history to the repository of data Google (which owns YouTube) has compiled about you, much of which is used for commercial purposes. Although I typically have no control over such use (other than completely discontinuing the use of embedded content or third-party services), this too could be deemed sharing information “for commercial purposes” as defined by the CCPA. (YouTube is a trademark of Google LLC; Google is a registered trademark of Google LLC.)

    Put simply, by the law’s extremely broad definitions, any or all of the categories of personal information I collect in the course of my business could be deemed to be shared for business and/or commercial purposes, whether or not I “sell” personal information in the way most people understand that term.

    You can learn more about the circumstances under which I may share or otherwise disclose personal information I collect through and/or in connection with this website in the “Disclosure of Personally Identifying Information” section above.

    If you have general questions about my data-sharing practices (i.e., questions about my typical practices rather than about the personal data of any specific individual or household), feel free to contact me using any of the methods described in “Controller/Responsible Party, Questions, and How to Reach Me” below. If you are a California resident and would like to exercise your rights under the California Consumer Privacy Act (CCPA), such as the right to access or delete your personal information or opt-out of the sale of your personal information, you (or your authorized agent) should visit the Do Not Sell My Personal Information page.

    Controller/Responsible Party, Questions, and How to Reach Me

    The controller (or “responsible party,” for jurisdictions that use that term) for processing personal information related to this website is Aaron Severson, 11100 National Bl. #3, Los Angeles, CA 90064. If you have questions about this policy or my use of personal information, you can contact me via postal mail at that address or by sending an email to admin (at) aaronseverson (dot) com.

    If you are a California resident and would like to exercise your rights under the California Consumer Privacy Act (CCPA), such as the right to access or delete your personal information or opt-out of the sale of your personal information, you (or your authorized agent) can submit a request using any of the methods specified on the Do Not Sell My Personal Information page.

    Privacy Policy Changes

    I may change this Privacy Policy from time to time, at my sole discretion. Your continued use of this website after any changes to this Privacy Policy will constitute your acceptance of such changes, the effective date of which is shown near the top of this page. If the policy has changed since your last visit to this website, the website may prompt you to review and accept the changes.

    Recent Revisions

    Here is a list of recent changes to this Privacy Policy, in reverse order by date:

    • July 10, 2020: In the first paragraph of Information We Receive from Third Parties for Security Purposes, changed “… and/or user agents that may be associated with malicious activity such as spam” to “… user agents, and/or other such information that may be associated with malicious activity such as (without limitation) spam and/or attempts to transmit or otherwise propagate malicious code.” (This is really just a clarification; the types of information enumerated in that paragraph are the most common and typical examples, but not necessarily an exclusive list, and of course spam is only one possible type of malicious activity.) In the following sentence, changed “(without limitation)” to “(again without limitation)” for better flow. In the following sentence, changed “(without limitation)” to “(again without limitation)” for better flow. In the Categories of Personal Information Collected subsection of the CCPA Information Collection and Sharing Notice, changed “Information about other household members (e.g., roommates and/or pets)” to “Information about other household members (e.g., roommates) and/or pets.” (This is just a nitpicking clarification; a pet is usually not considered a household member in a legal sense.)
    • July 9, 2020: In Embedded Content, added a bullet point for the Sucuri Security plugin described in the Security Scans section. (That section already describes the plugin’s functions, but some components of the plugin do qualify as embedded content, so we decided it would be appropriate to also mention it in the Embedded Content section.)
    • July 8, 2020: In Embedded Content, updated the entry on Yoast to also mention the remotely served functionality provided by Ryte (which is incorporated into recent versions of the Yoast SEO plugin) and my fruitless efforts to determine from the developers whether the plugin’s remotely served components gather personal information about logged-in administrative users. (Any such information-gathering would apply only to users logged into the site’s administrative dashboard, not visitors to the publicly facing website, but it needs to be reflected here regardless.) Elsewhere inn Embedded Content and in several prior entries in this Recent Revisions list, corrected some inadvertent uses of “we” and “our” rather than “I” and “my.” In Cookies and Other Technologies, moved the example about showing or hiding banners for first-time visitors to parentheses; changed “&hellip and to ensure that …” to “… and to help ensure that …”; and changed “such as” to “e.g.” Added another sentence to the end of that paragraph: “Certain other site functions and/or site content may require the use of cookies and/or similar technologies to function properly.” Toward the end of that section, changed “some site features may not function …” to “some site features and/or site content may not function … for consistency and added a paragraph about the use of cookies and/or similar technologies by third-party services. Also updated the Cookie Notice to mention that, to reflect the revised language about cookies and/or similar technologies recently added to the Embedded Content section, and to clarify that this Recent Revisions list now also includes changes to that notice. Fixed a punctuation error in this Recent Revisions list.
    • July 7, 2020: In Definitions, renamed “Cookies and local storage” to “Cookies and similar technologies” and further refined that definition. In Cookies, changed “(such as local storage)” to “(such as local storage objects)” (which is both more accurate and more grammatically correct in that sentence). In Embedded Content, further adjusted the language and descriptions, including using the phrase “cookies and/or similar technologies” (which is how other privacy policies tend to characterize these technologies), smoothing out the wording, and simplifying and/or further clarifying some of the specific descriptions. Subsequently made an additional round of revisions to Embedded Content to further refine this language. Renamed the Cookies section to “Cookies and Similar Technologies” and changed other references to that section accordingly (both on this page and the Cookie Notice, which previously had erroneously identified that section as the “Cookie Policy” section, an inadvertent holdover from an earlier version of this policy). In Comments, corrected another stray reference to “Cookie Policy” section to refer to the “Cookies and Similar Technologies” section instead and added an internal link to that section. In Financial Transactions Policy, changed “PayPal may use cookies and/or “web beacons” (such as so-called “tracking pixels” and “pixel tags”) in the payment button and/or in the shopping cart to collect and track data about users” to “PayPal may also use cookies and/or similar technologies in the payment button and/or the shopping cart to collect information about, track, and/or identify users, in addition to whatever information the service may collect to log you into your PayPal account (if any) and/or complete your transaction” (which is more accurate and more internally consistent). In Advertising, added the parenthetical aside about information-gathering by ads on the administrative dashboard that already appeared in the Disclosure of Personally Identifying Information section, for greater internal consistency. In the latter section, reordered that aside in the paragraph in which it appears (which entailed splitting the first sentence in that paragraph into two sentences with the parenthetical aside between them), again for the sake of consistency. Also in Definitions, amended the definition of “Personal information/personally identifying information” to change “(or in combination with certain other information)” to “(and/or in combination with certain other information” and amended the definition of “Identifiers” to change “… to be personal identifiers” to just “… to be identifiers” (which is more accurate).
    • July 6, 2020: In Definitions, fixed a formatting error inadvertently created during yesterday’s revisions and further amended the “Cookies and local storage” definition for greater accuracy. Updated the Cookies section to also mention “similar technologies” such as local storage of information. Also updated Browser Tests to note that the results of the tests may be stored in your browser’s local storage for the duration of your visit. (This is how the test have always worked, but I struggled to properly explain it.) Further amended the Embedded Content section for greater accuracy and to further refine the new language added yesterday about local storage. (Again, this isn’t a procedural change, but an effort to more accurately explain technically complex concepts of which I don’t have a robust understanding myself!)
    • July 5, 2020: In Embedded Content, changed the phrase “and/or other domains owned by WordPress, such as …” to “and/or other domains owned by WordPress, such as (without limitation) …” and changed “… or other WordPress-related messages” to “… and/or other WordPress-related information.” (This is just a clarification.) Fixed an HTML error in this revisions list. In Other Inquiries, Messages, and Support Requests, added a paragraph about communications by some means that is accessible to multiple users (e.g., via email discussion group or group chat, on social media, and/or by transmitting electronic files via shared FTP folder(s)) and/or publicly accessible, noting that such communications may be visible to anyone with access to the shared medium and that I cannot control and accept no responsibility for what third parties may do with information shared in such ways. (I hope this is reasonably self-evident!) In the following paragraph, changed “may publish such communications” to “may publish your communications” for a more natural progression from the inserted language. In the paragraph about data retention at the end of the section, changed “any third-party websites or services you use to contact …” to “any third-party websites or services you may use to contact …” Updated Information I Receive from Third Parties for Security Purposes to note that I may also receive alerts and/or other security-related information from various sources regarding third-party data breaches that could potentially expose my online credentials and/or other personal information to malicious actors. In the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice, fixed a punctuation error (incorrectly nested parentheses in the example regarding the processing of payments) and changed “my bank(s) and the applicable payment processor, if any” to “my bank(s) (or other applicable financial institution(s)) and the applicable payment processor(s), if any (e.g., PayPal®)” for greater internal consistency. In Definitions, updated the definition of cookies (which has been renamed “Cookies and local storage”) to include a brief definition of local storage of potentially identifying information (a technology which is sometimes used in addition to or instead of cookies). Updated Embedded Content to add language about local storage (which many embedded content providers and other online services now use along with cookies), insert a new bullet point about embedded content from Twitter, and add a disclaimer that embedded content providers may also use and/or add other information-gathering and/or tracking technologies beyond what I can reasonably specify in that section. Made various other minor adjustments to the wording of that section for clarity. Further updated the adjusted language in that section to fix my repeated but unintentional use of “store other personally identifying information” when I meant to say “store other potentially identifying information” (an error I repeated an embarrassing number of times by careless use of copy-paste) and made a number of additional minor adjustments and updates to the text, including changing the language about displaying videos or Tweets to be a bit broader in scope (including sharing and/or otherwise displaying the content as well as posting it) and fixing an inadvertent use of “us” rather than “me.”
    • July 4, 2020: In Disclosure of Personally Identifying Information, added rental services and/or rental agencies for vehicles such as (without limitation) cars, trucks, vans, bicycles, scooters, and/or boats.
    • July 3, 2020: In Security Scans, added a new paragraph about anti-theft/loss-protection security measures for my devices that may collect additional personal information under certain circumstances.
    • July 1, 2020: In Disclosure of Personally Identifying Information, added the Roundcube project (whose open-source webmail client software my web host uses) to the examples of third-party service providers. In the description of Font Awesome in that section, changed “web mail” to “webmail” for consistency. Updated the Other Information I Receive from Third-Party Sources section to add language about information I might receive from or through social media services and to insert an explicit reference and an internal link to the Additional Information About Data Retention section. (Since the latter section presently follows immediately after Other Information I Receive from Third-Party Sources, I hadn’t previously included such a link, but I added it now for convenience and ease of reference.) Toward the end of Other Information I Receive from Third-Party Sources, also changed “other non-public information” to “other, non-public information” (which better expresses the intended meaning).
    • June 29, 2020: In Other Information You Provide to Me, added a note regarding submitted images and/or other media, with an internal link to the Data in Submitted Images section. Also changed the parenthetical aside from “(These are just a few hypothetical possibilities.)” to “(These are just a few of the many possibilities.)”
    • June 28, 2020: In Information I Receive from Third Parties for Security Purposes, added social media services to the examples of sources from whom I may receive such information and changed “Internet service provider, mobile carrier, bank …” to “Internet service provider(s), mobile carrier(s), bank(s)/financial institution(s) …” for internal consistency. In Disclosure of Personally Identifying Information, created a new sub-bullet for social media services on which I have accounts and/or where I might share information related to this website in the list of examples of third-party service providers. Moved the existing bullet point about Flickr to that sub-bullet. Tinkered a bit with the wording of the new language.
    • June 27, 2020: In Security Scans, Financial Transactions Policy, and Other Information I Receive from Third-Party Sources, changed several instances of “such as (for example, but without limitation)” to just “such as (without limitation)” (for internal consistency and because “for example” is probably redundant in those instances).
    • June 26, 2020: In Security Scans, changed “and/or the various Google services I use (e.g., the Google Voice communications service …” to “and/or other applicable service provider(s) (e.g., the various Google services I use, such as (for example, but without limitation) the Google Voice communications service …” In Comments; Contact Forms; and Other Inquiries, Messages, and Support Requests, adjusted the language referring to the Security Scans section (regarding messages being scanned for spam and/or malware) to be more consistent with the wording of the latter section. Added similar language to the Information Sharing subsection of the Financial Transactions Policy section. In Other Inquiries, Messages, and Support Requests, also changed “other services place the entire message text in the notification” to “other services include some or all of the message in the notification.” In Website Server, Error, and Security Logs, added a sentence noting that email alerts may be scanned for spam and/or malware (also referring to the Security Scans section) and changed “since my web host …” to “because my web host …” (which is more grammatically appropriate).
    • June 25, 2020: A number of minor wording adjustments for internal consistency: In Website Server, Error, and Security Logs, changed “may be captured in backups created by me or my web host” to “may be captured in backups created by me and/or my web host.” In Comments, changed, “may have been accessed or used” to “may have been accessed and/or used.” In Data in Submitted Images, changed “backup files created by me or my web host” to “backup files created by me and/or my web host” and changed “may have already been accessed or used by third parties” to “may have already been accessed and/or used by third parties.” In Information I Receive from Third Parties for Security Purposes, changed “applications/services” to “applications/software/services.” In Disclosure of Personally Identifying Information, updated some of the descriptions of third-party service providers to change a number of instances of the word “applications” to “software” for greater clarity. In the latter section, also changed “Internet firewall applications/services” to “Internet firewall applications/software/services” and changed “TinyWall and …” to “TinyWall and/or …” for consistency. Also updated the sentence beginning “Where I become aware of such a case, I will take reasonable efforts to keep separate any information I have gathered through or in connection with this website …” to insert the parenthetical phrase “(e.g., the IP addresses in the logs, the email addresses associated with comments and/or form submissions)” in hopes of clarifying the intended scope of that paragraph.
    • June 23, 2020: In Disclosure of Personally Identifying Information, added a new paragraph following the bullet-pointed list regarding the possibility of roommates, houseguests, other cohabitants, and/or visitors becoming incidentally aware of certain personal information pertaining to this website and/or my business operations, in ways that are hard to avoid with any business activity conducted at home. Added similar language to the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice. In the subsequent paragraph of the latter section, also changed the phrase “in such contexts” to “in the above contexts” to avoid any potential confusion due to the added paragraph.
    • June 21, 2020: In Disclosure of Personally Identifying Information, further adjusted the description of BlackBerry Limited by adding “(and/or, where applicable, their subsidiaries and/or affiliates)” after the corporate name to better reflect the framing of their Privacy Policy. Also changed “its previous corporate name” to “the previous corporate name” to avoid an unclear antecedent. Changed “other service providers, and/or other vendors” to “various subcontractors, subprocessors, vendors, subsidiaries, affiliates, and/or partners” and, at the end of that bullet point, changed “any third-party subcontractors, subprocessors, vendors, and/or partners those entities may employ or utilize …” to “any subcontractors, subprocessors, vendors, subsidiaries, affiliates, and/or partners those entities may employ and/or utilize …” for greater internal consistency. Updated the description of Abine’s Blur to also mention their email masking tool.
    • June 20, 2020: In Disclosure of Personally Identifying Information, updated the descriptions of TCT and BlackBerry Limited to clarify that TCT made the hardware for the newer device and BlackBerry Limited makes the suite of BlackBerry apps, services, and software both devices use. Also adjusted TCT’s corporate name to match their current usage (TCL Communication Ltd., with “Limited” abbreviated) and updated the description of VeraCrypt to clarify that portions of the software are the work of various developers besides IDRIX. In that section, also changed “may use various subprocessors and/or other vendors not necessarily listed here …” to “may use various subprocessors, other service providers, and/or other vendors, not necessarily listed here, …”
    • June 16, 2020: Updated the Information I Receive from Third Parties for Security Purposes and Disclosure of Personally Identifying Information sections to note that Bitdefender may also use the Google Safe Browsing API. Also updated the reference to Google Safe Browsing in the former section to note that some other apps (as well as web browsers and online services) may also use that service. Also in Disclosure of Personally Identifying Information, updated the bullet point on disclosures I deem reasonably necessary to protect property, rights, security, and/or safety to note that (as stated in the Copyright/Intellectual Property Violations section of the Terms of Use) I may forward copyright claims pertaining to material provided to me by a third party to that third party. (This provision has been in the Terms of Use for years, but I had previously neglected to mention it in the Privacy Policy.) Made a related update to the Information Shared for Business or Commercial Purposes section of the CCPA Information Collection and Sharing Notice.
    • June 15, 2020: In Other Information I Receive from Third-Party Sources, made a variety of clarifications to the paragraph regarding my research process: Added “(without limitation)” after “… with third parties such as …” and added “observers, eyewitnesses, and/or other knowledgeable parties” to the examples enumerated in that sentence. (These were already listed in the related language in the CCPA Information Collection and Sharing Notice.) Later in that paragraph, changed “the subjects of my content” to “the subject(s) of my content.” Added a new second-to-last sentence: “In some cases, I may look for your contact information so I can ask you questions related to my content, request an interview, and/or let you know about content in which you were mentioned.” In the final sentence of that paragraph, changed “… or if you have disclosed the information …” to “… and/or if you have disclosed the information …” In the same section, updated the paragraph regarding information provided by third-party services to add two more examples of the type of information that might be provided: whether a contact “is typing, and/or has seen a particular message.” (These are obviously just additional examples, not an exhaustive list of possibilities.)
    • June 14, 2020: Made some minor clarifications to the summary of the June 13 revisions below.
    • June 13, 2020: In Embedded Content, fixed a typographical error in the description of Font Awesome: correcting “your IP address and user information” to “your IP address and user agent information” (the word “agent” had been inadvertently deleted). In Disclosure of Personally Identify Information, amended the bullet point on public acknowledgments and thanks to note that those acknowledgments may also include (where applicable) the date(s) of the assistance. (This is just a clarification of my customary practice, not a change in how I handle such acknowledgments.) In that bullet point, also changed “the type of assistance” to “the nature of the assistance provided” for greater clarity.
    • June 11, 2020: In the list of examples of third-party service providers in Disclosure of Personally Identifying Information, updated the description of Firefox to clarify that that may include the desktop and/or mobile versions and changed “taxi and/or ride-share services” to “taxi, livery, shuttle, carpool, and/or ride-share services.” Also adjusted the description of Simple DNSCrypt to change “desktop computer” to “desktop computer(s).”
    • June 10, 2020: In the list of examples of third-party service providers in Disclosure of Personally Identifying Information, made some minor wording adjustments to the “accessing the Internet” bullet point for clarity and internal consistency (and to fix some questionable grammar). Also added “other Internet service providers, mobile carriers, and/or wireless network services I may periodically use.”
    • June 8, 2020: In Disclosure of Personally Identifying Information, added Microsoft Bing Search to the examples of third-party service providers. (This is mainly a clarification, since Bing is one of the many Microsoft “software, apps, tools, and services” mentioned elsewhere in that section.) Fixed a typo in this revisions list.
    • June 7, 2020: In Disclosure of Personally Identifying Information, fixed a typographical error in the description of CompanionLink and DejaOffice CRM and adjusted the description to better explain their function. Changed “Other providers of apps, tools, and/or services I may use in connection with this website and/or its content” to “Other providers of apps, tools, and/or services I may use in connection with this website, its content, the management of my business operations, and/or my other creative endeavors” to better reflect the current language elsewhere in this policy. Adjusted the description of DreamHost in that section to change “(which also hosts the mail servers for email addresses using this domain name)” to “(which also hosts the mail servers for all email addresses using the 6200productions.com domain name)” for greater clarity. Updated Other Information I Receive from Third-Party Sources to also mention that I may sometimes receive information through third-party services and/or service providers. Amended and simplified the language in that section about software developers, added a note that software licenses typically prohibit deleting the developer information, and moved that paragraph to an earlier point in the section. Fixed a typographical error. Later in that section, changed the phrase “any attribution information” to “any of the developer credits or copyright information” for greater clarity. In Disclosure of Personally Identifying Information, fixed a punctuation error in the description of Signal and updated that description to indicate that Signal is a registered trademark.
    • June 6, 2020: Updated the Additional Information About Data Retention section’s bullet points on text messages and phone calls to explain that my retention of text messages and phone records on my phone(s) is now highly variable. (This change is to reflect my increased use of a newer device that no longer allows me to globally control message retention the way my older smartphones did; if there’s a way to get the newer phone to automatically delete all unsaved messages after a certain period of time, I haven’t yet found it!)
    • June 4, 2020: In Disclosure of Personally Identifying Information, corrected the attribution for MozBackup, also reordering that item in the list of examples to keep that section in more or less alphabetical order.
    • May 31, 2020: In Disclosure of Personally Identifying Information, updated the attribution for Cookie-AutoDelete to reflect that browser extension’s current copyright statement. In Security Scans, updated the reference to the EU-U.S. Privacy Shield Framework to add periods to “U.S.” to match the reference in Disclosure of Personally Identifying Information.
    • May 30, 2020: In Contact Forms, split the final sentence (beginning “Otherwise, I may disclose …”) into a separate paragraph. Inserted a bullet point regarding incorporating corrections, clarifications, and/or suggestions (which hopefully was reasonably self-evident, but bears mentioning). In that section, also changed “infringe on” to “infringe upon.” In Other Inquiries, Messages, and Support Requests, deleted the bullet-pointed list beginning “Unlike comments, I do not generally publish …” and replaced it with a reference to the list in the Comments section above (to avoid repeating the same list twice). Fixed a typo in Data Related to Recruitment/Hiring or Business Partnerships.
    • May 23, 2020: In Data in Submitted Images, changed “I typically also gather additional information about the images I use …” to “I typically also gather additional information about the images and/or other media I use …” for internal consistency. Also changed several instances of “images or media files” to “images or other media files,” again for consistency of wording. In Other Information I Receive from Third-Party Sources, added a paragraph noting that published works I use and/or access may also contain a variety of personal information, and I may also obtain additional information about the people depicted, described, or involved with those works. Also changed “photographs and other images or media” to “photographs, other images, and/or other media.” Updated Additional Information About Data Retention to note that I typically retain indefinitely copies of published works I own, along with (where applicable) associated documentation and/or notes and any inventories, catalogs, and/or lists that I may create and/or utilize to manage my collection of such works.
    • May 20, 2020: Updated the description of the NoScript browser extension in Information I Receive from Third Parties for Security Purposes and Disclosure of Personally Identifying Information to better describe its attribution. (The NoScript website‘s copyright statement attributes it to InformAction, but the copyright statement in the extension’s source code credits the extension to InformAction co-founder Giorgio Maone.) Also updated the Security Scans section to correct a reference to the Information I Receive from Third Parties for Security Purposes section (from which the word “Parties” had somehow been dropped) and fix the link, which had been configured incorrectly. In Disclosure of Personally Identifying Information, changed “journalistic, historical, or other nonfiction accounts” to “journalistic, historical, critical, or other nonfiction accounts.” (This is mostly a clarification; a review or other work of criticism is a type of nonfiction account and sometimes also a journalistic one, but spelling it out helps to better explain the intended scope of that provision.) Also updated the description of uBlock Origin in Information I Receive from Third Parties for Security Purposes and Disclosure of Personally Identifying Information to note that the extension is developed by Raymond Hill (although its associated lists are developed and maintained by various people).
    • May 18, 2020: Updated the Cookie Notice to make some clarifications to the description of the WordPress administrative and login cookies. In the examples of third-party service providers in Disclosure of Personally Identifying Information, changed “bookkeeping and/or accounting services” to “bookkeeping, accounting, and/or tax preparation services.”
    • May 16, 2020: In Disclosure of Personally Identifying Information, updated and expanded the bullet point regarding contractual obligations by changing “If I am contractually required to do so in connection with a dispute, investigation, or audit involving a third-party service” to “If I am contractually obligated to do so pursuant to my agreement(s) with my business partner(s), vendor(s), and/or third-party service(s), such as (without limitation) in connection with a dispute, investigation, or audit involving …” (since a business partner, vendor, or service provider could also conceivably compel me to provide information in situations other than a formal dispute, investigation, or audit, although those are the most likely examples; I changed “required” to “obligated” principally to better distinguish this bullet point from the earlier bullet point regarding legal requirements). Also clarified the example by changing “their” to “the payment processor’s” (to avoid a potentially unclear antecedent). For related reasons, updated the Financial Transaction Policy subsection on Information Sharing to change the phrase “as otherwise required by my legal agreements with …” to “as otherwise required by my contractual agreements with …” (This is a clarification; a contract is of course a legal agreement, but “contractual agreements” better expresses the intent in this instance.) In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, changed the phrase “If I am legally obligated to do so …” to “If I am legally or contractually obligated to do so …” and added “or in connection with a payment dispute or other contractual dispute” to the enumerated examples for internal consistency. In Privacy Policy Changes, changed “This Privacy Policy may be modified from time to time, at my sole discretion. Your continued use of and access to the site signifies your acceptance of any such modifications …” to “I may change this Privacy Policy from time to time, at my sole discretion. Your continued use of this website after any changes to this Privacy Policy will constitute your acceptance of such changes …” (This change is mainly to better align the wording of this policy with the privacy policy of my freelance writing website, to help me avoid confusion in the future.) Also changed “If the policy has changed since your last visit …” to “If the policy has changed since your last visit to this website …” for greater clarity. Updated the preamble to change the phrase “… which summarizes recent modifications by date” to “… which summarizes recent modifications in reverse order by date” for consistency with the description at the beginning of this revisions list.
    • May 15, 2020: In Disclosure of Personally Identifying Information, added Apple Inc. to the examples of third-party service providers. Fixed a typographical error in another listed example and corrected an accidental use of “our” rather than “my.” Made some minor adjustments to the wording of the reference to Adobe in that list for greater internal consistency, also changing the first instance of “Adobe” to “Adobe Inc.” Changed the phrase “Some or all of my third-party vendors/service providers …” to “Some or all of my third-party vendors and/or service providers …” and changed “data subprocessors” to just “subprocessors” (a term that now has a specific legal meaning in some jurisdictions). Updated the reference to the EU-U.S. Privacy Shield Framework to add periods to “U.S.” (which is how the framework’s name is officially styled, at least in the U.S.); note that Adobe Inc. also complies with that framework; and add a parenthetical note that others among the listed examples of vendors and/or service providers probably do as well. (The Privacy Shield website currently lists more than 5,300 U.S. businesses as active participants, so the fact that I haven’t listed a specific service provider or vendor as a participant doesn’t necessarily mean that they are not one — there are just too many for me to keep track.) Added generic listings for “providers of other web browsers I may use” and “any other search engines I may use” to the examples of third-party service providers. (I hope this was already clearly implied, but I spelled it out for the avoidance of doubt.) Also added generic listings for healthcare providers and/or their respective staffs and “other online information services, repositories, websites, blogs, video blogs (“vlogs”), podcasts, and/or audiovisual streaming services.”
    • May 14, 2020: In Disclosure of Personally Identifying Information, updated the description of taxi and/or ride-share services to change “which I may use if I travel to meet with someone via such means and/or arrange such transportation for someone in some manner related to this website” to just “which I may use if I travel via such means and/or arrange such transportation for someone in the course of my business and/or in some context related to this website” (since such travel might not always be to meet with someone, that possibility is obviously implied without needing to be spelled out, and “context” is more correct than “manner” in this instance). In that same bullet point, changed references to business trips or travel to “in connection with trips I take or arrange in the course of my business and/or in some context related to this website” for internal consistency. Also in that section, changed “such that it could not reasonably be used to identify specific person(s)” to “such that it could not reasonably be used to identify the specific person(s) and/or household(s) to whom the information pertains.” (This is another attempt to clarify the intent of that bullet point’s somewhat cumbersome wording.) Elsewhere in that section, changed “financial consulting services” to “financial advisory services” (which is a more correct term for the type of service that language was intended to describe).
    • May 11, 2020: In Embedded Content, changed the phrase “what information I collect in connection with PayPal transactions with me” to “what information I may collect in connection with PayPal transactions to which I am a party and that pertain directly to this website” for greater clarity. Also fixed a typographical error in Disclosure of Personally Identifying Information (correcting the phrase “its and associated drivers” to “its associated drivers”).
    • May 10, 2020: In Disclosure of Personally Identifying Information, added some other generic types of services to the listed examples of third-party service providers. In Controller/Responsible Party, Questions, and How to Reach Me, changed the phrase “can file a request” to “can submit a request” for more consistent wording. Adjusted the wording of references to the Controller/Responsible Party, Questions, and How to Reach Me section in Notice to Parents Regarding Children Under 18; Not for Children, the Age Verification section, and the CCPA Information Collection and Sharing Notice so that those references all consistently say “methods described in” rather than “methods listed under …” or “methods described under …” For similar reasons, also adjusted the wording of a reference in the Cookies section to the Cookie Notice and Privacy Tools pages (changing “the list shown in” to “the list shown on”) and of a reference in Disclosure of Personally Identifying Information to the Financial Transactions Policy (changing “as otherwise described under” to “as otherwise described in”).
    • May 8, 2020: In Disclosure of Personally Identifying Information, changed the sentence “Please note that in many cases, I have no way of associating data gathered through this website with information I may have obtained about you in other contexts” to “Please note that in many cases, I have no reasonable way of associating data gathered through this website with information I may have collected about you in other contexts, or of associating different types of personal information and/or potentially personally identifying information I may have obtained about a given individual or household.” Also made that sentence the beginning of a new paragraph rather than a continuation of the previous one.
    • May 5, 2020: Corrected the HTML anchor in Other Information I Receive from Third-Party Sources, which had been configured incorrectly. In Disclosure of Personally Identifying Information, corrected the internal link to the Other Information I Receive from Third-Party Sources section, which had not been updated correctly in yesterday’s revision. (I had corrected the link text, but not the link itself.)
    • May 4, 2020: In Disclosure of Personally Identifying Information, revised the language of the bullet point regarding journalistic, historical, or other nonfiction accounts to change “it may also include information, corrections, clarifications, and/or additional details provided by the person(s) to whom the information pertains and/or obtained from third parties” to “it may also include non-public information obtained from a variety of sources.” Also corrected the reference in that bullet point to the Other Information I Receive from Third-Party Sources (which had not been updated properly in a previous revision) and adjusted the corresponding language in that section to match this current revision (deleting the word “certain” in the phrase “may also include certain non-public information obtained from a variety of sources,” since including that word was probably more confusing than helpful in that context).
    • May 3, 2020: In Disclosure of Personally Identifying Information, added online file transfer, file sharing, and/or file storage services to the examples of third-party service providers. Rearranged the order of some of the examples in that section. Also in that section, updated the description of Microsoft to change “some of the software, apps, tools, and services I use — including, but not limited to, the operating systems for some of my devices” to “some of the software, apps, tools, and services I may use and/or offer — including, but not limited to, the operating systems for some of the devices I use” (mostly for consistency with other language in this policy, but also because at present, I own only a single device with a Microsoft operating system, although that may change in the future, and I may still sometimes use other devices with their operating systems and/or other software, apps, tools, and/or services, whether or not I own those devices).
    • May 2, 2020: In Disclosure of Personally Identifying Language, amended the language about the sale or rental of information about individual site visitors to change the phrase “about a site visitor” to “about one or more site visitors.” Also amended the description of LG to change “my peripheral devices” to “my displays and/or peripheral devices” (to avoid any uncertainty about whether a display constitutes a peripheral device). In the CCPA Information Collection and Sharing Notice, changed the final bullet point in Categories of Personal Information Collected subsection from “Other data that could potentially be deemed personal information, but that does not easily fit into any of the above-listed categories” to “Other types of personal information, and/or other types of data that could potentially be deemed personal information, that do not readily fit into any of the above-listed categories.” Fixed an error in the HTML anchor for the “Controller/Responsible Party, Questions, and How to Reach Me” section.
    • April 30, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to add “any other DNS resolver service(s) I may use” (as there may be various others besides Cloudflare). Also added Ysard’s Cookie Quick Manager to the listed examples of browser extensions and updated the description of Adblock Plus to add the phrase “and its related lists” for consistency.
    • April 29, 2020: In Disclosure of Personally Identifying Information and the Information Shared for Business or Commercial Purposes of the CCPA Information Collection and Sharing Notice, updated the language about disposal of published works to change “incorporating personal information” and “that contain personal information” to “that contain and/or incorporate personal information” for consistency. In the latter section, also changed “or other personal property” to “or other such personal property” for greater clarity. In Disclosure of Personally Identifying Information, also added a sentence to the beginning of the list of examples of third-party vendors and service providers noting that some or all of those providers and/or vendors may use various subprocessors and/or other vendors not necessarily listed. Also amended the subsequent sentence to change “vendors/service providers” to “vendors and/or service providers.” Made a slight adjustment to this revisions list.
    • April 26, 2020: In Disclosure of Personally Identifying Information, added gitg, the vDos DOS emulator, and Shahin Gasanov’s ZoneIDTrimmer tool to examples of third-party service providers. Further amended the description of Gpg4win in that list to fix a typographical error and adjust the wording. Added the Android Open Source Project’s SDK Platform Tools to the enumerated examples of Google products and services and made some minor wording adjustments to the other item in that bullet point. In Website Server, Error, and Security Logs, changed “accesses the site and its content” to “accesses the site and/or its content.” (This is a clarification; the server and error logs will usually also record attempts to access certain site content without actually visiting the site, such as if someone “hotlinks” an image.) Fixed a typographical error in this bullet point. In Financial Transactions Policy and Transaction-Related Information I Receive from Third Parties, changed “transaction-related questions or inquiries” to “transaction-related questions, inquiries, and/or comments.”
    • April 25, 2020: Revised Disclosure of Personally Identifying Information and the Information Shared for Business or Commercial Purposes of the CCPA Information Collection and Sharing Notice to explain that I may also sell, lend, or otherwise dispose of copies of published works (e.g., books, magazines, DVDs) that contain someone’s personal information. (I’d hoped I wouldn’t need to spell this out, but California’s Office of the Attorney General has still failed to provide any guidance regarding the profound First Amendment implications of the CCPA regarding the sale or distribution of published works.) Also noted that the CCPA doesn’t regard transfers of information as part of the sale or transfer of a business to be sales. Rearranged and revised the text following the bullet-pointed list in Disclosure of Personally Identify Information to present the points described there in a (hopefully) more readable way. Made some further tweaks to the newly added language. Also in Disclosure of Personally Identifying Information, added the phrase “or other such devices, equipment, and/or accessories” to the bullet point on other electronic devices to emphasize that the enumerated examples are not intended to represent an exhaustive list of my electronic equipment. Also added Francesco De Stefano’s Opena11y Toolkit extension to the examples and tweaked the descriptions of the various browser add-ons in that list for more consistent wording.
    • April 24, 2020: Updated the effective date, which I had neglected to do yesterday. In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, simplified the paragraph beginning “I may disclose personal information I collect through and/or in connection with this website …” to change the second sentence to “Also, as noted in that section and elsewhere in this Privacy Policy, my work as a professional writer/editor and writing consultant and/or other creative endeavors routinely involve collecting and sharing personal information, often for publication.” Struck the links to the 6200 Productions and Ate Up With Motor privacy policies (which are already included earlier in the notice). In Disclosure of Personally Identifying Information, changed “… keep separate any information I have gathered through or in connection with this website” to “… keep separate any information I have gathered through and/or in connection with this website” for wording consistency. In Information I Receive from Other Third-Party Sources, revised the paragraph about my writing and editing process to also refer to my other creative endeavors, professional or otherwise (since “creative endeavors” are referenced elsewhere in this policy; the intent is to express that some aspects of what I do creatively are not strictly writing or editing); change the phrase “research and writing process” to “research, writing, and editing process”; and note that in some cases, my research, writing, and/or editing may include inviting comment from and/or presenting questions to the public regarding related topics. Made similar adjustments to the corresponding language in Disclosure of Personally Identifying Information for consistency, also changing the phrase “in the course of researching, writing, and/or editing same” to “in the course of researching, writing, and/or editing my content and/or other creative endeavors” for clarity and consistency and changing “including, as applicable but without limitation, any associated images …” to “which may include, as applicable but without limitation, information contained in associated images …” to better express the intended meaning. Elsewhere in that section, also amended language referring images and other media to change “visible” to “visible or otherwise included” (since no one may actually be visible in some types of media, such as audio recordings).
    • April 23, 2020: In Transaction-Related Information I Receive from Third Parties, corrected a reference to “transactions with us” to “transactions with me.” In the Financial Transactions Policy, fixed an inadvertent duplication of the word “and” and updated both the Transaction-Related Information Gathering and Data Retention subsections to note that I may use the information I gather to respond to your transaction-related questions or inquiries (which I hope would be self-explanatory). Expanded the Transaction-Related Information I Receive from Third Parties section to include information I may receive if I offer products or services through some third-party vendor or service. Updated that section and the Financial Transactions Policy to clarify that I may also use transaction-related information to meet my contractual obligations and fixed a grammatical issue. Further amended the Financial Transactions Policy subsection on information sharing to change “information pertaining to payments I make to you” to “personal information related to payments I make to you” (for greater clarity and to avoid using “pertain” twice in the same sentence) and to add bullet points regarding transactions made on behalf of some third party and information I share with my employees and/or independent contractors. (Those points were already effectively covered through the reference to the Disclosure of Personally Identifying Information section, but it seemed worth spelling them out more explicitly in the Financial Transactions Policy.) Made some further minor adjustments to the wording of those bullet points and to the first two paragraphs of the Financial Transactions Policy. In Disclosure of Personally Identifying Information, updated the reference to developers of WordPress plugins, themes, and/or add-ons to note that any information they collect may be through telemetry features incorporated into those plugins, themes, and/or add-ons as well as through my communications with the developers. In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, added links to the Ate Up With Motor and 6200 Productions privacy policies and inserted the phrase “… and much (though not all) of the information I collect in connection with that work is intended for publication” in the sentence beginning “Because I am a professional writer/editor and writing consultant …” Also revised the wording of the first paragraph of the Categories of Personal Information Collected subsection to better express the intended scope of the section and include references and links to the 6200 Productions and Ate Up With Motor privacy policies. Made a few other wording adjustments to match. Fixed several instances of the word “the” being duplicated. In the examples of third-party service providers listed under Disclosure of Personally Identifying Information, updated and corrected the descriptions of Gpg4win and VeraCrypt and rearranged the order of the encryption tools listed. Also fixed a couple of minor errors in this revisions list.
    • April 22, 2020: In the Financial Transactions Policy, changed “applies to financial transactions with me and/or pertaining to aaronseverson.com …” to “applies to financial transactions with me pertaining to the aaronseverson.com website …” In the following paragraph, changed “applies only to transactions with me, NOT to your transactions with third-party vendors, retailers, or services” to “applies only to transactions pertaining directly to the aaronseverson.com website, and then only to transactions you enter into with me, NOT to your transactions with third-party vendors, retailers, or services, which are outside of my control” and changed “if you purchase a copy of some work I have written through an online bookseller rather than directly from me …” to “if you purchase a copy of some work I have written through an online bookseller …” (I’m concerned that the previous wording was confusing and potentially misleading as to the intended scope of the policy.) Made similar wording changes through the rest of that policy for consistency. Also struck a confusing reference to “transactions with 6200 Productions,” which does not apply to this policy, and noted in the Transaction-Related Information Gathering subsection that I may also use transaction-related information I collect for service improvement, fraud prevention, and/or other security purposes. (This was already indicated in the data retention subsection.) Fixed some punctuation errors in the data retention subsection.
    • April 21, 2020: In the list of examples of third-party service providers in Disclosure of Personally Identifying Information, added Waves Audio Ltd. to the listed examples and clarified the bullet point regarding other electronic devices, also adding some other devices to the examples listed and removing one (which I just returned without ever really using). Made some further minor adjustments to the wording of my recent additions to the list of examples and changed several instances of the word “suite” to “software” for clarity. (In a number of instances in that list, I had previously used the word “suite” to refer to packages of software consisting of more than one distinct program or app, but “software” is probably clearer in context.) Removed some extra spaces.
    • April 19, 2020: In Disclosure of Personally Identifying Information, added another bullet point regarding other electronic devices such as cameras and memory storage devices to the examples of third-party service providers. Tinkered further with the wording of that addition. Fixed some typos in that section. Also added Realtek Semiconductor Corp. to the listed examples, updated the description of Qualcomm (also adding a registered trademark symbol), and rearranged the order of some of the examples in the list. Added another device to the examples of other electronic devices.
    • April 17, 2020: Added the Simple Mobile Tools Voice Recorder app to the examples of third-party service providers under Disclosure of Personally Identifying Information. (Hastily updated to add the correct link to the app’s privacy policy.) Also clarified the description of Librera Reader in that section. Updated Controllers, Questions, and How to Reach Me to note that I am also the “responsible party” with regard to the processing of personal information related to this website (for the purposes of local privacy laws that use that term rather than “controller”). Changed the name of that section to “Controller/Responsible Party, Questions, and How to Reach Me” and updated internal references to it accordingly.
    • April 16, 2020: In the CCPA Information Collection and Sharing Notice, revised the examples of professional or employment-related information, adding “and/or client(s)” to the bullet point about employer(s); changing the phrase “certification or licensure” to “certification and/or licensure”; adding a bullet point about other professional relationships; and rearranging the order of several bullet points in that list.
    • April 15, 2020: In Disclosure of Personally Identifying Information, updated the description of CompanionLink Software products listed among the examples of third-party service providers, removing the reference to DejaDesktop and adding the acronym “CRM” after “DejaOffice®.”
    • April 12, 2020: In the CCPA Information Collection and Sharing Notice, amended the second list in the Information Shared for Business or Commercial Purposes subsection (including adding a bullet point about appropriately crediting someone for the use of their intellectual property) to better align it with the list in Disclosure of Personally Identifying Information. Also adjusted the punctuation in that list for greater consistency. Updated Information I Receive for Security Purposes to note that I may also receive such security-related information through the security features, firmware, software, and/or services of my ASUS and/or Netgear routers.
    • April 7, 2020: In Information I Receive from Third Parties for Security Purposes, changed the phrase “from other external sources such as …” to just “from sources such as …” (since “external” was potentially confusing here).
    • April 5, 2020: In the CCPA Information Collection and Sharing Notice, made a slight adjustment to the wording of the bullet point on sex, gender, gender identity, and/or gender expression (to separate the latter two items with a comma and “and/or” rather than a slash) and added a bullet point regarding language(s) spoken and/or preferred. (This doesn’t appear to be mentioned among the statutory categories, so I’ve listed it under “Characteristics of classifications protected by law,” since language would tend to suggest or implicate one or more characteristics that ARE specified by law.) In Disclosure of Personally Identifying Information, revised the description of dnscrypt-proxy to better describe what it does (viz., allow me to encrypt my DNS queries when I browse the web from my desktop computer).
    • April 4, 2020: Made some clarifications to yesterday’s entry on this revision list (April 3) regarding the changes to the Cookie Notice. Made some further adjustments to the Cookie Notice entries (regarding cookies set by embedded video players). In Definitions, updated the definition of “Cookies” to note that cookies are also used to help identify specific users or devices for analytics and/or advertising purposes. In Disclosure of Personally Identifying Information, amended the bullet point regarding journalistic, historical, and other nonfiction accounts to change “any associated illustrations, bibliographies, and/or metadata” to “any associated images, other media, bibliographies, and/or metadata”; revised the paragraphs following the bullet-pointed list to better explain the intended meaning of “non-public” information” and further clarify the intent and intended scope of that text; and added a reference to the CCPA Information Collection and Sharing Notice and the way some local laws have greatly expanded the definitions of the word “sale.” In the CCPA Information Collection and Sharing Notice, added a bullet point under “Commercial information” regarding information about retailers, vendors, and/or service providers. (This a clarification rather than a new type of information gathered, since this information is probably reasonably encompassed by the other examples listed in that category.) Amended the bullet point regarding “Information about specific vehicles” to also mention damage, repairs, and/or maintenance.
    • April 3, 2020: Updated the Definitions and Embedded Content section to explain that some embedded content may be saved (cached) in your browser. Also amended the latter section to clarify that this does not only apply to Google Fonts and Google Hosted Libraries. Further amended Embedded Content to note that embedded YouTube and/or Vimeo video players may show you ads (and may set cookies and/or use information the player gathers about you for that purpose). In the CCPA Information Collection and Sharing Notice, struck the word “permanent” in the phrase “death or permanent incapacity” (making it just “death or incapacity”) and changed “heirs and successors” to “heirs, successors, and/or assigns” for consistency with the corresponding language in Disclosure of Personally Identifying Information. In Disclosure of Personally Identifying Information, adjusted that bullet point to change “to third-party purchaser(s) or acquirer(s) (including, where applicable …” to “to the third-party purchaser(s) or acquirer(s) (and/or, where applicable …” for the sake of coherency and grammar. Also in Disclosure of Personally Identifying Information, updated the description of Librera Reader in the examples of third-party service providers to make some clarifications and add a link to their privacy policy; updated the description of Google services to add references to Google advertising services (which I don’t use, but may be used by apps, services, and/or websites I use) and a few additional trademark references; and updated the reference to Adobe to change “other services or tools” to “other services and/or tools”; and updated the reference to taxis and/or ride-share services to change “to meet with you via such means and/or arrange such transportation for you” to “to meet with someone via such means and/or arrange such transportation for someone.” Fixed a typographical error in an earlier item in this revisions list. Updated Cookies to clarify that the Cookie Notice forms part of this Privacy Policy; also added language to that effect to the preamble. Updated the Cookie Notice to also make that clearer, rearrange and update some text, and explain that the Privacy Policy license also applies to the Cookie Notice. Fixed a typo in this item. In the CCPA Information Collection and Sharing Notice, amended the bullet point regarding “Information about specific vehicles” to also include customization and/or modifications among the examples. (This a clarification rather than a new type of information gathered, since modifications or customization would reasonably be considered “other identifying characteristics or details,” but it seems worth specifying.)
    • April 1, 2020: Adjusted some wording in Embedded Content, for greater internal consistency and to clean up some grammatical issues. In the CCPA Information Collection and Sharing Notice, added a bullet point under “Other types of personal information” regarding gifts, donations, and contributions. (This is primarily a clarification, since gifts, donations, or contributions would probably also constitute “other types of purchases or transactions,” already listed under “Commercial information.”)
    • March 28, 2020: Added Nuance Communications, Inc. (present owner of the voice dialing software on the older of my BlackBerry devices) and the certificate management application Kleopatra (which is installed along with the Gpg4win suite) to the examples of third-party service providers under Disclosure of Personally Identifying Information.
    • March 27, 2020: In Disclosure of Personally Identifying Information, updated the bullet point regarding public responses to an inquiry or support request to also reference the Contact Forms section as well as the Other Inquiries, Messages, and Support Requests sections, for internal consistency. (I neglected to update this item when I added the Contact Forms section earlier this year.) Fixed some typographical errors in this revisions list. In License for This Policy, fixed the capitalization of Legalmattic.
    • March 23, 2020: Added the F-Droid repository and client app to the examples of third-party service providers under Disclosure of Personally Identifying Information.
    • March 22, 2020: Amended the revision made March 19 by changing the phrase “person or people to whom …” to “person(s) to whom …” (to better convey the intended meaning and specificity of that phrase). For the same reason, in the language about de-identified, anonymized, redacted, and/or aggregated information, changed “such that it could not reasonably be used to identify the specific person(s) to whom it pertains” to just “such that it could not reasonably be used to identify specific person(s) (other than me, if I am somehow included in that information and elect not to de-identify, anonyimize, redact, and/or aggregate my own information).” Fixed a minor formatting error. In Advertising, Disclosure of Personally Identifying Information, and CCPA Information Collection and Sharing Notice, clarified the language about advertisers (to specify that I don’t let advertisers use technologies like scripts or cookies to gather information about you through the publicly visible portions of this website) and fixed some inconsistent wording. Also in Disclosure of Personally Identifying Information, struck the automotive sites listed among the examples of third-party service providers (as they’re unlikely to be applicable in the context of this website). In CCPA Information Collection and Sharing Notice, changed “to protect property, rights, and/or safety” to “to protect property, rights, security, and/or safety” to align with the recent revision of the corresponding language in Disclosure of Personally Identifying Information.
    • March 21, 2020: Added some additional automotive sites to those listed among the examples of third-party service providers under Disclosure of Personally Identifying Information.
    • March 20, 2020: In CCPA Information Collection and Sharing Notice, amended the biometric information item to also mention fingerprints. (I have no means of analyzing, identifying, or using fingerprint data, but the law and its associated regulations make no such distinction.) Added Intel to the examples of third-party service providers under Disclosure of Personally Identifying Information.
    • March 19, 2020: In Disclosure of Personally Identifying Information, changed “Where that information otherwise is or was already publicly available” to “If that information otherwise is or was already publicly available” (to avoid potential ambiguity about the intended meaning of the word “where” in this context). In the bullet point regarding de-identified or aggregated information, inserted the word “specific” before “person or people to whom it pertains.” In the CCPA Information Collection and Sharing Notice subsection regarding Information Shared for Business or Commercial Purposes, changed “where” to “if” (and changed “Where I deem it reasonable and appropriate …” to “As I deem reasonable and appropriate …”) in the third bullet-pointed list and made some wording adjustments for consistency with the Disclosure language.
    • March 18, 2020: In Advertising, changed “use scripts or cookies to collect information about you while you are on the publicly visible/publicly accessible portions …” to “use scripts, cookies, web beacons, or other such technologies to collect information about you while you are visiting the publicly visible/publicly accessible portions …”; changed “(and can typically tell that you came from this website)” to “(and may be able to tell that you came from this website)”; and changed “NOT normal site visitors” to “NOT other site visitors.” In Disclosure of Personally Identifying Information, added a paragraph about advertising (basically to reiterate what it says in Advertising above) and fixed a technical problem with one of the links.
    • March 17, 2020: In the CCPA Information Collection and Sharing Notice subsection regarding Information Shared for Business or Commercial Purposes, changed the phrase “the management of my business” to “the management or operation of my business” and added the phrase “for publication and/or for use in or with my published work(s)” after “any images and/or other media you submit to me” in the interests of clarity. Also added a bullet point to the list following that one regarding the sharing of information that is already publicly available. (This is already noted elsewhere in that section, but I want to make it absolutely clear; I am quite alarmed by the unconstitutional effort of the CCPA and its associated regulations to restrict free expression and freedom of the press in the name of “consumer privacy.”)
    • March 16, 2020: In Disclosure of Personally Identifying Information, changed some additional instances of the second person to the third person (e.g, changing “you” to “someone,” “they,” or “the person or people to whom the information pertains”), continuing the update begun on March 15. In Embedded Content, changed the phrase “may include, but is not limited to …” to “may include, but is not necessarily limited to …”; changed “From time to time …” to “Not all of the above embedded content is necessarily used on the site at any given time, and from time to time …”; and added the phrase (“but without limitation”) after “for example” for greater clarity. Corrected some typographical errors in this revisions list.
    • March 15, 2020: In the CCPA Information Collection and Sharing Notice, amended the example under “Additional categories of personal information” regarding medical information to change “(e.g., health conditions, treatments or therapies received)” to “(e.g., health conditions and/or tests, treatments, and/or therapies received).” Also amended “and most of the insurance-related data I do receive is in aggregated form” to “and much of what insurance-related data I do collect is in aggregated form.” In Disclosure of Personally Identifying Information, amended “property, rights, and/or safety” to “property, rights, security, and/or safety” (to clarify the intended meaning of that phrase; obviously, “security” may encompass various threats and/or potential threats to property, rights, or safety). Also in that section, changed several instances of the second person to the third person (e.g, changing “you” to “someone,” “they,” or “the person or people to whom the information pertains”) to avoid potential confusion and amended the bullet point on historical, journalistic, and other nonfiction accounts to restore the word “accounts” (which had been accidentally deleted), change “associated bibliographies and/or metadata” to “associated illustrations, bibliographies, and/or metadata,” and change “which may include images and/or other media such as …” to “and may include images and/or other media such as, again without limitation …” Made a related change (adding “without limitation” and “again without limitation”) to the corresponding paragraph of Other Information I Receive from Third-Party Sources for consistency. In Information Captured by Service/Software/App/Device Telemetry, changed the phrase “about me and/or other individuals” to “about me and/or other individuals and/or households.” Removed some extra spaces.
    • March 14, 2020: In the CCPA Information Collection and Sharing Notice, amended the first example under identifiers to also specify nicknames. (This is essentially a clarification rather than an addition, as I would consider nicknames to be a type of alias/pseudonym.) In Disclosure of Personally Identifying Information, added automotive history and information sites (such as, without limitation, Allpar, AROnline, AutoZine, CarDomain, Curbside Classic, Dean’s Garage, Hemmings, Hooniverse, Indie Auto, Mazda 3 Forums, Mazdas247, The Truth About Cars, and TrueDelta) and the Opera browser (and/or its integral VPN/proxy service) to the examples of third-party service providers. Clarified an earlier item on this revisions list.
    • March 13, 2020: In the CCPA Information Collection and Sharing Notice, updated the geolocation data bullet to change the word “data” to “information” and edited the examples to illustrate that geolocation information can include movements as well as location (as is already noted in the Definitions).
    • March 12, 2020: In Disclosure of Personally Identifying Information, updated the paragraph following the bullet-pointed list to clarify that that language also applies to content I edit and/or write, and/or on which I consult, as part of my professional work (as well as work that I write and/or publish myself in that context). (I hope that this was previously implicit, but I don’t want there to be any confusion on this point.) In the bullet points, changed “journalistic or historical accounts” to “journalistic, historical, or other nonfiction accounts” (to limit hairsplitting about what is and isn’t “journalism”) and changed “in the course of researching and writing same” to “in the course of researching, writing, and/or editing same.” Also made some related clarifications in Other Information I Receive from Third-Party Sources.
    • March 11, 2020: Some wording adjustments: In Other Inquiries, Messages, and Support Requests, changed “the message itself might also be publicly visible” to “the messages themselves might also be publicly visible.” In the CCPA Information Collection and Sharing Notice, clarified the examples under commercial information by changing “property and/or services” to “personal property, products, goods, and/or services” (which is what that bullet point was always intended to encompass; the change is simply to make that clearer), fix a missing serial comma in that section, and change “purchasing or consuming history or tendencies” to “purchasing or consuming history and/or tendencies” (since one tends to suggest the other).
    • March 10, 2020: In Disclosure of Personally Identifying Information section, changed “repair, maintenance, and/or service providers” to “repair, maintenance, and/or technical service providers” for clarity.
    • March 9, 2020: In Disclosure of Personally Identifying Information, added Dell, LG, and Logitech to the examples of third-party service providers. In that same list, updated the description of WordPress.org to note that their privacy policy also applies to my use of their website and/or support forums to help me manage and troubleshoot this site. In the CCPA Information Collection and Sharing Notice, changed instances of the phrase “names or other personal information” to “names and/or other types of personal information” for internal consistency (and so as not to cause confusion with the usage outlined in Definitions). Also added airlines, bus or rail services, hotels, motels, other lodging providers, travel agencies, travel bureaus, travel brokers, and the developers of this website’s theme(s), plugins, and/or add-ons to the examples of third-party service providers under Disclosure of Personally Identifying Information (noting that my communications with such developers are typically but not always via the WordPress forums). Fixed a typo in this list.
    • March 8, 2020: In the CCPA Information Collection and Sharing Notice, struck the word “larger” in the phrase “and in the larger context of my business …” (since it might be confusing in this context).
    • March 7, 2020: In Disclosure of Personally Identifying Information, amended the bullet point on journalistic and/or historical accounts to clarify that, where applicable, information may be shared as part of the bibliographies and/or metadata of such content as well as within the content itself. Adjusted the formatting of that bullet point for greater readability.
    • March 6, 2020: In Disclosure of Personally Identifying Information, added Wikimedia Foundation, Wikipedia, and other Wikimedia projects and services to the examples of third-party service providers and changed “libraries, archives, and/or databases” to “museums, libraries, archives, and/or databases.” Removed some extra spaces.
    • March 4, 2020: In the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes, changed “for whom I provide writing/editing/writing consulting services” to “for whom I provide (and/or to whom I offer) my writing/editing/writing consulting services.” (I believe this was implicit before, but it seemed worth spelling it out.) In Disclosure of Personally Identifying Information, updated the description of messaging services/apps/clients to strike the phrase “if I communicate with you through such means” and move that example to an earlier point in the same bullet point. Also changed the phrase “which I may use if I need to correspond with you via postal mail and/or send or receive packages” to “for the purposes of sending and/or receiving correspondence and/or packages.” Added other VoIP, voice chat, teleconferencing, and/or video chat services to the examples of third-party service providers. Further updated the CCPA Information Collection and Sharing Notice to clarify that the categories of information collected are NOT necessarily only from California residents (since I often have no reasonable way of knowing whether someone is a California resident or not) and made some minor textual adjustments for clarity.
    • March 3, 2020: In Definitions, amended the geolocation definition to more closely align with the statutory definition, broaden the examples presented, and note that geolocation information can also refer to movements as well as location. In CCPA Information Collection and Sharing Notice, further adjusted the wording, order, and examples of the listed categories to better align with the categories defined by the applicable statutes. Also added language explaining that some categories may overlap, that the list includes some categories the law does not specifically describe, and that the examples are intended to be representative but not exhaustive. Throughout this policy, changed several references to “local/offline storage” to “local and/or offline storage.” Fixed a typo in this revisions list.
    • March 2, 2020: In License for This Policy, added a link to Automattic’s Legalmattic repository and fixed an HTML issue with one of the existing links. In Definitions, updated the definition of embedded content to change “such as scripts, fonts, or video players” to “such as (without limitation) images, scripts, fonts, or video players”; updated the cookies definition to include definitions of first-party and third-party cookies and tracking cookies; and added a definition of pixel tags (in the cookies bullet point). In Embedded Content, changed “In certain cases, embedded content providers can also detect …” to “In some cases, embedded content providers can also detect other information, such as (without limitation) …” In Additional Information About Data Retention, added language about preservation requests from government and/or law enforcement agencies. In Disclosure of Personally Identifying Information, added storage facilities, information/document management services, movers, moving companies, and/or relocation services to the examples of third-party service providers. Removed some extra spaces.
    • February 29, 2020: In Disclosure of Personally Identifying Information, changed the phrase “either provided by you or obtained from third parties” to “provided by you and/or obtained from third parties” for greater consistency of wording and updated the descriptions of some of the open-source and freeware tools listed among the examples of third-party service providers to better reflect who created/develops those tools (also reordering some of them to put them in mostly alphabetical order by developer). Added the GIMP Batch Image Manipulation Plugin by Alessandro Francesconi to the listed examples. Fixed a punctuation error in that section. In the last paragraph of the CCPA Information Collection and Sharing Notice section, changed the phrase “using one of the methods shown under …” to “using any of the methods described under …” In the Controllers, Questions, and How to Reach Me section, adjusted the language about CCPA requests for greater consistency with the preceding sections. (There’s no substantive change, just an effort to make the wording more internally consistent.)li>
    • February 28, 2020: Made some adjustments to the wording of the final paragraph in the Disclosure of Personally Identifying Information section regarding security measures, borrowing some additional language from the Automattic Privacy Policy as of December 31, 2019. (See the “License for This Policy” section toward the top of this page for links to that policy and its license.) Updated the Definitions to note that this policy treats “gather” and “collect” synonymously and changed some instances of “gather” to “collect” throughout. (This change is to hopefully avoid any confusion about the wording of certain legally required disclosures.) In Disclosure of Personally Identifying Information, updated the link to the BlackBerry Mobile Privacy Policy; fixed a punctuation error in that section; changed “messaging services, apps, and/or clients such as …” to “messaging services, apps, and/or clients such as (without limitation) …”; and added repair, maintenance, and/or service providers to the listed examples of independent contractors and third-party service providers Amended the data retention bullet point under Contact Forms to clarify that retained form data is typically moved to offline/local storage after receipt and I may sometimes redact portions that I no longer need. In the last paragraph of the Additional Information About Data Retention section, changed “the website’s online database(s) and mail servers, transferring the data to offline storage” to “the website’s online database(s) and/or mail servers, transferring the data to local/offline storage.” Updated Information I Receive from Third Parties for Security Purposes to include the Play Protect feature of Google Play among the listed examples of security data sources.
    • February 27, 2020: Amended the CCPA Information Collection and Sharing Notice section to add other types of identification, account, and/or membership numbers/identifiers to the examples of identifiers collected; add information about membership in and/or affiliation with other types of groups and/or clubs to the examples of other types of personal information collected; amend several of the examples under commercial information to include considering purchasing or using as well as desiring/intending to do so (making various minor wording adjustments to fit that into the existing language); change “Audio, electronic, visual, or similar information” to “Audio, electronic, visual, olfactory, or similar information”; and change “Skills/aptitudes” to “Skills, aptitudes, abilities, and/or intelligence.” (These changes aren’t new additions so much as an effort to better describe the types of information I have collected/may collect.)
    • February 26, 2020: In the CCPA Information Collection and Sharing Notice section, corrected an erroneous reference to the CCPA as the “California Consumer Protection Act” rather than the California Consumer Privacy Act.
    • February 25, 2020: Updated the preamble to add links to the privacy policies of my other websites. In Other Information You Provide to Me, changed “through or in connection with this website (and/or pertaining to my work and/or other creative endeavors)” to “through and/or pertaining to this website.” In Disclosure of Personally Identifying Information, added a bullet point about publicly acknowledging and/or thanking you for your assistance. Corrected an erroneous use of “us” rather than “me” in that section. Made a number of minor wording adjustments to Categories of Information and Purposes for Collection; Other Inquiries, Messages, and Support Requests; Data in Submitted Images; Data Related to Recruitment/Hiring or Business Partnerships; Other Information I Receive from Third Parties; Additional Information About Data Retention; and Disclosure of Personally Identifying Information to replace some general references to my “business” to relate more specifically to this website (which is the intended scope of this policy). In Categories of Information and Purposes for Collection, also changed “Providing a service” to “Providing services” to match the wording used elsewhere in this policy. (I somehow missed that in the earlier revision.) In Disclosure of Personally Identifying Information, added notaries to the examples of third-party service providers. In Additional Information About Data Retention, changed “correspond regarding this website or related matters” to “correspond regarding this website and/or related matters” and changed “Any names and/or company/domain names I’ve entered into my spell-checking dictionaries” to “Names and/or company/domain names I’ve entered into my spell-checking dictionaries.” In that section and Other Information I Receive from Third-Party Sources, changed “… that I deem unusable and/or elect not to use” to “… that I deem unusable, elect not to use, and/or no longer need.”
    • February 24, 2020: In the Contact Forms and Other Information I Receive from Third-Party Sources sections, added links to the Additional Information About Data Retention section. Updated the references to that section in the Other Inquiries, Messages, and Support Requests; Other Information You Provide to Me; and Financial Transactions Policy sections for consistency of wording (also adding a link to the data retention bullet point at the beginning of the latter section). Clarified the data retention language in Data in Submitted Images and Data Related to Recruitment/Hiring or Business Partnerships. Further amended Other Information I Receive from Third-Party Sources to add some provisos to the data retention bullet point at the beginning; change “I can’t retain or remember every fact I see, read, or hear, but I do typically retain my notes” to “I can’t and don’t retain or remember every fact I see, read, or hear, but I do typically retain my notes in some form or other”; and note that I may delete or discard certain research notes, materials, and/or information that I deem unusable and/or elect not to use. Added similar language (also including drafts) to the first bullet point in Additional Information About Data Retention. Rearranged some of the text in the latter section to put it in a more logical order and made some other minor clarifications and additions. In Information I Receive from Third Parties for Security Purposes, clarified the reference to EasyList to note that it provides filter lists I may use with browser extensions (rather than being a browser extension in itself). Also added Hosh Sadiq’s filter list to that section. In the latter section, slightly amended the language regarding Epic Privacy Browser to change “through my use of …” to “through and/or in connection with my use of …” and changed “if you are or were involved with the subject(s) of content I write and/or edit” to “if you are and/or were involved with the subject(s) of such content.”
    • February 23, 2020: Streamlined and clarified the first paragraph of the Other Inquiries, Messages, and Support Requests section. Added a bullet point to Additional Information About Data Retention regarding postal mail and physical documents and amended the bullet point about email to include “mass mailings” as well as “obvious spam” among the types of email messages I promptly delete.
    • February 22, 2020: In Financial Transactions Policy and Disclosure of Personally Identifying Information, amended references to common carriers and/or shipping agencies to specify postal service(s), common carrier(s), and/or shipping agencies (singular or plural). (I had previously assumed that government-operated postal services were considered a type of common carrier, but I recently learned that that isn’t technically accurate in at least some jurisdictions; in any case, that language was intended to encompass both publicly owned postal services and other types of shipping/delivery services!) Updated the wording of the policy’s descriptions of some Google services, including noting that Google is a registered trademark of Google LLC. Also adjusted the descriptions of Yahoo! services. Fixed a formatting error. Added reCAPTCHA to the examples of Google services and added language about that service to Information Captured by Service/Software/App/Device Telemetry.
    • February 20, 2020: In the Contact and Image Authorization Forms section, clarified Data Retention slightly to note that I must retain information from California Privacy Request Form submissions.
    • February 19, 2020: In the Financial Transactions Policy, updated the Google Voice notice to clarify that notifications of missed calls to clarify that number may also be forwarded via email; change “… texts, or other messages” to “… texts, and/or other messages”; and clarify that calls and/or messages are subject to this Privacy Policy as well as the listed Google policies. Simplified and clarified the Data Retention subsection, adding a link to the Additional Information About Data Retention section of this policy. Updated Other Inquiries, Messages, and Support Requests and Additional Information About Data Retention, moving the information about data retention from the former to the latter section and making various amendments and clarifications to that information. In the Data Retention bullet point at the beginning of the Comments section, changed
      “… or comments on …” to “… and/or comments on …” In the Data Retention bullet point at the beginning of the Contact Forms section, changed “…” or any submission …” to “… and/or any submission … and added “… for compliance purposes” after “California Privacy Request Form submissions must be retained for at least 24 months.” Amended Data in Submitted Images to note that I may also elect to remove metadata from images or media files and/or may remove it incidentally while preparing the images/files for use. In Other Information You Provide to me, changed “… through or in connection with this website” to “… through or in connection with this website (and/or pertaining to my work and/or other creative endeavors).”
    • February 18, 2020: Made further amendments to the Financial Transactions Policy, principally to indicate that some provisions apply to payments I make as well as ones I receive and make a number of minor clarifications. Also changed “… such as (again without limitation) Form 1099-MISC” to “… such as (again without limitation) Form 1099-MISC and/or Form W-9.” In Disclosure of Personally Identifying Information, changed the phrase “(which process — and may sometimes audit or otherwise investigate — site-related financial transactions)” to “(which process — and may sometimes audit or otherwise investigate — my financial transactions).” Fixed some errors in the Table of Contents, including a reference to a section that no longer exists and an incorrectly named (and ordered) reference to the Data Retention section, renaming the latter “Additional Information About Data Retention” to avoid confusion. In Other Information You Supply to Me, changed “My use of personal information …” to “My use and retention of personal information …” and added a link to the Additional Information About Data Retention section. Removed some extra spaces. Fixed an error in this revision list (a previously listed change that wasn’t actually implemented due to some mishap). In Additional Information About Data Retention, changed “any financial transactions or legal agreements” to “any financial transactions and/or legal agreements”; changed “… which includes records of purchases or payments I make in connection with the website” to “… which includes (but is not limited to) including (but not limited to) records of purchases or payments I make or receive in connection with the website and/or my business”; and added an extra sentence to that bullet point: “I must also retain my tax records for bookkeeping and compliance purposes.”
    • February 17, 2020: Added a new Financial Transactions Policy subsection, following Data Related to Recruitment/Hiring or Business Partnerships, and a corresponding Transaction-Related Information I Receive from Third Parties section. Amended the Embedded Content bullet point about PayPal to refer to the Financial Transactions Policy for information related to PayPal transactions with me. Amended the Information You Provide to Me section to also refer to the Financial Transactions Policy. Amended the bullet point in Disclosure of Personally Identifying Information about dispute investigations involving third-party service to refer back to the Financial Transactions Policy and add some additional explanatory text. In Disclosure of Personally Identifying Information, changed “… for me to make informed hiring, employment, and/or business decisions regarding prospective employees, independent contractors, or business partners” to “… to enable me to make informed hiring, employment, and/or business decisions regarding prospective employees, independent contractors, and/or business partners.” Amended the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes to better align text on information-sharing with the provisions in the Disclosure of Personally Identifying Information section. Made various minor clarifications throughout the CCPA Information Collection and Sharing Notice.
    • February 16, 2020: Amended the CCPA Information Collection and Sharing Notice to add “Information about individuals’ professional reputations” to the examples of employment-related information and “Information about individuals’ public and/or personal reputations” to the examples of other types of personal information (to spell out more explicitly what was hopefully already indicated by the other examples presented).
    • February 15, 2020: Amended the text throughout to clarify that I am a professional writer/editor and writing consultant (as well as a writer/editor). (This doesn’t represent any change in my actual business, just an effort to better describe it here.) To that same end, in the CCPA Information Collection and Sharing Notice, amended the Information Shared for Business or Commercial Purposes subsection to change “offering my articles or other content” to “offering my content or writing/editing/writing consulting services”; change “if that content incorporates any names or other personal information” to “if that content incorporates or involves any names or other personal information”; change “other content I am creating and/or editing for commercial advantage” to “other content I am creating and/or editing (and/or on which I am consulting) for commercial advantage.” In Other Information I Receive from Third Parties, changed “articles or other content I write and/or edit” to “articles and/or other content I write and/or edit (and/or on which I consult)” and changed “including people involved with …” to “including information about people involved with …” Added a bullet point to Disclosure of Personally Identifying Information about information incorporated into journalistic and/or historical content I publish or otherwise disseminate. Fixed a number of typographical errors. In Consents and Agreements, changed “site-related dispute or legal action” to “related dispute or legal action.” In Other Inquiries, Messages, and Support Requests, changed “my phone” to “my phone(s)” for internal consistency. In the examples of third-party service providers under Disclosure of Personally Identifying Information, changed “… and/or purchase site-related materials” to “… and/or purchase materials related to my research and/or my business.” Added registered trademark symbol to Flickr; removed it because it’s unclear if that’s correct or not.
    • February 12, 2020: Made some minor adjustments to the wording of Reports and Aggregated Statistics. Updated the text throughout to change the name of the CCPA Request Form to the California Privacy Request Form to reduce the risk of confusion. Updated Controllers, Questions, and How to Reach Me to add another link to the Do Not Sell My Personal Information page. In the Your California Privacy Rights section, added q attributes to longer quotes; subsequently removed them to avoid browser compatibility issues. In CCPA Information Collection and Sharing Notice, amended the wording of the Categories of Personal Information Collected subsection to change “… and/or similar records for writers, artists, designers, performers, developers, engineers, scientists, and/or other professionals” to “… and/or other comparable information about writers, artists, designers, performers, developers, engineers, scientists, and/or other professionals” and change “e.g., if an individual has been accused of or charged with a crime …” to “e.g., regarding an individual having been accused of, charged with, and/or convicted of a crime, and/or involved in a civil lawsuit …” (As with most of the many wording adjustments and minor amendments I’ve made to this policy in recent months, this change doesn’t represent a new type of collection, but rather my ongoing struggle to describe and categorize the scope of my normal business practices, particularly as regards my research!) Made assorted minor clarifications to this revision list. Further amended the CCPA Information Collection and Sharing Notice to note that parents or legal guardians can submit requests on behalf of their minor children through the Do Not Sell My Personal Information page; to fix some discrepancies in the contact instructions; and to change “Applicable law and/or regulations may stipulate the maximum time allowed for acknowledging and/or responding to your request” to “Applicable law and/or regulations stipulate the maximum time allowed for acknowledging and/or responding to your request.” Clarified some potentially confusing language in Your Rights (GDPR and State Laws).
    • February 11, 2020: In Other Information I Receive from Third-Party Sources, changed “… will give you a sense of what kinds of personal information I collect” to “… will give you a sense of what kinds of personal information I may collect.” In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to change “Information about other property or services …” to “Information about property and/or services …”; change “sports and/or other pastimes” to “sports, games, and/or other pastimes”; change “Publishing histories/bibliographies/discographies/filmographies/portfolios/development credits/patent records…” to “Publishing histories/bibliographies/discographies/filmographies/performance histories/broadcast histories/portfolios/development credits/patent records and/or similar records …”; and change “… scientists, and other professionals” to “… scientists, and/or other professionals.” In Disclosure of Personally Identifying Information, added Abine Inc.’s Blur (formerly known as DoNotTrackMe) and Cliqz International GmbH’s Ghostery® browser extension to the examples of third-party service providers. Updated Contact Forms to note that while CCPA Request Forms will not be published, I may release de-identified and/or aggregated information or statistics about requests received. (Also fixed some punctuation issues and changed some instances of “or” to “and/or.”) Added a new section on Reports and Aggregated Statistics. Made some further updates to Contact Forms, including adding additional language regarding CCPA Request Forms.
    • February 10, 2020: Fixed an error in an older item on this revision list. In Categories of Information and Purposes for Collection, renamed “Providing a service” to “Providing services” (also making this change globally) and added a new category: “Recruitment/hiring or business partnerships.” Added that category to the listed purposes in the Consents and Agreements; Comments; Other Inquiries, Messages, and Support Requests; Data in Submitted Images; Information I Receive from Third Parties for Security Purposes; and Other Information I Receive from Third-Party Sources sections. Added “advertising and other commercial purposes” to the purposes listed for Comments and Personal Information. (These changes don’t represent a change in how I use information so much as an effort to more accurately categorize it.) Added a new subsection, Data Related to Recruitment/Hiring or Professional Partnerships, and added corresponding language to Other Information I Receive from Third-Party Sources, Information I Receive from Third Parties for Security Purposes, and Disclosure of Personally Identifying Information. In Disclosure of Personally Identifying Information, added employment agencies and background check services to the examples of third-party service providers. In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to add sports and/or other pastimes to the existing bullet point about opinions and tastes in the examples of commercial information; add grades and/or scores on standardized or aptitude/skill tests to the examples of education information; add professional certification or licensure, skills/aptitudes, professional references, and resumes to the examples of professional or employment-related information (combining “resumes/CVs” into a new bullet point); add credit ratings and past foreclosures to the examples of other financial information; and change “… of a public figure” to “… of public figures.” In Definitions, amended the definition of “referring site” to change the word “Whenever” to “When” and change the phrase “although the actual name of the HTTP header is …” to “although the actual name of the HTTP header that conveys this information is …” Amended California Privacy and Data Protection Rights to more clearly state that authorized agents can also find information on filing a request on the Do Not Sell My Personal Information page and to add a hyphen to “opt-out” to align with the usage in the applicable regulations. Added a new Contact Forms section. Updated Data Retention to add that I must retain CCPA requests for at least 24 months for compliance purposes and note that how long I reasonably need to retain other types of information may be dictated by applicable law/regulations and/or other legal obligations. Amended Advertising and the CCPA Information Collection and Sharing Notice subsection on Information Shared for Business or Commercial Purposes to note that if you click on advertising links, the advertiser may be able to tell that you came from this website. In CCPA Information Collection and Sharing Notice, made some further clarifications to the Collection Sources and Information Shared for Business or Commercial Purposes subsections.
    • February 8, 2020: In the CCPA Information Collection and Sharing Notice section, clarified the Categories of Personal Information Collected subsection by changing “These categories include information …” to “These categories also include information …” In Categories of Information and Purposes for Collection, amended the description of “Functionality” to strike the word “listed” and amended the description of “Providing a service” to change “… to provide some service or perform some action you ask (or have asked) me to perform” to “… to perform some action you have asked me to perform, provide my services, and/or conduct the normal activities involved in running my business and offering my services.” In that same section, also reworded the description of “Research and publishing” to change “I use the information as part of the research involved in my writing and editing work and/or other creative endeavors, and/or to help me decide what content to create and/or publish on this website in the future” to “I use the information as part of the research involved in creating and publishing my content, my other writing/editing work, and/or other creative endeavors, and/or to help me decide what content and/or other work to create and/or publish in the future”; reworded the description of “Security, troubleshooting, quality control, and technical improvement” to change “… to help me protect this website, its data, its users, and me from malicious activity; troubleshoot and resolve technical problems; and/or improve the quality and functionality of the site” to “… to help me protect this website, its users, my data, my systems/devices, my business, and/or me from malicious activity; troubleshoot and resolve technical problems; and/or maintain and/or improve the quality and functionality of the site and/or my services”; and reworded the description of “Advertising and other commercial purposes” to change “… monetize the site and its content in other ways” to “… monetize the site and/or my content in other ways.” Added “fulfilling a contractual obligation” to the listed purposes for Certificate Authority Checks; Online Tracking (along with some additional explanatory text); Security Scans (along with some additional explanatory text); Consents and Agreements; Other Inquiries, Messages, and Support Requests; Data in Submitted Images; and Other Information I Receive from Third-Party Sources. Added “functionality,” “fulfilling a contractual obligation,” and “legal compliance or audit” to the listed purposes for Website Server, Error, and Security Logs (along with some additional explanatory text). Added “fulfilling a contractual obligation” and “legal compliance or audit” to the listed purposes for Information I Collect from Third Parties for Security Purposes (along with some additional explanatory text). Fixed a typographical error in Embedded Content.
    • February 7, 2020: In Browser Tests, amended the purposes to also include “security, troubleshooting, quality control, and technical improvement.” In Embedded Content, amended the categories of information gathered to change “other browser settings/configuration details*” to “other browser settings/configuration details/add-ons*” and added “the presence of other cookies*” to better align with the actual text of that section. Amended the Advertising section and the CCPA Information Collection and Sharing Notice section’s subsection on Information Shared for Business or Commercial Purposes to clarify that some ads that appear on the site’s administrative dashboard (not normally visible or accessible to visitors other than logged-in site administrators) may include embedded content and/or other information-gathering mechanisms. Amended the CCPA Information Collection and Sharing Notice subsection on Categories of Personal Information Collected to note that while I do not knowingly collect personal information from minor children through this website, I may sometimes do so as part of my other writing/editing work.
    • February 6, 2020: In Disclosure of Personally Identifying information, updated the examples of third-party service providers to include insurers (and/or, where applicable, their respective affiliates, agents, brokers, claims adjusters, subcontractors, and/or subsidiaries).
    • February 4, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to include other applicable telephony and/or email providers and note that Bitdefender may also use various subprocessors such as (without limitation) Akamai Technologies, Inc., and Amazon Web Services. Restored the Age Verification section, which had been inadvertently deleted, made some minor updates to its language and formatting, and added category information like that of the other sections.
    • February 3, 2020: In Other Inquiries, Messages, and Support requests, further clarified the language regarding the use of third-party webmail services. Added links throughout to the Google Voice Privacy Disclosure and clarified some references to Google Voice. Fixed some punctuation issues. Corrected the spelling of FeedBurner.
    • February 2, 2020: Throughout, replaced most instances of the phrases “images or other media” and “photos and/or other media” with “images and/or other media” for greater internal consistency. In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to include information about awards, honors, other recognition, prizes, and/or winnings in games of chance or skill. Fixed a typo in this list. Tidied up the language recently added to Other Inquiries, Messages, and Support Requests.
    • February 1, 2020: In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection to change “Political affiliations and/or activity” to “Political affiliations, opinions, and/or activity.” In Definitions, clarified the definition of “Images or other media.” Updated Security Scans to note that Google services may also scan messages for spam or malicious code. Updated Other Inquiries, Messages, and Support Requests to describe Google Voice among the examples of communication methods, fix a formatting problem, note that Google Voice notifications and/or transcripts are among the types of messages that may be sent via Gmail, update the trademark notice, and change “personal Gmail account” to “personal Gmail accounts.” Updated Information I Receive from Third Parties for Security Purposes to include Google among the listed information sources. In Disclosure of Personally Identifying Information, added Google Voice to the examples of Google Services and fixed a typographical error in that section.
    • January 31, 2020: In Disclosure of Personally Identifying Information, added Qualcomm to the examples of third-party service providers.
    • January 30, 2020: Added Adblock Plus and EasyList to the examples of information sources under Information I Receive from Third Parties for Security Purposes and the examples of third-party service providers under Disclosure of Personally Identifying Information. Corrected a couple of inadvertent uses of “our” rather than “my.”
    • January 29, 2020: In Disclosure of Personally Identifying Information, amended the description of Epic Privacy Browser to update the name of their associated search engine (now called EpicSearch.in) and note that their default search engine is now Yahoo.
    • January 28, 2020: In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected to change “such as photographs, videos, audio recordings, and/or other media …” to “such as photographs, illustrations and/or other images, videos, audio recordings, and/or other media …” Also changed “… which are often revealed in IP address and/or user agent information)” to “… which are often revealed in IP addresses, user agent information, email signatures, and/or metadata).” Added an additional example under commercial information regarding stocks and/or securities ownership and/or purchases/transfers. Amended the Collection Sources subsection to also include podcasters and/or other media creators.
    • January 26, 2020: In Definitions, corrected the spelling of “referer” [sic] and clarified that it is (mis)spelled that way on purpose.
    • January 24, 2020: In CCPA Information Collection and Sharing Notice, further amended the Information Shared for Business or Commercial Purposes subsection to change the bullet point that read “Any individual or entity with whom I communicate and/or collaborate in the process of researching and developing my content, writing/editing work, and/or other creative endeavors” to “Any individual or entity with whom I communicate, consult, and/or collaborate in the process of researching and developing my content, writing/editing work, and/or other creative endeavors, and/or who communicates and/or consults with me regarding their content and/or other creative endeavors.” In Disclosure of Personally Identifying Information, added “taxi and/or ride-share services” to the examples of third-party service providers. In that list, separated Microsoft into its own bullet point and fixed a typographical error.
    • January 23, 2020: In Information I Receive from Third Parties for Security Purposes, changed “via the Mozilla Firefox browser” to “via Mozilla Firefox and/or other web browsers” and also added Google Safe Browsing (which is used by Mozilla Firefox, various other web browsers, and some other online services) to the examples of information sources. Fixed a typo in that list. Added InformAction’s NoScript extension to that section and to the examples of third-party service providers listed under Disclosure of Personally Identifying Information. Also added the CAD Team (maker of the Cookie AutoDelete browser extension), Nodetics (maker of the Cookiebro – Cookie Manager extension), and Thomas Rientjes’ Decentraleyes to the latter list.
    • January 22, 2020: In CCPA Information Collection and Sharing Notice, further amended the Information Shared for Business or Commercial Purposes subsection to change “… sharing and/or discussion of information that is already publicly available” to “… sharing, discussing, and/or otherwise disseminating information that is already publicly available.” Added Font Awesome to the examples of Embedded Content providers and third-party service providers in Disclosure of Personally Identifying Information.
    • January 21, 2020: In CCPA Information Collection and Sharing Notice, amended the Categories of Personal Information Collected subsection’s examples of commercial information collected to include information about art, books, other publications, films, videos, and/or other media an individual or household has read, watched, or otherwise consumed (or desires/intends to consume) and opinions, critical judgments, tastes, and/or preferences, expressed or implied, regarding cars and/or other vehicles; art, books, other publications, films, videos, and/or other media; and/or other products, goods, or services. Also amended the item beginning “Information about other property or services …” to append “and/or desires/intends to purchase or use,” slightly rearranging the wording to better accommodate the additional clause. Amended the item under professional or employment-related information regarding authorship and rights holder information to change “for books, films, software, photographs, other published works or designs, and/or for other intellectual property …” to “for artwork, books, films, software, photographs, other media, other published works or designs, and/or other intellectual property …” Amended the Information Shared for Business or Commercial Purposes subsection to reiterate that I may also share and/or discuss information that is already publicly available (e.g., in news articles, published works, and/or public records). Also changed “the general public” to just “the public.”
    • January 20, 2020: In CCPA Information Collection and Sharing Notice, amended the Collection Sources list to also include employees, independent contractors, agents, business partners, photographers, videographers, illustrators, observers, eyewitnesses, and clients or employers for whom I provide (or have provided) writing/editing services. Made some minor adjustments to the wording and punctuation of other items on that list. Amended the Information Shared for Business or Commercial Purposes subsection to change “Editors, publishers, clients, and/or other third parties …” to “Editors, publishers, clients, employers, and/or other third parties …”
    • January 18, 2020: Updated the examples of third-party service providers in Disclosure of Personally Identifying Information and revised the Information Shared for Business or Commercial Purposes subsection of the CCPA Information Collection and Sharing Notice to include service providers and other entities who help me promote and/or sell (or otherwise offer for commercial advantage) my content, other creative endeavors, and/or services (e.g., literary or talent agents or agencies, publicists, promoters, public relations firms, ad agencies, brokers, and the like).
    • January 17, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to include DataViz®, Inc. (in connection with the Documents to Go BlackBerry® app), Tracker Software Products (in connection with their PDF creation and editing software), and a variety of open-source and freeware programs/apps. Fixed some inconsistent punctuation in that section and changed “and bookstores …” to “and/or bookstores …” Fixed a typo in this list.
    • January 16, 2020: In Disclosure of Personally Identifying Information, updated the examples of third-party service providers to include Librera Reader and Notepad++. Rearranged several items in that bullet point to put them in alphabetical order and made some minor text edits for consistency of presentation.
    • January 15, 2020: Amended California Privacy and Data Protection Rights to note that, except as otherwise required by law, privacy-related requests pertaining to children under 18 should be submitted by a parent, legal guardian, or other authorized adult representative and change “You may authorize an agent …” to “You may designate an authorized agent …”
    • January 14, 2020: Updated Information I Receive from Third Parties for Security Purposes to include some additional information sources.
    • January 13, 2020: In California Privacy and Data Protection Rights: Categories of Personal Information Collected, changed “photographs, videos, audio recordings, and other media …” to “photographs, videos, audio recordings, and/or other media …” In Comments, clarified some of the language about data retention and the deletion of comments and fixed some clunky grammar in the language about the information that becomes publicly visible when a comment is published. Rearranged some text in that section for better flow.
    • January 12, 2020: In California Privacy and Data Protection Rights, changed “The purposes for which I shared or disclosed the information” to “The categories of business and/or commercial purposes for which I collected and used the information”; changed “The categories of such third parties” to “The categories of third parties with whom personal information was shared”; rearranged the order of those bullet points; and struck the word “unredacted” from the phrase “… that exposes your unredacted personal information …”
    • January 10, 2020: In Disclosure of Personally Identifying Information, amended the language about embedded content providers’ possible use or disclosure of information to also include other service providers and/or vendors. Amended Website Server, Error, and Security Logs to clarify that the logs typically include dates and times in addition to the other types of information described.
    • January 8, 2020: Further clarified some language in CCPA Information Collection and Sharing Notice. Fixed some inconsistent punctuation and an improperly configured anchor link. In Disclosure of Personally Identifying Information, amended the link to the privacy policy for the Artifex SmartOffice app.
    • January 7, 2020: Made some minor adjustments to Categories of Information and Purposes for Collection, fixing a grammatical error and removing a parenthetical aside about “associated services” that doesn’t apply to this website. Added “advertising and other commercial purposes” to the list of potential purposes under Other Inquiries, Messages, and Support Requests; Data in Submitted Images; and Other Information I Receive from Third-Party Sources.
    • January 6, 2020: Amended Cookies to note that while the cookie descriptions include the cookies typically used on this website, embedded content providers may sometimes change or add cookies, and the descriptions may not include cookies set by certain administrative dashboard components.
    • January 5, 2020: Further amended CCPA Information Collection and Sharing Notice to include a more emphatic statement about how by the law’s broad definitions, any or all of the categories of personal information I collect in the course of my business could be deemed to be shared for business and/or commercial purposes, even if I do not “sell” personal information in the way most people understand that term. Also, in the lists of categories of personal information, moved “signatures” from “Identifiers” to “Other types of personal information” (also changing “written and/or digital” to “physical and/or digital”) and moved “domain names and/or websites/URLs” to “Internet or other online activity information.” Renamed “Information about an individual or household’s financial status” to “Other financial information” and made it a separate category. Reordered several of the items under “Other types of personal information.” Added “Other information about an individual’s online interactions” to “Internet or other online activity information” and changed “Errors and/or suspicious activity” to “Errors and/or suspicious activity on this website.” Fixed an inadvertent use of “us” rather than “me” in “Commercial information.”
    • January 4, 2020: In CCPA Information Collection and Sharing Notice, amended the examples of commercial information collected, changing “personal property or services” to “property or services” and adding a separate item about property records.
    • January 3, 2020: In Information I Receive from Third Parties for Security Purposes, added the StevenBlack hosts file to the list of examples of sources. In Definitions, in the item on “personal information,” changed “(which for the purposes of this policy I treat synonymously)” to “(terms this policy uses synonymously).” Amended Legal Bases for Collecting and Using Information to reword the first sentence (fixing the grammar and making clear that it applies to people in areas subject to European data protection laws); reorder several items; and change “to troubleshoot technical problems, and/or to appropriately respond” to “to troubleshoot technical problems, and to appropriately respond” in the last bullet point. Added the calibre ebook management suite to the examples of third-party service providers under Disclosure of Personally Identifying Information. Amended Website Server, Error, and Security Logs to add “special: other technical details*” to the types of information gathered. In Data Retention, amended the item about information related to the use of intellectual property owned by others to note that I may delete such information if I discontinue using that intellectual property for some reason (e.g., if I uninstall and delete some app or software) and change “it is my customary practice to retain …” to “I typically retain …”
    • January 2, 2020: In the Information Shared for Business or Commercial Purposes section, amended that section’s second list (the one prefaced with the sentence “I may disclose personal information I collect …”) to refer back to the Disclosure of Personally Identifying Information section, split the list into two separate lists, reordered some items, struck the phrase “for commercial advantage,” added some additional language about comments and public discussion, and adjusted the punctuation. Later in that section, in the sentence “Much if not all of the personal information I collect or access in the course of my business …” struck the words “in the course of my business” (this statement remains true whether the information is business-related or not). Also, changed the phrase “Because the proprietor of this website is a professional writer/editor and much (though not all) of the information I collect in connection with my business is intended for publication — whether on this website or elsewhere — a …” to just “Because I am a professional writer/editor …” and added some additional language about advertising disclosures. Amended Disclosure of Personally Identifying Information to reiterate (as already explained in Other Information I Receive from Third-Party Sources) that my research and writing process process often involves discussing or sharing relevant information with third parties. In the Data Retention, Disclosure of Personally Identifying Information, and CCPA Information Collection and Sharing Notice sections, changed the word “freelance” to “professional” (because not all of my professional writing/editing work is necessarily in a freelance capacity). Clarified some of the language in the Ads section and renamed that section “Advertising,” updating other references to the section accordingly. Fixed a link formatting error in Embedded Content. In Data in Submitted Images, amended the list at the beginning to note that geolocation data may be “provided by provided by the creator/rights holder/repository, determined from metadata, and/or inferred from other data.” In Definitions, in the definition of “IP address,” changed “Each device that can access the Internet has its own IP address; if you use several different Internet-capable devices, their individual IP addresses are usually all different” to “If you use several different Internet-capable devices, their individual IP addresses are typically all different (although if you have several devices connected to the same router or tethered together, they might share the same IP address so long as they remain connected or tethered).”
    • January 1, 2020: Added the International DOI Foundation to the examples of third-party service providers under Disclosure of Personally Identifying Information. In the first sentence of that section, changed “may release or disclose …” to “may share, release, or otherwise disclose …” Under California Privacy and Data Protection Rights, simplified the language about verifying your identity before processing certain privacy requests. Under Categories of Personal Information Collected, added compensation to the examples of professional or employment-related information collected and changed “Current or past employer(s)” to “Current and/or past employer(s).” Under Definitions, changed the boldface heading “Personal information” to “Personal information/personally identifying information,” since this policy treats those terms synonymously. Under Your Rights (GDPR and State Laws), clarified the wording of the first paragraph and the list of rights provided by the GDPR.
    • December 31, 2019: In Disclosure of Personally Identifying Information, amended the description of Piriform (CCleaner) to include a link to their Data factsheet and clarify that their products include security and maintenance tools (rather than just security tools). Renamed the CCPA Information Collection and Disclosure Notice section “CCPA Information Collection and Sharing Notice” and adjusted other references to that section accordingly. Reordered and clarified some of the categories of personal information listed in that section (taking some cues from the latest update of Automattic’s Privacy Policy). In Definitions, changed “personal identifiers” to just “identifiers,” clarified that that term can also include device identifiers, and amended the item about IP addresses to note that the IP address typically also reveals the Internet service provider or mobile carrier you are using.
    • December 30, 2019: In the Disclosure of Personally Identifying Information bullet point regarding independent contractors, employees, agents, and business partners, struck the parenthetical phrase “(e.g., on my writing/editing work and/or other creative endeavors)” after “collaborate with us.”
    • December 29, 2019: Extensive revamp, adding a table of contents, definitions, several new sections (including one on the possibility of personal data being captured by software/device telemetry), and additional information and disclosures related to the California Consumer Privacy Act (CCPA); reorganizing and/or renaming some sections (including integrating most of the data retention info into the applicable sections); reorganizing/updating the third-party service provider examples (including restoring some items that had been inadvertently deleted and adding others); making many minor corrections; and revising substantial portions of the text to better explain how and why I collect personal information. Moved older entries in this Recent Revisions list to a separate page. Assorted stylistic adjustments.
    • December 28, 2019: In Disclosure of Personally Identifying Information, amended the description of Bitdefender to include both the Bitdefender Mobile Security and Bitdefender Central apps and note that they use Google’s Firebase Crashlytics crash reporting service. Updated Information I Receive from Other Sources to provide an example of how the NetGuard firewall app provides information about the IP addresses or domains to which my mobile apps connect or try to connect. Added this to the description of NetGuard under Disclosure of Personally Identifying Information.
    • December 27, 2019: In California Privacy and Data Protection Rights, corrected several uses of “we” to “I” for grammatical consistency. Fixed an error in an earlier item in this revisions list
    • December 26, 2019: In California Privacy and Data Protection Rights, updated the description of the proposed verification requirements to include the verification standards that may be required for data deletion requests.
    • December 25, 2019: In Data Retention, amended the text regarding retention of images to change “It is my normal practice to retain indefinitely any images or photographs …” to “I typically retain indefinitely the photographs and/or other images …” and note that I may delete specific images if they are duplicates, if I deem them unusable, if I have some legal reason to delete them, or if I elect to not use them (or to discontinue using them) for some other reason. Struck the parenthetical phrase “(except where I have some specific obligation to destroy the originals)” to avoid confusion with the revised language. Inserted the phrase “where possible” before “my associated work files and editing stages, if any.” Added Yahoo!® to the list of examples of third-party service providers under Disclosure of Personally Identifying Information. In that section, fixed some spotty grammar in the description of Google and added their well-known search engine to the listed examples of their services. Fixed a typo in an earlier revision on this list.
    • December 24, 2019: In Disclosure of Personally Identifying Information, updated the description of Startpage.com to note that I also use Startpage’s associated proxy service. Updated the reference to libraries and archives to add links to the privacy policies of two local public libraries I use. Following the bullet-pointed list, changed the sentence “In general, I do not sell or rent personal information about individual visitors to the aaronseverson.com website” to “In general, I do not sell or rent the non-public information I collect from individual visitors to the aaronseverson.com website.” Struck a reference in that section to Google Analytics, which I no longer use on this website. In GDPR and State Law, struck the parenthetical phrase “(starting in 2020, California residents may request this up to twice per year)” after “Request portability of your personal data” (to avoid contradicting the Your California Privacy Rights section). Further updated the text of the California Privacy and Data Protection Rights section.
    • December 22, 2019: Further adjusted the description of rights under California Privacy and Data Protection Rights and Do Not Sell My Personal Information.
    • December 21, 2019: In Disclosure of Personally Identifying Information, updated the description of Cloudflare to note that websites and online services we visit/use may use Cloudflare’s CDN and/or DDoS protection services. Also fixed a typographical error in that language and corrected the links to the Cloudflare privacy policies that apply to each service. Made some clarifications and updates to the list of rights under California Privacy and Data Protection Rights.
    • December 19, 2019: In Disclosure of Personally Identifying Information, updated the description of Flickr to clarify the wording and indicate that the service is now on an Amazon Web Services platform (making Amazon Web Services a principal Flickr subprocessor).
    • December 11, 2019: Separated Not for Children Under 18; Age Verification into two sections: Not for Children Under 18, located immediately after Legal Bases for Collecting and Using Information, and Age Verification, in the previous location. In Not for Children Under 18, changed “If you have questions about any of these points, if you are a parent and believe that this website may have collected personally identifying information about your minor child …” to “If you have questions, if you are a parent or legal guardian and believe that this website may have collected personal information about your minor child …” Changed the first sentence of the final paragraph of the Age Verification section to “If you have questions about any of these points, please contact me …” and removed the language about parents or legal guardians, which is now in the separate Not for Children Under 18 section.
    • December 3, 2019: Added EFF to the list of examples of third-party service providers under Disclosure. In the GDPR and State Law section, changed the sentence “EU individuals also have the right to make a complaint to a government supervisory authority, as will California residents beginning in January 2020” to “EU individuals also have the right to make a complaint to the applicable government data protection authority. (California residents will have a similar right beginning in January 2020.)” Added a link to the European Commission’s directories of national data protection authorities to that section.
    • November 27, 2019: Under Disclosure of Personally Identifying Information, changed “Examples of such third-party vendors/service providers …” to “Representative examples of my third-party vendors/service providers …” Updated Embedded Content to note that only some versions of the Yoast plugin use Algolia search functions (which have reportedly been removed in newer updates), changing “The Yoast SEO plugin incorporates some search tools …” to “Some versions of Yoast SEO plugin have incorporated search tools …”
    • November 25, 2019: Further adjusted the language of the Information-Sharing Disclosures (Shine the Light Law) section for greater clarity.
    • November 24, 2019: In Security Scans, changed the phrase “flag the phone numbers of certain incoming voice calls …” to “flag certain incoming voice calls and/or text messages …”
    • November 23, 2019: Completely overhauled the Information-Sharing Disclosures (Shine the Light Law) section to more accurately describe the law’s requirements, better explain how to make a request, and clarify how we respond to such requests. Updated Information I Receive from Other Sources to note that the security components of the Microsoft Windows operating system may also supply blacklists and/or other security-related data, and added the words “via the” before the reference to Safer-Networking in the same paragraph for grammatical flow.
    • November 20, 2019: Further updated the California Privacy and Data Protection Rights language regarding verification requirements (noting the restrictions the proposed regulations impose on my use and retention of any additional data I may request to verify your identity; clarifying that the term “reasonable degree of certainty” is as the applicable regulations may define that term; changing “may permit certain exemptions” to “may provide certain exemptions”; changing “the law and it associated regulations” to “the law and/or its associated regulations”; and changing “or, if you act through an agent or representative” to “and/or, if you act through an agent or representative”).
    • November 19, 2019: Added a link to the Embedded Content bullet point on YouTube videos to Google’s “Businesses and Data” pages, which contain further information on what data Google may provide to YouTube content creators/publishers. Updated the language about Google Services in Disclosure of Personally Identifying Information to change “other services or tools” to “other services and/or tools.” Updated the California Privacy and Data Protection Rights section to clarify the language about identity verification, note that I may be unable to respond to a request if I am unable to adequately verify your identity, and emphasize that (in addition to any other exemptions the law and associated regulations may permit) I may be unable to delete certain types of information for technical reasons. Updated Data Retention to note, “For compliance purposes, I must also retain information pertaining to privacy-related requests, to the extent required by applicable law and/or regulation.”
    • November 18, 2019: Updated Embedded Content to note that when you access embedded content, your browser may also contact a certificate authority to check the validity of the embedded content provider’s encryption certificate. Updated the reference under Disclosure to my certificate authority to add “and/or other certificate authorities I may use or access.”
    • November 17, 2019: Further clarified the language about service/software/app/device telemetry in Disclosure of Personally Identifying Information (changing the phrase “that could gather personal information through telemetry” to “that could gather site-related personal information through telemetry”). Updated the bullet point about situations where I may be legally required to disclose information (changing “in connection with an audit or other official investigation or proceeding” to “in connection with an audit, civil or criminal trial, or other official investigation or proceeding”). Updated the bullet point about disclosures to protect rights, safety, and/or property (changing “to protect my property, rights, and/or safety, or the property, rights, and/or safety of third parties or the public at large” to “to protect my property, rights, and/or safety, and/or the property, rights, and/or safety of third parties and/or the public at large.”). Added boldface to additional items on that list to aid readability. Clarified the language in the preamble about California privacy rights (changing “or jump to” to “For more information about California privacy rights, jump to …” and making the latter a separate sentence). In the Disclosure section, clarified the example about car shows (changing “obtain, publish, and/or otherwise disclose” to “take, obtain, publish, and/or otherwise share”).
    • November 16, 2019: Fixed the capitalization of Online Certificate Status Protocol. Under Disclosure of Personally Identifying Information, changed the phrase “the makers of software/apps and/or electronic devices I use that incorporate information-gathering telemetry or other surveillance features, some of which cannot be completely disabled without simply ceasing to use that software, app, or device” to “services, software, apps, and/or electronic devices I may use that could gather personal information through telemetry and/or other integrated information-gathering and/or surveillance features, some of which cannot be disabled without simply ceasing to use that service, software, app, or device.” Further refined the language of the Certificate Authority Service section. Updated the reference to my Internet service provider in the Disclosure of Personally Identifying Information section from “Spectrum/Time Warner Cable®” to “Spectrum Internet® (formerly Time Warner Cable®).” Updated the description of my mobile carrier in that same bullet point and rearranged its order. Also updated the description of Bitdefender Mobile Security in the same bullet point to note that this includes the app’s associated services and correct the accidental use of “we”/”our” rather than “I”/”my.”
    • November 15, 2019: Further updated the Certificate Authority Service section to define OCSP requests. Added Bitdefender to the list of examples of third-party service providers under Disclosure. Under Embedded Content, clarified the language about Google Hosted Libraries to better match the description of Google Fonts in the same bullet point.
    • November 14, 2019: Added a new “Certificate Authority Service” section to Information Collected Automatically Through This Website and added Let’s Encrypt to the list of examples of third-party service providers under Disclosure. Updated the reference to Signal in Disclosure to note that Signal uses subprocessors/service providers that may include (without limitation) services provided by Google and/or Amazon Web Services, and added links to the relevant privacy information pages. Further refined the Certificate Authority Service language (also updating the reference to Let’s Encrypt in the Disclosure of Personally Identifying Information section) and added another example to Other Information You Provide to Me, refining some language in that section (adding “(but without limitation)” after “for example”; noting that the examples are just a few hypothetical possibilities; and changing the phrase “My use of such site-related information …” to “My use of personal information you provide me in such ways …”). Updated Information I Receive from Other Sources to note that my firewalls and/or other security apps/services may provide may provide me with information about any online servers or resources to which my devices connect or try to connect.
    • November 13, 2019: Updated Other Information You Provide to Me section to better reflect the framing of the current preamble, changing “site visitors may provide me with personal information” to “you may provide me with personal information through or in connection with this website” and changing “inquiry about this website” to “inquiry about this Privacy Policy.” Added ASUS and Netgear (the manufacturers of my wireless routers) to the list of examples of third-party service providers under Disclosure. Added an internal anchor link in the preamble to the California section of this policy.
    • November 11, 2019: Updated Data Retention to clarify that my retention of email generally also includes files/file attachments (other than spam or suspected malware) and add language to that section about site-related text messages. Added OsmAnd as an example of mapping/navigation services in the list of examples of third-party service providers under Disclosure. Updated Information I Receive from Other Sources to note that I may receive personal information about the developers of software/apps/services/themes/add-ons I install for use in my work and/or the management of this website. Added bookstores and/or other retailers or vendors through which I may search for and/or purchase site-related materials to the list of examples of third-party service providers under Disclosure. In the same section, changed “libraries and/or archives” to “libraries, archives, and/or databases.” Added Perishable Press and the Mozilla Firefox browser to the examples of sources of third-party security-related data under Information I Receive From Other Sources.
    • November 10, 2019: Updated the reference in Disclosure to TCL Communications to note that they make not only the BlackBerry device, but also its suite of associated BlackBerry apps and services. Added OpenKeychain (and/or other encryption software/services) and Open Camera to the list of examples of third-party service providers under Disclosure.
    • November 9, 2019: Added libraries and archives (including librarians/archivists/their staff) and providers of public computers and/or wireless networks I may periodically use to the list of examples of third-party service providers under Disclosure. Fixed some typos in that section and changed “Examples of my third-party vendors/service providers may include” to “Examples of such third-party vendors/service providers may include …” In the California Privacy and Data Protection Rights section, changed “starting in January 2020” to “starting January 1, 2020” and “will give” to “give.” Also in the Your California Privacy Rights section, changed the heading “California Information-Sharing Disclosure” to “California Information-Sharing Disclosures (Shine the Light Law).” Under Disclosure, revised the language about information I may be required by law to disclose in order to streamline the language and better reflect the range of possible scenarios. Updated Data Retention to note that I normally retain indefinitely research notes and information related to my freelance writing and editing work, and changed the phrase “Any other type of data I may gather on visitors to this website …” to “Any other type of data I may gather through or in connection this website …”
    • November 8, 2019: Updated Disclosure to note that third-party service providers may include the makers of software/apps and/or electronic devices I use that incorporate information-gathering telemetry or surveillance features, rearranging the text of that bullet point to make it easier to decipher and emphasize that the examples listed are not an exclusive list.
    • November 7, 2019: Updated Data Retention to remove a confusing reference to a now-deleted section of the preamble. Made some adjustments to the list under Embedded Content to fix some grammatical issues, clarify the text, and arrange the items in a slightly different order. Changed some stray instances of “we” and “our” to “I” and “my” for consistency. Added the Google Play Store and its related services to the list of examples of third-party service providers under Disclosure, rearranging the list of Google-provided services in that section for better grammatical flow.
    • November 5, 2019: Further updated Disclosure of Personally Identifying Information section to clarify that I may not always be aware of having gathered information about a site visitor in some other context. Fixed a spelling error in this revision list. Revised Security Scans to update description of the EU-US Privacy Shield framework in that section to match the reference under Disclosure of Personally Identifying Information and slightly clarified the description of the Sucuri Security plugin’s functions. Updated Comments and Personal Information to change “you can choose to save …” to “you may have the option to save …” (regarding saving the information you enter for future comments, an option that may not always be offered), change “URL” to “website,” and change “each time a reply or follow-up comment is posted” to “each time a reply and/or follow-up comment is posted.”
    • November 4, 2019: Attempted to fix a technical issue with the bookmark/anchor links throughout. In Disclosure of Personally Identifying Information, changed “de-identified or aggregated” to “de-identified, anonymized, redacted, and/or aggregated.” Under California Privacy and Data Protection Rights, changed “To exercise your California privacy rights, visit …” to “To exercise your California privacy rights, please visit …” Changed several instances of “… and as otherwise described” to “… and/or as otherwise described.” Updated Information I Receive from Other Sources to note that I also get blacklist information via Spybot. UUpdated and simplified the preamble and revised text of the Disclosure of Personally Identifying Information section to add language about information I may gather or release that is NOT obtained through/in connection with this website.
    • November 3, 2019: Added TinyWall to the list of examples of third-party service providers under Disclosure and updated the Information I Receive from Other Sources section to add the MVPS HOSTS file to the examples of third-party blacklists I may use and note that I may also use that information to block access to my system and/or devices as well as the website. Updated the Your California Privacy Rights section to enumerate the list of CCPA rights rather than referring to the GDPR section, changing the “Other California Privacy Rights” heading to “California Privacy and Data Protection Rights,” and making some minor clarifications to the language of that section (including noting that California Civil Code § 1798.83–84 is known as the “Shine the Light” law). Updated the GDPR section wording to refer to the Controllers, Questions, and How to Reach Me section rather than just “below” and updated the internal anchor links to that section. Updated the Not for Children Under 18; Age Verification section to clarify that the references to children refer to minor children and that parents have the right to request the removal or deletion of information about their minor children. Fixed a couple of very minor grammatical issues.
    • November 2, 2019: Added HP to the list of examples of third-party service providers under Disclosure, noting that they comply with the EU-US Privacy Shield framework. Reordered several items in that section, also adding the word “other” to “printers/print services” and placing it immediately after HP. Fixed a stray incidence of “our” rather than “my” for consistency. Updated Security Scans to note that security/anti-spam scans of messages I send or receive may be performed on text messages as well as email, and that security scans may include submitting the messages, file attachments, and/or other relevant data to third-party services such as cloud-based malware-detection services.
    • November 1, 2019: Fixed the date formatting and a capitalization problem in the previous entry on this list. Added Piriform (CCleaner), a subsidiary of Avast, to the list of examples of third-party service providers under Disclosure.
    • October 31, 2019: Added Artifex (maker of the SmartOffice app), Mozilla (maker of the Firefox web browser(s)), and Safer-Networking Ltd. (maker of Spybot) to the list of examples of third-party service providers under Disclosure. Added Google Safe Browsing to the list of examples of Google services I may use/offer.
    • October 30, 2019: Added the Guardian Project’s Orbot and Tor Browser to the list of examples of third-party service providers under Disclosure. Clarified the description of Cloudflare 1.1.1.1 in that section, adding links to the applicable privacy policies in addition to the privacy statement links.
    • October 27, 2019: Added trademark notice language for the Google services specified herein, adjusting some adjacent language for readability. Clarified the wording of the reference to Gmail in the list of examples of third-party service providers under Disclosure, and added Google Hosted Libraries there in addition to the existing description under Embedded Content.
    • October 25, 2019: Added Cloudflare’s WARP service (associated with the Cloudflare 1.1.1.1 service already listed), NetGuard firewall/traffic monitor, and CompanionLink to the list of examples of third-party service providers under Disclosure. Fixed some incorrect punctuation in that section.
    • October 19, 2019: Added TCL Communication Limited (current owner of BlackBerry) to the list of examples of third-party service providers under Disclosure.
    • October 17, 2019: Moved Effective Date to the top of the document to make it easier to see. Reworded the preamble, Revisions section, and License for This Policy sections accordingly, also fixing a capitalization inconsistency. Updated the description of this list for clarity.
    • October 16, 2019: Updated the description of Yoast under Embedded Content to indicate the presence of the Yoast SEO plugin’s Algolia search functions.
    • October 14, 2019: Updated the description of Epic Privacy Browser in the list of examples of third-party service providers under Disclosure to reflect that the browser also has an associated Epic Search Engine (which submits anonymized queries to Yandex) and to change “in connection with their …” to “through my use of their …” for greater clarity.
    • October 9, 2019: Updated the Cookie Policy section to include a link to the Cookie Notice, which is now a separate page as well as being incorporated into the privacy preferences tool. Slightly adjusted the description of that list to note that these are cookies the site may use.
    • October 3, 2019: Fixed the effective date (which had incorrectly described October 2, 2019, as a Tuesday rather than a Wednesday). Added data and/or document destruction/shredding services to the examples of third-party service providers under Disclosure.
    • October 2, 2019: Amended the Your Rights (GDPR and California Privacy Rights) section to note that I may ask you to verify your identity and/or residency before processing data-related requests and that you need not be present in California to exercise your CCPA rights provided that you have a current California residence. Made few minor wording adjustments in that section to accommodate the new language and changed the phrase “… and its associated regulations” to “… and/or its associated regulations.” Revised the “Do Not Sell My Personal Information” and preamble text wording to match the wording on the Privacy Tools page.
    • September 29, 2019: In the list of examples of third-party service providers, changed several instances of the phrase “I may use or offer” to “I may use and/or offer” (since in some instances I may do both). In the language about Adobe in that section, changed the phrase “may collect data about such use” to “may collect related and/or associated data” to avoid confusion. Update the Your California Privacy Rights and added links to the Do Not Sell My Personal Information page. Added Hidden Reflex’s Epic Privacy Browser to the list of examples of third-party service providers under Disclosure.
    • September 15, 2019: Added website speed testing services/tools to the list of examples of third-party service providers under Disclosure.
    • September 14, 2019: Added Adobe to the list of examples of third-party service providers under Disclosure.
    • September 7, 2019: Added printers/print services, photo development, photo processing, video conversion, and other audiovisual material processing services to the list of examples of third-party service providers under Disclosure. In the description of the WAVE accessibility tool in that subsection, changed “am using” to “may use.” Struck the phrase “Since I don’t have employees” from the Information-Sharing Disclosures section. Throughout this policy, changed several instances of “we” and “our” to “I” and “my” for consistency.
    • August 11, 2019: Under Disclosure, clarified that third-party service providers may use their own subcontractors, data subprocessors, or other third-party vendors or partners, who may be located in other countries or regions. Under Embedded Content, struck the phrase “in the United States” in the bullet point regarding BootstrapCDN/Stackpath.
    • July 8, 2019: Under Disclosure, added transcription and translation to the examples of independent contractors/employees and added translation, transcription, mapping, and navigation services to the examples of third-party service providers.
    • June 20, 2019: Clarified that the section of Data Retention dealing with log data refers specifically to logs for this website.
    • June 7, 2019: Added Malwarebytes to the list of third-party service providers under Disclosure and updated the description of Avast in that list. Further updated the description of “browser fingerprinting” under Embedded Content.
    • June 3, 2019: Made some updates to the wording of Embedded Content to better explain what other information third party content providers may be able to detect (the process of so-called “browser fingerprinting”) and add a link to the EFF’s Panopticlick website.
    • April 29, 2019: Under Disclosure, changed “my independent contractors” to “my independent contractors and/or employees (if any).” (I still don’t have any employees, but I want to make sure it’s included in this language in the event that changes at some future date.)
    • April 2, 2019: Updated Legal Bases for Collecting and Using Information to add the item about protection of vital interests (taken directly from the latest version of Automattic’s Privacy Policy).
    • March 25, 2019: Updated Security Scans to make clearer that some Sucuri data and logs may be processed and/or stored by Sucuri as well as by me. Added an applicable ® symbol in that section.
    • March 23, 2019: Rearranged some text under Comments for more logical flow.
    • March 14, 2019: Added some ® symbols. Amended “Dreamhost, LLC” to just “DreamHost” (removing duplicate text were applicable) and the second instance of “T-Mobile USA, Inc.” to just “T-Mobile.” Throughout, slightly clarified the descriptions of what user agent information may include.
    • March 10, 2019: Under Information I Receive from Other Sources, added The Spamhaus Project as another example of where I may obtain block lists for spam and malware prevention, and added links to that and HackRepair.com.
    • March 4, 2019: Fixed some tag closing issues. Under Privacy Policy Changes, changed “the terms have changed” to “the policy has changed” for clarity.
    • March 3, 2019: Updated Embedded Content to note that you may be able to selectively disable some forms of embedded content. Fixed some inconsistent usage of “administrator dashboard” vs. “administrative dashboard.” Under Legal Bases for Collecting and Using Information, changed “financial transactions or image usage rights” to “financial transactions and image usage rights.”
    • February 27, 2019: Moved the first references to DreamHost and the link to the DreamHost privacy policy from the Server and Error Logs section to the Who I Am section, adding a note that DreamHost also hosts my email servers. In Server and Error Logs, changed “this site” to “the aaronseverson.com site” for clarity.
    • February 26, 2019: Updated Server and Error Logs, splitting the first paragraph into two for readability; rearranging and clarifying the language; adding the phrase “(as applicable, but without limitation)” before the listed examples; adding “that uses certain site features” to the list; and adding the following text after the list: “(These examples are a representative sampling, but not an exhaustive list; we may also use or add other logs not specified here, and not all logs are necessarily in use at any given time.).” Moved the language about logging privacy consents and acceptance of terms to a new subsection under Information You Provide to Me called “Consents and Agreements.”
    • February 22, 2019: Under Comments, changed “I may email you at that address to respond to your comment (or the associated comment thread, if any), particularly if it includes a question or if I need to clarify some aspect of your comment (for example, if you have posted two very similar comments, I may email you to ask which one you want me to publish)” to “I may respond via email in addition to or instead of publishing the comment on this website, particularly if your comment includes a question or offer of assistance or if I have questions about any pertinent details — for example, if you have submitted two very similar comments, I might email you to ask which one you want me to publish.” to match the language in the Terms of Use.
    • February 19, 2019: Under Disclosure of Personally Identifying Information, changed “If I have received your express authorization to do so” to “If you have asked or authorized me to do so.”
    • February 18, 2019: Added Cloudflare DNS resolver services to the list of third-party service providers under Disclosure. Fixed some link relationship errors in that section and noted that Cloudflare also complies with the EU-US Privacy Shield framework.
    • February 17, 2019: Amended the preamble and Other Information You Provide to Me to emphasize that this policy does NOT apply to my personal correspondence or communications.
    • February 14, 2019: Made a further amendment to Information I Receive from Other Sources to add another example of looking up third-party information on site visitors (making some minor amendments to the surrounding text for clarity) and reiterate that the examples presented in this section are not an exhaustive list. Also changed “How I use information gathered from other sources …” to “How I use information gathered from these or other sources …” Changed the wording of the WHOIS lookup services item under Disclosure to make it more generic. Amended Data Retention language to clarify and reiterate that legal and financial transaction records often necessarily include some personal data; split part of that paragraph into a separate paragraph for clarity (amending its text slightly to avoid confusion).
    • February 13, 2019: Added spell-checking to the listed ways I may use personal information I collect from or about you and updated Data Retention to note that I typically retain indefinitely names I add to my spelling dictionaries, and that to understand your comments or inquiries/messages, I may use information you submit to seek additional information from third-party sources. Added ICANN and other WHOIS lookup services to the third-party service providers under Disclosure and inserted a note about WHOIS lookups under Information I Receive from Other Sources. Fixed some minor editorial errors I made in the above changes.
    • February 7, 2019: Updated the Sucuri description in Security Scans to add the phrase “(without limitation)” after “such as,” since the listed examples are not an exhaustive list.
    • February 7, 2019: Updated the Sucuri description in Security Scans to add the phrase “(without limitation)” after “such as,” since the listed examples are not an exhaustive list.
    • February 6, 2019: Added Google Hosted Libraries to Embedded Content (in the same bullet as Google Fonts, since they operate similarly), revising/restructuring that bullet point’s language accordingly and adding a link to the Google Developers Google Fonts page.
    • February 3, 2019: Under Disclosure of Personally Identifying Information, revised the item on information that was already public, changing the first word of that bullet from “If” to “Where”; changing “was or is” to “is or was”; changing “e.g., …” to “such as — but without limitation — …”; and adding to and clarifying the listed examples. Also adjusted the text style of that item and moved it higher on the list. Revised the preamble of that section.
    • February 2, 2019: Updated Cookie Policy section to note that some accessibility features may use cookies to save your settings/preferences. At the beginning of that section, also replaced the words “each time” with “when.”
    • February 1, 2019: Fixed some typos, updated text styles, and edited link titles and anchor text on this page for better accessibility. Added WebAIM to the list of third-party service providers under Disclosure.
    • January 31, 2019: Amended Not for Children Under 18; Age Verification to indicate that the website may place a cookie on your device if you fail the age verification test and that you may have to reenter your birth date if the verification cookies have expired.
    • January 29, 2019: Clarified the language under Not for Children Under 18; Age Verification and moved that subsection to under Information You Provide to Me. Added an internal link to it from the Cookie Policy section and amended that text to reflect the subsection’s new relative position.
    • January 27, 2019: Under Disclosure of Personally Identifying Information, changed “(such as information that you have published on your official website or that is included in published interviews or news articles about you)” to “(e.g., information that’s available on your website; that you included in public comments or public posts on this or other websites; or that appears in published interviews, books, or news articles about you).” Updated Embedded Content to note that the Google Fonts servers may be operated by Google’s subprocessors as well as Google and that they may not necessarily be in the U.S., adding a link to their list of subprocessors. Made a slight change to the preamble to put the sentence about third-party websites on a separate line and reworded that sentence as: “Your use of any third-party websites or services, including those linked from the aaronseverson.com website or on which I may have accounts, is subject to the individual privacy policies and terms of use/terms of service, if any, of those sites or services.” Slightly adjusted the text in Who I Am for clarity and consistency. Added “messaging services, apps, and/or clients” to the list of third-party providers under Disclosure.
    • January 25, 2019: In the California Do Not Track Disclosure section, under Your California Privacy Rights, added spaces to “Do Not Track.”
    • January 22, 2019: Updated Disclosure of Personally Identifying Information language about legal requirements to clarify that I may disclose information where I deem it reasonably necessary to ensure my compliance with applicable law or regulation, even if the specific disclosure isn’t expressly required (e.g., to look up an applicable tax rate for your address). Added common carriers/shipping agencies to the list of third-party service providers. Clarified Other California Privacy Rights by putting “subject to any exemptions provided by the law” in parentheses and moving that phrase to earlier in the applicable sentence.
    • January 3, 2019: Updated Disclosure of Personally Identifying Information to clarify that the circumstances under which I may be legally required to disclose information may include (without limitation) providing certain information to relevant government agencies (e.g., tax or customs agencies) for compliance purposes or in connection with audits or official investigations, as well as in connection with a subpoena or court order.

    For space reasons, I have moved the older entries in this revision list to a separate Older Privacy Policy Revisions page.

    Privacy Preference Center

    Privacy and Cookie Preferences

    These strictly necessary cookies manage your cookie and privacy preferences. There will typically be several such cookies, each beginning with "gdpr" (e.g., gdpr[allowed_cookies], gdpr&5Bprivacy_bar&5D, and gdpr[consent_types]). They normally expire after about one year. If you delete or disable these cookies, your existing preferences will be lost and you may not be able to save your privacy settings for this website.

    gdpr

    Accessibility Settings

    If you change certain aspects of the site's appearance using the accessibility sidebar, it may set these cookies to manage and remember your settings. The wahFontColor and wahBgColor cookies, which are set if you alter the site's color scheme, normally expire after about 14 days, but you can remove them immediately by clicking the "Restore Defaults" button on the sidebar. I may sometimes present an alternative version of the sidebar offering different options, which may set the a11y-desaturated, a11y-high-contrast, and a11y-larger-fontsize cookies if you change those settings. These a11y cookies normally expire after about seven days, but are removed immediately if you restore the applicable settings to their default values.

    wahFontColor, wahBgColor, a11y-desaturated, a11y-high-contrast, a11y-larger-fontsize

    Age Verification

    Viewing certain site content may require you to first verify your age by entering your date of birth. If your birth date indicates that you are 18 or older, the website places the age_gate cookie (whose value is "1," meaning "yes, passed") to allow you to access age-restricted content. The cookie remains active for up to 14 days if you click the "Remember me" check box when you enter your birth date; otherwise, the cookie normally expires when you close your browser. If your birth date indicates that you are NOT 18 or older, the website may place the age_gate_failed cookie (whose value is also "1") to prevent you from trying again to access age-restricted content. (The website does not retain your birth date or your age. See the "Age Verification" section of the Privacy Policy for more information about how the age verification system works.)

    age_gate, age_gate_failed

    Commenting

    When you leave a comment, you may have the option save your information for future comments, storing the info in these cookies. The cookies are not placed unless you select that option when leaving a comment. They normally expire in just under one year, but you can delete the cookies in your browser at any time.

    comment_author, comment_author_email, comment_author_url

    YouTube Videos

    These third-party cookies may be set by YouTube (which is now owned by and a trademark of Google LLC) in connection with embedded videos, for purposes such as managing video settings (such as tailoring the playback to your connection speed), storing video preferences, providing certain functionality such as allowing you to stop and restart a video without losing your place, showing you advertisements, associating your video viewing and other activity with your Google account (if any), and ensuring proper functioning of the service. The cookies may be set by various domains, including (but not necessarily limited to) youtube.com, youtube-nocookie.com, googlevideo.com, ytimg.com, google.com, accounts.google.com, and/or doubleclick.net. Some are session cookies that disappear when you close your browser; others may remain on your device as long as your browser settings permit. Some cookies Google sets in connection with your Google account and/or advertising served through YouTube (which may include others not listed here) are persistent cookies that may remain in your browser for as long as your individual browser settings permit. See Google's "Types of Cookies Used by Google" page for more information about the functions of their various cookies. To learn more about how Google uses the information they collect, see the Google Privacy Policy.

    yt.innertube::nextId, yt.innertube::requests, yt-remote-cast-installed, yt-remote-connected-devices, yt-remote-device-id, yt-remote-fast-check-period, yt-remote-session-app, yt-remote-session-name, recently_watched_video_id_list, use_hotbox, demographics, GPS, LOGIN_INFO, PREF, VISITOR_INFO1_LIVE, YSC, AID, ANID, APISID, CONSENT, DSID, FLC, GAPS, IDE, NID, HSID, OTZ, SID, SNID, SIDCC, TAID, exchange_uid, 1P_JAR

    Vimeo Videos

    These third-party cookies may be set by Vimeo in connection with embedded videos, for purposes such as managing video settings, storing video preferences, providing certain functionality (such as allowing you to pause a video at a particular point), associating your video viewing and other activity with your Vimeo account (if you have one), showing you advertising, and compiling user analytics data. (The cookies whose names begin with "_ga" and "_ut" are associated with Google Analytics, which is a trademark of Google LLC and subject to the Google Privacy Policy); the ones whose names begin with "_ceg" are associated with the Crazy Egg web analytics service; the ones that begin with "optimizely" are associated with the Optimizely digital experience optimization service; and the ones beginning with "adsense" or listed in all caps are associated with Google advertising). Vimeo's Cookie Policy does not currently disclose the normal durations of their cookies, but some are persistent cookies that may remain in your browser for as long as your individual browser settings permit; some Google Analytics cookies can persist for up to two years. For more information about how Vimeo uses the information they collect, see the Vimeo Privacy Policy.

    _abexps, aka_debug, clips, continuous_play_v3, embed_preferences, has_logged_in, is_logged_in, jsessionID, player, search_click_position, Sarchtoken, stats_end_date, stats_start_date, sst_aid, uid, v6f, vimeo, vuid, _ga, _gads, _utma, _utmb, _utmc, _utmv, _utmz,_ceg.s, _ceg.u, optimizelyBuckets, optimizelyEndUserId, optimizelySegments, adsense, adsenseReferralSourceId, adsenseReferralSubId, adsenseReferralUrl, adsenseReferralUrlQuery, S_adsense, APISID, GAPS, HSID, NID, N_T, PREF, SAPISID, SID, SNID, SSID

    PayPal® Buttons

    The payment or donation buttons that may appear on portions of the back-end administrative dashboard (which are not visible to non-logged-in users) contain embedded content served by PayPal® (via paypalobjects.com). They may set the third-party cookies PYPF (via paypalobjects.com), which appears to check whether or not you are a logged-in PayPal user and is used for the PayPal user login process, and/or 01A1 (via abmr.net), which stores certain technical information about your device and browser (including your IP address), probably to facilitate the login and shopping cart functions. The PYPF cookie normally expires in approximately four weeks, the 01A1 cookie in approximately one year. If you use the button to make a payment or donation, PayPal sets additional cookies (not listed here) to manage your PayPal login and transaction data. For more information on what data PayPal collects and what they do with it, visit their Legal Agreements page to review the PayPal Privacy Policy and Statements on Cookies and Tracking Technologies that apply in your location.

    PYPF, 01A1

    Administrative and Login Cookies

    These functionality cookies are used to manage user logins and other WordPress administrative functions, such as post editing. If you are not an administrative user, they shouldn't normally be placed at all unless you somehow access the login area, which is off-limits to non-administrators. Accessing the login page places the wordpress_test_cookie (a session cookie that tests whether your browser will allow the cookies needed to login and disappears when you close your browser) and the itsec-hb-login-xx cookie (which expires after about one hour and helps protect the site against "brute force" attempts to hack user passwords). After logging in, the wordpress_logged_in_xx, wordpress_sec_xx, and wordpress_xx cookies store your user login credentials to allow access to the administrative dashboard; these cookies may last up to 15 days if you click the "Remember Me" when logging in, but if you don't, they normally expire when you close your browser (or, failing that, within about two days). The wp-settings-UID and wp-settings-time-UID cookies store configuration settings for logged-in users and normally expire after about one year. The wp-saving-post cookie is placed after saving or updating a post, contains the post ID number and last action, and expires after about 24 hours. The wp-donottrack_feed cookie, which controls a blog feed, may be set by accessing the dashboard menu for the WP DoNotTrack plugin (if I currently have that plugin enabled) and expires in about one year. (For all of these administrative and login cookies, the "xx" will be a cryptographic hash while "UID" will be the administrative user's user ID number in this website's WordPress database.)

    wordpress_test_cookie, itsec-hb-login-xx, wordpress_sec_xx, wordpress_logged_in_xx, wordpress_xx, wp-settings-UID, wp-settings-time-UID, wp-saving-post, wp-donottrack_feed

    Change Font Size
    High Contrast Mode (Note: This option sets cookies to save your settings)