This privacy policy concerns: https://pictures-of-cats.org (PoC) – ‘the Site’.
Introduction
I (Michael Broad the owner of the ‘Site’) am not interested in collecting the data of visitors. When you make a comment there is no longer any need to even provide your email address. And your name can be withheld but by all means add it if you wish (I’d prefer it!).
I use Google Adsense adverts and Taboola adverts on the Site. Google collects data (see Google’s privacy policy). We know that. They do it to make sure the most appropriate adverts are presented to visitors. Taboola collect data too (see Taboola privacy policy) but they are good guys in my view.
I use Facebook embedded videos sometimes and their embedded comments. We all know that Facebook collects personal data (see Facebook’s data policy). Therefore, the major users of personal data collected by PoC is through Google and Facebook. It is probable that you use both Google and Facebook and have therefore already allowed these companies to use your personal data. Therefore, visiting the Site makes little difference.
What personal data we collect and why we collect it
Comments
When visitors leave comments, the Site collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it (as you no longer need to provide an email address this seems to be redundant). The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment. Note: Gravatar allows you to have a little icon image of yourself when you comment. It doesn’t do anything else as far as I know.
Comment Opt In
Below the comment box there is an opt in tick box to be notified of responses to your comment: ‘Notify me of follow-up comments via e-mail’. By default, it is ticked because it allows visitors to receive responses to their comments which is useful. You can untick it if you want to stop being notified. Note: ‘opt in’ means to decide to participate in whatever you are opting in to.
Media
If you upload images to the website, ideally you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website. Note: I realise that very few people will consider removing image metadata as it is called. I wrote a page on this and how uploaded images can tell others certain items of information. Also please click this link about telling others where you are through photos. These photos can be anywhere on the internet.
For Windows you can tell what data is stored within photos (metadata) by using this method:
- Right-click the image file.
- Select “Properties” from the right-click menu.
- Click the “Details” tab at the top of the “Properties” dialog box.
For Apple computers you can use third party tool called ImageOptim to strip metadata. To see the data, you’ll need to use an Apple program such as Aperture or an application if you are using an IPad. Wrong? Please tell me in a comment.
Cookies
If you leave a comment on my site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year [Note: this section is no longer relevant at June 2018 – things might change].
If you have an account and you log in to the Site, I will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser [note: there is only one other account holder than me: Elisa].
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed [note: this only applies to two people].
For co-authors, if you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day [note: this applies to 2 people at present at June 2018].
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. I embed Facebook videos, Vimeo videos and YouTube videos.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Sharing data
PoC does not deliberately or specifically share any data. PoC has no desire to share data. However, as mentioned, Google and Facebook are present on the Site and therefore they collect and share data. I don’t think any of us currently know where Facebook and Google share data. This is a current hot topic and a live issue.
Retaining data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Rights over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you but PoC rarely deletes data and it is in the discretion of PoC Admin to delete data on request. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where PoC sends your data
Visitor comments are checked through an automated spam detection service, Akismet. Google and Facebook share data. There are current investigations about where these companies share data.
Your contact information
You provide this information (email and name of choice or anonymous) when commenting [note: this is currently not in use].
How data is protected
The Site is encrypted (‘https). This means it cannot be hacked and your data is protected.
Data breaches
There has never been a data breach at PoC so far (touch wood). PoC is not a data collector. It is not the purpose of the Site to collect data. Collection is incidental to the running of the site. The Site uses the information rarely. It is used to allow Admin to contact visitors should there be an issue which needs to be discussed further such as converting the comment to an article or the need to communicate privately with a visitor (note: this refers to comments and email address but at June 2018 is not relevant. Things change. Google and Facebook are the major protagonists).
Industry regulatory disclosure requirements
This privacy policy complies to the best of my knowledge with new privacy policy requirements – The EU General Data Protection Regulation (GDPR). It will be updated as and when matters become clearer.
