Privacy Policy
last updated: 2022-09-03
Overview
General Principles
I don’t value your privacy (as much as you do)
Your responsibility, mate, not mine. If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.
… but I’m not in the habit of intentionally causing grief
This policy attempts to find middle ground between my needs and wants as a site owner and your needs and wants as a pseudonymous Internet stranger (because you can’t be anything else to me at this level, since I haven’t collected enough data to know who you are on account of trying to respect your privacy). I also make a token effort to adhere to the spirit of the GDPR, but since best-practice there is a moving target I have no idea if I succeed. If you are an EU user and care about such things, this is my disclaimer on that topic. In particular, since I hate consent pop-ups more than I love privacy, I’ve done my best to avoid the need for consent pop-ups, but it is possible I have fallen short. To that end, this site will not ask you if you consent to cookies because it does not use cookies. That should make everyone’s life a little simpler.
If you have any questions, comments, or concerns about this policy, please email blog+personal-privacy@fixermark.com and I will try to address the issue.
Site Access
My site’s server is Apache on a shared machine, and it records a default set of Apache logs. Here is an example of an access log string:
148.122.135.23 - - [17/Feb/2022:08:07:55 -0800] "GET /css/styles.css.map HTTP/1.1" 200 13684 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36"
This includes the IP address of originating request, the date, what page was requested, the result code and bytes transferred, and the browser’s description of itself.
I aggregate those numbers periodically to get a sense of which pages are popular. Because I’m on a shared host where I do not have control over the log configuration, I cannot log less or more. I do not have any regular disposal process for those logs.
Note: It is the nature of an unfiltered HTTP request log that if you send a request to /my-name-is-john-smith-and-my-credit-card-number-is-1234-5678-0910-1112
, my server will log a 404 on attempting to serve that page because no such page exists. I keep 404 logs to check for spelling errors on my part, so I consider them necessary to the regular operation and maintenance of that site. As consequence, my privacy guarantee regarding such logs is that they will be kept until I get around to scrubbing them by hand because they’re annoying me. That’s real inconvenient for both of us so don’t put strings that could be interpreted as PII in your HTTP request URLs.
This site is a static site served on a shared server provided by DreamHost. They claim to be GDPR-compliant, but I do not police their processes and I do not vouch for them. If they are doing logging or monitoring above and beyond that described in this privacy policy, I am unaware and I will not go out of my way to make myself aware.
I live in a country (and, to my knowledge, this site is physically hosted from said country) where, from time to time, the government may impose surveillance requirements on a site through a sealed warrant with a nondisclosure injunction attached for the purpose of fighting Osama bin Laden ’s ghost terrorism. If DreamHost is issued such a warrant, they will not inform me. If I am issued such a warrant, I will comply and will not inform my users.
Comments
The right to be forgotten
… doesn’t exist, sorry.
… but I don’t intend to be a dick about it
In addition to the comments appearing on my site, I keep emails requesting a comment be added to my blog indefinitely (unless otherwise noted, below).
If you make a comment on my blog and later want it removed, please email me with
- the name you gave when you made the comment
- the URL of the page the comment exists on
- the date listed on my site for the comment
- the full text of the comment
I will compare the email I receive to the original email requesting the comment be added and, if I believe they originate from the same person, I will remove the comment.
If the comment is “bare” in the thread on its associated page (i.e. has no replies), I will remove it completely. If the comment is in a reply chain and has replies to it, I will not remove any replies to the comment because they are not owned by the requester, and will instead replace the comment (commenter name, date, and content) with [removed]
.
This blog is maintained via a Hugo static-site generator with an associated (privately-hosted) git repo. This repo exists at least on the server hosting the site and my personal machine where I edit this blog. I do not guarantee that the comment is scrubbed from the version histories of all instances of git repos used to maintain this site.
This blog may from time-to-time find itself backed up to “cold storage” in a personal Google Drive account. I do not guarantee that any comments removed from the git repos will also be removed from the cold storage.
I will also delete the original email requesting the comment be added, but will keep the email asking the comment be removed (as a necessary record of the removal request itself).
My email is hosted through GMail, so I cannot guarantee deletion of an email will scrub all instances of it from their servers. I also cannot guarantee the comment will not have been seen by others already, or copied to another site or an archival site that I do not control, and nobody controls memes. My recommendation for optimal commenting pleasure is to meditate on this parable before commenting.
Additional Concerns
I don’t think so, but I might be mistaken. Time was, back when we all had onions on our belts, you could put up a simple blog of thoughts without several dozen pages of privacy screed that nobody will read. I’ve at least tried to make this one entertaining, in my own cantankerous way.
If you have any suggestions for improvements to this policy, please to not hesitate to email me at blog+personal-privacy@fixermark.com and I will take them into consideration.
Hey, you read all the way to the end! Congratulations. Have a cookie.
Just kidding; this site does not use cookies.