This blog is hosted on wordpress.com, a service by Automattic. Please refer to Automattic’s “Privacy Notice for Visitors to Our Users’ Sites” for details or see the applicable passages listed below.
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Information a Visitor Provides
- Follower and Subscriber Information: When a visitor signs up to follow or subscribe, we collect the email address.
- Site Comments: When a visitor leaves a comment, we collect that comment, and other information that the visitor provides along with the comment, such as the visitor’s name and email address.
You always have the right to request information access, rectification, or erasure of your subscriptions and your comments on the site.
For any inquiries, please get in contact with email@example.com
Automatically Collected Information
- Technical Data from a Visitor’s Computer and Etcetera: Automattic collects the information that web browsers, mobile devices, and servers typically make available about visitors to a Site, such as the IP address, browser type, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information.
- Visitor Interactions: Automattic collects information about a visitor’s interactions with the site, including the “likes” and “ratings” left by visitors.
- Location Information: Automattic may determine the approximate location of a visitor’s device from the IP address. Automattic collects and uses this information to, for example, tally for their Users how many people visit their Sites from certain geographic regions. If you’d like, you can read more about our Site Stats feature for WordPress.com sites.
How Automattic Uses Visitor Information
Automattic uses information about Site visitors in order to provide their Services to their Users and their Sites.
They may also use and share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify any individual. For instance, they may publish aggregate statistics about the use of their services.
How Automattic Shares Visitor Information
- Subsidiaries, Employees, and Independent Contractors: Automattic may disclose Site visitor information to their subsidiaries, their employees, and individuals who are our independent contractors that need to know the information in order to help them provide their services to their Users and Sites, or to process the information on their behalf. They require our subsidiaries, employees, and independent contractors to follow this Privacy Notice for information about visitors that they share with them.
- Third Party Vendors: Automattic may share Site visitor information with third party vendors who need to know this information in order to provide their services to us. This group includes vendors that help them provide their services to their Users and Sites. They require vendors to agree to privacy commitments in order to share information with them.
- Legal Requests: Automattic may disclose Site visitor information in response to a subpoena, court order, or other governmental request. For more information on how they respond to requests for information, please see their Legal Guidelines.
- To Protect Rights, Property, and Others: Automattic may disclose Site visitor information when they believe in good faith that disclosure is reasonably necessary to protect the property or rights of Automattic, their Users, third parties, or the public at large. For example, if they have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
- Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of their business by another company, or in the unlikely event that Automattic goes out of business or enters bankruptcy, Site visitor information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Notice would continue to apply to Site visitor information and the party receiving this information may continue to use this information, but only consistent with this Privacy Notice.
- Information Shared Publicly: Information that visitors choose to make public is disclosed publicly. That means, of course, that information like visitor comments and “likes” are all available to others, including information about the visitor that is displayed in connection with a comment or “like” (such as a visitor’s WordPress.com username and Gravatar). Public information may also be indexed by search engines or used by third parties.
How Long Automattic Keeps Visitor Information
If Automattic are not legally required to keep it, they generally discard information about Site visitors when no longer needed for the purposes for which they collect and use it on behalf of their users — those purposes which are described in the “How We Use Visitor Information” section above.
For example, they keep the web server logs that record information about a visitor to one of their user’s Sites — such as the visitor’s IP address, browser type, and operating system — for approximately 30 days. They retain the logs for this period of time in order to, among other things, investigate issues if something goes wrong on a user’s Site.
As another example, when a Site visitor views the Site they use their IP address in order to update the Site Stats with information about the visitors’ visit, like what country they are in. Automattic keep that IP address for approximately 30 days to have enough time to calculate monthly Site Stats and address any issues with those counts.
Legal Bases for Collecting and Using Information