Alexandra Kapp

Thoughts on mobility data and privacy.

Privacy Policy

This blog is hosted on wordpress.com, a service by Automattic. Please refer to Automattic’s “Privacy Notice for Visitors to Our Users’ Sites” for details or see the applicable passages listed below.

Controller

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

Alexandra Kapp

alexandra@alexandrakapp.blog

Information a Visitor Provides

  • Follower and Subscriber Information: When a visitor signs up to follow or subscribe, we collect the email address.
  • Site Comments: When a visitor leaves a comment, we collect that comment, and other information that the visitor provides along with the comment, such as the visitor’s name and email address.

You always have the right to request information access, rectification, or erasure of your subscriptions and your comments on the site.

For any inquiries, please get in contact with alexandra@alexandrakapp.blog

Automatically Collected Information

  • Technical Data from a Visitor’s Computer and Etcetera: Automattic collects the information that web browsers, mobile devices, and servers typically make available about visitors to a Site, such as the IP address, browser type, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information.
  • Visitor Interactions: Automattic collects information about a visitor’s interactions with the site, including the “likes” and “ratings” left by visitors.
  • Location Information: Automattic may determine the approximate location of a visitor’s device from the IP address. Automattic collects and uses this information to, for example, tally for their Users how many people visit their Sites from certain geographic regions. If you’d like, you can read more about our Site Stats feature for WordPress.com sites.
  • Information from Cookies and Other Technologies: A cookie is a string of information that a Site stores on a visitor’s computer, and that the visitor’s browser provides to the Site each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on Sites. Automattic uses cookies and other technologies like pixel tags to help identify and track visitors and Site usage. For more information about the use of cookies and other technologies for tracking, including how visitors can control the use of cookies, please see our Cookie Policy.

How Automattic Uses Visitor Information

Automattic uses information about Site visitors in order to provide their Services to their Users and their Sites.

In addition to the above, they use some information about Site visitors who are also Users of Automattic as described in their Privacy Policy.

They may also use and share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify any individual. For instance, they may publish aggregate statistics about the use of their services.

How Automattic Shares Visitor Information

  • Subsidiaries, Employees, and Independent Contractors: Automattic may disclose Site visitor information to their subsidiaries, their employees, and individuals who are our independent contractors that need to know the information in order to help them provide their services to their Users and Sites, or to process the information on their behalf. They require our subsidiaries, employees, and independent contractors to follow this Privacy Notice for information about visitors that they share with them.
  • Third Party Vendors: Automattic may share Site visitor information with third party vendors who need to know this information in order to provide their services to us. This group includes vendors that help them provide their services to their Users and Sites. They require vendors to agree to privacy commitments in order to share information with them.
  • Legal Requests: Automattic may disclose Site visitor information in response to a subpoena, court order, or other governmental request. For more information on how they respond to requests for information, please see their Legal Guidelines.
  • To Protect Rights, Property, and Others: Automattic may disclose Site visitor information when they believe in good faith that disclosure is reasonably necessary to protect the property or rights of Automattic, their Users, third parties, or the public at large. For example, if they have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
  • Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of their business by another company, or in the unlikely event that Automattic goes out of business or enters bankruptcy, Site visitor information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Notice would continue to apply to Site visitor information and the party receiving this information may continue to use this information, but only consistent with this Privacy Notice.
  • Information Shared Publicly: Information that visitors choose to make public is disclosed publicly. That means, of course, that information like visitor comments and “likes” are all available to others, including information about the visitor that is displayed in connection with a comment or “like” (such as a visitor’s WordPress.com username and Gravatar). Public information may also be indexed by search engines or used by third parties.

How Long Automattic Keeps Visitor Information

If Automattic are not legally required to keep it, they generally discard information about Site visitors when no longer needed for the purposes for which they collect and use it on behalf of their users — those purposes which are described in the “How We Use Visitor Information” section above.

For example, they keep the web server logs that record information about a visitor to one of their user’s Sites — such as the visitor’s IP address, browser type, and operating system — for approximately 30 days. They retain the logs for this period of time in order to, among other things, investigate issues if something goes wrong on a user’s Site.

As another example, when a Site visitor views the Site they use their IP address in order to update the Site Stats with information about the visitors’ visit, like what country they are in. Automattic keep that IP address for approximately 30 days to have enough time to calculate monthly Site Stats and address any issues with those counts.

The legal basis according to the EU data protection laws: (1) The use is necessary in order to fulfill the commitments to their customers under the applicable terms of service; or (2) The use is necessary for compliance with a legal obligation; or (3) The use is necessary in order to protect your vital interests or those of another person; or (4) Automattic has a legitimate interest in using your information — for example, to provide and update their Services; to safeguard their Services; to monitor and prevent any problems with their Services or (5) You have given your consent — for example before we place certain cookies on your device and access and analyze them later on, as described in our Cookie Policy.