Welcome to Neal Umphred Dot Com (NUDC), where my name is Neal Umphred and it is my policy to respect your privacy regarding any information I may collect while operating this website.
I have a few fundamental principles about collecting both personally-identifying information (PII) and non-personally-identifying information:
• I don’t ask for personal information unless this website needs it.
• I don’t share personal information with anyone except to comply with the law, develop my products, or protect my rights.
• I don’t store personal information on my servers unless required for the ongoing operation of this site.
The website address here is: www.nealumphred.com
Personal data collected on this site
Like most websites, NUDC collects non-personally-identifying information of the sort that web-browsers and web-servers typically make available, such as browser type, language preference, referring site, and the date and time of each visitor request. My purpose in collecting non-personally-identifying information is to better understand how my visitors use this site.
This website also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged-in users and users leaving comments. This site only discloses logged-in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below, except that blog-commenter IP addresses are visible and disclosed to the administrators of the blog where the comment was left.
Ads appearing on NUDC may be delivered to users by advertising partners, who may set cookies. These cookies allow the ad-server to recognize your computer each time they send you an online advertisement to compile information about you or others who use your computer.
NUDC may collect statistics about the behavior of visitors. For instance, on this site I use Akismet to monitor the most popular pages and to help identify spam. This site may display this information publicly or provide it to others. However, this website does not disclose personally-identifying information other than as described below.
By default WordPress does not collect any analytics data. However, this website uses Google Analytics, which has made steps to become compliant with the European Union’s (EU) new General Data Protection Regulation (GDPR) standards. The data retention settings have twenty-six months as the default setting.
On NUDC, I use Analytify and it is set this to anonymize your IP addresses before storage and processing begins. The IP anonymization feature sets the last octet of IPv4 user IP addresses and the last 80 bits of IPv6 addresses to zeros in memory shortly after being sent to the Analytics Collection Network. The full IP address is never written to disk in this case.
This site may be using WPMU DEV third-party cloud storage to store backups of its audit logs where personal information is collected.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it.
NUDC keeps contact form submissions for a 90 days for customer service purposes, but does not use the information submitted through them for marketing purposes.
If you leave a comment on NUDC, you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, NUDC will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, this site will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select Remember Me, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded content from other websites
Articles on NUDC may include embedded content (videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Certain visitors to NUDC choose to interact with me in ways that require me to gather personally-identifying information. The amount and type of information that this site gathers depends on the nature of the interaction. For example, I ask visitors who comment on my blogs to provide a username and email address. For those who wish to receive updates via email, this website collects their emails.
In each case, NUDC collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with me. This site does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.
NUDC does not use avatar images or Gravatar images, so no personal information is collected for that use.
The data used includes commenter’s name, email address, and site URL (if provided via the comment form), timestamp, and IP address. Additionally, a jetpack.wordpress.com IFrame receives the following data: WordPress.com blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s local user ID (if available), commenter’s local username (if available), commenter’s site URL (if available), MD5 hash of the commenter’s email address (if available), and the comment content. If Akismet (also owned by Automattic) is enabled on the site, the following information is sent to the service for the sole purpose of spam checking: commenter’s name, email address, site URL, IP address, and user agent.
The activity tracked includes the comment author’s name, email address, and site URL (if provided during the comment submission) are stored in cookies. Learn more about these cookies.
Data synced includes all data and metadata (see above) associated with comments. This includes the status of the comment and, if Akismet is enabled on the site, whether or not it was classified as spam by Akismet.
The data used includes visitor’s preference on viewing the mobile version of a site. A cookie (
akm_mobile) is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version.
In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Failed login attempts (these include IP address and user agent). We also set a cookie (
jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.
Data synced includes failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (
DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
Who we share data with
By default, WordPress does not share any personal data with anyone, and I do not and will not rent or sell potentially personally-identifying and personally-identifying information to anyone.
NUDC discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order, or other governmental request, or when I believe in good faith that disclosure is reasonably necessary to protect the property or rights of this website, third parties, or the public at large.
If you are a registered user of NUDC and have supplied your email address, I may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with this website and my products.
NUDC takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of potentially personally-identifying and personally-identifying information.
How long we retain data
If you leave a comment on NUDC, the comment and its metadata are retained indefinitely. This is so the site can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on NUDC, this site also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username).
What rights you have over your data
If you have an account on NUDC, or have left comments on NUDC, you have the following rights:
• You can request to receive an exported file of the personal data this site holds about you, including any data you have provided it.
• You can also request that this site erases any personal data it holds about you. This does not include any data this site is obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments left on NUDC may be checked through Akismet, an automated spam detection service. (See above)
How we protect your data
NUDC takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of potentially personally-identifying and personally-identifying information. This is done using several security service plugins.
What third parties we receive data from
NUDC does not receives data about users from third parties, including but not limited to advertisers.
Automated decision making and profiling
NUDC does not allow any automated decision-making or profiling.
Industry regulatory disclosures
I am not a member of any regulated industry and therefore not required to disclose any information on the website to anyone business-related.
Should you need to reach me regarding any of the issues in this policy, send me a message at firstname.lastname@example.org.