GDPR Privacy Policy





Wel­come to Neal Umphred Dot Com. My name is Neal Umphred and it is my pol­icy to re­spect your pri­vacy re­gard­ing any in­for­ma­tion I may col­lect while op­er­at­ing this web­site.

I have a few fun­da­men­tal prin­ci­ples about col­lect­ing both personally-identifying in­for­ma­tion (PII) and non-personally-identifying in­for­ma­tion:

  I don’t ask for per­sonal in­for­ma­tion un­less this web­site needs it.

  I don’t share per­sonal in­for­ma­tion with any­one ex­cept to com­ply with the law, de­velop my prod­ucts, or pro­tect my rights.

  I don’t store per­sonal in­for­ma­tion on my servers un­less re­quired for the on­go­ing op­er­a­tion of this site

This site may col­lect sta­tis­tics about the be­hav­ior of vis­i­tors. This site may dis­play this in­for­ma­tion pub­licly or pro­vide it to oth­ers. How­ever, this web­site does not dis­close personally-identifying in­for­ma­tion other than as de­scribed be­low.

The web­site ad­dress is:


Personal data collected on this site

Like most web­sites, this site col­lects non-personally-identifying in­for­ma­tion of the sort that web-browsers and web-servers typ­i­cally make avail­able, such as browser type, lan­guage pref­er­ence, re­fer­ring site, and the date and time of each vis­i­tor re­quest. My pur­pose in col­lect­ing non-personally-identifying in­for­ma­tion is to bet­ter un­der­stand how my vis­i­tors use this site.

This web­site also col­lects po­ten­tially personally-identifying in­for­ma­tion like In­ter­net Pro­to­col (IP) ad­dresses for logged-in users and users leav­ing com­ments. This site only dis­closes logged-in user and com­menter IP ad­dresses un­der the same cir­cum­stances that it uses and dis­closes personally-identifying in­for­ma­tion as de­scribed be­low, ex­cept that blog com­menter IP ad­dresses are vis­i­ble and dis­closed to the ad­min­is­tra­tors of the blog where the com­ment was left.


Ads ap­pear­ing on this site may be de­liv­ered to users by ad­ver­tis­ing part­ners, who may set cook­ies. These cook­ies al­low the ad-server to rec­og­nize your com­puter each time they send you an on­line ad­ver­tise­ment to com­pile in­for­ma­tion about you or oth­ers who use your com­puter.

This in­for­ma­tion al­lows ad net­works to, among other things, de­liver tar­geted ad­ver­tise­ments that they be­lieve will be of most in­ter­est to you. This Pri­vacy Pol­icy cov­ers the use of cook­ies by this web­site and does not cover the use of cook­ies by any ad­ver­tis­ers.


We col­lect in­for­ma­tion about vis­i­tors who com­ment on Sites that use our Ak­ismet anti-spam ser­vice. The in­for­ma­tion we col­lect de­pends on how the User sets up Ak­ismet for the Site, but typ­i­cally in­cludes the commenter's IP ad­dress, user agent, re­fer­rer, and Site URL (along with other in­for­ma­tion di­rectly pro­vided by the com­menter such as their name, user­name, email ad­dress, and the com­ment it­self).


By de­fault, Word­Press does not col­lect any an­a­lyt­ics data. How­ever, this web­site uses Google An­a­lyt­ics, which has made steps to be­come com­pli­ant with the Eu­ro­pean Union's (EU) new Gen­eral Data Pro­tec­tion Reg­u­la­tion (GDPR) stan­dards. The data re­ten­tion set­tings have twenty-six months as the de­fault set­ting.

On this site, I use An­a­lytify and it is set this to anonymize your IP ad­dresses be­fore stor­age and pro­cess­ing be­gins. The IP anonymiza­tion fea­ture sets the last octet of IPv4 user IP ad­dresses and the last 80 bits of IPv6 ad­dresses to ze­ros in mem­ory shortly af­ter be­ing sent to the An­a­lyt­ics Col­lec­tion Net­work. The full IP ad­dress is never writ­ten to disk in this case.

If you want to ex­clude your­self en­tirely from Google An­a­lyt­ics track­ing, click  HERE.

Cloud Storage

This site may be us­ing WPMU DEV third-party cloud stor­age to store back­ups of its au­dit logs where per­sonal in­for­ma­tion is col­lected.


When vis­i­tors leave com­ments on the site we col­lect the data shown in the com­ments form, and also the visitor’s IP ad­dress and browser user agent string to help spam de­tec­tion.

An anonymized string cre­ated from your email ad­dress (also called a hash) may be pro­vided to the Gra­vatar ser­vice to see if you are us­ing it.

The Gra­vatar ser­vice pri­vacy pol­icy is avail­able here. Af­ter ap­proval of your com­ment, your pro­file pic­ture is vis­i­ble to the pub­lic in the con­text of your com­ment.

Contact forms

This site keeps con­tact form sub­mis­sions for 90 days for cus­tomer ser­vice pur­poses but does not use the in­for­ma­tion sub­mit­ted to them for mar­ket­ing pur­poses.


A cookie is a string of in­for­ma­tion that a web­site stores on a visitor’s com­puter, and that the visitor’s browser pro­vides to the web­site each time the vis­i­tor re­turns. this site uses cook­ies to help it iden­tify and track vis­i­tors, their us­age of this web­site, and their web­site ac­cess pref­er­ences.

Vis­i­tors who do not wish to have cook­ies placed on their com­put­ers should set their browsers to refuse cook­ies be­fore us­ing this web­site, with the draw­back that cer­tain fea­tures of this site may not func­tion prop­erly with­out the aid of cook­ies.

If you leave a com­ment on this site, you may opt-in to save your name, email ad­dress, and web­site in cook­ies. These are for your con­ve­nience so that you do not have to fill in your de­tails again when you leave an­other com­ment. These cook­ies will last for one year.

If you have an ac­count and you log in to this site, this site will set a tem­po­rary cookie to de­ter­mine if your browser ac­cepts cook­ies. This cookie con­tains no per­sonal data and is dis­carded when you close your browser.

When you log in, this site will also set up sev­eral cook­ies to save your lo­gin in­for­ma­tion and your screen dis­play choices. Lo­gin cook­ies last for two days, and screen op­tions cook­ies last for a year. If you se­lect Re­mem­ber Me, your lo­gin will per­sist for two weeks. If you log out of your ac­count, the lo­gin cook­ies will be re­moved.

Embedded content from other websites

Ar­ti­cles on this site may in­clude em­bed­ded con­tent (videos, im­ages, ar­ti­cles, etc.). Em­bed­ded con­tent from other web­sites be­haves in the ex­act same way as if the vis­i­tor has vis­ited the other web­site.

These sites may col­lect data about you, use cook­ies, em­bed ad­di­tional third-party track­ing, and mon­i­tor your in­ter­ac­tion with that em­bed­ded con­tent. This in­cludes trac­ing your in­ter­ac­tion with the em­bed­ded con­tent if you have an ac­count and are logged in to that web­site.

Gathering information

Cer­tain vis­i­tors to this site choose to in­ter­act with me in ways that re­quire me to gather personally-identifying in­for­ma­tion. The amount and type of in­for­ma­tion that this site gath­ers de­pend on the na­ture of the in­ter­ac­tion. For ex­am­ple, I ask vis­i­tors who com­ment on my blogs to pro­vide a user­name and email ad­dress. For those who wish to re­ceive up­dates via email, this web­site col­lects their emails.

In each case, this site col­lects such in­for­ma­tion only in­so­far as is nec­es­sary or ap­pro­pri­ate to ful­fill the pur­pose of the visitor’s in­ter­ac­tion with me. This site does not dis­close personally-identifying in­for­ma­tion other than as de­scribed be­low. And vis­i­tors can al­ways refuse to sup­ply personally-identifying in­for­ma­tion, with the caveat that it may pre­vent them from en­gag­ing in cer­tain website-related ac­tiv­i­ties.


This site does not use avatar im­ages or Gra­vatar im­ages, so no per­sonal in­for­ma­tion is col­lected for that use.

WPMU Hummingbird

Hum­ming­bird uses the Stack­path Con­tent De­liv­ery Net­work (CDN). Stack­path may store web log in­for­ma­tion of site vis­i­tors, in­clud­ing IPs, UA, re­fer­rer, Lo­ca­tion and ISP info of site vis­i­tors for 7 days. Files and im­ages served by the CDN may be stored and served from coun­tries other than your own. Stackpath’s pri­vacy pol­icy can be found here.

WPMU Smush

WP Smush does not in­ter­act with end users on your web­site. The only in­put op­tion Smush has is to a newslet­ter sub­scrip­tion for site ad­mins only. If you would like to no­tify your users of this in your pri­vacy pol­icy, you can use the in­for­ma­tion be­low.

Smush sends im­ages to the WPMU DEV servers to op­ti­mize them for web use. This in­cludes the trans­fer of EXIF data. The EXIF data will ei­ther be stripped or re­turned as it is. It is not stored on the WPMU DEV servers.

Smush uses the Stack­path Con­tent De­liv­ery Net­work (CDN). Stack­path may store web log in­for­ma­tion of site vis­i­tors, in­clud­ing IPs, UA, re­fer­rer, Lo­ca­tion and ISP info of site vis­i­tors for 7 days. Files and im­ages served by the CDN may be stored and served from coun­tries other than your own. Stackpath's pri­vacy pol­icy can be found here.



this site uses sev­eral op­tions avail­able from the Jet­pack plu­gin. Jet­pack has made the fol­low­ing in­for­ma­tion avail­able for use in this Pri­vacy Pol­icy:


The data used in­cludes commenter’s name, email ad­dress, and site URL (if pro­vided via the com­ment form), time­stamp, and IP ad­dress. Ad­di­tion­ally, a IFrame re­ceives the fol­low­ing data: blog ID at­tached to the site, ID of the post on which the com­ment is be­ing sub­mit­ted, commenter’s lo­cal user ID (if avail­able), commenter’s lo­cal user­name (if avail­able), commenter’s site URL (if avail­able), MD5 hash of the commenter’s email ad­dress (if avail­able), and the com­ment con­tent. If Ak­ismet (also owned by Au­tomat­tic) is en­abled on the site, the fol­low­ing in­for­ma­tion is sent to the ser­vice for the sole pur­pose of spam check­ing: commenter’s name, email ad­dress, site URL, IP ad­dress, and user agent.

The ac­tiv­ity tracked in­cludes the com­ment author’s name, email ad­dress, and site URL (if pro­vided dur­ing the com­ment sub­mis­sion) are stored in cook­ies. Learn more about these cook­ies.

Data synced in­cludes all data and meta­data (see above) as­so­ci­ated with com­ments. This in­cludes the sta­tus of the com­ment and if Ak­ismet is en­abled on the site, whether or not it was clas­si­fied as spam by Ak­ismet.

Mobile Theme

The data used in­cludes visitor’s pref­er­ence on view­ing the mo­bile ver­sion of a site. A cookie (akm_mobile) is stored for 3.5 days to re­mem­ber whether or not a vis­i­tor of the site wishes to view its mo­bile ver­sion.


In or­der to check lo­gin ac­tiv­ity and po­ten­tially block fraud­u­lent at­tempts, the fol­low­ing in­for­ma­tion is used: at­tempt­ing user’s IP ad­dress, at­tempt­ing user’s email address/username (i.e. ac­cord­ing to the value they were at­tempt­ing to use dur­ing the lo­gin process), and all IP-related HTTP head­ers at­tached to the at­tempt­ing user.

Failed lo­gin at­tempts (these in­clude IP ad­dress and user agent). We also set a cookie (jpp_math_pass) for one day to re­mem­ber if/when a user has suc­cess­fully com­pleted a math captcha to prove that they’re a real hu­man. Learn more about this cookie.

Data synced in­clude failed lo­gin at­tempts, which con­tain the user’s IP ad­dress, at­tempted user­name or email ad­dress, and user agent in­for­ma­tion.


To ini­ti­ate and process sub­scrip­tions, the fol­low­ing in­for­ma­tion is used: subscriber’s email ad­dress and the ID of the post or com­ment (de­pend­ing on the spe­cific sub­scrip­tion be­ing processed). In the event of a new sub­scrip­tion be­ing ini­ti­ated, we also col­lect some ba­sic server data, in­clud­ing all of the sub­scrib­ing user’s HTTP re­quest head­ers, the IP ad­dress from which the sub­scrib­ing user is view­ing the page, and the URI which was given in or­der to ac­cess the page (REQUEST_URI and DOCUMENT_URI). This server data used for the ex­clu­sive pur­pose of mon­i­tor­ing and pre­vent­ing abuse and spam.

Func­tion­al­ity cook­ies are set for a du­ra­tion of 347 days to re­mem­ber a visitor’s blog and post sub­scrip­tion choices if, in fact, they have an ac­tive sub­scrip­tion.


Who we share data with

By de­fault, Word­Press does not share any per­sonal data with any­one, and I do not and will not rent or sell po­ten­tially personally-identifying and personally-identifying in­for­ma­tion to any­one.

This site dis­closes po­ten­tially personally-identifying and personally-identifying in­for­ma­tion only in re­sponse to a sub­poena, court or­der, or other gov­ern­men­tal re­quests, or when I be­lieve in good faith that dis­clo­sure is rea­son­ably nec­es­sary to pro­tect the prop­erty or rights of this web­site, third par­ties, or the pub­lic at large.

If you are a reg­is­tered user of this site and have sup­plied your email ad­dress, I may oc­ca­sion­ally send you an email to tell you about new fea­tures, so­licit your feed­back, or just keep you up to date with what’s go­ing on with this web­site and my prod­ucts.

This site takes all mea­sures rea­son­ably nec­es­sary to pro­tect against the unau­tho­rized ac­cess, use, al­ter­ation, or de­struc­tion of po­ten­tially personally-identifying and personally-identifying in­for­ma­tion.


How long we retain data

If you leave a com­ment on this site, the com­ment and its meta­data are re­tained in­def­i­nitely. This is so the site can rec­og­nize and ap­prove any follow-up com­ments au­to­mat­i­cally in­stead of hold­ing them in a mod­er­a­tion queue.

For users that reg­is­ter on this site, this site also stores the per­sonal in­for­ma­tion they pro­vide in their user pro­file. All users can see, edit, or delete their per­sonal in­for­ma­tion at any time (ex­cept they can­not change their user­name).


What rights you have over your data

If you have an ac­count on this site or have left com­ments on this site, you have the fol­low­ing rights:

  You can re­quest to re­ceive an ex­ported file of the per­sonal data this site holds about you, in­clud­ing any data you have pro­vided it.

  You can also re­quest that this site erases any per­sonal data it holds about you. This does not in­clude any data this site is obliged to keep for ad­min­is­tra­tive, le­gal, or se­cu­rity pur­poses.


Where we send your data

Vis­i­tor com­ments left on this site may be checked through Ak­ismet, an au­to­mated spam de­tec­tion ser­vice. (See above)


How we protect your data

This site takes all mea­sures rea­son­ably nec­es­sary to pro­tect against the unau­tho­rized ac­cess, use, al­ter­ation, or de­struc­tion of po­ten­tially personally-identifying and personally-identifying in­for­ma­tion. This is done us­ing sev­eral se­cu­rity ser­vice plu­g­ins.


What third parties we receive data from

This site does not re­ceive data about users from third par­ties, in­clud­ing but not lim­ited to ad­ver­tis­ers.


Automated decision making and profiling

This site does not al­low any au­to­mated decision-making or pro­fil­ing.


Industry regulatory disclosures

I am not a mem­ber of any reg­u­lated in­dus­try and there­fore not re­quired to dis­close any in­for­ma­tion on the web­site to any­one business-related.


Privacy Policy changes

Al­though most changes are likely to be mi­nor, this site may change its Pri­vacy Pol­icy from time to time, and in my sole dis­cre­tion. I en­cour­age vis­i­tors to fre­quently check this page for any changes to its Pri­vacy Pol­icy.

Your con­tin­ued use of this site af­ter any change in this Pri­vacy Pol­icy will con­sti­tute your ac­cep­tance of such change.


Contacting me

Should you need to reach me re­gard­ing any of the is­sues in this pol­icy, send me a mes­sage at