Who we are
The types of sites covered by this policy can generally be classified as follows:
- Sites that are part of the WordPress multisite instance at ethitter.com;
- Other content-only sites hosted on the erick t. hitter network.
While some portions of the erick t. hitter network are served from infrastructure located outside of the United States, any data collection by the erick t. hitter network occurs exclusively on infrastructure located within the United States.
Covered domains include:
ethitter.com, i.ethitter.com, erick.blog, erick.me, squirex2.com, chrisanderick.com, s.eth.pw, r.eth.pw, idranktoomuch.coffee, bartlet.rocks
What personal data we collect and why we collect it
Contact & Donate Forms
To prevent abuse and fight spam, form submissions include the submitter’s IP address, along with whatever personal information is supplied in the form submission. This information is stored indefinitely, but is not shared with third parties for any purpose, except as noted on the form (for example, in the case of a contest for early access to a service).
Forms that accept payment, such as donation forms, do so using Stripe. A Stripe transaction identifier, as well as the last four digits of the credit card number, are stored along with the aforementioned information retained for forms.
When visitors leave comments on the network, we collect the data shown in the comments form, and also the visitor’s IP address and browser user-agent string. This information is used to prevent abuse and fight spam.
Webmentions are an explicit feature of your content management system: by sending a webmention to the webmention endpoint of this website, you request the server to take notice of that referral and process it. As long as public content is concerned (i.e. you are not sending a private webmention), such use of this website’s webmention endpoint implies that you are aware of it being published.
You can at any time request the removal of one or all webmentions originating from your website.
By visiting any site on the network, cookies are set by the analytics packages noted in the Analytics section. If you opt out of tracking by the network’s analytics package, Matomo (fka Piwik), a cookie is used to record your decision.
If you leave a comment on the network, you may opt in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
One analytics package is used across the erick t. hitter network: Google Analytics.
Access and error logs may contain IP addresses, form submission data, usernames, or other personal data. This information is captured to prevent abuse and resolve service problems.
Who we share your data with
Infrastructure for the erick t. hitter network is provided by:
- Digital Ocean
- Amazon AWS
While data is not explicitly shared with these providers, they may retain their own logs, or otherwise access their respective elements of the network as provided by in their respective terms of service and related policies.
Payments are processed using Stripe. To do so, the email address supplied in the form, as well as the payment total, are shared with Stripe.
To prevent spam, comment data, including IP address, is shared with the Akismet spam-detection service. Read more at https://akismet.com/privacy/.
To analyze and archive server logs, their contents may be archived in Amazon AWS S3 buckets.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For registered users, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Form submissions (Contact, Donate, etc.) are retained indefinitely.
Analytics data is retained indefinitely.
Server logs are retained indefinitely.
What rights you have over your data
If you have an account, have left comments, or have submitted forms on the network, you can request to receive an export file of the personal data we hold about you, including any data you have provided to us. You can also request that we delete any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Additionally, content (posts, comments, contact form submissions, etc) is not removed, but rather is anonymized.
If you visited any portion of the network prior to May 5, 2018, you can request that your IP address be anonymized in un-anonymized analytics logs. Server logs cannot be anonymized for administrative, legal, and security reasons.
Payment information submitted to Stripe is subject to their data-retention policies. The related form data retained by the network can be exported or anonymized as described above.
Where we send your data
With the exception of content served from a KeyCDN node, all requests to the erick t. hitter network are served from infrastructure located in the United States.
Visitor comments may be checked through an automated spam detection service. This may be located abroad.
Your contact information
How we protect your data
All requests are served over encrypted connections, with many domains appearing in the HSTS preload list. Strong passwords are required on all administrative accounts. Whenever possible, accounts are secured with multifactor authentication. Appropriate access controls are utilized.
Server access exclusively uses public keys of at least 2,048 bits. Backups are encrypted at rest when feasible. All server access is monitored and reported via redundant services. All communication between servers in the network occurs over encrypted connections, as does all communication with third-parties services. Servers are monitored for unexpected behaviour, including irregular network traffic and unexpected processes.
What data breach procedures we have in place
In the event that a breach is detected, and whenever feasible, impacted individuals will be notified of what data was compromised.
What third parties we receive data from
What automated decision making and/or profiling we do with user data