Privacy Policy

Information We Collect Automatically

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Google Analytics

When someone visits our website, we use Google Analytics to collect standard Internet usage information and details of visitor behavior patterns. We do this to learn more about how our website is working, how many visitors we have and what is being accessed and useful to our visitors. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website.

This information is collected and stored by Google and not on our website. The information collected does not include your email, name, account information, or billing information. It includes such information as:

• Your IP address or proxy server IP address
• Basic domain information
• Your Internet service provider
• Date and time of your visit to our website
• Length of time on our website
• Pages you have accessed
• Website which referred you to us
• Operating system your computer uses

Additional Information

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

How Long We Retain Your Data

Generally, all information is stored indefinitely unless you request to remove it.

If you leave a comment or fill out a contact form, the comment, your information and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

We do not expire the Google Analytics data pertaining to your visit to our website.

What Rights You Have Over Your Data

If you have an account on this site, or have left comments or completed a contact form, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where We Send Your Data

Visitors’ comments, contact forms and quote request forms may be checked through an automated spam detection service.

We use a third-party provider, MailChimp, to deliver our newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see Mailchimp’s privacy notice.

When/If you make a purchase on our website certain types of sensitive information, such as financial information, may be collected. We do not receive or retain copies of this information on our server. We redirect visitors to a secure server to complete these transactions and all data is both collected and stored by these processors. Current payment gateways in use are maintained by PayPal and Stripe. For more information, please see PayPal’s and Stripe’s privacy notices.

We will not sell, rent, or share your personal information to any third party for marketing purposes without your consent.

How We Protect Your Data

The security of your personal information is important to us.

• Your information is sent over an authenticated and encrypted connection using the Secure Socket Layer (SSL).
• We communicate with third-party partners (as identified in this Privacy Policy) via SSL.
• We limit login attempts, use iThemes Security protocols and host with a provider who actively monitors security and intrusions on our website.

Additional Security Tools

Our website uses WordPress plugins for security and backup. The information we collect is in backups stored on the web server. See iThemes Security Privacy Policy for specific information.

Backup Tools

Per the functionality of this plugin, backups of our website files and/or database are created and stored locally on the server we use and/or remotely on 3rd party servers based on the settings of this plugin. Archives can include, but are not limited to, file and database assets, including hashed passwords, 3rd party data, uploads and user information. These backups are stored to provide critical functionality of this plugin.

Cookies are used to handle importing and restoring backups. Cookies used during the restore/import process expire after 24 hours.

Some plugin settings ask for an email address or login credentials to 3rd party services. This is stored to provide functional features to the plugin.

This plugin tracks dates, times and actions of successful and unsuccessful backups and remote data transfers. This is stored to help make the plugin better and assist with troubleshooting problems.

This plugin logs some personal information such as email addresses, usernames, database and server information. This is stored to help make the plugin better and assist with troubleshooting problems. Settings are retained indefinitely until they are changed or removed manually.

Backup zip files are stored with hashed file names to prevent filename guessing and directory browsing is disabled.

Backups can be sent to third-party destination servers, including but not limited to:

• BackupBuddy Stash | Privacy Policy
• BackupBuddy Deployment | Privacy Policy
• Amazon S3 | Privacy Policy
• Dropbox | Privacy Policy
• Google Drive | Privacy Policy
• Rackspace Cloud | Privacy Policy

Security Tools

Security Logs: The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.

When running Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site’s URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.

This site is scanned for potential malware and vulnerabilities by the iThemes Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.

In order to ensure file integrity, iThemes Security pulls data from wordpress.org, ithemes.com, and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site’s locale, a list of installed plugins, and a list of each plugin’s version. Requests to ithemes.com and amazonaws.com include the installed iThemes products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For ithemes.com privacy policy details, please see the iThemes Privacy Policy. Requests to amazonaws.com are to content added and managed by iThemes which is covered by the Amazon Web Services Data Privacy policy.

Nonetheless, no communication via the Internet can ever be 100% secure. Accordingly, you are advised to use caution and discretion when determining what personal information to disclose to us via the site. If you have any questions about security on our site, contact us.