Privacy Policy

Last updated: December 2024

I take privacy on the internet very seriously, and only use the data I absolutely need to keep the website working. From December 2025 this blog is hosted on a platform built on text files, and I don't need cookies or trackers for the website to work.

Statistics

I use a cookie-less statistics service called Databuddy. It's privacy-focused and doesn't collect personal data. It shows me page views, what you've clicked on, how you found to the site (search engines, social media etc, domain name only), your browser type, and similar information that helps me understand how to improve the website. Locations are collected by IP address, but all IP addresses are anonymised. You can read more on their privacy policy.

Subscriptions

If you want to you can subscribe to new posts by e-mail. For this I use a service called E-mail Octopus. I will only use your e-mail address to send notifications about new blog posts, and (very) occasionally other important news. You can unsubscribe at any time. The subscription form is located at Email Octopus's website. Find their privacy policy here.

Comments

When you leave a comment on our blog, we collect the following information:

Data We Collect

If you choose to leave a comment on this website, we'll collect your name, comment, website URL and e-mail address (if provided).

How We Use Your Data

  • Name and comment: Displayed publicly on the blog post
  • Website URL: Displayed as a clickable link on your name (if provided)
  • Email address: Used only to notify you when someone replies to your comment (if you opt in). Your email is never shared, sold, or used for marketing.

Email Address Security

If you choose to provide an email address for reply notifications:

  • Your email is encrypted using AES-256 encryption before storage
  • The encrypted email cannot be read without the server's private encryption key
  • Your email is never displayed publicly on the website
  • We only send emails when someone directly replies to your comment
  • Each notification email contains an unsubscribe link to stop future notifications

Your Rights

You can request to have your comment and associated data deleted by contacting us. Comments can be identified by: - The name you used - The blog post it was left on - The approximate date

Rate Limiting & Spam Prevention

To prevent spam and abuse, we implement the following measures:

IP Address Processing

  • Your IP address is temporarily stored to enforce rate limits (maximum comments per hour/day)
  • IP addresses are automatically deleted after 7 days
  • We do not use IP addresses for tracking, profiling, or any purpose other than spam prevention
  • This processing is based on our legitimate interest in maintaining a spam-free website

Spam Protection

  • We use a privacy-friendly "honeypot" technique to detect automated spam bots
  • We do not use Google reCAPTCHA or other third-party services that track users
  • No data is shared with third parties for spam prevention

Geo-blocking

This website uses country-based access restrictions to protect against unauthorized access and security threats.

How It Works

  • When you visit our website, we determine your country using your IP address
  • This country lookup is performed using the MaxMind GeoLite2 database
  • If your country is on our blocked list, you will be redirected to a specific page
  • We do not store or log your IP address for geo-blocking purposes

Data We Process

  • Country code - To determine if access should be blocked. This is logged temporarily, and will be automatically deleted after security review period.
  • IP address - For country lookup only. This is not stored or logged.

Legal Basis

This processing is based on our legitimate interest in: - Protecting our website from security threats - Preventing unauthorized access - Maintaining website security and integrity

Your Rights

If you believe you have been incorrectly blocked, please contact us. We can review and adjust our geo-blocking settings if necessary.

Server Logs

The server logs attack attempts such as spamming attempts, and blocked users (by country code only). Server logs are retained for a limited period and are not used for user profiling or tracking.

Cookies

This website does not use tracking cookies or third-party analytics cookies.

Third-Party Services

This website does not share your data with third-party services for advertising or tracking purposes.

Data Retention

  • Comments: Your name, text, website. This is stored until manually deleted
  • Encrypted email addresses. Stored until you unsubscribe or request deletion.
  • Rate limiting IP addresses. Automatically deleted after 7 days
  • Geo-blocking country codes. Automatically deleted after security review period

Your Rights Under GDPR

If you are in the European Economic Area, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restrict processing: Request we limit how we use your data
  • Data portability: Request your data in a machine-readable format
  • Object: Object to processing based on legitimate interests

To exercise any of these rights, please contact us at: [your email address]

Contact

If you have questions about this privacy policy or your personal data, feel free to get in touch