Main Content:
Privacy
This is the site's Privacy page.
Human-readable Privacy Policy content goes here. Use the EU GDPR (external link), the CCPA (external link), the CPRA (external link) [PDF], Nevada SB220 (NRS 603A) (external link), and the following as starting points.
By using this website, you consent to the collection of this data in the manner and for the purposes described herein.
- Is you[sic] data used for secondary use? And is it shared with 3rd parties?
- Is your data bartered?
- Under what terms is your data shared with the government and with law enforcement?
- Does the company take reasonable measures to protect your data in all phases of collection and storage.
- Does the service give you control of your data?
- Does the service use your data to build and save a profile for non-primary use?
- Are ad networks being used and under what terms?
Data Minimization
🔖
Purposeful Collection
🔖Information about your use of this website is collected using server access and error logs. The collected information includes the following:
- The (non-anonymized) IP address from which you access the website;
- The type of browser and operating system you use to access our site (from the User-Agent request header sent by your user agent);
- The date and time you access our site;
- The pages you visit; and
- The addresses of pages from where you followed a link to our site.
Limit Retention
🔖Raw access and error logs are retained on the server for three days, and up to three prior days gzipped.
Limit on Use
🔖The information gathered is used to help make this site more useful to visitors and to better understand how and when this site is used.
The primary use the site author makes of server access and error logs is to inform the process of blocking bad bots.
Limit on Data Linking
🔖We do not track or collect personally identifiable information (other than non-anonymized IP address), or associate gathered data with any personally identifying information from other sources.
Erasure
🔖
Authorized uses
🔖
Design for Privacy
🔖Tracking Preference Expression (DNT)
🔖Tracking Preference Expression (DNT) (external link) W3C Working Group Note
-
DNT: 1
HTTP Request Header field value -
navigator
DOM property:.doNotTrack undefined
- .well-known JSON file
Matching the above "tracking"
and "qualifers"
properties,
in response to a DNT: 1
HTTP Request Header, this site sends a
Tk
HTTP Response Header with a
Tracking Status Value (TSV) of
Under Construction (!
)
followed by TSV-extensions of Security(s
)
and Debugging(d
):
Tk: !sd
.
Global Privacy Control (GPC)
🔖Global Privacy Control (GPC) (external link) Unofficial Draft
-
Sec-GPC: ?1
HTTP Request Header structured field value -
Sec-GPC: 1
HTTP Request Header unstructured field valueWhen present, a
Vary: Sec-GPC
HTTP Response Header is sent.ISSUE: The initial spec and early implementations used an unstructured header. Spec Issue #6 Use HTTP structured field values (external link) may (hopefully) change this.
NB: Issue 252 New principle: all new headers shall be structured headers (external link) (reflecting de facto practice) has also been opened on W3C TAG's Web Platform Design Principles (external link).
-
navigator
DOM property:.globalPrivacyControl undefined
- .well-known JSON file
Prefer:safe
🔖The "safe" HTTP Preference (external link) RFC8674 Informational Independent Submission (not on a standards track)
-
Prefer: safe
HTTP Request Header field value
When present,
Preference-Applied: safe
and
Vary: Prefer
HTTP Response Headers are sent.
Obligations on Third Parties
🔖
Cookie Policy
🔖This site doesn't create or use cookies of any kind. Its author, however, has been known to indulge in the occasional chocolate chip, oatmeal raisin, peanut butter, almond, shortbread, snickerdoodle, fig, pizzelle, or biscotti reginelle... all of which are delicious delicacies.
ISSUE: Add a paragraph here about what a PWA is, and how to remove its storage. Explain similarities to and differences from cookies.
Federated Learning of Cohorts (FLoC)
🔖
Permissions-Policy: interest-cohort=()
HTTP Response Headers are sent in response to all requests.
Change Password
🔖This site supports the A Well-Known URL for Changing Passwords (external link) "work in progress" draft specification, mostly as an example for membership sites.
NOTE: This is NOT a membership site. No portion of this site requires a userid or password.
Activating this change-password
link to the change-password
well-known URI
/.well-known/change-password
redirects here.
Security Acknowledgments
🔖We would like to thank the following researchers:
- (YYYY-mm-dd) Researcher Name - Brief issue description
Changes
🔖Substantive changes to this "work in progress" privacy policy will be listed below:
- () Added Federated Learning of Cohorts (FLoC) section.
- () Added this Changes section.
- () Added Change Password section.
- () Added Prefer:safe section.
- () Added Tracking Preference Expression (DNT) section.
- ()
Changed Global Privacy Control (GPC) section to add
.json
file extension to the well-known URI. - () Added Global Privacy Control (GPC) section.
ADVISEMENT: This privacy policy can change without notice. Changes will appear on this page.