Skip Banner
Banner:


Main Content:

Privacy

Last updated:

This is the site's Privacy page.

Human-readable Privacy Policy content goes here. Use the EU GDPR (external link), the CCPA (external link), the CPRA (external link) [PDF], Nevada SB220 (NRS 603A) (external link), and the following as starting points.

By using this website, you consent to the collection of this data in the manner and for the purposes described herein.

  • Is you[sic] data used for secondary use? And is it shared with 3rd parties?
  • Is your data bartered?
  • Under what terms is your data shared with the government and with law enforcement?
  • Does the company take reasonable measures to protect your data in all phases of collection and storage.
  • Does the service give you control of your data?
  • Does the service use your data to build and save a profile for non-primary use?
  • Are ad networks being used and under what terms?

Data Minimization

🔖

Purposeful Collection

🔖

Information about your use of this website is collected using server access and error logs. The collected information includes the following:

  • The (non-anonymized) IP address from which you access the website;
  • The type of browser and operating system you use to access our site (from the User-Agent request header sent by your user agent);
  • The date and time you access our site;
  • The pages you visit; and
  • The addresses of pages from where you followed a link to our site.

Limit Retention

🔖

Raw access and error logs are retained on the server for three days, and up to three prior days gzipped.

Limit on Use

🔖

The information gathered is used to help make this site more useful to visitors and to better understand how and when this site is used.

The primary use the site author makes of server access and error logs is to inform the process of blocking bad bots.

Limit on Data Linking

🔖

We do not track or collect personally identifiable information (other than non-anonymized IP address), or associate gathered data with any personally identifying information from other sources.

Erasure

🔖

Authorized uses

🔖

Design for Privacy

🔖

Tracking Preference Expression (DNT)

🔖

Tracking Preference Expression (DNT) (external link) W3C Working Group Note

  • DNT: 1 HTTP Request Header field value
  • navigator.doNotTrack DOM property: undefined
  • .well-known JSON file
    /.well-known/dnt/
    {
      "tracking": "!",
      "qualifiers": "sd",
      "compliance": [
        "https://www.w3.org/TR/tracking-compliance/",
        "https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679",
        "https://www.oag.ca.gov/sites/all/files/agweb/pdfs/privacy/oal-sub-final-text-of-regs.pdf",
        "https://www.leg.state.nv.us/NRS/NRS-603A.html",
        "https://www.eff.org/dnt-policy"
      ],
      "controller": ["/about#me"],
      "same-party": [
        "billgoldstein.name",
        "www.billgoldstein.name"
      ],
      "audit": [
        "https://no-external-audits-have-been-performed.example.com"
      ],
      "policy": "/privacy",
      "config": "/.well-known/clear-site-data/wildcard"
    }

Matching the above "tracking" and "qualifers" properties, in response to a DNT: 1 HTTP Request Header, this site sends a Tk HTTP Response Header with a Tracking Status Value (TSV) of Under Construction (!) followed by TSV-extensions of Security(s) and Debugging(d): Tk: !sd.

Global Privacy Control (GPC)

🔖
Press Release | Global Privacy Control (external link)

Global Privacy Control (GPC) (external link) Unofficial Draft

Prefer:safe

🔖

The "safe" HTTP Preference (external link) RFC8674 Informational Independent Submission (not on a standards track)

  • Prefer: safe HTTP Request Header field value

When present, Preference-Applied: safe and Vary: Prefer HTTP Response Headers are sent.

Obligations on Third Parties

🔖

🔖

This site doesn't create or use cookies of any kind. Its author, however, has been known to indulge in the occasional chocolate chip, oatmeal raisin, peanut butter, almond, shortbread, snickerdoodle, fig, pizzelle, or biscotti reginelle... all of which are delicious delicacies.

ISSUE: Add a paragraph here about what a PWA is, and how to remove its storage. Explain similarities to and differences from cookies.

Change Password

🔖

This site supports the A Well-Known URL for Changing Passwords (external link) "work in progress" draft specification, mostly as an example for membership sites.

NOTE: This is NOT a membership site. No portion of this site requires a userid or password.

Activating this change-password link to the change-password well-known URI /.well-known/change-password redirects here.

Security Acknowledgments

🔖

We would like to thank the following researchers:

  • (YYYY-mm-dd) Researcher Name - Brief issue description

Changes

🔖

Substantive changes to this "work in progress" privacy policy will be listed below:

  • () Added this Changes section.
  • () Added Change Password section.
  • () Added Prefer:safe section.
  • () Added Tracking Preference Expression (DNT) section.
  • () Changed Global Privacy Control (GPC) section to add .json file extension to the well-known URI.
  • () Added Global Privacy Control (GPC) section.

ADVISEMENT: This privacy policy can change without notice. Changes will appear on this page.