Privacy/GDPR

What personal data we collect and why we collect it

Cookies

Some forms on this site require the use of Google’s reCAPTCHA service before they can be submitted. If you consent to use Google’s reCAPTCHA service, a cookie is created that stores your consent. This cookie deletes itself after thirty days.

Visiting the login page sets a temporary cookie that aids compatibility with some alternate login methods. This cookie contains no personal data and expires after 1 hour.

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 180 days.

Who we share your data with

Some forms on this site require the use of Google’s reCAPTCHA service before they can be submitted. Use of the reCAPTCHA service is subject to the Google Privacy Policy and Terms of Use.

A QR code image is generated for users that set up two-factor authentication for this site. This image is generated using Google Chart’s API. As part of generating this image, your username is sent to the API. For details about Google Chart’s privacy policy, please see Security and Privacy in Charts.

This site is scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

In order to ensure file integrity, iThemes Security pulls data from wordpress.org, ithemes.com, and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site’s locale, a list of installed plugins, and a list of each plugin’s version. Requests to ithemes.com and amazonaws.com include the installed iThemes products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For ithemes.com privacy policy details, please see the iThemes Privacy Policy. Requests to amazonaws.com are to content added and managed by iThemes which is covered by the Amazon Web Services Data Privacy policy.

When running Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site’s URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.

How long we retain your data

Security logs are retained for 180 days.

Where we send your data

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.

GDPR COMPLIANCE

You can ask us to remove your information from my site and systems and we will do so.

This website uses cookies. Our cookie policy statement shows up at the bottom of every page (click on it to make it go away).

We Google analytics to tell us about our users so we can serve them better. We don’t share or sell this data to anyone.

This blog is SSL encrypted.

All data is stored on a WordPress database that is GDPR compliant