- What This Site Collects
- What We Do With Collected Information
- Site Security and Log Data
- Third Party Functionality and Privacy Policies
For the most part this site is read-only, however there are a number of functions that can and do collect information as a function of what they are. These include:
- IP Data: Another natural part of Internet use is the sending of source IP data to the destination server—in this case, danielmiessler.com. Just as with cookie data, no attempt is ever made to link source IP addresses to people. The only way source IP data is used on this site is indirectly by analytics frameworks that are part of the web stack. Each of these will be mentioned below, with links to their privacy policies.
Here I will cover how logs are handled, which may contain both cookie and IP address data.
Access to the site is logged in a standard fashion using the web server logs (Nginx in this case). These logs may contain cookie and IP address data, as is standard with most web log formats.
Access to this server is restricted to very few people (myself and one other person), and log data has never been requested—nor provided to—any third party. The server itself is a Virtual Private Server (VPS) hosted with AWS.
As mentioned earlier, no log data will ever be used to attempt to link cookies or IP addresses to actual people, and this log data will never be provided to third parties under any circumstances.
While it’s not possible to guarantee this site’s security (and you should be cautious of anyone who offers such a claim), a great number of measures have been taken to ensure that this server cannot be penetrated without authorization. These include the use of limited accounts, regular security updates, regular security assessments, and the use of hardened remote access options.
In this section I will provide the privacy information for four (4) key third parties that this site has a relationship with:
- Google Analytics:
We do not collect or handle data beyond what is described above, so we do not believe that we have any specific GDPR challenges. If you are from the EU, however, and have any questions about anything above, please feel free to reach out to us. We will do what we need to in order to be compliant with the law.
We take these issues extremely seriously, and if you have any concerns about how your data is being treated, or would like to report an incident, please use one of the email addresses listed below:
- This policy is subject to updates as various technologies are changed on the site. Please check back as often as necessary to ensure that you have the latest information.