In general, I don’t want any of your private information. Luckily this is a pretty simple website: it’s just plain old HTML files, no fancy logic or targeted whatever. I do however use a couple of tools to help administer the site. By necessity, these tools collect some aggregate (non-identifying) information and, if you explicitly opt in, some personally identifying information.
I’ll outline these tools one by one.
Personally Identifying Information
You can withdraw your consent to be emailed at any time by clicking the Unsubscribe link on any received email; this will remove all of your information from my Mailchimp contact list, and I will no longer have access to any of that data.
Comments may be offered on the blog in the future. The comments system I currently have in place is entirely self-hosted, and stores the comments in a single file on my web host’s server. The comment system collects only the information you give it, which may include your name, email address, a website if you choose to include one, and your IP address for spam prevention purposes. This information is solely used to store and display comments on pages on this website.
You should be able to delete your own comments by visiting the comments section from the same browser where you left the comment; this will delete all the information that was originally collected in the course of leaving that comment. If for whatever reason you lose access to the delete button, you can contact me directly (joey at the outset dot net) from the email address associated with the comment; I’m happy to go into the database file and delete your comment manually.
I use Google Analytics to see aggregate information about who’s visiting the site, what they’re seeing and where they’re from. This information is not personally identifying, and it is reported to me only in aggregate. Location information is limited to broad categories of city or state (i.e. “Sydney, Australia”, not “42 Wallaby Way, Sydney, Australia”).
To the best of my understanding, there is no personally identifying information in Google Analytics, just aggregate data. Even so, if you wish to opt out, you can use a tool like Ghostery within your browser to block the Google Analytics script. If you do this, your visit will not be reported to Google Analytics, and you will not be included in the aggregate data.
I have explicitly opted out of demographic tracking. Google offers a tool that embeds an advertising cookie in order to collect users’ age, gender, and interests. I turned this tool off before launching the site, and I do not get any of this information. Don’t want it. Also don’t want to expose you to a tracking cookie.
Google Analytics is the only third party analytics script on The Outset, and I think it strikes an appropriate balance between protecting your privacy and gaining insight into how the site is doing.
Web Hosting Logs
This last one has to do with the technical aspect of running a website. My web host, Webfaction, maintains logs of requests and errors that come through the web server. These logs may contain your IP address and browser configuration. I do not mine these logs for information, and frankly I’d rather they not exist at all, but it’s just how web servers work.
In terms of data retention, these logs are ephemeral by design, and my understanding is that they are destroyed on a rolling basis every seven days. More information about server logs can be found here.
This is the first revision of this document, published on May 25, 2018. I pledge to update this page if circumstances change in the future. If there are changes, I also pledge to update this section with a plain English description of what’s changed and the rationale behind those changes.