Privacy Policy

Plain-Language Introduction

This is a personal web site. I’m not interested in your personal information, so I don’t collect it, other than what is needed to serve web pages you requested. I’ve disabled as many third-party services as I can, while still allowing things like comments, spam filters, and new post notifications to work.

I self-host as much media as I can. If I’ve linked something from another site, though, such as YouTube, Bandcamp, Vimeo, etc., playing that media may allow the host site to collect information about you. But unless you’ve never watched a YouTube video or streamed something from Soundcloud in your entire life, they’ve already got your information. In fact, I’m not sure you even have to have ever been on the Internet for them to have already gotten your information from someone who’s related to you. I also don’t use any advertising services.

Most of the remainder of this policy has been automatically generated based on what’s running behind the scenes. I’ve filled in the blanks where needed and provided additional detail where warranted.

Who we are

Our website address is: https://www.raytoler.com. If you needed to read this policy to get that information, please don’t vote.

If you’d like to know about Ray Toler, uh… the site is raytoler.com and it is a monument to his ego and inflated sense of self-worth. Pick any random page on this site and, trust me, you will hear far more about “Who we are” than you can stand.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture or Gravatar is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website. Also, if you upload images to the website, please let me know at your earliest convenience because there’s no way you should have been able to do so.

Contact forms

Contact forms are not currently in use on the site. This policy will be updated if any are created.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day. As with uploading media, please let Ray know if you edit or publish an article because a) you absolutely shouldn’t be able to and b) Ray’s ego will allow no competition.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites, most owned by giant multinational corporations who already track you everywhere you go, may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

I try to minimize embeds, especially from companies who have decided that “Don’t Be Evil” is too hard to adhere to, but sometimes a quick YouTube video is needed. If you don’t want their tracking, don’t click the Play button. Also, maybe consider throwing your phone away because it’s doing a lot worse.

Analytics

I use the Matomo analytics package. It is hosted locally on this server, and is configured to only provide data about what articles people read, how long they stay on certain pages, and so on. I’ve configured it to collect the minimal amount of information needed to show me simple site metrics like which pages are most popular. I’m not doing any user tracking other than noting if people have also visited my artist persona site, www.releaux.com. It is not collecting anything like heat maps, telling me how many spy cookies you have in your browser, what’s on you Amazon wish list and so on, for the simple reason that I don’t care about any of that. Unlike many other analytics packages, Matomo does actually honor the “Do not track me” flag in your browser, which you should always have set to “on.”

I could be a weasel like a lot of other sites and tell you that all of the cookies this site uses are necessary for functionality (which, depending on how you get your lawyer to classify “functionality” in your 80 page EULA, might be true). Most of them are actually necessary. One or two are not, but no cookie placed by this website is used by any person in the world other than me, and would be useless to them anyway because it doesn’t correlate to anything else. This is why I uninstalled Google Analytics about 4 hours after I installed it… it’s all just too creepy.

Who we share your data with

Nobody. Seriously, nobody.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

The above paragraph is the canned version that satisfies some well-intentioned, but horribly written law like the GDPR or California’s “Me Too” version of that. The reality is that if you actually read this and decide you don’t like the idea of me knowing the IP address you used in 2017 when you left that comment on a blog read by literally tens of people, you can make all of the above requests and I will then spend the next 6 hours trying to figure out where it might possibly be stored in the hidden depths of the WordPress or Matomo dungeons, only to find that it’s not actually there.

In fact, in order to request that I delete your data, you will have to provide me with more personal data than I already have. So maybe just consider that having a nice cup of tea or taking a walk outdoors might be a more productive thing to do than worry about that nefarious Ray Toler dude. Honestly. You have bigger things to worry about. Like that super-cool emoji pack you just added to your messenger app that phones home to Russia or China every five minutes. Or your Snapchat/TikTok/Instagram account.

But if you really really, really, really, really, really, really, really, really, really, really, really, really, really, want me to track it all down and delete it, let me know and I will.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Additional information

How we protect your data

Reasonable precautions are taken to protect any information you provide, but nothing beyond what a normal private person would do to protect the information provided by their friends. If you’re worried about a data breach from this site, please don’t provide any information.

What data breach procedures we have in place

If we become aware of a data breach, we will take reasonable steps to identify and inform anyone affected. I imagine our respective lawyers will argue over what “reasonable” means, but in this day and age, it’s almost an obsolete word anyway as “reason” has taken a backseat to “how can I profit from this?” And if I could make a profit off of you, trust me, I would already have tried.

What third parties we receive data from

We don’t utilize any third party analytics or profiling services.