I spent an hour trying to write my own privacy policy and realized there's a lot of compromises I have to make if I want to create a useful secure web site in the 21st century. Let me know how to make it better.
I'm Rob. This website address is: https://robray.net.
I embed media players from other sites, such as youtube.com, vimeo.com, spotify.com and others. I can't control the tracking they do. If I hear about some particularly gross stuff they are doing to compromise your privacy, I will do my best to block it or try to get media from other sources. See the Embedded content from other websites section of this document for more information.
I try to avoid uploading photos of people with embedded location data (EXIF GPS) included. Visitors (most likely bots) to the website can download these images and extract this location data from photos on the website. This data could be used to compromise a person's privacy. Not good.
I don't intentionally set cookies. If I have set one by mistake I will remedy it. I use Cloudflare DNS and R2 for hosting my site.
Things I post on this site often include embedded content (e.g. videos, sound files, images, pdfs, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited this other website.
These websites probably collect data about you, use cookies, embed additional third-party tracking, and monitor your interactions with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
For example, if I embed a youtube.com video you can expect youtube.com to be tracking you. I don’t access this data, but I want to be clear that my web pages are exposing you to tracking by third parties.
I don’t run any analytics tools.
I don’t knowingly share, sell, or trade your data.
My website traffic logs are deleted weekly.
I don't knowingly collect any personal data about you. But you can email me if you have a concern. This does not include any data I am obliged to keep for administrative, legal, or security purposes.
Nowhere.
Should my Cloudflare R2 bucket get hacked, I will send out an email to any of my subscribers. I will also post a message on my site once it is back up.
None.
None.