Privacy Policy

Last updated:

Click here for acknowledgements, credits, accessibility statements, and other notes.


Overview

My name is Narada Thomas. I am based out of British Columbia and am responsible for the website which can be found at the URL: https://www.narada.ca/

This privacy policy outlines what personal data I collect and how it is used, additional information such as how I protect personal data, attributions to sources that we have found useful when writing this policy, and how to get in touch if you have any questions about this policy. This policy is mainly written in the third person so as to be more useful to others who may wish to refer to it for their own policies.

What Personal Data is Collected and Why

Personal data is also known as personal information, personally identifying information (PII), or sensitive personal information (SPI). It refers to any information that may be used to identify a person such as a name or IP address.

We collect personal data primarily on the lawful basis of legitimate interest. More specifically, we use it to maintain this website’s security and essential functionality. When legitimate interest does not suffice, for example, in the collection of email addresses for comments or email interactions, we do so on the lawful basis of consent. The nature of the collected data, how the data is used, who the data is shared with, and how long the data is retained are outlined below.

Logging Visitors and Analytics

Our website hosting provider is Web Hosting Canada (WHC) and see WHC’s privacy policy here: https://whc.ca/legal/privacy-policy. WHC maintains server logs, including information about site visitors, for functionality and security purposes.

In addition to visitor logging information provided by WHC, We currently use and experiment with various logging services: Koko Analytics, Google Analytics, Microsoft Clarity, and Clicky. We expect to run these analytics tools till August 10, 2024, to find the best analytics tool that meets our needs while protecting our visitors’ data at an affordable price or free of charge.

Some information we currently collect but not limited to: IP addresses, browser type, internet service provider (ISP), referring or exit pages, the files and links viewed on the site, operating system, date/time stamp, site heatmap, time spent on the site, and affiliated links. We don’t sell, rent, or lease personal information to any third party.

By using our site, you agree that we and our partners can collect and use these data. Check our and their privacy statement as stated above.

Comments

If comments are open on a post and you leave a comment, the content management system collects data shown in the comments form, such as your name and email address, and it also collects your IP address and browser user agent string to help spam detection.

We collect information about visitors who comment on Sites that use our Akismet Anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself). Check Automattic Asismet’s privacy policy here: https://akismet.com/privacy/.

An anonymized string created from the user’s email address (also called a hash) may be provided to the Gravatar service to see if the user is using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of the user’s comment, their profile picture is visible to the public in the context of their comment.

Media

Logged-in editors may upload media to this website. If you upload images to this website, you should avoid uploading images with embedded location data (EXIF GPS) included since website visitors can extract this location data from any images that they download.

Embedded Content from Other Websites

Embedded content can include videos, images, or articles. A common example is a YouTube video. Embedded content behaves in the exact same way as if you had visited the originating website. Because of this, websites associated with embedded content may collect data about you, use cookies, embed additional third-party tracking, monitor your interaction with that embedded content, and track your interaction with the embedded content if you have an account and are logged in to that website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Site Caching

This site utilizes caching in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site. All cache files are temporary, and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator, but may easily be purged by the admin before their natural expiration, if necessary. We may use QUIC.cloud services to process & cache your data temporarily. See QUIC.Cloud’s Privacy policy: https://quic.cloud/privacy-policy/.

Backups

We use JetBackup by JetApps LLC to back up the content on this WordPress website, including the database, custom post types, plugins, themes, settings, media library uploads, and selected additional files. This means any personal data stored on our hosting may also be transferred to JetApps and third-party cloud storage Microsoft OneDrive. View JetApps’ privacy policy: https://www.jetapps.com/legal/privacy-policy-and-gdpr/ and Microsoft’s OneDrive privacy policy: https://support.microsoft.com/en-us/office/how-onedrive-safeguards-your-data-in-the-cloud-23c6ea94-3608-48d7-8bf0-80e142edd1e1

Security

We use Wordfence to configure a firewall, block malicious traffic, give immediate alerts in the event of malicious activity, and enforce strong passwords. These features are essential in maintaining the security of this website and in protecting personal data. Selected personal data including visitors’ IP addresses and accessed URLs is collected and sent to Wordfence so that they may accurately administer their security services. See Wordfence’s Privacy Policy: https://www.wordfence.com/help/general-data-protection-regulation/

URL Shortener

We use Short.io to shorten this website’s and other third-party websites’ URLs. This functionality helps us to provide more user-friendly URLs and QR codes and help us to track the performance of links we share in various print and digital media. They may collect selected data, including visitors’ IP addresses and accessed URLs and time/date are collected and sent to Short.io. See Short.io’s privacy policy: https://short.io/privacy#collecting-data

MailPoet newsletter & emails

If you have subscribed to our newsletter or if you have purchased on our website, there is a good chance you will receive emails from us.

We will only send you emails which you have signed up to receive, or which pertain to the services we provided to you.

To send you emails, we use the name and email address you provide us. Our site also logs the IP address you used when you signed up for the service to prevent abuse of the system.

This website can send emails through the MailPoet Sending Service. This service allows us to track opens and clicks on our emails. We use this information to improve the content of our newsletters.

No identifiable information is otherwise tracked outside this website except for the email address.

Who we share your data with

Since this website is self-hosted, personal data gathered through it is only shared with our hosting provider WHC, QUIC.Cloud, WordFence, JetBackup, Short.io, Asismet, and Analytics service providers.

We do not share personal data for advertising or any other purposes beyond what is described in this policy.

How long we retain your data

Comments and webmentions, including their metadata, are retained indefinitely so that we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

Personal information provided by registered users of the website is stored in the relevant user profile indefinitely. All users can see, edit, or delete their own personal information at any time. Users cannot change their username but are welcome to get in touch with a website administrator if they wish to do so. Website administrators may also see and edit users’ personal information.

Please refer our service providers’ privacy policies for the duration of data retention.

What rights you have over your data

  1. The right to be informed: We inform our users about what data is being collected by displaying a link to the privacy policy clearly in our acknowledgements page, and by using as little jargon as possible in our policy.
  2. The right of access: Get in touch and we will provide you with an exported file of any data we hold about you, including data you have provided to us, and we will direct you to the third-party services listed above if your data may be held by them. If you have a WordPress account on this site, you can log in and access your account data at any time.
  3. The right to rectification: If there’s any personal data about you that should be corrected by us, please let us know and we will do our best to correct it.
  4. The right to erasure, a.k.a. the “right to be forgotten”: Let us know and we will delete all your personal data that we store and will direct you to the third-party services listed above if your data may be held by them. If you have a WordPress account on this site, you can delete your account at any time. If you have commented on the site or we hold your data for any other reason, you can request that we erase any personal data we hold about you. Please note that we cannot remove or erase data that we are obliged to keep for administrative, legal, or security purposes.
  5. The right to restrict processing: If you would like to restrict or suppress the processing of any data we hold about you, get in touch and we will work with you to accommodate this.
  6. The right to data portability: We will give you an exported copy of your data that we hold so that you can provide it to another service.
  7. The right to object: You have the right to file a complaint regarding our collection and use of your data. Please tell us first so that we have a chance to address your concerns. If we fail in this, you can address any complaint to your local data protection authorities.

How we protect your data

We use SSL encryption to protect our website traffic. Our SSL certificate is issued by Let’s Encrypt. You can recognize an encrypted connection if the URL reads https:// instead of http://. A green lock icon may also be displayed in your browser’s address bar. If you see the green lock icon, try clicking it. In many browsers, clicking the lock icon will give you further information about the website related to your privacy.

Wherever possible, we follow WordPress’s guidance regarding security and complete all CMS and plugin updates as soon as is feasible. We also use Wordfence for more advanced security features.

We avoid transmitting passwords in plain text formats such as spreadsheets, text files, or emails whenever possible, and we strive to use multi-factor authentication (MFA) for all accounts associated with this website.

Other Websites

Though we are involved in developing and maintaining others’ websites and contents while considering data privacy when offering development services, we are not responsible for the data privacy or privacy policies of other websites since we are not their data controller.

Questions and Feedback

We try to keep our privacy policy as transparent and easy to understand as possible. Please let us know if we can improve it further or if you have any other questions by emailing us.


Attributions

This privacy policy is based primarily on Piper Haywood’s Personal Website’s privacy policy and guidance provided by WordPress directly to its CMS. Piper’s dedication to providing detailed acknowledgement and privacy policy pages is commendable. 👏🏽