Privacy Policy

Who we are

The Thinkulum is the personal website of Andy Culbertson. Our website address is: https://www.thinkulum.net.

The Thinkulum is committed to safeguarding your privacy. Contact us at if you have any questions or problems regarding the use of your Personal Data and we will gladly assist you.

By using this site or/and our services, you consent to the Processing of your Personal Data as described in this Privacy Policy.

Table of Contents

  1. Definitions used in this Policy
  2. Data protection principles we follow
  3. What rights do you have regarding your Personal Data
  4. What Personal Data we collect and why we collect it
  5. Who else can access your Personal Data
  6. How we secure your data
  7. Information about cookies
  8. How long we retain your data
  9. What rights you have over your data
  10. Contact information
  11. Changes to this Privacy Policy

Definitions

Personal Data – any information relating to an identified or identifiable natural person.
Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
Data subject – a natural person whose Personal Data is being Processed.
Child – a natural person under 16 years of age.
We/us (either capitalized or not) – The Thinkulum and its owner.

Data Protection Principles

We promise to follow the following data protection principles:

  • Processing is lawful, fair, transparent. Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you information regarding Processing upon request.
  • Processing is limited to the purpose. Our Processing activities fit the purpose for which Personal Data was gathered.
  • Processing is done with minimal data. We only gather and Process the minimal amount of Personal Data required for any purpose.
  • Processing is limited with a time period. We will not store your personal data for longer than needed.
  • We will do our best to ensure the accuracy of data.
  • We will do our best to ensure the integrity and confidentiality of data.

Data Subject’s rights

The Data Subject has the following rights:

  1. Right to information – meaning you have to right to know whether your Personal Data is being processed; what data is gathered, from where it is obtained and why and by whom it is processed.
  2. Right to access – meaning you have the right to access the data collected from/about you. This includes your right to request and obtain a copy of your Personal Data gathered.
  3. Right to rectification – meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
  4. Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
  5. Right to restrict processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
  6. Right to object to processing – meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
  7. Right to object to automated Processing – meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
  8. Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
  9. Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled please contact us.
  10. Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
  11. Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data.

What Personal Data we collect and why we collect it

Access logs

When you visit the pages of this website, for each item you access we record your IP address, the time of access, the browser user agent string, and the URL that led you to that page. Read about website access logs here: https://httpd.apache.org/docs/2.4/logs.html.

Comments

When visitors leave comments on the blog, we collect the data shown in the comments form and also the visitor’s IP address and browser user agent string to help spam detection.

Comments on the wiki are handled by a third party, Disqus. See the section Who else can access your Personal Data.

Contact forms

When visitors send us a message through the contact form, we collect the data shown in the form and the visitor’s IP address.

Who else can access your Personal Data

When you post a comment on the blog, an anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Visitor comments on the blog are checked through Akismet, an automated spam detection service. The Akismet privacy policy is here: https://automattic.com/privacy/.

When you post a comment on the wiki, the data is processed by Disqus. See the Disqus privacy policy here: https://help.disqus.com/terms-and-policies/disqus-privacy-policy.

If you have subscribed to blog updates via email or you access the blog’s feed URL, the feed and the subscription are handled by Google feedburner. See the Google privacy policy here: https://policies.google.com/privacy.

Web hosting is provided by Webby Enterprises, LLC: https://www.webbytech.net/.

Website backups are backed up using Dropbox. To learn about the security of Dropbox file storage, see the Dropbox privacy policy here: https://www.dropbox.com/privacy.

We disclose your Personal Data to third parties or public officials when we are legally obliged to do so.

How we secure your data

We do our best to keep your Personal Data safe.  We use safe protocols for communication and transferring data (such as HTTPS). We use anonymizing and pseudonymizing where suitable. We monitor our systems for possible vulnerabilities and attacks. We create periodic backups of the website, including any visitor comments, to restore its data in case the data is deleted or modified due to hardware or software failure or an attack.

Even though we try our best we can not guarantee the security of information. However, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.

Children

We do not intend to collect or knowingly collect information from children. We do not target children with our services.

Cookies

A cookie is a tiny text file stored on your computer. Cookies store information that is used to help make sites work. Only we can access the cookies created by our website. You can control your cookies at the browser level. Choosing to disable cookies may hinder your use of certain functions.

You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.

We use cookies for the following purposes

If you leave a comment on our site, you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Embedded content most commonly comes from the following sources. For the privacy policy of each service, visit the link after the service name:

The contact form uses Google’s reCAPTCHA service to protect against automated spam messages. See the Google privacy policy here: https://policies.google.com/privacy.

The search form uses Google’s custom search service. See the Google privacy policy here: https://policies.google.com/privacy.

How long we retain your data

The records of your visit in the access log are retained for up to one month.

If you leave a comment on the blog, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

If you send us a message through the contact form, your message, its metadata, and any personal information it contains are retained in our email system indefinitely or until you request that we delete it. This is so we can refer to it for the purpose of future communication with you.

What rights you have over your data

If you have left comments on the blog, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.

You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

You can perform these actions on the Privacy Tools page: https://www.thinkulum.net/blog/privacy-tools/.

Contact Information

You may contact us through the contact form here: https://www.thinkulum.net/blog/contact/.

Supervisory Authority

This website is located solely within the US and thus has no European supervisory authority. If you are an EU resident, see here for the contact information for your country’s data protection authority: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

Changes to this Privacy Policy

We reserve the right to make changes to this Privacy Policy.
Last modification was made 7/18/2021.