Privacy is something I take very seriously and I make every attempt to limit the amount of information the site collects and who it is shared with. Below, I’ve broken down all of the areas where data is collected, why it is collected, and with whom it is shared.
But please reach out if you have any questions about this policy or anything else on Initial Charge. I’d be more than happy to answer all that I can.
This page was most recently updated on November 26, 2020.
Communication
Emails are kept private, but I may want to quote something you’ve sent me from time to time. In those instances, I’ll ask for permission before publishing. And if you’ve emailed me about incorrect information that I’ve published, I will ask if it’s okay to use your name to credit the correction or clarification.
If you or your weblog sends a pingback to Initial Charge, the ping and its metadata are retained indefinitely. These pings are published through WordPress’ built-in comments RSS feed, but if you’d like me to delete an individual ping that you’ve sent, please let me know.
Analytics
Initial Charge utilizes Jetpack’s WordPress.com Stats module to track analytics, which uses the following data: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Do note, though, I do not have access to any of this information via this feature. For example, WordPress.com Stats will let me see that a specific article has some number of page views, but I cannot see which specific users/accounts viewed that article. Stats logs — containing visitor IP addresses and WordPress.com usernames (if available) — are retained by Automattic for 28 days and are used for the sole purpose of powering this feature.
The following activity is tracked by WordPress.com Stats: Post and page views, outbound link clicks, referring URLs and search engine terms, and country. Jetpack also tracks performance on each page load that includes the JavaScript file used for tracking stats. This is used by Automattic exclusively for aggregate performance tracking across Jetpack sites in order to make sure that their plugin and code is not causing performance issues. This includes the tracking of page load times and resource loading duration (image files, Javascript files, CSS files, etc.).
I’ve configured the WordPress.com Stats module to honor Do Not Track. If you’d like to enable Do Not Track in your browser, you can find instructions for some of the most popular web browsers below:
Unfortunately, Safari no longer supports Do Not Track. But if you’d like to improve your privacy while browsing with Safari, you can refer to Apple’s support page regarding the topic for macOS and iOS/iPadOS. You may also be interested in using a content blocker, which will prevent your visits from being tracked on Initial Charge and other site’s throughout the web.
Referral Policy
Initial Charge utilizes Referrer-Policy headers, set to strict-origin-when-cross-origin. With this configuration the origin, path, and querystring are sent when performing a same-origin request. When performing a cross-origin request with a matching protocol security level, only the origin is sent (HTTPS to HTTPS). However, no referrer header is sent at all when performing cross-origin requests to any less-secure destinations (HTTPS to HTTP).
Affiliate Links
Prior to June 2020, links to iTunes, the App Store, and Amazon typically included an affiliate code. This allowed me to earn a small commission when sales resulted from visitors who followed these links. However, all links to these services published after that time do not include the affiliate code and no commissions will be earned from them.
Cookies and Login Protection
If you visit Initial Charge’s login page, WordPress automatically sets a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
In order to check login activity and potentially block fraudulent attempts, Jetpack’s Protect module uses the following information: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user. This data is also synced to Jetpack’s servers.
Failed login attempts (these include IP address and user agent) are tracked. We also set a cookie (jpp_math_pass) for one day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. You can learn more about this cookie on Jetpack’s support page regarding the Protect feature.
Email Subscriptions
To initiate and process subscriptions, the subscriber’s email address is used. In the event of a new subscription being initiated some basic server data is also collected, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data is used for the exclusive purpose of monitoring and preventing abuse and spam.
Functionality cookies are set for a duration of 347 days to remember a visitor’s weblog and post subscription choices if, in fact, they have an active subscription.
