Privacy Policy

This privacy policy was lasted updated on 27th August 2022.

Table of Contents

Who we are

Our website address is:

What personal data we collect and why we collect it


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. We use Akismet as our spam detection service. The Akismet privacy policy is available here:

We may provide an anonymized string created from your email address (also called a hash) to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, we will strip any embedded location data (EXIF GPS). This is because visitors could otherwise download and extract any location data from images on the website.

Contact forms

If you send us a message using our Contact Us form, we will treat your message as confidential unless you specifically tell us otherwise. If you send us a photo or document, we will also assume these are confidential unless you specifically give us permission to publish them on the site.

Newsletter subscription forms

If you choose to subscribe to our newsletter and supply your name and e-mail address, we will direct your browser to the website of our e-mail subscription service provider (Mailchimp). They will collect the information you supplied and any other information in accordance with their privacy policy and then return you to this site.


When you first visit this site a banner appears at the bottom of the screen asking whether you want to allow statistical and profiling cookies to be stored in your browser. The remainder of this section explains what happens if you allow these cookies to be stored.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and when you close your browser it disappears.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

At any time you can change your cookie preferences by clicking the button below to bring back the banner that showed when you first visited the site:

[wt_cli_manage_consent] may set the following cookies in your browser whenever you visit our site:

[cookie_audit columns=’cookie,duration,description’]

Embedded content from other websites

Some websites offer embeddable content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

We do not use embeddable content from other websites on this site because these websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Share buttons on our site are all simple links. We do not use the javascript snippets from social sites because these usually allow the destination site to track your browsing even if you do not choose to use their service.


We use a self-hosted Matomo installation to compile marketing and performance statistics for this site. We make information that we store in this system anonymous by setting the last byte of your IPv4 address to zero (so becomes meaning that your individual premise is no-longer identifiable).

No Sale of User Information

We never sell user information under any circumstances.

Who we share your data with

We pass some information to third parties to help design our services better for our visitors, to secure the site from nefarious actors on the internet and to combat spam:

OrganizationPurposePrivacy Policy
AkismetSpam detection during comment entryRead
GravatarDisplay of avatar images for users with Gravatar accountsRead
AbuseIPDBReporting of abusive IPsRead
Bunny CDNStatic file caching serviceRead
MailChimpE-mail subscription serviceRead
Services that receive data from this site

We may check visitor comments through an automated spam detection service. We currently use Akismet for this purpose.

Your contact information


If you register with this site and create a profile you will be able to choose how your name appears on the site by choosing a nickname that overrides the display of your real name.

If you wish us to delete your personal information from our site you can request this by contacting us at We will then send out an e-mail with a link to confirm the request. When you click on the link we will delete or anonymize any data on the site that relates to you.

How long we retain your data

If you leave a comment, we retain the comment and its metadata indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

IP addresses are monitored for security purposes and infractions from the same IP address result in a ban on access from that IP address.

The web server stores access logs which include full IP addresses for up to 31 days.

Our backup systems write backups to a remote location. These backups are retained for up to 31 days and include the log files mentioned above. This means that an IP address can be recovered from the backups from up to 62 days before the current date.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Additional information

How we protect your data


We use best practice coding standards and peer code reviews to ensure new commits to our repository have been reviewed for security before being released in a new build. All code is written to protect against common attack vectors such as SQL Injection and XSS attacks.

Access to User Data

Access to user data is on a ‘need to access’ basis only. We treat all customer data as sensitive, and we’ve implemented stringent controls governing this data.

Only authorized employees have access to user data. We do not allow third party employees or contractors to access user data.

Unauthorized or inappropriate access to user data is treated as a security incident and managed through our incident management process. This process includes instructions to notify affected customers if a breach of policy is observed.

What data breach procedures we have in place

If we are the subject of a data breach we carry out the following procedures:

  1. Within 72 hours we will inform the relevant supervisory authority:
    1. describing the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
    2. communicating the name and contact details of the data protection officer or other contact point where more information can be obtained;
    3. describing the likely consequences of the personal data breach;
    4. and describing the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
  2. Document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken. That documentation shall enable the supervisory authority to verify compliance with relevant law.
  3. In accordance with relevant law, the controller shall communicate the personal data breach to the data subject without undue delay. This communication shall describe in clear and plain language the nature of the personal data breach.

What third parties we receive data from

We do not receive user data from any third parties.

What automated decision making and/or profiling we do with user data

All comments are moderated. If a visitor has previously had comments approved it may affect approval of additional comments.

Industry regulatory disclosure requirements

This website is not a member of a regulated industry.

Revisions to this privacy policy

This privacy policy is subject to change without notice. Any changes will be logged at the bottom of this page.

30th Oct 2021Added IP-related information retention policy
Added Table of Contents.
5th Nov 2021Unified the sections ‘Who we share your data with’ and ‘Where we send your data’.
Added ‘PHPSESSID’ to the table off cookies.
28th Dec 2021Removed reference to Google Analytics following move to Matomo on-premise analytics.
3rd Jan 2022Removed Matomo opt-out iframe after move to cookie-less aggregated tracking.
Removed reference to geolocation service after removal of cookie banner.
10th Apr 2022Removed Your Contact Information > Comments as it duplicated part of What Personal Data We Collect > Cookies.
1st May 2022Replaced ‘Smart Cookie Kit’ plugin with ‘GDPR Cookie Consent’ plugin — cookie info updated accordingly.
6th May 2022Added ‘No Sale of User Information’ section.
Modified the example IP address to illustrate zero fourth byte.
Corrected some spelling and grammatical errors.
10th July 2022Changed section ‘What third parties do we receive data from’ to reflect non-receipt of user data.
Replaced hand written table of cookies with table automatically produced by GDPR Cookie Consent plugin.
27th August 2022Added Mailchimp as an entity with whom we share data.
Added newesletter subscription forms to data that we collect from users.
Revisions to this page