Skip to main content

PacoChan's Website Privacy Policy

Table of Contents

Miguel Rivera (PacoChan) operates the website.

This page is used to inform visitors regarding my policies with the collection, use, and disclosure of Personal Information if anyone decided to use my website.

If you choose to use my website, then you agree to the collection and use of information in relation to this policy. The Personal Information that I collect is used for providing and improving the Service. I will not use or share your information with anyone except as described in this Privacy Policy.

Information Collection and Use #

Contact Form #

This website has a contact form that allows users to contact me in case they have any question or comment about the contents offered in the website.

I will only use your personal information (Name and Email) to respond via email to the user. Your personal information will never be shared with third parties for marketing purposes and will not be used by for marketing purposes without your explicit consent.

The contact form uses a third-party service called FormSubmit and this is their Privacy Policy.

Comments #

This website uses the self-hosted, open source and privacy-focused Remark42 commenting engine, which allows users to post comments in different pages of the website.

The Remark42 authors claim the following privacy features:

  • Remark42 is trying to be very sensitive to any private or semi-private information.
  • Authentication is requesting the minimal possible scope from authentication providers and all extra information returned by them is immediately dropped and not stored in any form.
  • Generally, Remark42 keeps user ID, username and avatar link only. None of these fields exposed directly - ID and name hashed, avatar proxied.
  • There is no tracking of any sort.
  • Login mechanic uses JWT stored in a cookie (HttpOnly, secured). The second cookie (XSRF_TOKEN) is a random ID preventing CSRF.
  • There is no cross-site login, i.e., user’s behavior can’t be analyzed across independent sites running Remark42.
  • There are no third-party analytic services involved.
  • Users can request all information Remark42 knows about them and receive the export in the gz file.
  • Supports complete cleanup of all information related to user’s activity by user’s “deleteme” request.
  • Cookie lifespan can be restricted to session-only.
  • All potentially sensitive data stored by Remark42 hashed and encrypted.

Authentication is provided by third-party services. Authentication is only required for posting comments, reading comments does not expose your data to any third-party services. These are the privacy policies of the currently provided authentication services:

This is the Remark42 Privacy Policy.

Statistics #

For website usage statistics, I use Umami, an open source, privacy-focused and self-hosted analytics system. According to their FAQ, Umami does not collect any personally identifiable information and anonymizes all data collected. Users cannot be identified and are never tracked across websites. It does not use any cookies either and is GDPR compliant.

I have configured Umami to respect the user’s Do Not Track setting and to track the following data:

  • Visited pages
  • Referrer
  • Browser
  • Operating system
  • Device
  • Country, region and city
  • Language
  • Screen dimensions

This data is not to identify individual users but to get a rough idea of the most visited pages.

This is the Umami Privacy Policy, though it is focused on their analytics hosting services.

Hosting #

The website is hosted on Github Pages, and according to the About GitHub Pages page, the visitor’s IP address is logged and stored for security purposes regardless of whether the visitor has signed into GitHub or not. Here’s the full Privacy Policy.

The self-hosted services mentioned in the previous section are hosted by the author of this website on Hetzner Cloud with datacenters in Germany.

Cookies #

Cookies are files with small amount of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your device.

The website itself does not store any cookies. But for visitors authenticated to the Remark42 commenting engine, it will store two cookies: one containing login information, and one random (XSRF_TOKEN) to prevent cross-site scripting. Both cookies are required for correct functionality of the commenting system. The cookies are limited to the subdomain and are not passed to any 3rd parties.

Links to Other Sites #

This website contains links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by me. Therefore, I strongly advise you to review the Privacy Policy of these websites. I have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children’s Privacy #

This website does not address anyone under the age of 13. I do not knowingly collect personally identifiable information from children under 13 years of age. In the case I discover that a child under 13 has provided me with personal information, I immediately delete this from the servers. If you are a parent or guardian and you are aware that your child has provided me with personal information, please contact me so that I will be able to do the necessary actions.

Changes to This Privacy Policy #

I may update the Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. I will notify you of any changes by posting the new Privacy Policy on this page.

This policy is effective as of 2023-11-16.

Contact #

If you have any questions or suggestions about my Privacy Policy, do not hesitate to contact me through the contact form.