Tom Scott-Redford

Copyright & Privacy

Copyright

The copyright to the contents of this site is owned by Tom Scott-Redford, unless otherwise stated. Some content may be made available under Creative Commons licenses. Where this is the case, the license terms will be clearly displayed in the page footer.

© Tom Scott-Redford 2012 – 2021


Privacy

This website uses several third-party services to provide security, analytics, and performance features. This section describes these features and the personal data that they collect.

Jetpack

Automattic’s Jetpack service is used for a number of features on this site. Where personal data is collected, it is described below. ‘Site visitors’ means anyone visiting the site. ‘Logged-in users’ means anyone who logs into this site.

You can view the Automattic privacy policy in full at https://automattic.com/privacy/.


Brute Force Attack Prevention

Site Visitors

To block fraudulent login attempts, the following data is collected from site visitors who try to log in:

  • Attempting user’s IP address
  • Attempting user’s email address or username (which is entered during the login attempt)
  • All IP-related HTTP headers attached to the attempting user

This service tracks failed login attempts and sets a cookie (jpp_math_pass) that expires after 24 hours to show if a user has completed a captcha.

If your login attempt fails, your IP address, attempted username or email address, and user agent information will be saved by Jetpack.

Logged-in users

To block fraudulent login attempts, the following data is collected from logged-in visitors:

Everything collected for site visitors and:

  • IP address
  • WordPress.com user ID
  • WordPress.com username
  • WordPress.com-connected site ID and URL
  • Jetpack version
  • User agent
  • Visiting URL
  • Referring URL
  • Timestamp of event
  • Browser language
  • Country code

WordPress.com Login

Site Visitors

No data is collected for this service unless you login to this site.

Logged-in users

To enable login using WordPress.com credentials, the following data is collected from logged-in users:

  • WordPress.com user ID
  • Local user ID
  • User role
  • Email address
  • WordPress.com username
  • WordPress.com display name
  • WordPress.com-connected site ID
  • Jetpack active/inactive status
  • Jetpack version
  • WordPress.com-connected site locale/language
  • WordPress.com-connected site title
  • WordPress.com-connected site icon and URL
  • IP address
  • User agent
  • Visiting URL
  • Referring URL
  • Timestamp of event
  • Browser language
  • Country code

Site Statistics

Site Visitors

To provide anonymised usage statistics for this site, the following data is collected from site visitors:

  • IP address
  • WordPress.com user ID (if logged in)
  • WordPress.com username (if logged in)
  • User agent
  • Visiting URL
  • Referring URL
  • Timestamp of event
  • Browser language
  • Country code

Additionally, post and page views, outbound link clicks, referring URLs and search engine terms, and country are tracked. Jetpack also tracks performance on each page load that includes the JavaScript file used for Stats. This is exclusively for aggregate performance tracking across Jetpack sites in order to make sure that the plugin and code is not causing performance issues. This includes the tracking of page load times and resource loading duration (image files, JavaScript files, CSS files, etc.).

Logged-in users

No additional data is collected for logged-in users.


Google Fonts

This site uses the Google Fonts API to serve web fonts. You can view privacy information from Google at https://developers.google.com/fonts/faq2#what_does_using_the_google_fonts_api_mean_for_the_privacy_of_my_users.

No cookies are set by the Google Fonts API.


Cookies

The following cookies may be set. Not all cookies will be set in all cases.

CookiePurposeExpires After
jpp_math_passRecord that the user has successfully completed a math-based captcha.24 hours
jetpackState[message]Stores the state message passed back to the user across requests regarding feature activation.Current session
jetpackState[error]Stores the state’s error type passed back to the user across requests regarding feature activation.Current session
jetpackState[error_description]Stores the state’s error description passed back to the user across requests regarding feature activation.Current session
jetpackState[module]Stores the state’s feature name passed back to the user across requests regarding feature activation.Current session
jetpackState[privacy_checks]Stores features that may require additional privacy-related verification for private sites so that we can properly communicate these to the user.Current session
jetpackState[php_errors]Stores any PHP errors found just before PHP shuts down execution.Current session
jetpackState[deactivated_plugins]Stores the names of any standalone plugins that needed to be deactivated by Jetpack so that these can be communicated back to the user.Current session
jetpackState[network_nag]Stores a true value if Jetpack is network-activated, and the plugin needs to communicate to the user that they must connect it on each child site of the network.Current session
jetpackState[display_update_modal]Stores a true value if a modal containing information about the latest Jetpack release should be displayed in the Jetpack dashboard.Current session
jetpack_sso_redirect_toAllows for redirect URLs to be stored, which is necessary for Secure Sign On to work.1 hour
jetpack_sso_remember_meStores me values locally, rather than requiring them to be passed to WordPress.com each time.1 hour
jetpack_sso_wpcom_name_{HASH}Remembers the WordPress.com display name to show on login page.1 week or cleared after successful login
jetpack_sso_wpcom_gravatar_{HASH}Remembers URL of the Gravatar image to show on login page.1 week or cleared after successful login
jetpack_sso_original_requestStores the URL of the original login request.1 hour
jetpack_sso_nonceUsed for nonce verification.10 minutes
eucookielawRemembers the state of visitor acceptance to the use of cookies.180 days
jp-visit-counterIncrements each time a visitor frequents a page containing this block – only used to control the block visibility.180 days
wordpress_logged_in_[hash]Indicates that the current user is logged in.Current session
wp-settings-{time}-[UID]Customising the view of the user backend and site interfacesCurrent session