Skip to content

Collected data

This page should give you an overview about who gets data from you.

What you are connecting to (at least sometimes):

– wordpress.com (obviously, my blog lives on a wordpress.com address)
– wp.com (belongs to wordpress and hosts data, like the theme)
polldaddy.com (run by the same company as wordpress.com; used for polls and ratings)
– [secure.]gravatar.com (it’s where my profile picture is hosted, commentators profile pictures, too)
– twitter.com
– scorecardresearch.com (researches trends and behavior; I can’t disable it)
– quantserve.com (aka Quantcast; I can’t disable it)
– cloudfront.net (Can’t disable that either)
creativecommons.org
– google-analytics.com (Anylytics, appears to be on any blogging platform)
– audienceamplify.com (Related to advertisement)

You may see advertisements, which are not controlled by me*:

– Google Adsense (I saw this one)
– Googleadservices.com (I saw this one)
– Googlesyndication (I saw this one)
– openx.net (I saw this one)
– invitemedia.com (to be expected)
– Federated Media (to be expected)
– Sharethrough (to be expected)
– there might be others, lot’s of others.

When you are logged into wordpress.com the following is added to the list above:

– gravity.com (it aims to improve what content gets recommended to you; I can’t disable it)
– kissmetrics.com (another tracker to improve service, which I can’t disable)
When you see other connections please contact me.

* In fact I’m not allowed to advertise here and I never planned to do so anyway, wordpress.com needs to make money; and why shouldn’t they?!

I picked the sharing services carefully to avoid more default connections than already present. It should be obvious that the sharing sites get data from you when you share a post through that service. Social sharing services I can’t include without sending data to them are Facebook and Google+, because those load external resources even when you just read a post. Pinterest might do that as well so I disabled that.

I removed the Twitter icon from the header; it didn’t do anything bad at all, but it’s useless right now and could be called misleading since the header says “Follow:”, while you can’t follow me on Twitter.

As of 2012-11-19 the following for people who aren’t logged in has been disabled. RSS, which is more privacy preserving anyway, still works. Please note that it is still possible to follow comments and the blog via email.

As of 2012-12-01 the CC license logo is “cached” on wordpress, so your browser does not connect to creativecommons.org to fetch the logo. I found creativecommons.org to be acceptable for every page you visit on this blog. However it was not necessary to fetch the image from their domain, so I simply stop doing that. Therefore I also struck creativecommons.org through. Please note that clicking the icon will take you to the license text on creativecommons.org and that this is intended.

As of 2012-12-17 I disabled rating on posts, comments and pages (which I had enabled 17 days earlier), because it broke SSL/TLS connections. This disables the connection to polldaddy.com with I struck through in the list above.

I internally tested if polls would break SSL as ratings did and since it turned out to be the case I don’t consider using polls at this point. This means no connections to polldaddy will be made.

To avoid connections to even more sites I do not embed videos.
I link to them so it’s up to you to watch them there.

Collected stats:

Please note that none of these are collected on my behalf.

WordPress.com collects stats, but they see you anyway. Haven’t seen that I’d be able to disable them. I can see some of the data, but I’m not going to publish them.

WordPress.com seems to collect the following data: browser type, referring URL, search queries, time/date and the IP address. Anonymous and “aggregated” data will be shared with third parties. I’m only able to see some of them. I don’t know how long the data will be kept.

Scorecardresearch collects browser type, operating system, page views, time/date and partial IP address. The raw data will be stored for a maximum of 90 days. The data will be “aggregated” and will be shared with third parties. The “aggregated” data will be stored for a maximum of 15 months. I have no access to them.

Quantserve (aka Quantcast) collects browser type, referring URL, search queries, time/date and partial IP address . Anonymous and “aggregated” data will be shared with third parties. The data will be kept for 13 months. You can opt-out. I have no direct access to them, but can see the public information, correct or not, like anyone else. I signed up to their service but I don’t appear to be able to see more information than already public.

Gravity.com collects (remember only when you logged in) browser type, operating system, search queries, page visits, time/date, ads clicked and IP address. Remember that this is only the case when you are logged in. They seem to rely on what the third-party – in this case wordpress.com – gives them. “Anonymous” data will be shared with third parties. I have no access to them. You can opt-out of tracking.

Kissmetrics.com collects (remember only when you are logged in) browser type, operating system, page views, time/date and IP address. “Aggregated” data is shared with third parties.

All tracking seems to rely on JavaScript. My site seems to work without JavaScript. Disabling JavaScript for privacy reasons – in this case – might be OK, but for anonymity it might be not.

Cookies:

WordPress.com sets a cookie, that is used for .wordpress.com, which means it’s used to identify a user across all .wordpress.com websites. The cookie is valid for almost five years.

Quantserve.com sets a cookie, that is used for .quantserve.com to identify a user. The cookie is valid for almost five years.

Scorecardresearch.com sets two cookies, which are used for .scorecardresearch.com to identify a user. The cookies are valid for almost two years.

Gravity.com did not set a cookie for me, although their privacy policy tells you that they make use of cookies. A cookie, if any, should be set only when you are logged in.

Kissmetrics.com may set a cookie. Their privacy policy states so. A cookie, if any, should be set only when you are logged in.

roastedonion.wordpress.com sets cookies if you rate a blog post, a page a comment, per item. This should prevent double-voting. The cookies are valid for over 230 (two-hundred-thirty) years. (has been disabled)

Polls make use of cookies if you participate. Polls were note and will not be used at this point due to SSL breakage.

Resources that serve the advertisements may also set cookies, have not seen this happening though.

Anti SPAM / SPAM-Filter:

There is no default connection, but every comment you make will be screened by “Akismet”. Therefore they see your comment, which will be public anyway. The also can see your IP address. I can’t disable the SPAM-Filter. Also I consider it useful, because it’s an efficient SPAM filter. They don’t store any comments unless you leave a legit comment which gets identified as SPAM and I mark it as false positive.

To make this appear less messy I moved what I can see.

Advertisements