Legal and Privacy

Owner and author of elkement.blog is:
Dr. Elke Stangl c/o punktwissen Proyer & Stangl OG
Consulting Engineers – Applied Physics and IT
Address: Arbeitergasse 24, 7012 Zagersdorf, Austria

Website: https://punktwissen.at/
E-Mail: elke [at] punktwissen [dot] at

Commercial Register FN 269189 t, Commercial Court Eisenstadt, Austria
VAT-ID ATU62063224. Information required as per Austrian e-Commerce Law (ECG)

Using of content published on elkement.blog

You must not re-use my content (text or images) in your websites or documents without my consent. Attribution only is not sufficient. Exception: Previews of small images and short snippets of texts as created by social media sharing tools.

I provide technical information on this website without warranty, and I might make changes to articles in the future. Use my advice in your systems at your own risk. I link to external sites and try to fix broken links, but I can’t check links frequently – be aware of risks.

Data privacy for wordpress.com blogs

This blog is hosted on wordpress.com (Automattic) which means I have limited options to make technical changes. I once picked this platform deliberately over a self-hosted version – not because I am not able to manage a web server but because I worked in IT security long enough and I know exactly what this entails.

WordPress (WP) is currently working on making blogs compliant with the upcoming General Data Protection Regulation, and this page is work in progress, too, as I try to keep up with announcements.

Last change of this page: 2018-04-12: I’ve detailed the description of features (below) that are related to user tracking, scripts, storage of users’ data.

Storing users’ personal data

As a reader of this blog, you don’t need to provide any personal data and you don’t need a WP account. If you are logged on to WP, your identity is indicated with likes and comments. If you comment as a non-WP user, you can make up an e-mail address and a user name (Of course, e-mail notifications for replies will not work then). However, your IP address is logged for security reasons, as well as the entered e-mail address and user name. I don’t process these data, but they are shown to me in the WP admin console.

If you follow my blog or comments via e-mail, WordPress will store your e-mail address. You can unsubscribe given the information in the notification e-mails.

As a WP blog admin I don’t have access to technical server logs and IP addresses of viewers. I only see aggregate statistics with information about e.g. viewers per day, but I cannot identify individual users.

WordPress, Gravatar, Jetpack plugin, and their cookies and tracking

WP / Automattic may track WP users cross different WP sites by using scripts or cookies related to WP or Gravatar. For details see the WordPress.com Cookie Policy  – this page also gives advice on blocking cookies. If you turn off all scripts and forbid all third-party cookies – e.g. by setting all of Brave browsers shields to ‘up’ – the content will still show fine. The WP platform and Automattic also uses scripts hosted on or cookies related to [name].wordpress.com, [name].wp.com, and [name].gravatar.com.

Gravatar is a ‘platform’ used to display icons associated with WordPress users and their e-mail addresses. It facilitates to show a unique thumbnail icon for every WordPress user who likes / comments / blogs, but it also creates an icon for non-Wordpress commentators – from a hash of the e-mail address they enter.

Jetpack is a plugin automatically installed on hosted WordPress.com blogs, and it provides e.g. social functionality – likes, comments – security, and statistics. By the beginning of April they released a GDPR-related features for WordPress.org so I expect upcoming changes for the hosted version.

Content on other domains

Images for elkement.blog are hosted by WP at elkement.files.wordpress.com and the secondary name of this site is elkement.wordpress.com.

I am also embedding images from upload.wikimedia.org in some posts according to allowed terms of usage.

Tracking by social media platforms

Social media buttons shown at the end of each post might set cookies or allow tracking of users in some way (E.g.: Calls to graph.facebook.com). I removed social media buttons per 2018-04-12, but I expect that WordPress / Jetpack’s social features will add compliant functionality. This blog’s main page may call the Twitter widget script on platform.twitter.com but the actual widget is not used. For details see the privacy statements of the platforms involved: Facebook, Google, Twitter, LinkedIn.

Embedded videos

A few articles showed embedded Youtube videos. If such an article was displayed Youtube (Google) cookies could be set and the server of the ad network doubleclick.net was contacted. I removed all embedded videos per 2018-04-12.

_________________________________

Once upon a time, there were funny concluding remarks: About how unsubversive this page is, for a Subversive Element. I removed if because this is not fun any more.