First, an obligatory disclaimer: I am not a lawyer (and I can not afford one). But I have spent an enormous amount of time reading through the GDPR (General Data Protection Regulation), as well as other regulations such as the Swiss Privacy Shield and the Mexican LFPDPPP (Ley Federal de Protección de Datos Personales en Posesión de Particulares), trying my best to understand them, reading articles, and modifying my systems. But at this point what I seek to accomplish is compliance with the GDPR. If you find something that is not clear enough you are very welcome to contact me at privacy@jveweb.net

When you use my websites or services, you trust me with your information. The purpose of this Privacy Policy is to help you understand:

Information collected

Currently, I am not collecting personal information. While I have Google AdSense on this site, if you are visiting from a country covered by the GDPR the advertising displayed to you is not personalized. You receive a cookie, which is necessary for the functionality of the Ads and in order to prevent fraud, but no information about you is being collected.

How can you see it, change it and/or delete the information

Whenever you visit my pages or use my services or tools, I aim to provide you with access to your personal information (see Personal Information) if any is collected. If that information is wrong, I will provide you ways to update it quickly or to delete it, unless I need to keep that information of yours for legitimate business or for legal purposes. If you desire to see if I have collected any information of you, you can write me at privacy@jveweb.net. Then I will search in my records any information related to the e-mail address, and if found, I will send you what it is that I have. Then you can request a change on it or the deletion of it. I aim to maintain my pages, services or tools in a way that protect the information from accidental or malicious modification or destruction. Because of this, once you delete information from my pages, services or tools, that information may remain in residual copies from the active services or systems or it may remain in backup systems. The fact that the information may remain in such situations does not mean that it is purposefully used, seen or modified in any way, only that it remains there because of the nature of the systems. In the case of backups for example, they are done in an automated way. This is done to preserve the reliability and accessibility of the information in the case of technical errors that may result in data loss. If such a thing occurs, the data gets restored from one of these backups, not selectively, but the whole system gets restored. There is also a log of things happening to the servers, so once a backup is restored, the same instructions that were previously performed (such as deleting your information) get executed again on the restored backup. This seldom happens, our objective is that there are no technical errors, and the backups are just a safety net.

Information that is shared

As of now, no information is shared. But there may be a need to share it with the purpose of external processing or legal reasons.

For external processing

In this case, if processing beyond the capabilities of my hardware is necessary, the information will be send to a trusted business, which, based on my instructions and in compliance with my Privacy Policy and with appropriate confidentiality and security measures, will handle the heavy processing, or as I usually call it, the "number crunching".

For legal reasons

The information will be shared with authorities if I have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to: Meet any applicable law, regulation, legal process or enforceable governmental request. Enforce applicable Terms of Service, including investigation of potential violations. Detect, prevent, or otherwise address fraud, security or technical issues. Protect against harm to the rights, property or safety of myself, my family and the people working with me, as well as the public in general as required or permitted by law.

Information security

In order to protect the information collected from unauthorized access or from unauthorized alteration, disclosure or destruction, the following measures are in place:

Encryption of all data

between your computer and these sites and/or systems utilizing TSL. Review of the information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems. Restrict access to personal information from anyone who doesn't need to use it. Anyone accessing personal information in order to process it are subject to strict contractual confidentiality obligations, and may be terminated if they fail to meet these obligations.

When this Privacy Policy applies

This Privacy Policy applies to all services where personal information is collected. This Privacy Policy does not apply to services offered by other companies or individuals making use or linking to any of the services or information on this site. With this I mean, that if you or another company embeds one of the pages or services here, then the visitors to that company's website does not automatically obtain the protections that this privacy policy offers. In such case, you can report it to abuse@whatever and the site in question may be blocked from embedding the content here if it is not compliant with the privacy standards that this site follows.

Compliance and cooperation with regulatory authorities

The Privacy Policy is regularly checked to see that it is in compliance with privacy frameworks set in place. When I receive formal complaints, I contact the person who made the complaint to follow up. If necessary, I contact regulatory authorities to ask questions if there is something that is confusing and I do my best to adhere to the highest standards in regards to privacy and data protection.

Changes

This privacy policy may change from time to time. Any right granted to you under this policy will not be removed without your consent. It has never happened but if there comes a situation where something significant has to be changed, and you no longer desire the new terms, you will have the time to prepare and search a new service, and your information will not be withhold or restricted in any way, prior to the termination of your account. Hopefully something can always be worked out with you, but I clarify this so you know that you will not be hold hostage shall you ever want to go.

Key Terms

Application data cache

"Application data cache" is a data repository (where data is stored) on a device. This device may be your computer, or any of the computers in the way between where our data is stored and your computer. Given that we are utilizing encryption between our computer and yours, then the device is very likely just your computer. Having part of this data stored in your computer allows a web application to run even if your Internet goes down. Additionally, because some of this data is already stored in your computer, the web application runs faster as it doesn’t not have to connect to our server and get again data that you already have.

Browser web storage

Thanks to the availability of storage inside of your web browser, some web applications can continue to perform between sessions. This means, that you can close the Tab, the Window, or completely shut down the computer, and when you open the web browser again, you can continue what you were doing. You can do it even if you open the browser not having access to Internet, if the web application uses the browser web storage properly.

Cookies and similar technologies

A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. The string of characters is very unique, so when you visit the website again, the cookie allows the website to know that your browser is the exact same browser that visited before. A cookie can also store your preferences, some personal information about you, and more information. This is with the intention that, when you visit the same website again, you are not treated as a person who has never been there. It is possible to delete the cookie or cookies, and you can also be notified when you are receiving a cooking from a website. If you decide to delete or block the cookies of a website, some features may not work as they are utilized for some basic functionality. For example, when you login to a website, it is thanks to the cookie that, when you open the website again or switch to a different section of the website, the site and/or system knows that it is you and that you are already connected to it.

Device

This is a computer that is used to access an online service. It may be a desktop computer, a laptop, a tablet, a smartphone or anything capable of processing data and show you information.

HTTP Referrer

When you click on a link on a website, and you go from there to a different website, the website that you arrived to receives an HTTP Referrer. This is information about where were you before you went to the new website. It contains the URL (Universal Resource Locator, or simply, a web address) of that page you were in. When you have a website, sometimes you want to see where are the people coming from. It is thanks to this HTTP Referrer information that we can see that you came from Google to this website. Or maybe somebody sent you the link via e-mail, and we see that you came from an E-mail, or maybe from a message in Google+ or Facebook. If we are receiving a considerable amount of visitors from one particular source, this enable us to better prepare for our visitors.

IP Address

Every device that is connected to the Internet is assigned a number, it is know as Internet Protocol Address, or simply IP Address. This numbers are usually assigned in geographical blocks, so they can be used to find out where a the traffic and/or the user is coming from in the world. If you visit a web site, then the website sends you the data that you request, but in order to do this, it needs to know where to send it. It sends the packages with the data to your IP address, and he infrastructure on the Internet has a system to route that data through it so it reaches you. This is why the IP Addresses are very associated with your geographical location, in the end they reach your Internet provider, and your Internet provider knows who is the person with this Address and does the last part to hand you the data.

Non-personally identifiable information

This information is recoded about an user in a way that doesn’t allow the user to be identified. For example, if you are visiting a website you may give the information: Based on that data, most likely you are the only person on that very specific IP Address who has that very specific version of Google Chrome and that very specific version of Windows. Therefore, it is easy to identify you. But if this information is store instead: Based on this information is hard to say that you were the visitor. The information is to vague to point to a single person, but for the website is good to see which country you came from, to find out which is the most used Browser of their visitors, and which is the most used Operating System of their visitors.

Personal Information

This is the information that you provide about yourself. It is possible to identify who you are based on this information, but for many things this is desired. For instance, if you fill a contact form, you will likely provide your name, your e-mail address, and maybe you telephone number in some cases. This, of course, has the purpose of being contacted by us, so if we call for example, we can ask your you and call you by your name.

Sensitive Personal Information

This is information such as confidential medical facts, political preferences, religious beliefs or sexuality. This is information that has to be highly protected, and that you should not give away unless it is for a reason and to an organization or person that you trust with your data.

Server Logs

When you visit any website, you are sending a lot of technical information to it. For example: The server logs are necessary to ensure the availability of services online. If there is a problem or a failure, it is thanks to this server logs that we can correlate features of the visitors to the failure and work out a fix for the problem. They are not kept longer than 50 months.

Unique device identifier (UUID)

This is a string of characters incorporated into devices by the manufacturers. It can be used to uniquely identify that device. One single device, for example a mobile phone or a computer, can have several UUIDs. A hard disk has a UUID and a computer can have more than one storage device.

Transport Layer Security (TSL)

This a cryptographic protocol which provide communications security over a computer network. What is allows is that the information that travels between your computer and the site or service that you are seeing online is private. Without TLS, if you submit a contact form, even a username and password, they travel in a way that can be seen and read by any computers through which the data travels. With TLS however, the information that you send is first encrypted in a way that only your destination can decrypt, and the information that the site sends is also encrypted in a way that only your computer can decrypt. For more on this, you can look into Public-key cryptography. That is what TLS is based on.