ethanyoo.com/content/privacy.md

---
title: Privacy policy
date: 2020-11-08
layout: permalink
description: "You should always try to understand the privacy policy."
---

I do not use any analytics platforms or advertising services, including Google AdSense, Google Analytics, or Matomo.

There are no external dependencies or resources, including Google Fonts or social media (e.g., Facebook, Twitter, embedded YouTube videos).

I do not have access logs enabled. [Access logs](https://httpd.apache.org/docs/current/logs.html) typically include IP addresses, operating system information, the internal pages and resources requested, and time of access.

Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.**

Your connection to this website is secured by, among other settings, HTTP Strict Transport Security (HSTS) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://observatory.mozilla.org/)

Your email address is considered personal information under, for example, the [California Consumer Privacy Act of 2018.](https://www.oag.ca.gov/privacy/ccpa) That being said, I have no interest in sharing *anyone's* information with third parties.

If you do contact me, you're not required to use a real name or a permanent email address. `1D2E ED2F 9D90 6875 C4F4 DAD2 068C 9178 672B A80E` is the fingerprint for my OpenPGP key, which you can find in the footer. *Don't feel obligated to start using OpenPGP to contact me!* Where a response is required, I can also [set up a temporary inbox.](https://kb.mailbox.org/display/MAILBOX/Temporary+mailbox+for+external+users) If you're wondering why encryption is so important, consider reading ["Why we encrypt" by Bruce Schneier.](https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.html)

*First posted on November 8, 2020*

*Updated on December 11, 2020 after disabling access logs*
Reset repository one last time (October 2021) 2021-10-04 12:20:20 +00:00			`---`
			`title: Privacy policy`
			`date: 2020-11-08`
			`layout: permalink`
			`description: "You should always try to understand the privacy policy."`
			`---`

			`I do not use any analytics platforms or advertising services, including Google AdSense, Google Analytics, or Matomo.`

Update privacy policy: Clarify external dependencies 2022-03-01 16:55:43 +00:00			`There are no external dependencies or resources, including Google Fonts or social media (e.g., Facebook, Twitter, embedded YouTube videos).`
Reset repository one last time (October 2021) 2021-10-04 12:20:20 +00:00
			`I do not have access logs enabled. [Access logs](https://httpd.apache.org/docs/current/logs.html) typically include IP addresses, operating system information, the internal pages and resources requested, and time of access.`

			Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have disabled prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. If you click on an external link, you are still subject to the privacy and security policies of that outside website.

			`Your connection to this website is secured by, among other settings, HTTP Strict Transport Security (HSTS) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://observatory.mozilla.org/)`

			`Your email address is considered personal information under, for example, the [California Consumer Privacy Act of 2018.](https://www.oag.ca.gov/privacy/ccpa) That being said, I have no interest in sharing anyone's information with third parties.`

			If you do contact me, you're not required to use a real name or a permanent email address. `1D2E ED2F 9D90 6875 C4F4 DAD2 068C 9178 672B A80E` is the fingerprint for my OpenPGP key, which you can find in the footer. Don't feel obligated to start using OpenPGP to contact me! Where a response is required, I can also [set up a temporary inbox.](https://kb.mailbox.org/display/MAILBOX/Temporary+mailbox+for+external+users) If you're wondering why encryption is so important, consider reading ["Why we encrypt" by Bruce Schneier.](https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.html)

			`First posted on November 8, 2020`

			`Updated on December 11, 2020 after disabling access logs`