It’s my policy to respect your interest in the privacy of any information I obtain about you on account of your use of Letters Blogatory. This privacy policy describes how I do that.

Website Visitors

Like most website operators, I collect non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. My purpose in collecting non-personally identifying information is to better understand how my visitors use Letters Blogatory. From time to time, I may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of Letters Blogatory.

I also collect potentially personally-identifying information like Internet Protocol (IP) addresses of visitors. I only disclose IP addresses under the same circumstances that I use and disclose personally-identifying information as described below.

Gathering of Personally-Identifying Information

Certain visitors to Letters Blogatory choose to interact with the website in ways that require me to gather personally-identifying information. The amount and type of information that I gather depends on the nature of the interaction. For example, commenters must provide a valid email address and a name, and email subscribers must provide a valid email address. In each case, I collect such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with Letters Blogatory. I do not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.

Protection of Certain Personally-Identifying Information

Except as noted below, I disclose potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when I believe in good faith that disclosure is reasonably necessary to protect my property or rights.

If you are a Letters Blogatory contributor or email subscriber, I may occasionally send you an email to solicit your feedback or just keep you up to date with what’s going on with Letters Blogatory. I take reasonable measures to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.


A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. I use cookies to help identify and track visitors, their usage of Letters Blogatory, and their website access preferences. Letters Blogatory visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using Letters Blogatory, with the drawback that certain features of Letters Blogatory may not function properly without the aid of cookies.

Third-Party Tracking

Letters Blogatory permits third parties such as Twitter, Facebook, LinkedIn, or Google Plus to track your visits to Letters Blogatory only if you opt in. At the bottom of each post, you will find “social sharing” buttons that are inactive until you click them. If you wish to share a Letters Blogatory post on one of these social networks, you can do so by clicking the appropriate button. By doing so, you will permit that social network to track your visit at Letters Blogatory. This Privacy Policy does not cover third-party tracking by social networks in cases where you choose to permit such tracking.

Because Letters Blogatory allows third-party tracking only if you affirmatively opt in, Letters Blogatory complies with the proposed Do Not Track standard. Note, however, that the proposed standard only applies to third-party tracking. Letters Blogatory will track your visit using my first-party analytics software even if you set your browser to use the DO NOT TRACK header. But because I use first-party software that runs on my own server rather than a third-party service such as Google Analytics or Statcounter, no third party will have access to my analytics data about your visit.

Letters Blogatory uses OCSP stapling. While the main purpose of using this technique is improved performance, not enhanced privacy, one benefit of the technique (for those readers who use modern browsers) is that my certificate authority will not receive information about your visit to Letters Blogatory, as all OCSP queries will originate from my server, not from your computer.

In order to overcome some technical problems, I publish my RSS feed via Google’s Feedburner service. Thus if you subscribe to my RSS feed, some information regarding your use of the feed may be available to Google.

Also, for technical reasons, I use SendGrid to send my daily newsletters to subscribers via email. Thus if you subscribe to my newsletter, some information regarding your use of Letters Blogatory may be availalbe to SendGrid.

Security Of Your Communications With Letters Blogatory

This section describes the steps I take to attempt to ensure that no third party can view the contents of communications you receive from Letters Blogatory or communications that you send to Letters Blogatory (e.g., via my contact page).

All communications between your web browser and my server are encrypted end-to-end using TLS. This means that only my server and your server can read the data exchanged between the two servers, including the particular URL requested. In other words, while a third party may be able to determine that your server has sent a URL to my server and received data in response, it would not be able to determine the particular URL you typed into your browser. If you are interested in seeking to prevent third parties from knowing that you are communicating with my server, you may want to consider using TOR.

I use DNSSEC and DANE to provide some assurance that a malicious person has not misdirected your request to a different server or substituted its own TLS certificate for mine. You can use a browser plugin to take advantage of these protocols.

My email server is configured to communicate securely with other email servers. However, because your email server may not be properly configured, I can’t promise that email communications with a email address are encrypted. However, messages sent via my contact page are encrypted end-to-end, just like any other data transmitted via HTTPS.

While this policy explains the steps I take to secure your communications, I make no promises that these steps will work!

Privacy Policy Changes

Although most changes are likely to be minor, I may change this Privacy Policy from time to time, and in my sole discretion. I encourage visitors to frequently check this page for any changes to the Privacy Policy. Your continued use of Letters Blogatory after any change in this Privacy Policy will constitute your acceptance of that change.

Change Log

Version Date Description
3/4 28 Sept. 2015 Add SendGrid and OCSP stapling provisions.
3.3 23 Feb. 2015 Add Google Feedburner disclosure.
3.2 22 Jan. 2015 Removed Amazon disclosures (again).
3.1 25 Nov. 2014 I think I’m done fiddling for the time being; I have modified the Amazon disclosures and added language about DNSSEC and DANE to the security section.
3.0 16 Nov. 2014 Add Do Not Track disclosure; add section on security of communications
2.8 14 Nov. 2014 Add modified Amazon disclosures
2.7 10 Jun. 2014 Remove Amazon disclosures (at least temporarily!)
2.6 8 Jan. 2014 More Amazon disclosures.
2.5 8 Dec. 2013 Move commenter requirements from here to Terms of Service page.
2.4 6 Oct. 2013 Add Amazon SES disclosure.
2.3 15 Sept. 2013 Modify PII section.
2.2 5 May 2013 Modify the social sharing language.
2.1 23 Apr. 2013 Remove a sentence from the Automattic policy that was inapplicable; remove Pingdom provision; include pseudonym provisions from the prior policy.
2.0 21 Apr. 2013 Major restatement of the policy

This privacy policy is derived from the Automattic, Inc. privacy policy and is used with permission.

Leave a Reply

Your email address will not be published. Required fields are marked *