Privacy Policy

Last updated: 11/30/2025

This privacy policy explains what personal data we collect, how we use it, and the choices you have about your information when using this website and services (the "Site"). The Site is operated by you; please replace the contact information below with your preferred contact details.

1. Information We Collect

  • Account and profile information: when you register an account we collect information you provide such as username and email address. Passwords are stored only as salted hashes.
  • Content you create: blog posts, comments, profile text and other content you submit are stored in our database and published according to your settings (draft vs published).
  • Uploaded files: featured images and other uploaded media are stored using a third‑party object storage provider (configured via environment variables, e.g. DigitalOcean Spaces). Uploaded filenames and public URLs may be stored in the database.
  • Cookies and session data: we use cookies and server-side sessions to authenticate users and provide the admin experience. Session data is stored in our MongoDB session store.
  • Logs and technical data: server logs (IP address, user agent, timestamps) and error reports are collected for security and debugging purposes.

2. How We Use Your Data

  • To provide and operate the Site (user authentication, content management, file uploads).
  • To communicate with you about your account and the services (notifications, support).
  • To detect, prevent, and respond to security incidents, abuse, or technical issues.

3. Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Service providers that perform services on our behalf, such as hosting, object storage (e.g. DigitalOcean Spaces or an S3-compatible provider), and email sending.
  • Law enforcement or other parties when required by law or to protect rights, property or safety.

4. Third‑Party Services

The Site may use third‑party services that have their own privacy practices. Examples include:

  • TinyMCE Cloud: the rich text editor is loaded from TinyMCE's CDN and may collect usage data according to TinyMCE's policy.
  • Object storage: featured images are stored on an external object storage provider; that provider's terms and privacy policy apply to stored media.

5. Security

We implement reasonable technical and organizational measures to protect your data. This includes using hashed passwords, restricting administrative access, and using secure transport (HTTPS) where available. However, no system is completely secure—please do not share sensitive personal information in posts.

6. Data Retention

We retain account and content data for as long as necessary to provide the service, or as required by law. If you request account deletion, we will remove your personal data from active systems and, where technically feasible, purge stored content and media.

7. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal data. To exercise these rights or to ask questions about your data, contact us at the address below.

8. Children's Privacy

The Site is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this privacy policy from time to time. When we do, we will update the "Last updated" date at the top of this page.

10. Contact

If you have questions or requests about this privacy policy or your personal data, contact: chris@mperialwebsolutions.com.

This privacy policy is provided for informational purposes and does not constitute legal advice. If you need a legally compliant policy (for GDPR, CCPA, etc.), consult a lawyer or privacy professional.