17 Apr, 2024

Privacy Policy

13 mins read

Last Updated: [Date]

This Privacy Policy outlines the types of personal information that [MEFNL] (“we,” “our,” or “us”) may collect from visitors (“you” or “users”) to our website [https://mefnl.com/] and how we use, disclose, and protect that information. By using our website, you agree to the terms outlined in this policy.

We utilize third-party services (data processors) on our websites, and the extent of data sharing with these providers is contingent upon your usage of our services. In the sections below, we provide a comprehensive list of specific third-party providers along with links to their privacy policies. Our security team thoroughly vets each third-party provider to ensure that their privacy policies and practices align with or surpass our compliance standards. Additionally, where applicable, we maintain signed Data Privacy Agreements with these companies, adding an extra layer of accountability to uphold the safety and security of your data.

We disclose potentially personally-identifying and personally-identifying information solely to our employees, contractors, and affiliated organizations that require such information for processing on our behalf or to provide services. These individuals and entities are bound by written agreements not to disclose the information to others. Some of them may be situated outside your home country, and by using our websites and services, you consent to the transfer of such information to them. Importantly, we do not engage in renting or selling potentially personally-identifying and personally-identifying information to any external parties.

In certain circumstances, we may be obligated to disclose personal information in response to lawful requests by public authorities, including those related to national security or law enforcement requirements.

Furthermore, should we ever contemplate onward transfers of your data to third parties for purposes other than the original collection or subsequent authorization, we commit to providing you with an opt-out choice to limit the use and disclosure of your personal data. Your privacy and control over your information are of utmost importance to us.

Cookies

A cookie refers to a set of information that a website saves on a visitor’s computer, and upon the visitor's return, the browser transmits this information to the website. To enhance user experience, track visitor behavior, and understand preferences related to website access, we employ cookies across our sites. The specific types of cookies utilized are outlined in the following sections.

For visitors who prefer not to have cookies stored on their computers, it is advisable to configure their browsers to reject cookies before accessing our websites. It's important to note, however, that this choice may result in certain features not functioning optimally without the assistance of cookies.

Personal Data We Collect

Registered Users Information:

  • Upon creating an account on our sites, you'll be prompted to choose a Username and provide your Email Address.
  • We strongly recommend avoiding the use of your real name as a Username, as Usernames cannot be changed.
  • Your chosen Username and Email Address are securely stored in the website's database. Your Email Address is utilized to send you a confirmation email containing a link to set your password or to provide a link for password reset in case you forget it.
  • To delete an account, you need to contact us directly. Each account is assigned a unique numeric User ID upon creation, which cannot be modified.
  • An anonymized string (hash) derived from your email address is sent to the Gravatar service to check if a Profile picture is available for display. You can find the Gravatar service's privacy policy here.
  • Optionally, you can enhance your Profile by adding details like First Name, Last Name, Website (URL), and Biographical information, all of which are stored securely in the website's database. You have the flexibility to edit these details, including your Email Address, in your Profile at any time.
  • You have control over how your name appears (Display Name) to site visitors, such as in the comments you create, through your Profile settings.
  • Employees on the site have access to your Username, First Name, Last Name, and Email Address.
  • When attempting to log in, a temporary cookie is set to verify if your browser accepts cookies. This cookie contains no personal data and is discarded upon closing your browser.
  • For logged-in users, multiple cookies are set to save login information and screen preferences. Login cookies are valid for two days, while screen option cookies last for a year.
  • Opting for “Remember Me” will keep these cookies active for two weeks. Logging out from a public computer is crucial to ensure the removal of login cookies.
  • User-provided data in profiles is stored indefinitely, but registered users retain the ability to view, modify, or delete most of their data at any time, with the exception of their login name/nickname.

Publishing Content (Comments, Pages, Posts, Forums):

  • When you engage in activities such as leaving comments, posting on forums, or contributing articles/posts, certain details from your profile, including your Gravatar Profile Picture, Display Name, Website (URL), and Biographical Info, may be visible to website visitors.
  • If you author an article/post, information such as your Username, User ID, Gravatar Profile Picture, Display Name, Website (URL), and Biographical Info is shared with any visitor using the website’s REST API interface.
  • When uploading media, like images, it is advisable to exclude EXIF GPS location data. Visitors can download and extract location data from images on the website if included.
  • Visitors using the website’s REST API interface may correlate uploaded media to a specific user, potentially mapping a user to a particular time and location if EXIF GPS location data was included.
  • Editing or publishing an article/post results in the saving of an additional cookie in your browser. This cookie contains no personal data and signifies the post ID of the edited article. It expires after 1 day.
  • For visitors leaving comments, data provided in the comments form, along with the visitor’s IP address and browser user agent string, is collected to aid in spam detection.
  • Comments may require manual approval from one of our employees or site owners.
  • Opting to save your name, email address, and website in cookies when leaving a comment allows us to recognize you as a commenter, with these cookies persisting for one year.
  • Additional spam detection is provided by Automattic/Akismet, and their privacy policy can be found here.
  • Published content and comments are stored indefinitely unless the original author requests deletion/removal. Your privacy is important, and we respect your control over your contributed content.

Embedded Content From Other Websites:

  • Embeds consist of elements from external websites that intermittently appear on our websites. Functioning similarly to a direct visit to the external website, embeds may employ cookies or gather information. Typically, embedded content originates from websites that share videos, images, or other multimedia. These services have the potential to collect your IP Address, User Agent, utilize cookies on your browser, integrate additional third-party tracking, and observe your engagement with the embedded content. This observation may involve correlating your interaction with the content to your account with that service if you are logged in. Your privacy is important to us, and we aim to provide transparency regarding embedded content from external sources.

Analytics

We leverage Google Analytics to track visitors and compile insights into the traffic on our websites. Google Analytics enables us to analyze user behavior, trends, and preferences, aiding us in optimizing the user experience and enhancing our content. The privacy of our users is of utmost importance, and we want to ensure transparency about the use of Google Analytics on our platforms.

Google Analytics functions by employing cookies to gather information such as user interactions, session durations, and the pages visited. This aggregated data is crucial for us to understand how visitors engage with our content, which in turn helps us tailor our websites to better meet user needs.

It's important to note that the data collected through Google Analytics is anonymized and does not personally identify individual users. The insights obtained are used solely for statistical purposes and to improve the overall performance and relevance of our websites.

If you wish to explore further details about Google Analytics and how they handle user data, you can refer to Google Analytics' privacy policy here. Additionally, for users who prefer to opt-out of being tracked by Google Analytics across all websites, Google provides an opt-out browser add-on, the details of which can be found here.

We value the privacy choices of our users and are committed to providing a secure and transparent online experience. If you have any concerns or queries regarding the use of Google Analytics on our websites, please feel free to reach out to us. Your trust is important to us, and we are dedicated to maintaining the highest standards of privacy and security.

Your Rights

If you are a registered user or have left comments on our site, you have the right to request access to or download the data we have collected about you. For visitors who have left comments, this typically includes their email address, any assigned IP addresses at the time of commenting, and the user agent strings of the browsers they used. The remaining data is public, as published by the visitors.

For registered users or paying customers, the information available for request expands to encompass profile details, as well as histories of downloads, payments, and support tickets.

Should you wish to be removed from our records entirely, you have the option to request to be forgotten. In such cases, we will erase any personally identifiable data we have about you, excluding information necessary for administrative or security purposes, or if legal requirements mandate the retention of certain data.

Individuals seeking access to their data or wishing to correct, amend, or delete inaccurate information can direct their queries to [email protected]. We are committed to responding promptly, with a reasonable timeframe not exceeding one week.

We prioritize the protection of your privacy and are dedicated to facilitating your control over your personal data. If you have any concerns or inquiries regarding your information on our platform, please feel free to contact us, and we will be happy to assist you.

Protecting Your Data

The utmost priority for our service is the security and reliability of our operations. We make substantial investments in staff training and infrastructure to uphold best practices across all aspects of our work.

For detailed information on the security of the WordPress core, please refer to wordpress.org/about/security.

Prevention is key to our security approach. In the initial stages, we ensure adherence to all WordPress Code Standards in the development and use of our plugins. Furthermore, an extensive internal review and Quality Assurance process is in place to proactively identify and address potential security vulnerabilities in our plugins and services.

Our staff is granted access only to systems essential for their job functions. Dual-factor authentication is implemented for all critical systems and communication services. Staff activities are automatically logged using internal logging tools, Google ‘G' Suite features, and Amazon Cloud Trail.

Comprehensive training, including initial onboarding and ongoing updates, is provided to all staff, including contractors, to ensure a thorough understanding of all security-related processes. Regular attendance at industry conferences and staying informed about best practices and emerging trends is a standard practice. Staff members annually review and affirm their commitment to all security policies and procedures in writing.

We exclusively rely on third-party services, such as Amazon Web Services, that undergo rigorous vetting and adhere to the highest standards of privacy and security practices.

In the event of a data breach where customer data is lost, stolen, or potentially compromised, our policy dictates notifying affected customers via email within 48 hours of our team becoming aware of the incident. Additionally, we will report such incidents to the required data protection authorities and collaborate closely with affected customers to determine appropriate measures, including end-user notifications, necessary patches, and strategies to prevent similar events in the future.