Privacy Policy

This very boring privacy policy sets out how NerdPress® uses and protects any information that you give while visiting www.nerdpress.net, or that you provide for our WordPress Support Services.

Our official business name is Why Watermelon, Inc., and we’re doing business as NerdPress®.

Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from December 30, 2019.

Information You Voluntarily Submit to the Website

We may collect personal information from you such as your name or email address. For example, you may voluntarily submit information to the Website by leaving a comment, subscribing to a newsletter, making a purchase, or submitting a contact form. In addition, you are able to create a user profile, which allows you to create a username and password.  If you make a purchase on the Website, we will create a user profile and store some personal information, including name, email address, phone number, and mailing address. Your password for this Website will not be visible in our records.

Automatically Collected Information

We may automatically collect certain information about you and the device with which you access the Website. For example, when you use the Website, we may log your IP address, operating system type, browser type, referring website, pages you viewed, and the dates/times when you accessed the Website. We may also collect information about actions you take when using the Website, such as links clicked.

Passwords and Access Credentials

In order to provide our WordPress Support Services to you (only if you purchase these services from us), we may require your access credentials (such as username and password) for your website, web hosting, and related services.

We take measures to protect and secure your information using encryption and layers of password-protection and two-factor authentication when available, and we require our contractors or other third-party services to do the same.

In return, we ask you to use strong and unique passwords for your WordPress site, your hosting account, your email account, and any other online accounts — and to never send passwords directly in email (email is not secure). You can send access credentials to us securely using the form located here: https://www.nerdpress.net/password/

What we do with the information we gather

We may use the information collected in the following ways:

  • To provide our WordPress Support Services to you;
  • To provide you with user support;
  • To access your website, or related services that you use for your business and website, on your behalf (only for the purposes of providing our Support Services to you);
  • To respond to your comments or inquiries;
  • To improve our products and services;
  • To operate and maintain the Website;
  • To process payments for our products and services;
  • To send emails with notifications of new blog posts; or promotional emails about new products, special offers, or other information which we think you may find interesting or useful (each email will provide an option to opt-out of future mailings);
  • To send you administrative communications, such as administrative emails, confirmation emails, technical notices, updates on policies, or security alerts;
  • To create your account, identify you as a user of the Website, and customize the Website for your account;
  • To track and measure advertising on the Website;
  • To protect, investigate, and deter against unauthorized or illegal activity.

Third-Party Use of Personal Information

We may share your information with third parties when you explicitly authorize us to share your information.

Additionally, we may use third-party service providers for various aspects of the Website and for our Support Services. Each third-party service provider’s use of your personal information is dictated by their respective privacy policies.

The Website currently uses the following third-party service providers:

Active Campaign – this service is used for delivery of email updates and newsletters. We store your name and email address for purposes of delivering such communications, and may link your email address with past purchase information or website activity, in order to tailor our services to you.  Please refer to Active Campaign’s terms and privacy policy for further information.

Gravatar – this service is used to display profile pictures alongside your user profile, or comments that you may leave on this site. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here.

Google Analytics – this service tracks Website usage and provides information such as referring websites and user actions on the Website. We have configured Google Analytics to anonymize your IP address, so it will not collect any personal information. Please see the Google Analytics Data Privacy and Security page for further information.

Hotjar – We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. For further details, please see the ‘about Hotjar’ section of Hotjar’s support site. Please see the Hotjar privacy page for further information.

Jetpack Stats –  this service tracks Website usage and provides information such as referring websites and user actions on the Website. Please refer to Jetpack’s privacy policy for further information.

Mail Gun – this service is used for delivery of transactional emails directly from the website, such as purchase confirmations (if you make a purchase) or new comment notifications (if you have subscribed to get updates to comments). Please refer to Mail Gun’s privacy policy for further information.

In addition, we use the following third-party service providers to help provide our Support Services to you. (These services are only used if you have purchased our WordPress Support Services, or, in the case of Help Scout and G Suite, if you communicate with us via email):

Amazon Web Services – this service is used to make daily backups of your website, which will be stored on their servers for a limited time (typically 90 days). We use unique access credentials (that we create for your site), in order to store the backups in an isolated “Amazon S3 Bucket” for your account. If we utilize their services to help investigate or repair technical issues on your website, we may provide them with access to your website or server for a limited time and only for the purposes of investigating or repairing those technical issues. Please see Amazon Web Service’s Data Privacy Resources for further information.

Code Guard – this service is used to make daily backups of your website, which will be stored on their servers for a limited time (typically 90 days). We provide Code Guard with access credentials to your server in order to make these backups. If we utilize their services to help investigate or repair technical issues on your website, we may provide them with access to your website or server for a limited time and only for the purposes of investigating or repairing those technical issues. Please see Code Guards’s privacy policy for further information.

G Suite – this service is used for direct email communication; any emails sent to or from this system will contain your name and email address. We may also store your information in Google Docs, Google Sheets, Google Drive, or other G Suite services, for the purpose of helping us provide our services to you. Please see Google’s privacy policy for further information.

Help Scout – this service is used to provide direct customer support services to you, such as email support and a knowledge base. Please refer to Help Scout’s privacy policy and Data Processing Amendment for further information.

ManageWP – this service may be used to remotely manage your website, including (but not limited to) keeping the software on your website updated. Please see ManageWP’s privacy policy for further information.

Metorik – this service is an ecommerce reporting tool to help us manage our business. Your purchase information (and therefore some personal information, such as name and email address) may be shared with Metorik, solely for the purposes of their reporting to us. Please see Metorik’s privacy policy for further information.

Process.st – this service is used for internal task management (“to do” style checklists) to help provide consistent, efficient, and high-quality services to you. In the course of working with the checklists, we may add your personal information (such as your name and email address) to the checklists, in order to help us streamline our services. At no time does Process.st use your information for any other purpose. Please see Process.st’s privacy policy and GDPR statement for further information.

Staging Pilot – this service is used for WordPress software updates. We provide Staging Pilot with access to your website and server so that they can create a staging site on their servers, run updates on the staging site and make sure the updates work properly, and then publish the changes on your production site.

Stripe – this service is a third-party payment processor, used to process payments made to us. We do not store credit card or debit card numbers, and instead rely on Stripe for this. Please see Stripe’s privacy policy for further information.

Sucuri – this service is used to provide security scanning, hardening, malware cleanup , and the Cloudproxy Firewall/CDN service to speed up and protect your website. Under normal usage, no personal information is shared with Sucuri. However, if we utilize their services to help investigate or repair technical issues on your website, we may provide them with access to your website for a limited time and only for the purposes of investigating or repairing those technical issues. Please see Sucuri’s privacy policy for further information.

Support Hero – this service powers our private knowledge base for our clients, with a widget directly accessible inside your WordPress dashboard. This service tracks views of knowledge base articles, searches of the knowledge base, and user-submitting ratings, in order to provide aggregate statistics in order to help us improve the knowledge base over time. If you submit a contact form from within the knowledge base, your email address may be transmitted through their servers so that we may reply to your contact, but is not used for any other purpose. Please see Support Hero’s privacy policy for further information.

Zapier – this service is used to help automate certain processes in our business. Zapier can transmit information between applications (for example, it may transmit your information between our Website and Active Campaign or between our Website and Process.st). Please see Zapier’s privacy policy for further information.

At this time, your personal information is not shared with any other third-party applications. This list may be amended from time to time at our sole discretion.

We may disclose or transfer personal information collected through the Website to third parties who acquire all or a portion of our business, which may be the result of a merger, consolidation, or purchase of all or a portion of our assets, or in connection with any bankruptcy or reorganization proceeding brought by or against us.

Comments

When visitors leave comments on the Website, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. Visitor comments may be checked through an automated spam detection service.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Affiliate Program Participation

The Website may engage in affiliate marketing, which is done by embedding tracking links into the Website. If you click on a link for an affiliate partnership, a cookie will be placed on your browser to track any sales for purposes of commissions.

Newsletters

On the Website, you may subscribe to our newsletter, which may be used for advertising purposes. All newsletters sent may contain tracking pixels. The pixel is embedded in emails and allows an analysis of the success of online marketing campaigns. Because of these tracking pixels, we may see if and when you open an email and which links within the email you click. Also, this allows the Website to adapt the content of future newsletters to the interests of the user. This behavior will not be passed on to third parties.

If you make a purchase, you will also be added to our email list, for the sake of providing you with updates and information that we believe you will find useful.

Every newsletter we send will include an unsubscribe link at the bottom.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online. Please see our Terms of Service for more information.

Sensitive Personal Information

At no time should you submit sensitive personal information to the Website. This includes your social security number, information regarding race or ethnic origin, political opinions, religious beliefs, health information, criminal background, or trade union memberships. If you elect to submit such information to us, it will be subject to this Privacy Policy.

Children’s Information

The Website does not knowingly collect any personally identifiable information from children under the age of 16. If a parent or guardian believes that the Website has personally identifiable information of a child under the age of 16 in its database, please contact us immediately at support@nerdpress.net and we will use our best efforts to promptly remove such information from our records.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile or during purchase. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

If you have purchased our WordPress Support Services, and subsequently cancel those services, we will delete your passwords and account credentials from our records, and delete all backups of your website that we have stored. Please see our Terms of Service for more information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. All requests should be made via email, to support@nerdpress.net.

CALIFORNIA RESIDENTS

California Residents:   Pursuant to the California Consumer Privacy Act of 2019 (“CCPA”), you have certain rights with respect to your personal information.  For the purposes of this section, personal information is used as defined in the CCPA. NerdPress reserves the right to verify all requests made pursuant to the CCPA.     

Access and Disclosure

You may make a verifiable request that we disclose the categories of personal information we have collected about you, the categories of sources of the personal information we collected about you, the business or commercial purpose for collecting or selling the personal information, the categories of third parties with whom we share your personal information, our use of the personal information and if the personal information was disclosed or sold to third parties, including the categories of personal information sold or disclosed.  You also have the right to make a verifiable request for a copy of the personal information collected about you for the twelve (12) months prior to the date of your request. We do not sell personal information. 

Deletion Request Rights

You have the right to request that NerdPress delete any of your personal information that we collected from you and retained, subject to certain exceptions.  We may deny your deletion request if retaining the personal information is necessary for us or our service provider(s) to:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Children Under 16

We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age.  

No Discrimination

We will not discriminate against you for exercising any of your CCPA rights.  Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Your Rights

To exercise the access, disclosure and deletion rights described above, please submit a verifiable request to us by either (1) calling (424) 254-8871; (2) emailing support@nerdpress.net or sending us a written request to 2211 Marine Street, Santa Monica, CA 90405 Attn: CCPA.

You may only make a verifiable request for access or disclosure twice within a 12-month period.  You may also make a verifiable consumer request on behalf of your minor child. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

To respond to your request or provide you with personal information, NerdPress must verify your identity or your authority to make the request.  We will only use personal information provided in a verifiable request to verify the requestor’s identity or authority to make the request.  

Timing

We will respond to a verifiable consumer request within forty-five (45) days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.   We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable request’s receipt.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.

Contact Information

At any time, please contact us at support@nerdpress.net for questions related to this Privacy Policy.