With this post, the-privacy-blog.eu is finally officially opened! In the future, I will use this blog to write about my own research regarding privacy and information security, but also about more general, related topics.

Actually, I planned to start blogging a lot earlier this year, but, ironically, coming up with a privacy policy that I considered satisfactory took a lot more time than I expected… On the bright side of this lengthy process: I did learn a lot about WordPress, my hosting provider and the intricacies of drafting an easily understandable privacy policy.

In its current form, the household exemption should apply to this blog (yes, there are no external analytics tools etc.). So my first impulse was to just go with a small, informal description of the processing of personal data with regard to this website. However, there is some uncertainty regarding the household exemption and given this blog’s comment function, I decided to just go with the assumption that the exemption will not apply. Consequently, I wanted a proper, full-fledged privacy policy and as I am no friend of off-the-shelf boilerplate, I also wanted to write it myself without resorting to one of those customizable templates one finds on the Internet.

Aside from the fact that I am not a lawyer and not used to writing legal text, one unexpected challenge was to find out what WordPress is actually doing in the background and to make sure that no plugins or other functionality were transferring data to third parties. For example, Gravatar was activated per default, as least in my WordPress setup.

To cut a long story short: it took much longer than I expected to come up with a policy that I deemed compliant and easily understandable. I will probably adjust the policy in the future to make it easier to understand but for now I am all set to actually start blogging here.