Privacy/Security Policies

Website:

Our website is located on commercial servers in California, and as such, subject to Unites States and California law. (Our email is hosted on a server in Switzerland, for our email policies, see that section.) This site is a personal site, with no business operations, and therefore should have no need to comply with EU or other foreign laws and regulations regarding security as we do not do business in their jurisdiction. What limited information we do collect, we do not disclose to third parties unless directed by the proper law enforcement agencies of the proper jurisdiction.

Information we collect:

When you visit our website we may collect various types of information, such as:

  • Your browser – including the version.
  • Your Operating System – including the version.
  • The IP Address you are using to connect to our website.

Cookies: We do use cookies while visiting our website, but these are used only on our website. They are not designed to track how you arrived, nor where you go when you leave our site. We do not have any third-party cookies active on our website nor use FLoC, or other tracking technologies that track you between websites.

We collect the above information for security purposes and analyze the performance of our website. Users who attempt to cause any harm to our website will be identified using the above collected information and automatically blocked from accessing our website.

Security:

  • We use SSL encryption to help keep information between our server, and your browser private, without corruption.
  • Since we do not perform financial transactions or require any personally identifiable information we only use a DV Level SSL certificate.
  • The lock icon at the start of the URL shows that the encryption is working. Click on the icon for information about the connection security.
  • All queries to an unsecured address are redirected to an SSL address.

Alternate URL’s:

We may have alternative URLs, and variations, which point to this domain. Any such redirections will point to, and show burdo.net in the address bar.

Email

We use an encrypted email service with their servers based in Switzerland.

  • Switzerland has stricter privacy laws than most other countries, including the United States.
  • When you send us an email, the message is generally secured using STARTTLS while in transit, though it may not be encrypted if it is paused before it reaches, the server of your email service, or certain transit points before reaching our email server. When it arrives at our server it is encrypted for storage and remains encrypted when relayed to our devices. Our devices decrypt these emails. The hosting service we use cannot read the emails stored on it.
  • When we send an email to you, it leaves our device encrypted, and the Swiss based server then decrypts it before sending it using STARTTLS.
  • If you want fully secure email, we can use either PGP, or Protonmail for security purposes. Both provide end-to-end encryption which means that only the sending/receiving devices can see the actual content. If you use a free email service such as Gmail, Yahoo, AOL, or others, they may have the ability to read your messages once they arrive on their servers, and before you open it yourself. We also have the ability to send encrypted messages to these services that will prevent them from reading the message, but you will need a separate, pre-arranged password to view them.
  • We may archive email messages, either on the Swiss based server, and/or locally on our own systems for future reference.
  • For additional information on the email system we use, visit: https://proton.me/mail/security
  • We do not perform mass mailings.

Contact Form:

If you use our Contact Us Form, in addition to the above information, whatever information you enter on the form including your name, email address, and any additional information that you enter, is collected by us. Please do not send any sensitive information via this form.

Data Retention:

  • Parties that we have a business relationship with may have their emails retained for what we consider an appropriate period.
  • Other emails may be deleted after use and purged on a regular basis.
  • Email retention may be done on a system other than the mail server, but not publicly accessible from the internet.
  • Contact Form usage is treated as email.
  • Server logs are updated/deleted automatically as determined by its security settings.