This Privacy Policy describes how personal data is collected, used, and protected when you access and use this website, in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Portuguese and EU data protection laws.
1. Data Controller
The data controller responsible for the processing of personal data on this website is:
Website: https://hzblog.duontheway.com
If you have any questions regarding this Privacy Policy or the processing of your personal data, you may contact the website administrator via the contact methods provided on the website.
2. Personal Data We Collect
We only collect personal data that is necessary for the operation of the website and for the purposes described below.
2.1 Comments
When visitors leave comments on the site, we collect:
- The data provided in the comments form (such as name, email address, and comment content)
- The visitor’s IP address
- The browser user agent string
This data is processed for the legitimate purposes of spam prevention, security, and moderation, in accordance with Article 6(1)(f) GDPR (legitimate interest).
An anonymized string (hash) generated from your email address may be shared with the Gravatar service to determine whether you use it. Gravatar’s privacy policy is available at: https://automattic.com/privacy/. If your comment is approved, your profile picture associated with Gravatar may be publicly displayed alongside your comment.
By submitting a comment, you explicitly consent to the processing of your personal data as described above, in accordance with Article 6(1)(a) GDPR.
2.2 Media Uploads
If you upload images to the website, you are responsible for ensuring that they do not contain embedded location data (EXIF GPS). The website does not intentionally process location metadata; however, visitors may download images and extract such data if present.
3. Cookies
This website uses cookies in compliance with EU cookie regulations and GDPR.
3.1 Comment Cookies (Consent-Based)
If you leave a comment, you may explicitly opt in to saving your name, email address, and website in cookies. These cookies are stored for your convenience and remain valid for one year. They are set only with your explicit consent.
3.2 Essential Cookies
Essential cookies are required for the proper functioning of the website and do not require consent:
- Temporary cookies to verify browser cookie support (discarded when the browser is closed)
- Authentication cookies used when logging in
Login cookies are retained for two days. If you select “Remember Me”, authentication persists for two weeks. Screen preference cookies are retained for one year. Logging out removes authentication cookies.
3.3 Content Editing Cookies
When you edit or publish an article, a cookie storing the article ID is saved. This cookie contains no personal data and expires after one day.
4. Embedded Content from Third-Party Websites
Articles on this website may include embedded content (such as videos, images, or articles). Embedded content from third-party websites behaves as if you had visited those websites directly.
These third-party websites may collect personal data, use cookies, and apply their own tracking technologies. Such processing is governed by the privacy policies of the respective third parties. We recommend reviewing those policies before interacting with embedded content.
5. Data Sharing and Disclosure
We do not sell or rent personal data.
If you request a password reset, your IP address will be included in the password reset email as a security measure.
Visitor comments may be processed by automated spam detection services. These services may process data outside the EU; where applicable, appropriate safeguards are applied in accordance with GDPR requirements.
6. Data Retention
- Comments and their metadata are retained indefinitely to allow automatic recognition and approval of follow-up comments.
- For registered users (if applicable), personal data is retained for the duration of the account’s existence.
Personal data is not retained longer than necessary for the purposes for which it was collected, unless required by legal obligations.
7. Your Rights Under GDPR
As a data subject under GDPR, you have the following rights:
- Right of access to your personal data (Article 15)
- Right to rectification of inaccurate data (Article 16)
- Right to erasure (“right to be forgotten”) (Article 17)
- Right to restriction of processing (Article 18)
- Right to data portability (Article 20)
- Right to object to processing based on legitimate interests (Article 21)
- Right to withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal
To exercise these rights, you may contact the website administrator. Requests will be handled within the time limits established by GDPR.
8. Where Your Data Is Processed
Personal data is primarily processed within the European Union. Where data is transferred outside the EU (e.g., through third-party services), such transfers are conducted in compliance with GDPR using appropriate safeguards.
9. Changes to This Privacy Policy
This Privacy Policy may be updated to reflect legal or operational changes. Any updates will be published on this page with immediate effect.