Privacy Policy

Introduction

Welcome to our website’s Privacy Policy (savemawallet.com). We respect your privacy and are committed to protecting your personal data. This policy explains what information we collect, how we use it, and your rights. Our site is available worldwide, so we strive to comply with major privacy regulations, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), among others. We only collect the minimum personal information needed (specifically your email address and password) for you to register an account and participate in our community. By using our site (the “Service”), you agree to the practices described in this Privacy Policy.

Information We Collect and Why

We limit the personal data we collect to what is necessary to provide our Service. Specifically, when you register an account or interact with our site, we may collect:

Email Address – We collect your email during account registration to identify your account and for communication purposes (e.g. sending account confirmations or activity notifications). This email serves as your login credential and allows us to send you important account-related emails (such as verification links or password reset instructions). We do not use your email for marketing or share it with third parties without your consent.
Password – We require you to create a password when registering so you can securely log into your account. The password is used solely for authentication and account access. For security, your password is stored in an encrypted (hashed) form in our database. We never store passwords in plain text, and no one (including us) can read your actual password. This measure helps protect your account even if our database were compromised.
Account Profile Information – When you register, you may also choose a public display name or username. Aside from your email and password, no other personal details are required. If you choose to provide a display name or any profile information, it will be visible to others on the site (for example, as the author name displayed next to your comments). You have control over what information you include in your public profile.
Public Comments Content – If you post comments on our site, any personal information you include in the comment content will be collected and displayed publicly. Only share what you are comfortable being public. Your comments (including text, images, or other media you voluntarily post) are visible to all visitors along with your display name. We advise against posting sensitive personal data in any comments.
Log and Technical Data – When you interact with our site (e.g. visiting pages or posting a comment), we may automatically collect certain technical information for security and maintenance. This includes the IP address of the device you use and your browser’s user agent (information about your browser type and version). For example, when a visitor leaves a comment, WordPress by default collects the visitor’s IP address and browser user agent string to help spam detectionrtcwashoe.com. We use this information solely to protect our site (e.g. to block spam or abusive behavior) and not to identify you individually. IP addresses may also be temporarily logged by our server for security monitoring and to generate aggregate usage statistics (such as recognizing what country most visitors are from), but we do not use this data to track or profile individuals.
Analytics Data – We use a privacy-friendly analytics tool (Burst Statistics) to collect general information about how users interact with our site. This includes metrics such as page views, number of visitors, session duration, referral sources, and aggregated device or browser informationwordpress.org. Importantly, this analytics data is anonymous and not personally identifiable – it does not include your name, email, or specific identity. We have configured our analytics to avoid collecting any data that could directly identify you. The analytics information helps us understand overall website traffic and usage patterns (for example, which posts are most popular or what times of day the site is busiest) so we can improve our content and user experience. We describe our analytics practices in more detail in the Analytics section below.

We do not collect any sensitive personal information such as your physical address, phone number, government ID numbers, financial information, or precise geolocation. The only personal data we require is your email and password for account creation, as described above. Providing any additional information is optional and at your discretion.

Account Registration and Public Commenting

Our site allows users to create accounts in order to post comments on our content. Here’s how we handle data in this process:

Account Creation: To register an account, you will need to provide a valid email address and a password. This minimal information is necessary to set up and maintain your user account. We use your email as your account identifier and for sending account-related notices (such as a registration confirmation email or password reset link). The password you choose is stored securely (hashed) and used to verify your identity when you log in. The legal basis for processing this information is to perform the contract of providing you with the account/service you requested (GDPR Art. 6(1)(b)) – we cannot create or manage your account without it. By creating an account, you also effectively consent to our use of your email and password for these purposes.
Public Profile: When your account is created, you may have a username or display name associated with your profile. This name (which can be a pseudonym) will be shown publicly alongside any comments you post. Other users will see this name, so if you prefer not to use your real name, you may use an alias. Aside from this name, no other personal details from your account are visible to the public. Your email address is not visible to other users.
Posting Comments: Once registered and logged in, you can post comments on our posts or articles. Your comment text, along with your display name and the date/time of the comment, will be published on our site for others to read. Please remember that any information you include in a comment becomes public. Do not include personal data in your comments that you wouldn’t want disclosed publicly. We are not responsible for personal information you choose to share within your public user contributions. However, if you accidentally post personal details and want them removed, you can contact us to delete the comment (see Your Rights below for deletion requests).
Comment Moderation: We reserve the right to moderate, edit, or remove comments that violate our community guidelines or any applicable laws. This is not typically related to privacy, but we mention it to clarify that your comments are subject to review for appropriateness. If we remove a comment for any reason, it will no longer be visible publicly, but we may retain a copy internally (including associated data like IP address and timestamp) if needed to investigate abuse or comply with legal obligations.
Spam and Abuse Prevention: To maintain a friendly and safe community, we use automated tools and other measures to help detect and block spam or abusive comments. For example, as noted above, when you leave a comment the site automatically collects your IP address and browser information to assist in spam filteringrtcwashoe.com. We may also use a spam detection service or plugin to screen comments (commonly, WordPress sites use tools like Akismet or similar). These tools might process comment data (including content and technical info) to identify spam. We do not use these data for any other purpose. Any third-party spam filtering service, if used, would be GDPR-compliant and governed by its own privacy policy (we will inform you if we implement such a service).
Emails and Notifications: By registering an account, you will receive certain emails from us that are necessary for account management and user interaction. Specifically, after registration you will get a confirmation/activation email to verify your address. If you reset your password, you will receive a password reset email. Additionally, if our site supports notifications (for example, notifying you when someone replies to your comment or if there are important updates to our terms or policies), we may send you transactional emails of that nature. These emails are not promotional – they are solely to confirm or facilitate actions you take on the site. You cannot unsubscribe from essential account-related emails, because they are necessary for using the Service (for instance, you can’t receive a password reset if you opt out of emails). However, we do not send any newsletter or marketing emails unless you separately opt in to such communications (which we currently do not offer). Rest assured, we will not spam your inbox or share your email with advertisers.

Use of Burst Statistics (Analytics)

We care about your privacy, so we have chosen to use Burst Statistics, an open-source, privacy-friendly analytics plugin for WordPress, to gather basic information about site traffic. Our use of Burst Statistics is intended to better understand how the site is used without compromising user privacy. Here are the key points regarding analytics on our site:

Privacy-Friendly & Self-Hosted: Burst Statistics is designed to be a privacy-centric alternative to Google Analytics or other third-party trackers. All analytics data collected by Burst is stored on our own server and is not shared with any third-partymainwp.com. In other words, the data stays under our control and is not transmitted to external analytics providers. This setup helps protect your data and ensures compliance with privacy regulations. According to the developers, Burst is fully compliant with GDPR and other privacy regulations by designburst-statistics.com. We deliberately chose this tool to analyze site usage in a way that respects user privacy.
Anonymous Data Collected: The information we see through Burst Statistics is aggregate, anonymous data about website usage. It includes things like the number of visitors and pageviews, which pages or posts are most popular, how long users spend on a page, what countries visitors generally come from, what websites referred them to us, and what type of devices or browsers are usedwordpress.org. This data does not identify any individual – we cannot tell who you are from the analytics. Burst Statistics provides us with an analytics dashboard of anonymized data that is ours and ours alone wordpress.org. We do not collect personal identifiers (like names, emails, or user-specific browsing profiles) in our analytics. Even IP addresses, if recorded at all, are processed in an anonymized form (e.g. truncated) so that they cannot be linked back to you.
No Cookies for Analytics: We have configured Burst Statistics in a mode that does not use cookies or store any data in your browser for analytics trackingwordpress.org. Many analytics tools drop tracking cookies to follow users across sessions; Burst allows a cookieless operation to avoid this. By running in “cookieless tracking” mode, our analytics does not place any identifiers on your device wordpress.org. This means you will not see a cookie banner from us for analytics, because we are not using analytics cookies (and thus, under EU law, no consent is required for these analytics since they are strictly anonymous and essential for our legitimate interests). In more technical terms, while Burst can use a first-party cookie to improve accuracy if permitted, we have opted to keep it disabled by default to prioritize privacy burst-statistics.com. The trade-off is a minor loss of tracking precision (for example, a returning visitor might be counted as a new visitor without a cookie), but we believe this is worthwhile to ensure no unnecessary data is stored on users’ browsers.
Compliance of Burst: Burst Statistics is built to comply with GDPR and similar laws out-of-the-box burst-statistics.com. All data remains on our server, and because the data is anonymized and not shared, it falls under the category of privacy-friendly analytics. We do not need to seek cookie consent for analytics since we aren’t using any analytics cookies burst-statistics.com, and we ensure that no personal data (as defined by GDPR) is collected in the analytics process. This approach allows us to get insights into site usage while honoring users’ privacy rights. If in the future we decide to enable any more detailed tracking features of Burst (such as setting an optional cookie for more accurate visitor counts), we will update this policy and, if required by law, implement a consent prompt. As of now, however, no action is needed from users to “opt-in” to analytics cookies, since we don’t use them.
Use of Analytics Data: We use the aggregated statistics from Burst solely for our own analysis and improvement of the site. For example, the data helps us identify what content is engaging (so we can produce more of it), detect site performance issues (if any page is loading slowly or causing users to leave, indicated by very short time-on-page), and understand our audience at a broad level (e.g., seeing that most visitors come from a certain country or that a growing number of users access the site via mobile devices). We may compile reports for internal use that contain anonymous analytics information. We do not use analytics data for any profiling or automated decisions about individuals, nor do we share it with advertisers or any external parties. It’s used strictly to make our website better for our users and to ensure a smooth and interesting user experience.
No Third-Party Trackers: Aside from Burst Statistics, we do not use any third-party analytics or tracking services. We do not use Google Analytics, Facebook Pixel, ad networks, or any other external tracking or data collection scripts. This means your browsing on our site is not being reported to outside companies for marketing or advertising purposes. By avoiding third-party trackers, we limit exposure of your data and reduce the need for intrusive cookie banners. Our site is meant to be privacy-friendly and respectful of users’ data – using Burst Statistics helps us achieve that by keeping analytics in-house (first-party). External services often collect personal data (like IP addresses, device IDs, or behavior profiles) for their own purposes, which we avoid entirely.

In summary, our analytics approach is to collect only anonymous, necessary information to run and improve the site, without violating your privacy. If you have any questions about our use of analytics or want more technical detail on how Burst Statistics works, feel free to contact us (see Contact Us section below). We will be transparent about what we collect and how it’s used.

Cookies and Tracking Technologies

Cookies are small text files stored on your device to remember information. We aim to minimize our use of cookies. We do not use any advertising or marketing cookies, and we do not use third-party cookies at all on our site. The only cookies in use are those that are strictly necessary for the operation of the website (often called “functional” or “essential” cookies). Below we explain our limited use of cookies:

Session Cookies (Authentication): When you log into your account, WordPress will set a session cookie to keep you logged in and to recognize your authenticated session as you navigate the site. This cookie contains a unique identifier tied to your login session (and may contain encrypted information about your user ID or login time). According to WordPress documentation, these authentication cookies are considered strictly necessary for the website to function, as they enable features like keeping you logged in without having to re-enter your credentials on every page cookiebot.com. Session cookies typically expire automatically after a short period or when you log out. For example, WordPress’s default session cookies expire after about 15 days or when you close your browser, depending on your login choices cookiebot.com. We do not use session cookies for any purpose other than secure login functionality.
Comment Cookies: If our site allowed guests to comment without logging in, WordPress would use “comment cookies” to remember a commenter’s name, email, and website for convenience cookiebot.com. These cookies would allow the form fields to auto-fill on your next comment so you don’t have to re-type that information, and they typically last for one year rtcwashoe.com. However, on our site we require users to log in to comment, so the guest comment cookies are generally not applicable. Since your identity is managed through your account login, we do not need to set a cookie to remember your name or email for commenting – that’s handled by your logged-in session. As a result, the only cookies used in relation to comments are the session cookies described above. In summary, aside from the login session cookie, no additional cookies are placed for commenting.
Analytics Cookies: As noted in the Analytics section, our analytics solution (Burst Statistics) is configured to not use cookies. Burst’s “cookieless tracking” means it does not place any cookie on your device for tracking page visits wordpress.org. This is unlike many other analytics services which would set a persistent cookie to identify returning visitors. We have deliberately disabled such cookies to respect your privacy. Therefore, you will not have any analytics cookies from our site.
Third-Party Cookies: We do not embed third-party services that set cookies on our site, with one possible exception: if we ever embed content from other websites (for example, a YouTube video or a Twitter feed within one of our posts), that external content might set its own cookies when you interact with it. Embedded content from other sites behaves as if you visited those sites directlyrtcwashoe.com, which means they may collect data and set cookies over which we have no control. In such cases, you would be subject to the third party’s cookies and privacy policies. We strive to limit use of embedded third-party content, and where used, we will inform you (for instance, an embedded YouTube video will be clearly identifiable as such). Other than this scenario, we do not use any third-party plugins or ads that place cookies.
Do Not Track Signals: “Do Not Track” (DNT) is a setting in some web browsers that requests that a web application disable its tracking of an individual user. Because our site does not engage in cross-site tracking or behavioral advertising, we currently do not alter our practices when we receive a Do Not Track signal from a visitor’s browser. There is no third-party advertising or tracking to turn off. All data collection we perform (as described in this policy) is either necessary for the function of the site or done in an anonymized manner. Thus, our site’s behavior is essentially privacy-friendly by default, and DNT signals have no additional effect.
Cookie Consent: Since we only use functional cookies that are necessary for our service (login session cookies) and we do not use any non-essential cookies, we do not present a cookie consent banner on our site. Under regulations like the EU ePrivacy Directive and GDPR, consent is not required for cookies that are strictly necessary for the service requested by the user cookiebot.com. All other types of cookies (analytics, marketing, etc.) are either not used or have been configured to run without storing data on the user’s device. If our cookie usage changes in the future (for example, if we introduce a new feature that uses cookies), we will update this policy and implement any required consent mechanism.

In summary, cookies on our site are minimal and only serve to provide you with core functionality (like staying logged in). You can control cookies through your browser settings – for instance, you can delete or block cookies – however, please note that blocking essential cookies (like the login session cookie) may prevent you from using certain features (you wouldn’t be able to log in, for example). Since we don’t use non-essential cookies, there’s no need to “opt-out” of cookies for tracking purposes on our site.

How We Use Your Data

We use the collected information for the following purposes, and we rely on specific legal bases to do so (as required under GDPR):

Providing and Maintaining the Service: We use your registration information (email and password) to create and maintain your user account, allow you to log in, and enable you to post comments. This is the core function of our site. We also use your information to display your public profile (e.g. show your display name with your comments). The legal basis for this is Contract – when you sign up, we mutually enter into an agreement that we will provide you an account and the ability to use our site’s features, and processing your data is necessary for us to fulfill our obligations in that agreement gdpr.eu (GDPR Art. 6(1)(b)). If you do not provide an email and password, we cannot create an account for you, so this processing is essential.
Communication and Transactions: We use your email to send you service-related communications, such as the account verification email, notices of important changes to this Policy or our Terms of Service, password reset emails, and notifications about your comments (for instance, if someone replies to your comment or if we need to inform you of a moderation decision). We may also respond to any inquiries you send us using your email. The legal bases for these communications are Contract (they are necessary to provide the service you signed up for) and our Legitimate Interests in administering our service and keeping you informed of your account activity (GDPR Art. 6(1)(f)). We do not send marketing emails, and we will not send you any newsletter or promotional content unless you explicitly opt in (in which case the legal basis would be Consent, GDPR Art. 6(1)(a), but again, we currently have no such mailing list).
Public Display: When you contribute a comment, we process that content and publish it on our site. This means we are technically distributing the information you decided to make public. The purpose is to facilitate the user forum/discussion aspect of our service. The legal basis can be viewed as Consent (by submitting a comment you are inherently consenting to its publication) and Legitimate Interest – both yours (in sharing your views) and ours (in providing a platform for discussion) under GDPR. Under CCPA, this falls under providing the service you requested. We consider that you have control over what personal data, if any, you include in the content you post publicly. If you wish to remove something you posted, you can request deletion as described below.
Site Improvement and Analytics: We use anonymous, aggregated analytics data to understand how our site is used and to make improvements. For example, knowing what content is most popular or seeing trends in visit times can help us optimize our posting schedule or site layout. The legal basis under GDPR for processing analytics data is our Legitimate Interests (GDPR Art. 6(1)(f)) in maintaining and improving our website. We have balanced this interest against users’ privacy rights by using a highly privacy-friendly analytics solution that does not involve personal data (or, at most, uses anonymized data) wordpress.org. As such, we believe this analytics processing does not harm users’ privacy and does not require consent. Under CCPA, analytics data as we collect it is not considered personal information (since it’s de-identified), but even so, it’s used solely for our internal purposes (improving the service) which is a permissible purpose.
Security and Abuse Prevention: We may process personal data as needed to secure our website and users. This includes using IP addresses or logs to detect and block malicious activity (like hacking attempts, spam, or harassment), and to investigate violations of our Terms of Use. The legal basis under GDPR is Legitimate Interests (we have a legitimate interest in protecting our service and community from harm) and in some cases Legal Obligation (GDPR Art. 6(1)(c)), if we are required by law to retain or share certain data related to criminal acts or legal investigations. For example, if law enforcement authorities lawfully request information (such as IP logs) in the investigation of illegal activities, we may be obliged to comply. Aside from such rare events, we use this data internally to ensure the integrity of our platform.
Legal Compliance: Finally, we may use or retain your information to the extent necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests. For instance, we may keep backup records containing your data to fulfill financial, tax, or reporting obligations if any (though in our case, the personal data is minimal, this is more relevant if any transactions occur, which they do not on this site). Also, as mentioned, if we need to preserve data to comply with a law enforcement request or to exercise our legal rights (such as defending against a lawsuit), we will do so. The legal basis is Legal Obligation or Legitimate Interest (to defend our legal rights) as appropriate.

We will not use your personal data for any purpose that is incompatible with the purposes described above without first obtaining your consent. We do not use your data for automated decision-making or profiling that has legal or similarly significant effects on you. Any profiling we do is limited to analyzing anonymous data for trends (which has no effect on any individual). We do not sell your personal information or use it for advertising. In short, we use your data only to provide and improve our services to you, and for no other hidden agendas.

We treat your personal information with care and confidentiality. In general, we do not share your personal data with third parties, except in a few limited situations described below:

No Sale of Data: We want to be very clear that we do not sell or rent your personal information to any third parties for their marketing or any other purposes. This includes that we do not sell personal data as defined under the CCPA (California law) oag.ca.gov. So you are automatically opted-out of any “sale” of data because we don’t engage in that practice. We also do not share your information for cross-context behavioral advertising.
Service Providers: We may share certain data with trusted third-party service providers who help us operate the website and deliver our services (often called “processors” under GDPR or “service providers” under CCPA). For example, this could include our web hosting provider (which stores the website and database on its servers), email service (to send out the confirmation and notification emails), or backup service. These providers might technically process your data (for instance, your email could pass through an email sending service, or your data might reside on a third-party-owned server as part of our hosting). When we engage service providers, we ensure they are bound by confidentiality and security obligations consistent with this policy and applicable law sandiego.orgsandiego.org. They are not allowed to use your data for anything other than providing services to us. We only share the minimum information necessary – for example, our hosting provider has the data because it hosts our database, but it does not access that data unless needed for troubleshooting under our direction. These providers act on our behalf and are contractually prohibited from using your personal data for their own purposes.
Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order, subpoena, or government demand under applicable law). If any legal issue arises where your data is relevant, we will only disclose what is necessary and will, if lawful, inform you of such disclosure. Additionally, if we need to enforce our Terms of Use or to protect the rights, property, or safety of us, our users, or others, we might disclose information in connection with that (for example, providing information to law enforcement to report misuse or threats).
Business Transfers: This is unlikely for a personal or small site, but we include it for completeness. If in the future we (for example) transfer ownership or operation of the website to another entity (say the site is sold or merged into another project), user information could be among the assets transferred. If that happens, the new owner would have to honor the commitments we have made in this Privacy Policy (or users will be given a chance to opt-out or delete their data). We will notify users of any such change in ownership and give you choices about your data at that time.
Public Information: Any information you post publicly on the site (such as comments) is obviously visible to others by nature. We are not “sharing” it in a private sense, but it is published content. If someone else (a third-party user or even an outside party) decides to copy or share content you made public (for example, quoting your comment on social media), that is beyond our control. Thus, anything you post publicly is essentially shared with everyone by you. Please be mindful of this when posting. We consider the public viewing of your comments as an intended feature (you wanted to share your comment), not a privacy violation. If at any time you want a public post of yours removed, please contact us and we will do our best to accommodate (though note that we can’t control caches or archives that third parties might have made).

Aside from the above, we do not disclose your personal data to any other parties. In particular, we do not share your email or any account information with advertisers or other websites. We also do not have any third-party plugins on our site that siphon off your data. Everything you provide stays with us, except as needed to run the site as explained. Our default approach is: your data stays on our site/server and isn’t sent elsewhere

mainwp.com.

If for some reason we need to share data in a new way not covered by this policy, we will update this Privacy Policy and notify you, and obtain any necessary consent before doing so.

Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it. While no website can guarantee 100% security, we strive to use industry best practices to safeguard your data against unauthorized access, alteration, disclosure, or destruction. Some of the security measures we employ include:

Encryption: Our website is accessible only over HTTPS, which means that all data transmitted between your browser and our server (including your password when you log in, and any comments you post) is encrypted in transit using TLS (Transport Layer Security). This helps prevent eavesdropping on your communications with our site. Additionally, as mentioned, we encrypt (hash) passwords in our database, so even in the unlikely event of a database breach, your actual password remains protected.
Access Controls: The personal data we store (such as the user database containing your email and hashed password) is restricted to the site owner/administrator and trusted service providers who need access for site operations (for example, our hosting provider’s system administrators for server maintenance). We limit access based on the principle of least privilege – only those who absolutely need access to perform their duties get it. Admin accounts are protected with strong passwords and, where possible, two-factor authentication to prevent unauthorized login.
Software Updates: We keep our website software (including WordPress core and any plugins like Burst Statistics) up to date with the latest security patches. Running updated software reduces vulnerabilities. We also monitor for any known security issues with our plugins and frameworks and address them promptly.
Regular Backups: We perform regular backups of site data to ensure that we can recover from any data loss event or security incident quickly. Backups are stored securely and protected from unauthorized access. When backups are retired, we ensure they are deleted securely.
Monitoring and Logging: We monitor the site for suspicious activity. This includes keeping server logs of access and possibly using security plugins or firewall solutions to detect multiple failed login attempts, unusual patterns, or other signs of malicious behavior. If we detect something concerning, we investigate and take appropriate action (such as blocking an IP address, alerting users, or in severe cases, informing law enforcement).
Spam/Abuse Filtering: As discussed, we use spam detection measures to protect the site from malicious content. This not only maintains the quality of the site but also indirectly protects users (for instance, by removing malicious links that spammers might post in comments).
Hosting Environment Security: Our site is hosted in a professional data center environment with appropriate security and firewall measures. The servers are physically secure and maintained by our hosting provider with safeguards like firewalls, intrusion detection systems, and access logging.

Despite all these measures, it’s important for users to also play a role in security. Protect your account by using a strong, unique password and not sharing your login credentials. If you suspect any unauthorized access to your account or any security issue on our site, please notify us immediately so we can investigate.

In the event of a data breach that affects your personal data, we will follow applicable laws in notifying you and the appropriate authorities. For example, under GDPR we would inform the relevant Data Protection Authority and affected users without undue delay if a breach is likely to result in a high risk to your rights and freedoms.

Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Different types of data may have different retention periods:

Account Information: If you create an account, we will retain your email, hashed password, and profile info for as long as your account is active. This information is needed to allow you to log in and use your account continuously. If you decide to delete your account or request that we delete it, we will remove or anonymize your personal information from our active user database. We may retain some minimal information after account deletion if necessary for legal obligations or legitimate interests – for example, we might keep a record that an account existed (email and date of deletion) to prevent fraud or to honor a “do not re-register” request. But generally, once you delete your account, your personal data will be scrubbed from our main systems.
Public Comments: Any comments or content you post publicly are retained indefinitely on our website by default. We keep user-generated content online to preserve the discussion history on our site. For example, if you comment on a blog post, that comment (and its associated metadata like timestamp and your display name) will remain visible unless it is removed. By policy, we do not automatically purge comments after a time limit. This indefinite retention is typical for online forums and is so that conversations remain intact rtcwashoe.com. However, you have control over this: if you wish to have one of your comments removed, you can delete it (if that functionality is available) or contact us to remove it on your behalf. We will then delete or anonymize it (for instance, we might replace the author name with “Deleted User” and remove the content). Note that even if a comment is deleted from the site, backups or archives might retain it for a period (see below) until those are cycled out. Also, other users might have copied or quoted it; we cannot remove those external copies. Internally, if you request a comment removal, we will also delete any logs or metadata tied to that comment, unless we have a compelling reason to retain them (such as a legal requirement or evidence of a policy violation).
Analytics Data: The analytics data we collect (page views, etc.) is aggregated and anonymized, and we may retain it as long as it’s useful for trends analysis. Since this data does not identify you personally, GDPR does not mandate a specific deletion timeline for truly anonymous data. We might keep analytical reports indefinitely to compare site performance over time. However, the raw analytics logs (if any) on our server that could contain IP addresses or timestamps are typically rotated and purged after a period (often within 24-48 hours or a few weeks, depending on how Burst Statistics stores data). Burst Statistics uses its own database tables for storing analytics; we follow the plugin’s default retention unless we configure otherwise. By default, Burst might automatically archive older analytics data periodically to optimize performancemainwp.com. We will ensure that any data retained is either anonymized or kept only as long as needed for analysis.
Server Logs: Our web server may keep logs that include IP addresses of requests, pages visited, and timestamps. These logs are generally used for debugging and security. Server logs are typically kept for a short duration (a few weeks or months) and then automatically deleted. We don’t keep them longer than necessary. If a particular log entry is relevant to security (e.g., a series of malicious attacks), we might extract and retain that part longer in a secure location to address the issue. Otherwise, routine logs age out.
Backups: We maintain backups of our site data to prevent accidental loss. These backups are usually stored securely and periodically overwritten or deleted after a certain retention period. It’s possible that your personal data (email, etc.) could remain in backup files until those backups are destroyed. Our policy is to keep backups only for a reasonable time (often a few weeks or months). Backup data is of course not used or accessed unless needed for a recovery. When backups are deleted, we ensure it’s done safely.
Legal Retention: If we are under a legal obligation to retain information (for example, a law requiring us to keep records of transactions, or a preservation order related to litigation), we will retain the data for as long as required by that obligation. Similarly, if any personal data is needed to resolve disputes or enforce our agreements, we will keep it until the matter is resolved, then delete it when it’s no longer needed.

In summary, we do not keep your personal data forever by default – only for as long as it serves the purposes outlined or as required. When your personal data is no longer needed, we will either delete it or anonymize it (so it can no longer be linked to you). For example, if you delete your account, we might retain the comments you posted but disassociate them from your email (so they remain as anonymous comments, if we choose to keep the content). If you simply stop using your account, we will typically retain your data until you ask for deletion, unless we decide to clean up inactive accounts after a very long period. We encourage you to reach out if you want your account removed.

Your Rights

We uphold the rights that users have under various privacy laws. Depending on your location and applicable law, you may have some or all of the following rights regarding your personal data:

If you are located in the European Union, European Economic Area, United Kingdom, or another jurisdiction with similar laws, you have certain rights under the GDPR (General Data Protection Regulation) and UK data protection law with respect to your personal data. These include

gdpr.eu:

Right to Be Informed – You have the right to clear and transparent information about how we collect and use your personal data. This Privacy Policy is intended to provide that information, covering who we are, what data we process, for what purposes, who we share it with, and your rights. If you have any questions about our data practices, you can contact us for further information.
Right of Access – You have the right to request a copy of the personal data we hold about you, as well as information about how we use it. This is commonly known as a “Data Subject Access Request.” We will provide you with a copy of the data in a commonly used format, typically within one month of verification of your identity (as permitted by law, this period can be extended for complex requests). This allows you to see what information we have about you.
Right to Rectification – If any of the personal data we have about you is incorrect or incomplete, you have the right to have it corrected. For example, if you change your email address, you can update it in your account settings (or ask us to update it). If you find any error in data we hold, please inform us and we will rectify it without undue delay gdpr.eu.
Right to Erasure – You have the right to request deletion of your personal data in certain circumstances (often called the “right to be forgotten”). You can ask us to erase your data, for example, if you no longer want us to have it and there’s no legal reason for us to retain it. In practice, this means you can request account deletion and we will remove your email, password (hash), and any other personal info we have about you. We will also delete or anonymize comments you have posted if you request (unless there is an overriding legitimate ground to keep them, which is unlikely). Note that this right is not absolute – if a law requires us to keep data or if the data is necessary for legal claims, we may refuse deletion for that reason, but we will explain why. In the absence of such reasons, we will comply with your deletion request oag.ca.govoag.ca.gov.
Right to Restrict Processing – You have the right to request that we limit the processing of your data in certain situations. For example, if you contest the accuracy of your data, you can request we restrict processing until we verify or correct it. Or if you object to our processing (see right to object below) and we are considering that objection. During such restriction, we can store the data but not use it. If you request this, we will inform you of any implications (e.g., if restricting processing means we cannot provide a certain service to you).
Right to Data Portability – You have the right to obtain the personal data you’ve provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit that data to another controller (for example, to another website), where technically feasible. In plain terms, you can ask for your data in a form that can be easily re-used. For instance, you might want a copy of all comments you’ve posted. We can provide such data in a CSV or similar format on request. This right applies to data processed by us by automated means, based on your consent or our contract.
Right to Object – You have the right to object to our processing of your personal data when that processing is based on our legitimate interests (or those of a third party) or where we are processing your data for statistical purposes. You may also object if we were using your data for direct marketing (which we do not). Since our primary processing is to provide service (contractual necessity) or legitimate interests (analytics, security), you can object to the latter. For example, you could object to us using your data for analytics profiling — however, note that our analytics data is anonymized, but if you still wish to opt-out of any inclusion in analytics, we respect that by not collecting personally identifiable analytics data to begin with. If you object to any other legitimate interest processing (like for security), we will consider your request and determine if our interest in processing overrides your rights or not. If you object, we will either stop that processing or let you know why we need to continue (e.g., a compelling reason).
Rights Related to Automated Decision-Making – You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significant effects for you. We do not engage in any such automated decision making or profiling with your data (for example, we don’t algorithmically approve/deny anything about you without human intervention, other than maybe automated spam filtering which does not significantly affect you beyond blocking a spam comment). This right is mentioned for completeness gdpr.eu.

In addition to the above rights, you also have the right to withdraw consent at any time if we are processing your data based on consent. However, in our case, we generally process data on other bases (contract or legitimate interest). If at any point you did give consent (e.g., if in the future you consent to receive a newsletter), you can opt out later. Withdrawing consent will not affect the lawfulness of processing that happened before the withdrawal.

Finally, under GDPR you have the right to lodge a complaint with a supervisory data protection authority. If you are in the EU/EEA, you can contact the supervisory authority in the country of your residence or the lead authority in the country where we are based (if applicable). For example, if you’re in the UK, you can complain to the Information Commissioner’s Office (ICO); if in France, to CNIL; in Germany, to your state’s DPA, etc. We encourage you to contact us first to resolve any concern, but you have the right to go directly to the authorities.

We are committed to upholding these rights. If you contact us with a request pertaining to any of these rights, we will respond as soon as possible (within 30 days, as required by law, for most requests). Please note we will need to verify your identity adequately before fulfilling certain requests (to ensure that we don’t give your data to someone else pretending to be you).

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific privacy rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA, which amends the CCPA). Although the CCPA typically applies to larger businesses (with revenues or data volumes above certain thresholds), we aim to honor the spirit of these laws for our users. The rights California consumers have, as defined by CCPA, include

oag.ca.gov:

Right to Know – You have the right to request that we disclose what personal information we collect, use, disclose, and sell (note: we do not sell data). Essentially, you can ask for information about the categories of personal data we have about you, the categories of sources of that data, the business or commercial purpose for collecting it, the categories of any third parties we share it with, and the specific pieces of personal information we have about you. Much of this is provided in this Privacy Policy. If you send us a “right to know” request, we will provide the required information for the 12-month period preceding your request (and beyond that if you specifically request it, to the extent allowed).
Right to Delete – You have the right to request that we delete personal information we have collected from you (with some exceptions). Upon a verifiable deletion request, we will delete the personal information from our records and direct any service providers to do the same, to the extent required by CCPAoag.ca.gov. Note that there are exceptions — for example, we may retain data needed to complete a transaction you requested, to detect security incidents, to comply with legal obligations, or other reasons allowed by CCPA. In general, however, if you ask us to delete your account and associated data, we will honor that (as described in the GDPR section above).
Right to Opt-Out of Sale or Sharing – California residents have the right to opt out of the sale of their personal information or the sharing of personal information for cross-context behavioral advertising. We do not sell personal information to third partiesoag.ca.gov. We also do not share personal information for targeted advertising. Therefore, there is no need for an opt-out mechanism on our site (e.g., we don’t display a “Do Not Sell My Personal Info” link, because we do not engage in any sales of data). By using our site, know that we are not monetizing your data in that way. If we ever consider selling data (highly unlikely), we would implement the required opt-out process first.
Right to Non-Discrimination – We will not discriminate against you for exercising any of your CCPA rights oag.ca.gov. This means if you choose to exercise your privacy rights (such as asking us to delete your data), we will not deny you our services, charge you a different price, or provide you a different level of quality because of that choice. The CCPA allows businesses to offer financial incentives for data (like discounts for personal info), but we do not offer such programs. In short, you can exercise your rights freely without fear of being treated unfairly.

In addition to the above, the CPRA (effective January 1, 2023) added new rights for California residents, including the Right to Correct inaccurate personal information and the Right to Limit Use and Disclosure of Sensitive Personal Information

oag.ca.gov. Regarding these:

Right to Correct – If we have any incorrect personal information about you, you can request that we correct it. This is similar to the GDPR right to rectification. For instance, if somehow we have an outdated email for you, you can ask us to update it. We will honor such requests as described earlier.
Right to Limit Use of Sensitive Information – The CPRA defines certain data as “sensitive personal information” (e.g., account login with password, precise geolocation, racial or ethnic origin, health data, etc.). We do not collect or process sensitive personal information beyond possibly your account login credentials (email and password could be considered sensitive). We only use that for providing the service (authentication) which is an expected purpose. We do not use sensitive info for purposes like inferring characteristics about you or showing ads. Therefore, the right to limit use of sensitive info (which typically applies if a business is using sensitive info for secondary purposes) is not really applicable here. Rest assured, we handle your login credentials with strict confidentiality and security, and we do not use them for any purpose other than account access.

To exercise any of your California privacy rights, you (or your authorized agent) can contact us with your request (see Contact Us below). We will need to verify your identity (and possibly your California residency) before fulfilling certain requests. For example, if you request to know or delete personal information, we may ask you to provide information that matches our records (like verifying your email address and maybe a piece of account info) to ensure you are the account owner. We will respond within the timeframe required by law (generally within 45 days, with an extension of another 45 days if necessary and with notice).

Because we do not sell data, we do not have a formal “Do Not Sell” request process. Because we typically only collect minimal data, any “Right to Know” or “Data Portability” request should be straightforward (most of that would mirror what you yourself provided to us).

Even if you are not a California resident, you are welcome to request deletion or access to your data, and we will honor it in line with our commitment to privacy for all users.

Other International Privacy Rights

We recognize that privacy laws and rights can vary in other countries as well. We aim to extend fundamental privacy rights to all our users, regardless of location. Some examples:

Brazil (LGPD): If you are in Brazil, the Lei Geral de Proteção de Dados (LGPD) provides you rights similar to GDPR, such as confirmation of processing, access to data, correction, anonymization or deletion, data portability, information about sharing, and the right to revoke consent. We will accommodate LGPD rights requests in line with the principles already outlined.
Canada (PIPEDA): If you are in Canada, we adhere to principles of Canada’s PIPEDA, including obtaining consent for data collection and allowing you to access and correct your personal information.
Australia (Privacy Act) and New Zealand (Privacy Act): You have rights to access and correction of your personal data which we will support.
United Kingdom: After Brexit, the UK has its own data protection law (UK GDPR and Data Protection Act 2018), which is essentially equivalent to the EU GDPR. We treat UK users’ data under those stringent standards just as we do for EU users.
Other Regions: If any other privacy law applies to our processing of your data, we intend to comply with it. For instance, if you are from a region with data localization requirements or specific consent rules, we will abide by the applicable rules when known. Typically, by adhering to GDPR and CCPA principles, we cover a broad spectrum of global privacy requirements, since many laws are similar.

Regardless of jurisdiction, if you contact us about your data, we will do our best to assist. Even if a specific law might not formally apply to us (say our site might not meet the threshold of CCPA or LGPD applicability), we believe in respecting your inquiry and privacy concerns.

One thing to note: our site is not specifically targeted at children. Users must typically be at least 13 years old (or older, depending on your jurisdiction’s age of digital consent) to create an account, as we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided personal data to us without consent, please contact us and we will delete that information.

International Data Transfers

Our website is operated from Germany. By using the site, you acknowledge that your personal data may be transferred to and stored in our location and the location of our service providers. This could be outside of your home country. For instance, if you are in the EU and our servers are in the US or another country, your data will be transferred to that country. We will take steps to ensure that adequate protections are in place for cross-border data transfers as required by GDPR and other laws. This may include using standard contractual clauses approved by the European Commission, relying on adequacy decisions for certain countries, or other lawful mechanisms to ensure your data is protected. We also apply the same privacy safeguards described in this policy no matter where our servers are located. Our service providers are also chosen in part based on their compliance with international data protection standards. If you wish to know more about how your data might be transferred or the safeguards in place, you can contact us.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. If we make significant changes, we will notify users by posting a prominent notice on our website or by sending an email notification (for registered users), and we will indicate at the top of the policy when it was last updated. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the website after any changes to this Privacy Policy constitutes acceptance of those changes.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: [email protected]
Website: savemawallet.com

Please include details of your request or question, and enough information for us to verify your identity if you are making a data access/deletion request (for example, contacting us from the email address associated with your account helps). We will respond as promptly as possible, and certainly within any timeframe required by applicable law.

Thank you for reading our Privacy Policy. We are committed to protecting your privacy and ensuring that you feel secure using our website.