PeopleAreGeek (“we”, “us”, “our”) operates the website peoplearegeek.com (the “Site”). This Privacy Policy explains what information we collect from visitors, how we use it, and the rights you have over your data. It is written to be readable; if anything is unclear, please contact us at contact@peoplearegeek.com.
1. Data we collect
We collect three categories of data.
Automatically collected (server logs)
Like any standard web server, our hosting provider logs basic technical data for every page request: IP address, browser user-agent, referring page, requested URL, timestamp, response status code, and bytes transferred. These logs are kept for 30 days, then rotated and deleted. They are used to diagnose technical issues, detect abuse and protect against attacks.
Tool input data (transient)
Our online tools (the WHOIS lookup, DNS propagation checker, SSL certificate checker, CORS debugger, Cyber Audit Suite, NetSecAI, etc.) ask you to enter URLs, domain names or text. When a tool requires server-side processing — for example to fetch HTTP headers from a target URL — the input is sent to our backend probe endpoints (/wp-json/peoplearegeek/v1/headers, /dns, /ssl, /status). The backend performs the requested check and returns the result. We do not store the inputs. The probe endpoints are stateless and log only standard request metadata (IP, timestamp) for abuse prevention.
Voluntarily provided data
If you email us at contact@peoplearegeek.com, leave a comment on an article, or request a manual audit, you provide your name, email address and the content of your message. We keep this correspondence for the time required to handle your request and a reasonable follow-up period (up to 12 months for audit clients, 6 months for general enquiries).
2. How we use your data
We use the data we collect for the following purposes only:
- Operating the Site and its tools.
- Diagnosing technical issues and preventing abuse (rate-limiting, blocking obviously malicious traffic).
- Responding to your enquiries and delivering services you requested (manual security audits).
- Improving content based on aggregated, non-identifying usage patterns (popular tools, common error inputs).
We do not sell your data. We do not use it for unsolicited marketing. We do not build profiles of you for advertising purposes beyond what is described in the cookies and third-party services sections below.
3. Cookies and browser local storage
The Site uses a small number of cookies and browser localStorage entries. The detailed list is maintained in our separate Cookie Policy. In summary:
- WordPress essential cookies for session management when commenting (only set when you comment).
- Tool-specific localStorage for features like SecurityWatch’s monitored sites list, NetSecAI’s API key (when you choose to provide one), and scan history in Cyber Audit Suite. These never leave your browser.
- Advertising cookies: at the time of writing this policy, the Site does not display third-party ads. If we add advertising in the future (typically Google AdSense), the Cookie Policy will be updated and a consent banner will be added for visitors in the EU/UK.
4. Third-party services
The Site relies on a small number of external services. Each is enumerated below with the data it sees.
| Service | Data it sees | Purpose |
|---|---|---|
| Our hosting provider (OVHcloud, France) | IP address, request metadata, server logs | Serving the Site |
| Cloudflare (if active) | IP address, request metadata | CDN, DDoS protection |
| Google Fonts (when loaded) | IP address (cached after first load) | Typography on certain pages |
| Comment author Gravatar lookup (WordPress default) | Email hash of comment authors | Avatar display next to comments |
We do not currently use Google Analytics, Facebook Pixel, Hotjar or any analogous behavioural-tracking service. If that changes, this section will be updated and a consent banner will be added before any tracking takes effect.
5. Data sharing and disclosure
We do not share, sell or rent your personal data to third parties. The only situations where data may be disclosed are:
- To comply with a binding legal request (court order, regulator).
- To protect the Site against abuse or fraud (sharing IP addresses with the hosting provider for blocking).
- If we engage a service provider strictly necessary to operate the Site (e.g. email delivery for replying to your enquiry), that provider only sees the minimum data required and is bound by their own data-processing agreement.
6. Retention
Server logs: 30 days. Tool inputs: not stored. Email correspondence: 6 to 12 months depending on the nature of the exchange. Comments on articles: kept indefinitely unless you ask us to remove them. We delete data once the purpose for which it was collected is fulfilled and no legal obligation requires us to keep it longer.
7. Your rights (GDPR / CCPA)
If you are a resident of the European Union, the United Kingdom, California, or another jurisdiction that grants data subject rights, you have the following rights regarding the data we hold about you:
- Right of access: ask what data we hold about you.
- Right of rectification: ask us to correct inaccurate data.
- Right of erasure: ask us to delete your data (“right to be forgotten”).
- Right to restrict processing: ask us to stop processing while a dispute is resolved.
- Right to data portability: receive your data in a machine-readable format.
- Right to object: object to processing based on our legitimate interests.
- Right to withdraw consent: for processing based on consent, withdraw at any time.
To exercise any of these rights, email contact@peoplearegeek.com with “Privacy request” in the subject line. We respond within 30 days. There is no charge for legitimate requests. You also have the right to lodge a complaint with your local data protection authority (CNIL in France, ICO in the UK).
8. Security
We protect the Site with TLS encryption, the security headers documented in our WP audit guide, automatic updates of the underlying software, rate-limited login endpoints, and regular security scans. No system is perfectly secure; if you discover a vulnerability, we appreciate a responsible disclosure to contact@peoplearegeek.com.
9. Children’s privacy
The Site is not directed at children under the age of 16. We do not knowingly collect personal data from children under that age. If you believe a child has provided us data, contact us and we will delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. Material changes are dated at the top of the page and, when feasible, announced on the Site for at least 14 days before taking effect. Continued use of the Site after the effective date constitutes acceptance of the revised policy.
11. Contact
Privacy-related enquiries: contact@peoplearegeek.com. We aim to reply within five business days. Postal address available on request for formal correspondence with data protection authorities.
