$ man privacy-policy

> whoami

Syntax & Coffee is an independent site run by Austin Wells — coder, coffee addict, and the only human with database write access.
Website: https://syntaxandcoffee.io
Contact: hello@syntaxandcoffee.io
Host: IONOS (servers in the US + EU).
No legal entity. Just one developer with a WordPress install and a dream.

> collected data

Here’s what actually gets logged when you talk to the server:

Comments

When you post a comment, WordPress collects the obvious bits (name, email, message) and a few behind-the-scenes headers (IP + user agent) so spam filters can do their job.

A hashed email may ping Gravatar to see if you’ve got an avatar — their policy lives here → automattic.com/privacy.

Contact Form

The /contact endpoint fires an email directly to Austin via Gmail.

No database storage, no CRM, no marketing drip — just a message in an inbox until the thread cools off.

Analytics

Google Analytics, funneled through Monster Insights, records anonymous traffic metrics: page views, session duration, approximate region, truncated IPs, and cookies that remember if you’ve been here before.

Everything’s aggregated. No user profiles, no creepy fingerprints.

Google’s full spec: policies.google.com/privacy.

Accessibility

The UserWay widget lets visitors bump contrast, resize fonts, or toggle dyslexia mode.

To remember those preferences it drops tiny functional cookies — purely local, caffeine-free, non-identifiable.

Media

If you upload images (rare, but possible), strip the EXIF GPS data unless you enjoy people knowing where you took your latte photo.

> cookies list

Cookie SourcePurposeLifespan
WordPress CoreLogin, Comments, Editor SessionsUp to 1 year
Google AnalyticsTraffic MetricsPer Google policy
UserWayAccessibility PreferencesUntil cleared
Blocksy ThemeConsent Banner StatusUp to 6 months

No ads. No trackers. No hidden scripts quietly mining your clicks.

> storage && retention

  • Comments: kept indefinitely so threads make sense.
  • Emails: live in Gmail until manually archived or deleted.
  • Analytics: retained by Google per their schedule.
  • Backups: Updraft sends one encrypted snapshot to Google Drive weekly and overwrites the old one — so there’s always exactly 1.
  • Server Logs: handled by IONOS and rotated automatically.

> shared with

Data passes through the usual suspects that make the internet work:

  • Google (Analytics, Gmail, Drive) – metrics, mail, backups
  • IONOS – hosting and infrastructure
  • UserWay – accessibility widget
  • Automattic/Gravatar – comment avatars

All partners are standard service providers — no advertising networks, no data resale.

> rights user

You control your own data.

You can:

  • request a dump of any info tied to your comments or messages;
  • ask for deletion;
  • point out a typo in your name if WordPress stored it wrong.

Send a polite ping to hello@syntaxandcoffee.io.

If you’re in the EU, this satisfies GDPR. If you’re in California, it satisfies CCPA.

If you’re elsewhere, it still works because decency is global.

> security status

All traffic rides over HTTPS (TLS 1.3).

No plain-text transmissions, no insecure forms.

WordPress + plugins stay patched.

No user accounts = no passwords to leak.

Attack surface: minimal.

> datacenter where

Data may be processed in the US or EU, depending on where IONOS or Google decides to spin up the VM that day.

Both operate under privacy-framework agreements for cross-border transfers.

> if breach == true

  1. Contain the issue.
  2. Identify what (if anything) leaked.
  3. Notify any affected users by email ASAP.
  4. Patch, update, caffeinate, repeat.

> third_party embeds

Occasional posts might embed content from TED or PDFs hosted via Adobe.

Interacting with those is like visiting their site directly — their cookies, their rules.

> protect data

Encryption in transit ✔️
Encrypted backups ✔️
Two-factor caffeine ✔️

No data profiling, no automated decision-making, no algorithmic judginess.

> changelog

$ git log
commit 7f8a2c1b4f6c0ad13bdf89c1bda3c49163a2c7d1 (HEAD -> main, origin/main)
Author: Austin Wells <hello@syntaxandcoffee.io>
Date:   Sun Oct 19 2025 18:41:48 -0400

    update privacy-policy.md

commit e14f5c2e5f77d96d93a5e2c8d7b2b51c29a83c02
Author: Austin Wells <hello@syntaxandcoffee.io>
Date:   Thu Sep 03 2025 19:17:32 -0400

    initial commit

$ git commit -m "privacy-policy.md: caffeinated + compliant" && git push origin main

TL;DR: Syntax & Coffee collects only the minimum data required to function. I use Google’s services responsibly, protect everything with TLS, and will never sell, rent, or barter your info for espresso beans.

(honestly, I wouldn’t even know where to find the “juicy data,” nor do I want to — I just like seeing how many awesome humans visit the site.)

Syntax & Coffee Privacy Manifest v1.1
(last committed: October 2025 by Austin Wells hello@syntaxandcoffee.io)