Privacy Policy

Press X to Skip (PX2S) – Privacy Policy

Last updated: 22 September 2025

TL;DR

Who we are

Notice at Collection (where you give us data)

Whenever we collect information (e.g., forms, account signup, comments), we place a clear link to this policy right there.

What we collect & why

Accounts & login: Email, username, password (hashed), social login (only if you choose it), shares basic account info to authenticate.
- Why: Run your account.
- Retention: Delete within 30 days of closure; backups up to 90 days.
Comments: Comment text, timestamp, account/username, IP saved with comments (WordPress default), avatar via Gravatar if you use it.
- Why: Publish/moderate, prevent abuse.
- Retention: Comment stays until you remove it, anti-abuse metadata (incl. IP/mod flags) 12 months.
Contact & support: Your email, message, standard email headers.
- Why: Respond and follow up.
- Retention: 12 months after last reply.
Server & security logs (hosting): IP, requested URL, timestamp, user-agent, error/debug info.
- Why: Keep the site online, secure, and debug.
- Retention: 30 days; security incidents up to 12 months.
Analytics: privacy-preserving, cookieless; we receive aggregate metrics only (no cookies, no personal data to us).
- Why: Understand overall traffic.
- Retention: Aggregates 18 months.

Do you have to provide data?

To create an account we need basics (e.g., email, username). Without them we can’t register you.
Non-essential features (analytics, embeds, social login) are optional.

Where data comes from (If chosen)

Social login: Your chosen provider sends basic account info to authenticate you.
Gravatar: If you enable it, your public avatar is fetched from Gravatar.

Who do we share with?

Service providers (hosting, email, security, analytics). They act under our instructions.
We do not sell personal data. We do not share it for cross-context behavioural advertising.

Non-US visitors

If you’re outside the US, local rights may differ; contact us and we’ll handle your request accordingly.

Automated decisions

We don’t make automated decisions with legal or similarly significant effects. If this changes, we’ll explain the logic and your rights.

California privacy (CPRA)

We update this policy at least every 12 months and won’t discriminate against you for exercising your privacy rights.

Your rights: Know/access, delete, correct, opt-out of sale/share, limit use of sensitive personal information.
How to use your rights:
- Email pr.pressxtoskip@gmail.com
- We aim to respond within 45 days (one 45-day extension if needed).
- If we refuse a request, you can appeal by replying with “Appeal” in the subject; we’ll send a written outcome within 60 days and tell you how to contact your state AG if you disagree.
- You may use an authorized agent to submit a request; we may ask you (and the agent) for information needed to verify identity and authorization.
Categories collected for business purposes (last 12 months) & retention:
- Identifiers (e.g., email, IP): accounts 30 days post-closure; logs 30 days (incidents up to 12 months).
- Internet activity (page views/logs): 30 days (incidents up to 12 months).
- Communications (messages/support): 12 months after last reply.
- User-generated content (comments): until you remove; related anti-abuse metadata 12 months.

Children

This is a general-audience site and not for children under 13. We don’t knowingly collect children’s data. If you believe a child gave us information, email us and we’ll delete it.

Cookies & trackers

We run cookieless analytics. Essential technical storage may be used to operate the site. Any non-essential cookies or tracking we add in the future will be off by default and used only with your consent.
We honor Global Privacy Control (GPC) signals.

We use reasonable administrative, technical, and physical measures to protect information. No system is perfect, but we work to prevent, detect, and respond to issues.

Changes & contact

If we make material changes, we’ll update this page and the “Last updated” date.