Last Updated: June 3, 2019
Who is T.O.F.U.?
T.O.F.U. Magazine is an independent vegan publication founded in Canada in 2007, and currently owned and operated by Ryan Patey. For further information, please visit the about page.
T.O.F.U.’s website address is: https://www.ilovetofu.ca.
Your Personal Data and Why T.O.F.U. Collects It
When visitors leave comments on the site, T.O.F.U. collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you leave a comment on the site you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, T.O.F.U. will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
A cookie (akm_mobile) is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version.
Embedded Content From Other Websites
This site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
T.O.F.U. uses Google Analytics to better understand website traffic and webpage usage. Google Analytics is a service which transmits website traffic data to Google servers. Google Analytics does not identify individual users or associate your IP address with any other data held by Google.
Who T.O.F.U. Shares Your Data With
As mentioned above, T.O.F.U. may share data with Google and various social media platforms to better understand website traffic and webpage usage.
If you sign-up to the newsletter, T.O.F.U. also shares the data collected in the form with Mailchimp to provide the information mentioned within the sign-up form.
Finally, visitor comments are checked through an automated spam detection service. The information collected includes the commenter’s IP address, user agent, referrer, and site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
As well, visitor IPs are collected to identify 404s and other site access errors through the Redirection plugin.
How Long T.O.F.U. Retains Your Data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so T.O.F.U. can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
Data sent to platforms or services such as Mailchimp, Google, Facebook, etc. is retained according to their policies. Thus, T.O.F.U. suggests you familiarize yourself with each policy to better understand the use of your data.
For users that register on the website (if any), T.O.F.U. also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What Rights You Have Over Your Data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data T.O.F.U. holds about you, including any data you have provided. You can also request that T.O.F.U. erases any personal data it holds about you. This does not include any data T.O.F.U. is obliged to keep for administrative, legal, or security purposes.
For the site’s registered users, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.
Jetpack Comments and Akismet Spam Filter
This site uses both Jetpack and Akismet. These services may send to servers or store the following as cookies: commenter’s name, email address, and site URL (if provided via the comment form), timestamp, and IP address. Additionally, a jetpack.wordpress.com IFrame receives the following data: WordPress.com blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s local user ID (if available), commenter’s local username (if available), commenter’s site URL (if available), MD5 hash of the commenter’s email address (if available), and the comment content. For Akismet , the following information is sent to the service for the sole purpose of spam checking: commenter’s name, email address, site URL, IP address, and user agent.
In the case of comments on the site, all data and metadata (see above) associated with comments is synced. This includes the status of the comment and whether or not it was classified as spam by Akismet.
This feature is only accessible to users logged in to WordPress.com.
In order to process a post like action, the following information is used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID (on which the post was liked), post ID (of the post that was liked), user agent, timestamp of event, browser language, country code.
This feature is only accessible to registered users of the site who are logged in to WordPress.com.
For notifications, the following data is used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Some visitor-related information or activity may be sent to the site owner via this feature. This may include: email address, WordPress.com username, site URL, email address, comment content, follow actions, etc.
If you use this service, the following actions will be tracked: sending notifications (i.e. when we send a notification to a particular user), opening notifications (i.e. when a user opens a notification that they receive), performing an action from within the notification panel (e.g. liking a comment or marking a comment as spam), and clicking on any link from within the notification panel/interface.
In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
For protection of the site, the following actions are tracked: failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. As well, the following data is synced: failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
As well, functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
For payments with PayPal or Stripe: purchase total, currency, and billing information are used. For taxes: the value of goods in the cart, value of shipping, and destination address are used. For checkout rates: destination address, purchased product IDs, dimensions, weight, and quantities are used. For shipping labels: customer’s name, address, as well as the dimensions, weight, and quantities of purchased products are used.
For further information, you may use the contact form found here.