Skip to content

General Data Protection Regulation (GDPR) Compliance Statement

In Plain English

  • This site does not load webfonts or scripts from external sites/CDNs.
  • There are no external tracking cookies.
  • Unless you decide to leave a comment no data will be permanently logged.
    (but some data can be stored temporarily—usually only a few hours—on the server)
  • If you decide to leave a comment, your IP address—in addition to all data you enter—will be stored on the server.
  • The ISP might have some extra log files that I do not control.

Serendipity Core

Serendipity uses a so-called "Session cookie" for both frontend and backend. A visitor will receive a cookie with a unique ID, which is used on the server to store temporary session user data (i.e. login validity, user preferences). This cookie is mandatory for logging in to the backend, but optional for the frontend. Certain plugins can use the session cookie to store additional temporary data.

The following data can be stored by the Serendipity application on the server (temporarily, invalidated after the server-configured timeout, usually in the range of hours):

  • HTTP browser referer when entering the blog
  • Unique author ID token
  • User data of a logged in author as stored in the database for faster access:
    • Password
    • ID of the user
    • Configured language of the user
    • Username
    • E-Mail
    • Login hashtype
    • Publishing right
  • Last blog entry contents when saving
  • Indicator if Smarty templating is used
  • Possible content of a generated captcha image
  • The configured frontend theme

The following data is stored in cookies:

  • PHP session ID
  • State of entry editor toggle, sort, sort order and filter toggles, last used media library directory (only if logged in)
  • Author login token (only if logged in)
  • Display language
  • After commenting: Last name, E-Mail, URL, state of "Remember comments" (if enabled)

The IP addresses of users are utilized at these places:

  • Stored for comments of a visitor and displayed within the E-Mail that is sent to moderators
  • Stored in logfile of the antispam plugin (After commenting)
  • Transmitted in Antispam filter for Akismet (After commenting)
  • Temporary Read-only access for checking referrers, logins, IP flooding

User input from visitors (not editors):

  • Comments (all comment metadata, stored in Database table serendipity_comments)

Posted by Alexander Paulsen | on

Privacy statement / legal notice