Security Policy

At miroslavglavic.com, I take the security and privacy of my users seriously. This page explains the measures I have in place to protect user data and ensure the safety and integrity of the website. I follow best practices in encryption, secure browsing, and monitoring to keep the website safe for visitors.

Data Encryption

To protect your data during transmission, I use SSL encryption protocols (SSL/TLS). This ensures that any information exchanged between your browser and my server remains secure and cannot be intercepted by unauthorized third parties. miroslavglavic.com uses an SSL certificate from Let’s Encrypt to secure the connection.

Secure Browsing

I use HTTPS across my website to ensure secure browsing for all users. When you visit miroslavglavic.com, the connection to the site is encrypted, which helps protect your data from being accessed by anyone other than the intended recipient.

User Data Protection

I do not collect sensitive personal data from visitors. Since miroslavglavic.com does not operate an e-commerce platform or require account creation, there is minimal risk to user data. However, I still employ strict measures to safeguard any information that may be collected, both during transmission and at rest. In the event of a major security issue, I may consult with external experts to ensure the best response.

Third-Party Services

I do not use third-party services like Google Analytics or other tools that collect user data. The only third-party service connected to my site is Wordfence, a security plugin that helps monitor and protect the website against potential threats. I make sure that any third-party service I use complies with the same security standards.

Login and Authentication

I do not allow account creation for users, and only staff accounts are used to manage the site. To secure access, the administrator login is protected with two-factor authentication (2FA), adding an extra layer of security against unauthorized access.

Data Access Controls

Access to any user-related data is restricted and controlled. Only authorized personnel have access to relevant data, and external security professionals may be consulted when necessary, but only under strict guidelines to ensure data protection.

Security Monitoring

To detect potential threats or vulnerabilities, I use Wordfence, a powerful security plugin that helps monitor the site for unusual activity. This tool actively scans for malicious behavior and alerts me to any potential risks.

Regular Updates

Keeping my website secure is a priority. I perform regular updates to WordPress core, themes, and plugins to ensure they are up-to-date with the latest security patches. Typically, updates are applied within one hour of release, except when I am traveling or during sleeping hours. I stay informed of updates through WordPress community notifications, and Wordfence also sends alerts for available updates.

Backup and Recovery

To ensure the safety of my content and data, I perform weekly backups of the site. This ensures that in the event of a security breach or data loss, I can quickly restore the website to its previous state.

Vulnerability Reporting

If you encounter any security vulnerabilities on miroslavglavic.com, please report them to me as soon as possible. You can use the contact page here to send a message, and I will respond promptly.

Compliance with Regulations

miroslavglavic.com is committed to complying with relevant data protection regulations, including the General Data Protection Regulation (GDPR). Since the website’s server is located in Pori, Finland, which is part of the European Union, GDPR applies to the data protection practices I follow. Additionally, as I am based in Canada, I also comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) to protect user privacy.

If you have any questions or concerns about this security policy, feel free to reach out to me using the contact information provided.