Privacy Policy

(Updated and 18 July 2021)

This web site is maintained by Stephen Holland, MD. I am a gastroenterologist who has been interested in IBD my entire career. This website is just my modest effort to give back to my patients and others. I have been using WordPress for some time, which has been much easier than when I used to do it all by hand. It wasn’t bad with 15-20 articles, but with more articles it was getting a bother to edit, and with time constriants, there went the blog!

The above was entered by me. Stuff below in parentheses is my comments. WordPress is pretty useful software! It has improved continuously. Spam is the biggest problem I have at this time, but I’m working on getting an automated spam checker in place.

Personal data collection


(This is boileplate that has been provided by I am really impressed by this software. It really shows what can be done with open source projects. Parenthetical comments are mine.)

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. (Oooo! Cool!)

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment. (I just looked up the Gravatar site. Hey, having a central place keep the avatars is really nice. I’m glad that WordPress implements this. One less thing I have to manage, and having the avatar follow you is a real convenience. Of course, the privacy policy listed above is the policy of the Gravatar service, not me. )


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website. (Sensible advice)

Contact forms

None yet. (I’ll just skim to comments from time to time. A contact form is a good idea, though, and I’ll try to get it up when I figure out how to.)


If you leave a comment on this site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. (Good to know. By the way, the cookies are not on the server, they are on the user’s (your) computer, which is true of any cookie. So the cookie stored on your computer is fed to this site and makes it convenient for you to use. Check your computer to make sure your computer doesn’t share cookies across sites. This server doesn’t do that, but I hear it happens.)

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. (Neat!)

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. (I’m thinking that is sort of short. I mean, really, who wants to look at this site every day? I figure if I’m doing updates from the literature check back about once every other month.)

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day. (Nope, not gonne let that happen. You can post comments, but it is not a wiki.)

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. (Wow)


(I get some stuff about website usage from Google, but just hit counts and such. Haven’t used it much.)

Who we share your data with


How long your data is retained

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. (I tried leaving comments open and the site was swamped with spam. I had like 15000 comments with links to irrelevant web sites. It took a day to go through them all. Currently comments continue to be trash. Not Your’s, I mean in general I’m just seeing a lot of spam comments being attempted by bots. By the way, I’ve had technical problems with the way this web site handles comments. That problem has been resolved with a PHP software update.)

For users that register on my website, the system also stores the personal information provided in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. (Hmmm. With great power comes great responsibility. Well, I’m not going to do anything with that data, unless a comment shows up or an issues arises where I might want to email you for some reason.)

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. (Hey, that sounds fair. I’ll do that as best as I can. I’m also a real doctor, so I do other stuff. Please understand if an issue arises or it takes time to resolve.)

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

(I don’t even know how to check that yet!)

Additional information

How we protect your data

(I don’t do anytning with it. Addiitonally, that database engine is not accessible over the web, so people can’t look at it.)

What data breach procedures we have in place

(None at this time. I’m just learning about this.)

What third parties we receive data from

(Google analytics will tell me stuff.)

What automated decision making and/or profiling we do with user data