We respect the importance of online privacy to users of our Site, especially when conducting business. Here we explain our Privacy Policy and answer questions for users of the Site (“Visitors”), either who visit without transacting business or who register with us to conduct business on the Site (“Authorized Customers”) and make use of the various services offered by StephanSpencer.com. “Personally Identifiable Information” This means any information that identifies or can be used to identify, contact, or locate the person, including, but not limited to, name, address, phone number, fax number, email address, financial profiles, social security number, and credit card information. Personally Identifiable Information does not include information that is collected anonymously (meaning, without identification of the individual user) or demographic information that is not connected to any specific individual. What kinds of information do you collect? We may collect basic user profile information from our Visitors. We collect this additional information from our Authorized Customers: name, addresses, phone numbers and email addresses, the type and size of the business, and the nature and amount of the purchase that the Authorized Customer intends to make. We collect Personally Identifiable Information only for the specific, explicit and legitimate purposes outlined in this Privacy Policy. Our use of personal data for any purpose other than for which the data were initially collected is only done when it is still compatible with the original purpose. For example, we may tailor communications to suit the interests of Visitors and Approved Customers based on analysis of their Site use and personal information. By providing this information to us you freely give consent to our collection of Personally Identifiable Information in order to serve you. What other organizations are collecting information? Our third party service vendors (such as credit card companies) who may provide credit, insurance, and escrow services, may collect information from our Visitors and Authorized Customers. We do not control how these third parties use this information, but we do ask them to disclose how they use personal information. Third parties may also be intermediaries and do not store, retain, or use the information given to them. How does the Site use Personally Identifiable Information? We use Personally Identifiable Information to customize the Site, to make appealing service offerings, and to fulfill buying and selling requests. We may email Visitors and Authorized Customers about research, purchase and selling opportunities or information related to subject matter on the Site. We may also use Personally Identifiable Information to contact you in response to specific inquiries or provide information that you request. Who do you share this information with? Personally Identifiable Information about Authorized Customers may be shared with other Authorized Customers who wish to evaluate potential transactions. We may share aggregated information about our Visitors and Authorized Visitors with our affiliated agencies and third-party vendors. This aggregated information is not linked to any personal information that can identify an individual person. We also offer you the opportunity to “opt out” of receiving information or being contacted by us or by any agency acting on our behalf. We do not transfer personally identifiable data entrusted to us to any international location. How is Personally Identifiable Information stored? All Personally Identifiable Information collected by StephanSpencer.com is securely stored and is not accessible to third parties or employees of StephanSpencer.com except for use as indicated above. What choices are available to me regarding collection, use and distribution of my information? You may choose to opt-out of receiving unsolicited information from us or being contacted by us or our vendors and affiliated agencies simply by responding to emails using the opt-out feature, or by contacting us directly. Contact information is listed at the end of this Privacy Policy. You may also contact us to request deletion of an account and any Personally Identifiably Information it contains. This is commonly known as “the right to erasure” and “the right to be forgotten.” Are Cookies used on the Site? We use Cookies to obtain information about the preferences of our Visitors and the services they select. This provides you with a better experience. We also use Cookies for security purposes to protect our Authorized Customers. For example, if an Authorized Customer is logged on but inactive for an extended period of time, we will automatically log out the Authorized Customer. Our Cookie Policy can be reviewed here. How does StephanSpencer.com use login information? The Site uses login information, including, but not limited to, IP addresses, ISPs and browser types, to analyze trends, administer the Site, track Visitors’ movement and use, and gather broad demographic data. What partners or service providers have access to Personally Identifiable Information? StephanSpencer.com has partnerships and other affiliations with a number of vendors. These vendors may have access to certain Personally Identifiable Information on a need-to-know basis for evaluating Authorized Customers for service eligibility, such as credit card authorization when making purchases. Our privacy policy does not cover their collection or use of this information. Disclosure of Personally Identifiable Information when required to comply with law. We are required to disclose Personally Identifiable Information in order to comply with a court order, subpoena or a request from a law enforcement agency to release that information. We will also disclose Personally Identifiable Information when reasonably necessary to protect the safety of our Visitors and Authorized Customers. How does the Site keep my Personally Identifiable Information secure? Our employees are trained in our security policy and practices. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to Personally Identifiable Information. The computers/servers in which we store personally identifiable information are kept in a secure environment. We also audit our security systems and processes on a regular basis. Sensitive information, such as credit card or Social Security numbers, is protected by leading encryption protocols to protect the information you share with us. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page. While we take commercially reasonable measures to maintain a secure site, electronic communications and databases are subject to errors, tampering and break-ins, and we cannot guarantee or warrant that such events will not take place and we will not be liable to Visitors or Authorized Customers for such occurrences. How can I correct any inaccuracies in my Personally Identifiable Information? Visitors and Authorized Customers may contact us to update Personally Identifiable Information or to correct any inaccuracies by emailing us: contact@stephanspencer.com Your access to and control over your information You may opt out of any future contact from us at any time. You can do the following at any time by contacting us via the email address or phone number provided on the Site and at the end of this Privacy Police notice: See what data we have about you, if any. Change/correct any data we have about you. Have us delete any data we have about you. Express any concern you have about our use of your data. How can I delete or deactivate my Personally Identifiable Information on the Site? You can delete or deactivate Personally Identifiable Information you have shared from the Site’s database at any time by contacting us. However, because of computer backups and records of deletions, some residual information may be retained, but not accessed or used. An individual who requests to have Personally Identifiable Information deactivated will have this information functionally deleted at the time the request is made. We do not sell or transfer Personally Identifiable Information relating to that individual in any way. What happens if the Privacy Policy Changes? We alert our Visitors and Authorized Customers to changes in our Privacy Policy by posting notice of any changes on the Site, along with the date the changes take effect, at the top of the Privacy Policy page. Links The Site contains links to other websites. When you click on one of these links, you will move to another website. Please be aware that we are not responsible for the content or privacy practices of these other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects Personally Identifiable Information. Email communication By providing information to this Site that enables communication with you, such as an email address, you waive all rights to file complaints concerning unsolicited email or “spam” from the Site. By providing the email information, you also agree to receive communications from the Company, Koshkonong LLC, and its affiliated organizations. However, all of our email communication with you contains an “unsubscribe” link to use if you no longer wish to receive solicitations or information from the Site. Your email address will then be removed from our general solicitation database. Commitment to Data Security We take all reasonable measures to protect data that contains information related to you. However, no security system is completely impenetrable. We cannot guarantee the security of our database, nor can we guarantee that information cannot be intercepted while being transmitted to us over the Internet. As a consideration for viewing this Site, you waive any and all claims against the Company for damages of any nature and you further acknowledge that the Company is not responsible for damages to you arising from any misuse of your Personal Information. Age restrictions By using this site, you acknowledge that you are over 18 years of age. Disputes In the event of any dispute, claim or controversy (collectively “Dispute”) between you and the Company, including but not limited to Disputes arising from: use of this Site; the Privacy Policy; the Terms of Use; any purchases made in connection with this Site; or any other claims whether in contract, tort or otherwise, you hereby consent and agree that such Dispute shall be settled by binding arbitration by the American Arbitration Association in accordance with the Arbitration Rules then in effect. The hearing shall be conducted in Los Angeles, California. The decision of the arbitrator shall be final and binding upon all parties and any award of the arbitrator(s) may be entered as a judgment in any court of competent jurisdiction. The prevailing party shall be awarded all filing fees and related costs. Administrative and all other costs of enforcing an arbitration award, witness fees, payment of reasonable attorney’s fees, and costs related to collecting an arbitrator’s award, will be added to the amount due pursuant to this provision. Questions involving contract interpretation shall be subject to the laws of California. CONTACT US If you have questions, comments or concerns about this Privacy Policy, please contact us at: StephanSpencer.com Koshkonong LLC 6516 Monona Drive # 114 Monona, WI 53716-4026 (608) 729-5910
That’s pathetic — resorting to a criminal act against me instead of simply engaging me in a dialogue through commenting or emailing me. I’m happy to take constructive criticism. But Mr. Lawless Hacker: don’t threaten me, don’t try to intimidate me, don’t steal from me, don’t vandalize my sites, and don’t harm my family or my colleagues in the process. Okay, so you want to take me to task for something, so be it. Do it in the comments. 
That’s pathetic — resorting to a criminal act against me instead of simply engaging me in a dialogue through commenting or emailing me. I’m happy to take constructive criticism. But Mr. Lawless Hacker: don’t threaten me, don’t try to intimidate me, don’t steal from me, don’t vandalize my sites, and don’t harm my family or my colleagues in the process. Okay, so you want to take me to task for something, so be it. Do it in the comments. 
SIGN UP FOR EXCLUSIVE WEEKLY CONTENT 
Do you think this is deterring anyone from commenting on your site for fear they will also be targeted? I removed the URL section of my comment for this reason.
Apart from this, talk about a gross misuse of ability and knowledge. Even if your actions were really so offensive to this individual, that’s simply a bi-product of the internet. It gives no one the right to deface your website.
The “hacker” asked for and open discussion with new posts? I wouldn’t think moderating feedback qualifies as an open discussion?
I don’t know you from Adam but I’d be curious how I would have perceived your comments about net security. I think the “hacker” although breaking the law might be teaching something you lack? Maybe some humility?
Good luck with this, I hope one if not both of you learn something from it all.
FYI it’s pretty hard to read the “ransom note”.
Wow, this guy got really irritated somehow. It’s sad when people have to step this low in an attempt to communicate their feelings. He should take a class on interpersonal skills, even read the book “How to win friends and influence people” wouldn’t hurt.
How does this guy sleep at night?
I read article and this is amazing what this guy could do. He survived all of your tricks “despite reinstalling WordPress, moving servers, switching to a default theme, removing all plugins, locking down the admin with HTTP authentication, changing ownership and permissions on all files, etc.”. I would disagree with person saying he is an “amateuer”, I think he has very sharp skills.
If I could hire this guy to work for me I would do it.
I get hacked all the time and now I was “fired” by my web host because it was too much trouble. The hacker would crash their server all the time.