Below you will find answers to common questions about how Gravatar collects and uses your personal data. If you have any questions about Gravatar’s data handling or privacy practices, please refer to our privacy policy or contact our support team.
What personal information am I required to provide to use Gravatar?
A Gravatar account requires an email address, username, and password. Your account email address is used to serve your profile image, if you provide one.
What personal data is publicly available when I use Gravatar?
- The profile image(s) you upload to your account.
- Any information you make public on your profile page.
- The hash of your email address used to serve your profile image.
What Privacy Options Do I Have?
Gravatar is a service for creating a global public profile that is consistent across Internet services and websites. By design it shares the information in your profile with all websites that utilize the Gravatar service. If you would prefer not to have a public, shared profile, there are several ways to reduce or eliminate the personal data you share via Gravatar.
- You can edit your public profile to be sure you’ve only included information you are comfortable sharing.
- Make some, or all, of your features private. You can make your avatar private, your profile private, and discourage search engines.
- If you no longer want your Gravatar image and profile data to be displayed you can follow the instructions on the Disable Account page. This will immediately hide your profile and avatar image, and they will be deleted after 30 days. Gravatar can be re-enabled later if desired, though deleted information will not be restored. You can also disable your Gravatar using the option to “Hide My Gravatar Profile” from the WordPress.com dashboard.
If you no longer need your Gravatar or WordPress.com account you can permanently close your account.
What is an email hash?
In this context, an email hash is a way to encode your email address so that sites that have enabled Gravatar services can display your chosen Gravatar on their site when you provide those sites with your email address. When a site uses Gravatar, it encodes your email address the same way, so only the hashes are compared. This enables the service to work without either site sharing email addresses.
Where can I learn more about Gravatar’s privacy practices?
Gravatar is a product of Automattic Inc. and is covered by the Automattic Privacy Policy.
security reporting
We operate a bug bounty program via HackerOne (https://hackerone.com/automattic) to reward people who find bugs and help us improve the security of our services. We encourage responsible disclosure of any potential vulnerabilities through this program.
Gravatar Support 