Privacy Policy
This policy explains how this website (“the Site”) handles personal data, in line with the EU General Data Protection Regulation (GDPR) and the UK GDPR.
Who we are
Section titled “Who we are”The Site is an independent, non-commercial reference project maintained by a small group of researchers (the “Editorial Team”). For the purposes of the GDPR, the Editorial Team is the data controller for personal data processed through the Site.
You can contact us about any data-protection matter at contact@example.org (see Contact us).
Our privacy-first approach
Section titled “Our privacy-first approach”The Site is a static reference work. It has no user accounts, no logins, no advertising, and no analytics or third-party tracking scripts. We deliberately collect as little personal data as possible — in normal use you can read the entire Site without providing any personal information.
What data we process
Section titled “What data we process”Information you choose to give us. If you email us, we receive your email address, your message, and anything you choose to include in it.
Technical data collected automatically. Like any website, the Site is delivered by a hosting provider that automatically processes limited technical data needed to serve pages and keep the Site secure — typically your IP address, browser type (“user agent”), the page requested, and the date and time. This is standard server-log information.
Cookies and local storage. The Site does not use tracking or advertising cookies. Your browser may store small, non-tracking preferences (such as light/dark theme and language) locally on your device. See our Cookie Notice for details.
Third-party embedded content. Some pages may include embedded media (for example, video). Such content loads only after you click to play it, and we use privacy-enhanced embedding where available (for example, YouTube’s no-cookie domain). When you choose to load it, the third-party provider may receive your IP address and set its own cookies under its own policy.
Why we process data, and our legal basis
Section titled “Why we process data, and our legal basis”- To deliver and secure the Site (server logs): our legitimate interests (Art. 6(1)(f) GDPR) in operating a safe, functioning website.
- To respond to your messages: our legitimate interests in handling enquiries, and where relevant taking steps at your request (Art. 6(1)(f) / (b) GDPR).
- To load optional third-party embeds: your consent (Art. 6(1)(a) GDPR), given when you click to play.
Who has access (recipients and processors)
Section titled “Who has access (recipients and processors)”We do not sell your data and we do not share it for advertising. Limited data may be processed by service providers acting on our behalf or under their own terms:
- Hosting and content delivery — our hosting/CDN provider (Cloudflare) processes server-log data to deliver the Site and protect it against abuse.
- Email — our email provider processes the messages you send us.
- Source code and optional comments — the Site’s source is hosted on GitHub; if a commenting feature is enabled in future, comments would be handled through GitHub under its own policy.
- Optional media embeds — third-party platforms (for example YouTube / Google) if you click to load their content.
International transfers
Section titled “International transfers”Some of these providers may process data outside your own country, including outside the European Economic Area (EEA). Where that happens, we rely on the appropriate safeguards those providers offer (such as the European Commission’s Standard Contractual Clauses).
How long we keep data
Section titled “How long we keep data”- Server logs are kept only as long as needed for security and operations, then deleted or anonymised, in line with our hosting provider’s retention periods.
- Emails are kept only as long as needed to deal with your enquiry and any reasonable follow-up.
Your rights
Section titled “Your rights”Under the GDPR you have the right to:
- access the personal data we hold about you;
- have inaccurate data corrected;
- have your data erased;
- restrict or object to our processing;
- data portability; and
- where processing is based on consent, to withdraw that consent at any time.
To exercise any of these rights, contact us at contact@example.org. You also have the right to lodge a complaint with a data-protection supervisory authority, in particular in the EU/EEA country where you live or work.
Children
Section titled “Children”The Site is intended for a general adult audience — researchers, journalists, educators, and students — and is not directed at children. We do not knowingly collect personal data from children.
Links to other sites
Section titled “Links to other sites”The Site links to external sources and references. We are not responsible for the privacy practices or the content of those third-party websites; their own policies apply.
Changes to this policy
Section titled “Changes to this policy”We may update this policy from time to time. The current version is always available on this page, with the date below.
Last updated: 24 June 2026.