This privacy policy explains how this website collects, uses, stores, and protects personal data when you visit and interact with our content. We are committed to handling your information responsibly and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Who We Are
This website is an independent informational resource focused on the GamStop self-exclusion scheme and related topics in UK gambling regulation. We are not affiliated with GamStop, the UK Gambling Commission, or any licensed gambling operator. For the purposes of data protection law, the site operator acts as the data controller for any personal data processed through this website.
What Data We Collect
We collect minimal data, limited to what is necessary for the operation and improvement of this website. The categories of data we may process include the following.
Automatically collected technical data: When you visit this website, our hosting provider and analytics tools may automatically collect certain technical information. This includes your IP address (anonymised where possible), browser type and version, operating system, referring URL, pages visited, time and date of access, and approximate geographic location derived from your IP address. This data is collected through server logs and, where you have given consent, through analytics cookies.
Cookie data: We use cookies and similar technologies as described in our Cookie Policy. These may include strictly necessary cookies required for the website to function, analytics cookies that help us understand how visitors use the site, and preference cookies that remember your settings. You can manage your cookie preferences at any time through your browser settings or through the cookie consent mechanism on this website.
We do not collect names, email addresses, phone numbers, payment information, or any other directly identifying personal data through this website. There are no registration forms, newsletter sign-ups, comment sections, or user accounts on this site.
How We Use Your Data
The technical data we collect is used for the following purposes: ensuring the website functions correctly and securely, understanding how visitors navigate and use the site so we can improve content and user experience, identifying and resolving technical issues, and protecting the website against malicious activity or abuse. We do not use your data for profiling, automated decision-making, direct marketing, or any purpose beyond the operation and improvement of this website.
Legal Basis for Processing
Under the UK GDPR, we rely on the following legal bases for processing personal data. For strictly necessary cookies and essential technical data processing, the legal basis is our legitimate interest in operating a functional and secure website. For analytics and non-essential cookies, the legal basis is your consent, which you can provide or withdraw through the cookie consent mechanism. We have assessed our legitimate interests and determined that they do not override your fundamental rights and freedoms, particularly given the minimal and largely anonymised nature of the data we process.
Data Sharing
We do not sell, rent, or trade your personal data to any third party. We may share limited technical data with the following categories of service providers who assist in operating this website: hosting providers who store and serve the website content, analytics providers who help us understand site usage in aggregate form, and content delivery networks that ensure the website loads quickly and reliably. These service providers process data only on our behalf and in accordance with our instructions. They are bound by contractual obligations to handle your data securely and only for the specified purposes. Where these providers are based outside the United Kingdom, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner’s Office.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this policy. Server logs containing IP addresses and technical access data are retained for no more than 90 days before being deleted or fully anonymised. Analytics data is retained in aggregate, anonymised form and does not contain information that could identify an individual visitor. Cookie data expires according to the timescales set out in our Cookie Policy.
Your Rights
Under the UK GDPR, you have the following rights in relation to your personal data. You have the right to be informed about how your data is collected and used, which this privacy policy aims to fulfil. You have the right of access, meaning you can request a copy of any personal data we hold about you. You have the right to rectification if any data we hold is inaccurate or incomplete. You have the right to erasure in certain circumstances, allowing you to request that we delete your personal data. You have the right to restrict processing, meaning you can ask us to limit how we use your data. You have the right to data portability, allowing you to obtain your data in a structured, commonly used format. You have the right to object to processing based on legitimate interests. You also have the right to withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, you may contact us using the details provided at the bottom of this page. We will respond to your request within one month, as required by law. If we need more time due to the complexity of your request, we will inform you within the initial one-month period.
Children’s Privacy
This website is not directed at children under the age of 18. We do not knowingly collect personal data from children. The subject matter of this website relates to gambling self-exclusion, which is relevant only to adults. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.
Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include the use of HTTPS encryption for all data transmitted between your browser and our servers, access controls limiting who can view server logs and analytics data, and regular reviews of our data processing practices. While no method of transmission or storage is completely secure, we take reasonable steps to ensure your data is protected to a standard appropriate to the risk.
Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the “Last updated” date at the top of this page. We encourage you to review this policy periodically. Continued use of the website after changes are posted constitutes acceptance of the updated policy.
Complaints
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection supervisory authority. You can contact the ICO through their website at ico.org.uk or by calling their helpline on 0303 123 1113. We would appreciate the opportunity to address your concerns directly before you approach the ICO, but you are entitled to contact them at any time.