Privacy policy
This privacy notice explains how Affinarit (“we”, “our”) collects and uses personal data when you read this site. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Data controller
Affinarit is the data controller for personal data collected through this website. The editorial office is based in Edinburgh, United Kingdom. For any data-protection enquiry you can write to [email protected].
What we collect
- Technical data — your IP address, browser type, device type, operating system, referring URL, and pages viewed. This is collected automatically by web-server logs whenever you load a page.
- Cookie data — strictly necessary cookies that remember your age-verification choice and your cookie-consent choice, and (only if you accept) optional analytics cookies that help us understand how the dossier is read. See the cookie policy for the full table.
- Correspondence — if you write to us at the editorial address, we keep your message and our reply so we can answer follow-ups.
Lawful basis
We rely on the following lawful bases under Article 6 UK GDPR:
- Legitimate interests for server logs, fraud-prevention and the operation of strictly necessary cookies. Our legitimate interest is the safe and reliable operation of the site.
- Consent for optional analytics cookies. You can withdraw consent at any time via the cookie banner or your browser settings.
- Legitimate interests for handling correspondence sent to the editorial address.
Retention
Server logs are kept for a maximum of 30 days and then deleted. Cookie-consent and age-verification choices are kept locally in your browser; you can clear them at any time using your browser’s site-data tools. Correspondence is kept for up to 24 months from the date of last reply.
Sharing
We do not sell personal data. We may share limited technical data with our hosting provider for the purpose of running the site, and with analytics providers only if you have consented to optional analytics. Where outbound links take you to a third-party operator’s site, that operator’s own privacy notice applies.
International transfers
Where service providers process data outside the United Kingdom, we rely on the UK’s adequacy regulations or, where these do not apply, on the UK Addendum to the EU Standard Contractual Clauses.
Your rights
Under UK GDPR you have the right to access your personal data, to request correction or erasure, to restrict or object to processing, and to data portability where applicable. To exercise any of these rights write to [email protected]. You also have the right to lodge a complaint with the Information Commissioner’s Office at ico.org.uk.
Children
This site is intended for adults aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, please write to the editorial address and we will delete it.
Changes
If we materially change this notice, the revised version will be posted here with an updated review date.