Information Collection
We collect minimal personal data necessary to operate our service. When you contact us via support@newreviewsite-uk.com, we store your email address and correspondence for 12 months. Unlike gambling operators, we don't require identity documents. Our server logs record anonymous data like browser type and visit duration. Under UK law, we're classified as a data controller (ICO registration ZA456789). We never collect sensitive data like payment details or gambling history. For newsletter subscriptions, we only store email addresses and consent timestamps. Our systems automatically delete inactive accounts after 18 months of inactivity.
Data Usage
Your information helps us improve content for UK gamblers. We analyze aggregated location data to prioritize reviews of platforms popular in regions like London or Manchester. Email addresses are used solely for responding to inquiries or sending requested newsletters. Unlike commercial casinos, we don't use data for marketing or profiling. Our analytics help identify which UK gambling regulations require more explanation. We may use anonymized quotes from emails (with permission) in our educational content. All data processing occurs on UK-based servers compliant with the Data Protection Act 2018 and GDPR standards.
Data Protection
We implement robust security measures exceeding UK gambling affiliate standards. All data transfers use TLS 1.3 encryption matching UK financial services requirements. Our systems undergo regular penetration tests by CREST-approved auditors. Employee access follows the principle of least privilege, with multi-factor authentication mandatory. We maintain an Information Security Management System certified to ISO 27001 standards. Unlike operators handling financial transactions, our data storage is minimal - emails are encrypted at rest using AES-256. Incident response procedures meet ICO guidelines, with mandatory 72-hour breach notification. Annual staff training covers UK data protection laws and secure handling practices.
Third-Party Sharing
We minimize data sharing more strictly than most UK gambling sites. Email providers (Microsoft 365) process messages under EU Model Clauses. Analytics use Google's UK data centers with IP anonymization. Unlike affiliate marketers, we don't sell or trade data. When reporting problems to gambling operators, we redact all personal details. Our hosting provider (UK-based AWS London) acts as a data processor under strict contracts. Financial auditors may access anonymized usage statistics. We may disclose information if required by UK law enforcement with proper warrants. Any international transfers comply with UK adequacy decisions and standard contractual clauses.
Cookies & Tracking
Our cookie usage is minimal compared to commercial gambling platforms. Essential cookies maintain secure sessions, while analytics cookies measure aggregate traffic. We don't use advertising trackers or social media pixels common on casino sites. The UK Cookie Law (PECR) allows necessary cookies without consent - we only use these. Browser fingerprinting and other covert tracking methods are strictly prohibited. Users can manage preferences through browser settings as explained in our separate Cookie Policy. Unlike many affiliates, we don't use cross-site tracking to monitor gambling behavior. Our approach aligns with ICO guidance for information service providers.
Your Rights
UK data protection laws grant you comprehensive rights. You may request access to your data (Subject Access Request) free of charge within 30 days. Rectification rights ensure we correct inaccurate details. Unlike gambling accounts, you can request full erasure unless we have legal retention obligations. Restriction rights let you limit processing during disputes. You may object to processing and withdraw consent (where applicable). Data portability rights don't apply as we don't process data by automated means. Complaints can be lodged with the UK Information Commissioner's Office. We respond to all rights requests within timescales mandated by UK GDPR.
Data Retention
Our retention periods are shorter than UK gambling operators' requirements. Email correspondence is deleted after 12 months unless required for legal claims. Server logs rotate every 30 days. Newsletter subscriptions remain active until cancellation. Backup retention follows the 3-2-1 rule (3 copies, 2 media types, 1 offsite) with 90-day expiration. Unlike casinos bound by licensing conditions, we don't retain identity documents. Anonymized analytics data may be kept for 3 years for trend analysis. When you exercise erasure rights, we overwrite data immediately rather than just flagging as deleted. Our retention schedule is reviewed annually against UK regulatory changes.
Children's Privacy
We strictly prohibit underage use in compliance with UK gambling laws. Unlike operators who must verify age, we don't knowingly collect data from under-18s. Our content is aimed at adults seeking gambling information. Parents can use device-level controls like iOS Screen Time or Google Family Link to restrict access. The UK Age Appropriate Design Code informs our privacy-by-default approach. We don't use techniques like gamification that might appeal to children. If we discover underage usage, we immediately delete all associated data and report to the ICO as required by the Children's Code. Our systems don't process special category data that could reveal age indirectly.
International Transfers
All data processing primarily occurs in UK AWS data centers. Any international transfers use EU-approved Standard Contractual Clauses. Unlike global gambling operators, we minimize cross-border data flows. US service providers (like Google Analytics) only receive anonymized data through UK proxy servers. Our email system routes through EU servers with adequacy decisions. We conduct Transfer Impact Assessments for all data flows outside the UK. The Privacy Shield framework isn't relied upon following its invalidation. Where possible, we use UK-based alternatives to foreign services. Annual reviews ensure compliance with evolving UK adequacy regulations post-Brexit.
Contact Information
For privacy concerns, contact our Data Protection Officer at support@newreviewsite-uk.com. Written correspondence can be sent to our UK office: Data Protection Team, New Review Site-uk, 12 Regent Street, London, SW1Y 4PE. We respond within 14 working days as required by UK law. For complex requests, we may extend this to 45 days with notification. The ICO can be contacted at ico.org.uk for unresolved complaints. Our registration number with the ICO is ZA456789. This policy was last updated on 1st June 2025 to reflect UK GDPR amendments. We notify users of significant changes through site banners for 30 days.