Privacy Policy

Last updated: 1st of June 2023

We think your privacy is pretty important. That’s why always try to collect as little data as possible. Sometimes though we do collect a small amount of data in order to offer you the services that we do. This page will outline the type of data we do collect, why we collect it, and how you can request a copy of it.

For the purpose of the Data Protection Act 1998 (the “Act”), the data controller is NOT SO BIG TECH LIMITED located at The Not So Big Company, Stacy Path, London, SE5 7SL.

What data we collect

The personal data we collect from you includes:

  • questions, queries or feedback you leave, including your email address if you contact us
  • your email address when you sign up to our betas or other email alerts
  • your Internet Protocol (IP) address, and details of which version of web browser you used

We use Cloudflare Analytics to collect information about how you use our websites. This includes IP addresses. The data is anonymised before being used for analytics processing.

Cloudflare processes anonymised information about:

  • the pages you visit on our websites
  • how long you spend on each of our website pages
  • how you got to the site
  • what you click on while you’re visiting the site

We will not identify you through analytics information, and we will not combine analytics information with other data sets in a way that would identify who you are.

Why we need your data

We collect information through Cloudflare to see how you use the site and our services. We do this to help:

  • make sure the site is meeting the needs of all our users
  • make improvements

We also collect data in order to:

  • gather feedback to improve our services
  • respond to any feedback you send us, if you’ve asked us to
  • send email alerts to users who request them
  • monitor use of the site to identify security threats

The legal basis for processing personal data in relation to site security is our legitimate interests, and the legitimate interests of our users, in ensuring the security and integrity of The Not So Big Company and all our products and services.

The legal basis for processing anonymised data for Cloudflare Analytics is your consent.

What we do with your data

The data we collect may be shared with our technology suppliers, for example our hosting provider.

We will not:

  • sell or rent your data to third parties
  • share your data with third parties for marketing purposes
  • use your data in analytics

We will share your data if we are required to do so by law - for example, by court order, or to prevent fraud or other crime.

How long we keep your data

We will only retain your personal data for as long as:

  • it is needed for the purposes set out in this document
  • We will keep your email data until you unsubscribe.
  • We will delete access log data after 120 days.

Children’s privacy protection

Our services are not designed for, or intentionally targeted at, children 13 years of age or younger. We do not intentionally collect or maintain data about anyone under the age of 13.

Where your data is processed and stored

We design, build and run our systems to make sure that your data is as safe as possible at all stages, both while it’s processed and when it’s stored.

All personal data is stored in the European Economic Area (EEA). Data collected by Cloudflare Analytics may be transferred outside the EEA for processing.

How we protect your data and keep it secure We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data - for example, we protect your data using varying levels of encryption.

We also make sure that any third parties that we deal with keep all personal data they process on our behalf secure.

Your rights

You have the right to request:

  • information about how your personal data is processed
  • a copy of that personal data
  • that anything inaccurate in your personal data is corrected immediately You can also:
  • raise an objection about how your personal data is processed
  • request that your personal data is erased if there is no longer a justification for it
  • ask that the processing of your personal data is restricted in certain circumstances

If you have any of these requests, get in contact by emailing [email protected].

Changes to this policy

We may change this privacy policy. In that case, the ‘last updated’ date at the top of this page will also change. Any changes to this privacy policy will apply to you and your data immediately.

If these changes affect how your personal data is processed, NOT SO BIG TECH LIMITED will take reasonable steps to let you know.