PRIVACY NOTICE

Last updated: 14 May 2026

1. Who we are

This site is operated by Farah Shams, a sole trader based in the United Kingdom (the “controller”, “we”, “us”). We are the data controller for any personal data you provide through this site.

For any privacy question or to exercise your rights below, contact us through the contact form on this site. Mark your message “Privacy request” and we will respond within one month.

2. What we collect and why

Contact form. Name, email address, and the contents of your message. Used solely to read and reply to you. Lawful basis: legitimate interest (responding to you).

Donations. When you donate we record the donation amount, currency, status, and a Stripe payment-intent reference. If you give consent we also store a public display name so you can appear on the leaderboard. Lawful basis for the financial record: legal obligation (tax / anti-fraud record-keeping); for the optional display name: your consent, which you can withdraw at any time.

Card details. Card numbers and CVCs are never sent to or stored by us. Stripe collects them directly in their iframe and we only receive a tokenised reference.

Technical data. Server logs and error reports may contain your IP address, browser type, and the URL you requested. Lawful basis: legitimate interest (security, abuse prevention, debugging).

3. Cookies and similar technologies

Strictly necessary. These are always set because the site cannot function without them:

  • pi_token — a short-lived, signed cookie that ties a donation form session to its payment intent so you can't be charged for someone else's session. Required for donations to function.
  • Stripe sets its own strictly-necessary cookies inside the payment iframe to detect fraud and complete 3-D Secure.

Analytics. We use Cloudflare Web Analytics for aggregate, anonymous traffic statistics (page views, country, referrer). It does not set cookies, does not store anything in your browser, does not fingerprint your device, and does not track you across sites. IP addresses are processed transiently to derive country and then discarded. Because no personal data is retained and nothing is stored on your device, no consent banner is required.

Error tracking. We use Sentry to capture JavaScript errors. Session replay is only recorded when an error actually occurs, with all form inputs, page text, and media masked before transmission. We rely on legitimate interest (keeping the site working) and the masking ensures no personal data leaves your browser.

4. Who we share data with (sub-processors)

  • Stripe — payment processing. Stripe is the data controller for payment data; see stripe.com/privacy.
  • Vercel — hosting and request logs.
  • Upstash — rate-limit counters and short-lived session tokens (Redis).
  • Sentry — error reports and on-error session replay (with masking).
  • Cloudflare — aggregate, cookieless web analytics (no personal data retained).

Some of these providers process data outside the UK (typically the EU or USA). Where they do, transfers are protected by the UK Addendum to the EU Standard Contractual Clauses or by adequacy decisions (e.g. the UK–US Data Bridge). We do not sell or rent your data to anyone.

5. How long we keep it

  • Contact-form messages: kept until we have replied and resolved the conversation, then deleted on a periodic clean-up.
  • Donation records: kept for 7 years to meet UK tax and accounting record-keeping rules (HMRC).
  • Server logs and error reports: rotated by our hosting and error-tracking providers, typically 30–90 days.
  • Rate-limit counters in Redis: a few minutes.

6. Your rights

Under UK GDPR you have the right to:

  • Ask for a copy of the personal data we hold about you (subject access).
  • Ask us to correct data that's wrong.
  • Ask us to delete data where we no longer have a lawful basis to keep it (subject to the 7-year retention obligation for donation records).
  • Object to processing based on legitimate interest.
  • Withdraw consent for any processing that relies on consent (e.g. removing your name from the leaderboard).
  • Ask for your data in a portable format.

To exercise any of these, message us through the contact form. We don't require ID for simple requests but may ask you to confirm details that match a donation record so we can find your data.

You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk. We'd appreciate the chance to put things right first.

7. Children

This site isn't directed at under-16s and we don't knowingly collect data from them. If you believe a child has sent us data, contact us and we will delete it.

8. Changes

If we change anything material we will update the “last updated” date at the top of this page. The current version is always the one published here.