Privacy Policy

Approach to Data Collection

At The Best Review Site UK, we gather only the personal details required to deliver our comparison services, as per the UK GDPR and Data Protection Act 2018. This includes email addresses for account setup, IP addresses to support security, and cookies for site performance. We do not request sensitive information such as payment credentials or ID documents. All data is collected lawfully based on consent or legitimate operational interest. We do not use third-party sources like credit check agencies without clear permission. Our practices are reviewed under ICO registration ZA456789.

Cookie Practices

We employ essential cookies to enable basic website functions such as logins and security. Optional analytics cookies (e.g., Google Analytics) help us evaluate user interactions anonymously. We avoid invasive tracking and behavioral advertising. Consent management is handled by the Cookie Law Info tool, offering users full control. Internal cookies expire within 30 days; external cookies follow their platform-specific terms. To comply with UK gambling laws, we also retain cookies needed for fraud checks and age verification. Users may adjust cookie settings through browsers, but disabling key cookies may impair site usability. More details are in our separate Cookie Policy.

Protecting Your Data

We safeguard personal data using up-to-date security measures like TLS 1.2 encryption, scheduled penetration testing, and ISO 27001-compliant environments. Data resides on servers located in the UK, with strict access controls and staff training in GDPR principles. In the event of a breach, we notify the ICO within 72 hours and alert users promptly. We also use DDoS protection, daily encrypted backups, and firewalls. Any third-party services are screened rigorously and operate under binding data agreements. While we strive for robust protection, users should also enable two-factor authentication and maintain strong passwords.

Sharing Data with External Parties

We disclose user data only when required to support our services, such as to gambling platforms (non-personal summary data), payment handlers, and support tools. All partners comply with GDPR and sign legally binding contracts. We never sell user information or share it with advertising networks. When data is transferred outside the UK, we rely on recognized safeguards like Standard Contractual Clauses and adequacy rulings. For a complete list of vendors, contact privacy@thebestreviewsiteuk.com. Users can manage data sharing preferences through their profile settings.

How Long We Keep Data

We retain data only as long as it's needed: active accounts stay until manually removed; inactive accounts (over 5 years unused) are deleted; finance-related records are stored for 7 years per tax law; server logs rotate every 90 days; and marketing consent is refreshed every 2 years. Secure deletion is performed using certified tools like Blancco. Users can request early deletion of non-essential info through our online DSAR form. Backups containing personal data are encrypted and removed after six months. Anonymized statistics may be preserved long-term for analytical purposes.

Your Data Rights

Under UK law, you may access, update, delete, or transfer your personal information, object to processing, and withdraw prior consent. To do so, contact our Data Protection Officer at dpo@thebestreviewsiteuk.com. Identity verification may be requested for protection purposes. If you’re unsatisfied with how your data is handled, you may file a complaint with the ICO via ico.org.uk. We do not charge for processing valid requests unless they're excessive or clearly unfounded.

Underage Access Policy

Access to our site is strictly prohibited for individuals under 18, following the UK Gambling Act 2005. Age checks are enforced, and we do not knowingly gather data from minors. If a minor has used our site, please alert us at support@thebestreviewsiteuk.com so we can remove their data and inform the UK Gambling Commission. Our system includes filters to detect false age claims. We align with the Children’s Code to protect minors, even though our content isn't directed at them. Educators may request materials from our Responsible Gambling outreach.

Cross-Border Data Transfers

Although our main systems are UK-based, some processing may occur abroad. For EU users, we comply with Chapter V of the GDPR. This includes EU adequacy decisions, contractual safeguards, and where necessary, adherence to the EU-US Data Privacy Framework. In sensitive cases, we apply encryption or pseudonymization to protect data in transit. You can request details about how and where your data travels by submitting a Subject Access Request. We ensure full compliance with both UK and EU privacy laws post-Brexit, with a dedicated EU contact based in Dublin per our ICO registration.