Privacy Policy
Introduction
This privacy policy sets out our data practices for cleopatra-demo.uk.com. Our site offers information on slot mechanics for enthusiasts. We run an independent project with no gambling services. Three hobbyists manage it: one focuses on data crunching, another on site structure, the third on writing reviews. Effective date: 9 April 2026. Last updated same date. We stick to UK data laws including GDPR. Questions go to [email protected]. When users visit pages reviewing slots such as the classic Cleopatra, standard web data gets recorded. Our goal stays simple: inform without selling or tracking aggressively.
UK residents have rights under data protection law. This document covers everyone but prioritises those rules. Non-UK visitors get similar treatment where possible. Our operation keeps data minimal since we avoid user accounts or payments.
Personal Data We Collect
Personal data means info identifying you as an individual. We gather little of it directly. Email addresses come only if you contact us via [email protected]. No names, phone numbers or addresses requested. IP addresses count as personal under some definitions. Those log automatically from server access. Browser details like user agent string also appear in logs. We do not ask for or store financial info. No login system exists so no usernames or passwords.
Cookies might hold identifiers but see cookies section. If you submit feedback, your email stays linked to that message. We avoid collecting sensitive data like health or politics. Location derives from IP roughly, city level at most. No precise geolocation.
Non-Personal Data
Most data stays anonymous. Page views track which articles draw traffic, like mechanics breakdowns or payout tables. Referrer URLs show search terms indirectly. Device type (mobile vs desktop) helps optimise display. Timestamps record visit times. Aggregated stats build over months, such as top slots viewed. No individual profiles form from this. Browser language settings guide content if multilingual later. Screen resolution adjusts images. All this helps run a better site without identifying users.
How We Collect Information
Data arrives passively. Server logs capture IP, timestamp, requested URL and status code on every hit. No active forms collect info except contact email. Third-party tools might embed but currently none do. Google Analytics sits absent; we use server-side counts. Cookies set by browser for functionality. If HTTPS enforces, headers include security flags. User-submitted content limited to email replies. No social logins or trackers.
Purposes for Using Your Data
We process data for site operation first. Logs diagnose errors, like broken links in reviews. Analytics spot popular content to expand, say more on volatility indexes. Security blocks bad IPs from brute force attempts. Contact emails receive responses; we reply then archive. Improvement uses aggregates: if mobile users dominate, simplify menus. Legal compliance requires keeping logs for disputes. No marketing lists build. Data never sells or rents. Research stays internal among our trio.
Processing bases on legitimate interests for most: running the site efficiently. Consent applies to cookies if choices offered. Contract lacks since no services sold. Vital interests or public task do not fit.
Sharing Your Data
Little sharing occurs. Hosting provider sees logs for infrastructure. Email service (standard provider) handles messages. No ad networks link. Government requests met only with warrant; rare for us. Team members access shared drive for logs analysis. No processors outside EU/UK currently. Aggregates might publish in blog posts, like 'top 10 slots by views'. Personal data shares only for legal duty. Bankruptcy unlikely but assets transfer with notice.
Cookies and Similar Tech
Cookies store small data in browser. We use session cookies for basic function, expire on close. No persistent trackers. Essential ones enable navigation. Preferences cookie might save dark mode if added. Analytics cookies absent now. Third-party cookies zero. You control via browser settings. Clear them anytime. Do-not-track header honoured if simple. Cookie banner appears on first visit listing types. Consent withdrawable anytime. Table below lists cookies:
Our site lists: session_id (essential, session), theme_pref (preferences, 1 year). No others. Sizes under 4KB total.
Data Retention Periods
Logs keep 30 days for security then delete. Contact emails archive 2 years post-reply or delete if requested. Cookie data follows expiry. Aggregates indefinite as non-personal. Error reports purge after fix. Backups rotate weekly, encrypt offsite. No indefinite holds without reason. Deletion automated where possible. Manual review quarterly by data hobbyist.
Your Data Rights
UK/EU users get GDPR rights. Access: request copy of your data we hold. Rectification: correct inaccuracies. Erasure: delete where no longer needed (right to be forgotten). Restriction: pause processing during disputes. Portability: get data in machine format. Object: to legitimate interests processing. Withdraw consent: for cookies. Automated decisions: none here.
Exercise rights: email [email protected] with 'GDPR request: [your name]'. Respond within month, free unless excessive. ID verify if needed. Complaints go to ICO uk.
Non-UK similar where law allows. Transparency full here.
Security Practices
Data protects via HTTPS everywhere. Server firewalls block unauthorised access. Passwords salt and hash for any admin. Backups encrypt AES-256. Access logs monitor team logins. Regular updates patch vulnerabilities. No public databases. Physical security irrelevant as cloud-hosted. Incident response plan tests yearly. Breach notifies authorities and users if high risk within 72 hours.
Children's Privacy
Site not for under 18s. No kid content. If aware of child data, delete promptly. Parents contact for access.
Policy Changes
Updates post here with date. Major changes email subscribers if any. Check back periodically.
Contact Us
Reach [email protected] for questions. No phone or address needed for small op. Responses within 7 days.