Privacy & Cookie Policy

1. Introduction

This Privacy & Cookie Policy ("Policy") explains how Alltami House Management Ltd ("Company," "we," "us," or "our") collects, uses, shares, and protects information when you visit or interact with our website (the "Site").

This Policy is intended to address requirements under applicable UK/EU privacy laws (including the GDPR/UK GDPR where applicable), and also includes disclosures relevant to U.S. visitors, including California residents. Because privacy requirements vary by jurisdiction and context, some sections apply only to certain visitors.

2. Scope and What This Policy Covers

This Policy applies to information collected through the Site, including information collected through:

1. Newsletter signup forms and email communications you elect to receive.
2. Cookies and similar technologies, including analytics tools and affiliate attribution.
3. Affiliate link tracking, including click identifiers and conversion reporting.
4. Communications you send to us, such as messages, inquiries, or requests.

This Policy does not apply to third-party websites, apps, or services (including merchants, affiliate networks, social media platforms, video hosts, and analytics providers) that you may access via links on our Site ("Third-Party Sites"). Third-Party Sites operate under their own policies. You should review those policies before providing information or completing any transactions.

3. Who We Are and Roles (Controller / Business)

For GDPR/UK GDPR purposes, Alltami House Management Ltd is generally the data controller (or equivalent role) for personal data collected through the Site, meaning we decide why and how certain information is processed.

• Company Name: Alltami House Management Ltd
• Registered/Business Address: St Andrews Park, Queens Lane, Bromfield Industrial Estate, Mold, Clwyd, CH7 1XB, UK

Where we use vendors (such as hosting providers, analytics providers, or email delivery platforms), they generally act as our processors or service providers, processing information on our behalf under contractual obligations.

4. Information We Collect

We collect information in two main ways: (A) information you provide, and (B) information collected automatically when you use the Site.

4.1 Information You Provide

A. Newsletter Signup Data

When you subscribe to our newsletter, we may collect:

• your email address (required);
• your name (optional, if you provide it); and
• any preferences you voluntarily provide (for example, topics you want to receive).

B. Messages, Requests, and Correspondence

If you contact us by sending a message, submitting a request, or otherwise corresponding with us, we may collect:

• the information you include in your message;
• your contact details; and
• metadata such as date/time and any routing information necessary to process and respond.

Important Note: Please avoid sending sensitive personal information (e.g., national IDs, payment card details, health information) through general contact channels, because the Site is not designed for collecting such data.

4.2 Information Collected Automatically

When you visit the Site, we (and parties acting on our behalf) may automatically collect certain information, such as:

• IP address (which may indicate approximate location);
• device and browser information (OS, browser type/version, language, screen size);
• usage data (pages viewed, time on page, scrolling, clicks, referring page, exit page);
• approximate geolocation inferred from IP (city/region-level, not precise GPS unless your device/browser shares it);
• cookie identifiers and similar tracking signals;
• log data (errors, performance metrics, security events).

We use this data primarily to operate, secure, and improve the Site, understand what content is useful, and measure affiliate-link performance.

4.3 Affiliate Link and Conversion Tracking

The Site may contain affiliate links. Affiliate networks and merchant partners may use tracking technologies to attribute a click or purchase to our Site. This may involve:

• a unique click ID or referral identifier;
• cookies or similar storage (e.g., pixels, local storage);
• device/browser information;
• event data (such as "click" or "purchase occurred") reported by the merchant or network.

Example: If you click a "Buy from Retailer" link, an affiliate network may store a cookie so the merchant can later report that a purchase originated from our referral. We may receive a report that a purchase occurred and, depending on the program, limited details such as order value or product category—often in aggregated form.

We do not receive your full payment card details from merchants. The merchant processes checkout, payment, and fulfillment on their own systems.

5. How We Use Information

We use the information we collect for the following purposes:

5.1 Operate and Improve the Site

• Provide and maintain Site functionality and content;
• Analyze usage to improve articles, structure, and user experience;
• Diagnose performance issues and fix bugs;
• Maintain Site security, prevent fraud, spam, and abuse.

5.2 Newsletter and Communications

• Send newsletters and updates you requested;
• Send content that may include promotional material and affiliate-related recommendations consistent with your subscription;
• Measure email engagement (e.g., opens/clicks) to optimize communications, where permitted;
• Respond to inquiries and requests.

5.3 Monetization, Measurement, and Attribution

• Measure affiliate link performance and reporting;
• Understand what content leads to clicks and conversions;
• Detect suspicious traffic patterns (e.g., click fraud);
• Maintain records necessary for accounting and compliance.

5.4 Legal, Compliance, and Security

• Comply with legal obligations;
• Enforce Site policies and protect our rights and property;
• Address disputes and respond to lawful requests from authorities;
• Protect users, the public, and our business from harm.

6. Legal Bases for Processing (GDPR / UK GDPR)

If you are located in the EEA or UK, we rely on the following legal bases, depending on the processing activity:

1. Consent
   • Newsletter subscriptions (and, where required, marketing emails).
   • Non-essential cookies (analytics/advertising/affiliate attribution) where consent is required.
2. Legitimate Interests
   • Operating, securing, and improving the Site;
   • Understanding which content is useful;
   • Measuring affiliate link performance;
   • Preventing fraud and abuse.

   We balance these interests against your rights and freedoms.

3. Legal Obligation

   Where we must process information to comply with law (e.g., responding to lawful requests, maintaining records required by regulation).

4. Contract / Steps at Your Request (Limited)

   In limited contexts, such as when you request a response or provide information for us to handle a specific inquiry.

Withdrawing Consent: Where processing is based on consent, you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.

7. Cookies and Similar Technologies

We use cookies and similar technologies (such as pixels, tags, SDKs, and local storage) to operate and measure the Site, and to support affiliate attribution.

7.1 What Cookies Are

Cookies are small text files stored on your device. Some cookies are first-party (set by us) and others are third-party (set by external providers).

7.2 Categories of Cookies We May Use

1. Strictly Necessary Cookies
   Essential for Site operation, security, and basic functionality. These may include security and load-balancing cookies.
2. Analytics / Performance Cookies
   Help us understand how visitors use the Site (e.g., traffic sources, page views, time on page) so we can improve content and performance.
3. Affiliate / Advertising Attribution Cookies
   Used to track referral clicks and attribute commissions. These may be set by affiliate networks or merchants when you click outbound links.
4. Functionality Cookies
   Remember preferences (where implemented), such as region or language settings.

7.3 Managing Cookies

You can manage cookies through:

• your browser settings (block, delete, or restrict cookies);
• device-level privacy controls;
• any cookie preference tool we provide (if implemented).

If you block cookies, some Site features may not work properly, and affiliate attribution may not function (meaning we may not receive credit for a referral).

7.4 Third-Party Cookies and Tracking

Some cookies and trackers may be placed by third parties (analytics providers, affiliate networks, social media platforms). These third parties may collect information under their own policies and may combine information across different websites.

8. Analytics (Including Google Analytics Where Used)

We may use analytics tools to understand traffic and improve the Site. If Google Analytics (or a similar service) is used, it may collect usage data such as pages visited, time spent, device details, and approximate location derived from IP.

Where available and appropriate, we may:

• enable features such as IP anonymization (or equivalent controls);
• configure data retention settings;
• limit sharing and enable privacy controls to reduce the amount of personal data processed.

You can reduce analytics tracking by adjusting cookie preferences (if available), using browser controls, or using opt-out tools offered by providers (where available).

9. Social Media Widgets and Embedded Content

The Site may include social sharing buttons or embedded content (for example, videos, posts, or widgets). These features may:

• collect information about your device and usage;
• set cookies;
• record that you viewed or interacted with embedded content.

This may occur even if you do not click the widget, depending on the provider's implementation. Your interactions with those features are governed by the provider's policies.

10. Email Marketing Practices (GDPR/UK GDPR + CAN-SPAM)

10.1 What We Send

If you subscribe, emails may include:

• new posts and guides;
• curated product recommendations;
• seasonal tips and shopping-related content;
• promotional content containing affiliate links.

10.2 Opt-In and Opt-Out

• You opt in by submitting a newsletter signup form (and, where implemented, confirming via double opt-in).
• You can opt out anytime via the unsubscribe link included in our emails.
• We do not require an account to unsubscribe.

10.3 Frequency

Frequency varies. During certain periods (e.g., major holidays), emails may be more frequent. We aim to keep emails useful, but we cannot guarantee a fixed schedule.

10.4 Suppression Lists

If you unsubscribe, we may keep a minimal record (e.g., your email address) on a suppression list to ensure we honor your opt-out and comply with applicable laws.

11. How We Share Information

We may share information as follows:

11.1 Service Providers (Processors / Vendors)

We may share information with vendors who help us operate the Site, such as:

• hosting and infrastructure providers;
• analytics providers;
• email newsletter platforms;
• security and fraud prevention services.

These parties are generally permitted to process information only to provide services to us, under contractual obligations.

11.2 Affiliate Networks and Merchants

When you click an affiliate link:

• affiliate partners may receive technical identifiers needed for attribution (e.g., click ID);
• merchants may report back that a purchase occurred, sometimes with limited details (often aggregated or pseudonymized).

11.3 Legal Disclosures

We may disclose information if required to do so by law or in response to valid legal process, or when we believe disclosure is necessary to:

• protect rights, safety, and security;
• investigate fraud or abuse;
• enforce our policies.

11.4 Business Transfers

If we are involved in a merger, acquisition, restructuring, or sale of assets, information may be transferred as part of that transaction, subject to applicable law and appropriate safeguards.

12. Data Retention

We retain information only as long as necessary for the purposes described in this Policy.

• Newsletter subscriber data: retained until you unsubscribe, and then retained as needed for suppression lists, compliance, and recordkeeping.
• Analytics data: typically retained for a limited period and may be aggregated or anonymized.
• Security logs: retained as needed to detect, prevent, and investigate abuse and security incidents.

When data is no longer needed, we delete, anonymize, or de-identify it where feasible.

13. Security Measures

We use reasonable administrative, technical, and organizational safeguards designed to protect information, which may include:

• encryption in transit (HTTPS/TLS);
• access controls and least-privilege practices;
• monitoring and protective tools to detect malicious activity;
• vendor due diligence and contractual controls;
• security practices intended to reduce unauthorized access.

No system is 100% secure. You use the Site at your own risk.

Breach Notification

Where required by applicable law, we will provide notifications to affected individuals and/or regulators following a qualifying data breach.

14. International Data Transfers

Because the internet is global and we may use vendors in various countries, your data may be processed outside your country of residence, including in the United Kingdom, European Economic Area, and/or the United States, depending on vendor locations and routing.

For EEA/UK visitors, where required, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and/or other lawful transfer mechanisms recognized by applicable law, plus supplementary measures where appropriate.

15. Your Privacy Rights

15.1 EEA/UK Rights (GDPR / UK GDPR)

Subject to conditions and exceptions, you may have the right to:

• access your personal data;
• rectify inaccurate data;
• request deletion ("right to be forgotten");
• restrict processing;
• data portability;
• object to processing (including based on legitimate interests);
• withdraw consent at any time;
• lodge a complaint with your supervisory authority.

15.2 U.S. and California Rights (CCPA/CPRA Notice)

If you are a California resident, you may have rights to:

• know what personal information is collected, used, and disclosed;
• request deletion (subject to exemptions);
• correct inaccurate personal information;
• opt out of certain "sale" or "sharing" of personal information (as those terms are defined under California law);
• not be discriminated against for exercising your rights.

Sale/Sharing for Cross-Context Behavioral Advertising: We do not intentionally "sell" personal information in the traditional sense. However, some tracking technologies (including certain third-party analytics or affiliate attribution technologies) may be considered "selling" or "sharing" under California law in some contexts.

Where we offer cookie controls (if implemented), they are a primary way to manage these technologies. You can also use browser controls and recognized opt-out signals where supported.

15.3 How to Exercise Your Rights

You may submit privacy requests by writing to us at our postal address listed in Section 3, marked for the attention of Privacy / Data Protection Officer (DPO). We may ask you to provide information to verify your request (for example, verifying control of the email used for newsletter signup).

Authorized Agents (California): Where permitted, an authorized agent may submit a request on your behalf, but we may require proof of authorization and verification of your identity.

16. Do Not Track Signals

Some browsers send "Do Not Track" (DNT) signals. Because there is no consistent, universally adopted standard for interpreting DNT, we may not respond to DNT signals in all cases. Where we provide cookie controls (if implemented), those controls are the preferred method for managing tracking preferences.

17. Children's Privacy (COPPA and Similar Rules)

The Site is intended for a general audience and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, please notify us by writing to our postal address listed above (attn: Privacy / DPO), and we will take reasonable steps to delete it.

For users aged 13–17, we recommend that they use the Site only with parental or guardian involvement, especially before subscribing to newsletters or sharing personal information.

18. Changes to This Policy

We may update this Policy from time to time. When we do, we will revise the Effective Date at the top and post the updated Policy on the Site. If we make material changes, we may provide additional notice where appropriate (for example, through a notice on the Site or via newsletter communications to subscribers).

Your continued use of the Site after changes become effective means you acknowledge the updated Policy to the extent permitted by law.

19. Data Protection Officer and Privacy Contact

Data Protection Officer (DPO) / Privacy Contact:

Alltami House Management Ltd (Privacy / DPO)
St Andrews Park, Queens Lane, Bromfield Industrial Estate, Mold, Clwyd, CH7 1XB, UK

(If we appoint a specific individual or third-party DPO service, we may update this section accordingly.)

20. Practical Examples (How This Works)

1. Reading an article: We collect analytics such as page views and device type to learn what content is helpful.
2. Clicking an affiliate link: An affiliate partner may set a cookie or store a click ID to track that the visit came from our Site.
3. Buying on a merchant site: The merchant controls checkout, payment, shipping, returns, and their own privacy practices.
4. Joining the newsletter: We store your email to send updates and recommendations; you can unsubscribe at any time.

21. Glossary

• Affiliate Link: A link that may generate a commission for us if you click and/or purchase from a third party.
• Analytics: Tools and processes used to measure how visitors use the Site.
• Controller / Processor: GDPR roles—controller decides purposes/means; processor acts on behalf of controller.
• Cookies: Small files stored on your device used for functionality, analytics, or tracking.
• Personal Data / Personal Information: Information that identifies, relates to, or could reasonably be linked to an individual.
• SCCs: Standard Contractual Clauses used to help safeguard international data transfers.