Grolan Press is an independent editorial publication focused on everyday nutrition practices and weight awareness. The publication is not affiliated with any commercial, governmental, or institutional body.
This Privacy Policy describes how Grolan Press ("we", "us", "our") collects, uses, stores, and protects personal data obtained through the website grolan.info (the "Website"). We are committed to handling your personal data in a transparent and responsible manner, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Please read this policy carefully before submitting any personal information through the Website. By using the Website, you acknowledge that your data will be processed as described herein.
1. Who We Are
The data controller for personal data collected through the Website is Grolan Press, an independent editorial publication registered in England. Our contact details are:
Grolan Press36 Briset Street, London EC1M 5UH, United Kingdomdom
London EC1M 6BP
United Kingdom
+44 20 7382 9416
[email protected]
2. What Personal Data We Collect
We collect personal data only when you actively provide it to us. The categories of personal data we may collect include:
- Contact form submissions: your name, email address, and the content of your message when you use the contact form on our Website.
- Technical data: IP address, browser type, operating system, referring URLs, and pages visited, collected automatically via server logs and analytics tools when you visit the Website.
- Cookie data: data stored in cookies placed on your device as described in our Cookie Policy.
We do not knowingly collect sensitive personal data (such as information about health status, dietary conditions, or financial circumstances) through the Website. Our contact form does not request, and you should not submit, any information of a sensitive nature.
3. How We Use Your Personal Data
We use the personal data we collect for the following purposes:
- To respond to your enquiries: when you submit the contact form, we use your name and email address to respond to your message. The legal basis for this processing is our legitimate interest in communicating with readers of the publication.
- To improve the Website: technical data and aggregated analytics are used to understand how readers navigate the Website and to improve editorial presentation. This processing is based on our legitimate interests.
- To manage cookies: we store your cookie consent preferences so that we can honour your choices on subsequent visits. This is necessary for compliance with applicable regulations.
- To comply with legal obligations: we may process and retain personal data where required to do so by applicable law or regulation.
We do not use your personal data for automated decision-making or profiling. We do not sell, rent, or share your personal data with third parties for their own marketing purposes.
4. Legal Bases for Processing
Under the UK GDPR, we rely on the following legal bases for processing your personal data:
- Legitimate interests (Article 6(1)(f)): for responding to enquiries, improving the Website, and understanding reader engagement with our editorial content.
- Consent (Article 6(1)(a)): for non-essential cookies and analytics, where you have provided consent via the cookie banner.
- Legal obligation (Article 6(1)(c)): where processing is required under applicable United Kingdom law.
5. How Long We Keep Your Data
We retain personal data only for as long as is necessary for the purposes described in this policy, or as required by applicable law:
- Contact form data: messages and associated contact details are retained for up to 12 months from the date of submission, after which they are securely deleted unless ongoing correspondence requires a longer retention period.
- Technical and analytics data: aggregated log data is retained for up to 26 months in line with standard analytics retention periods.
- Cookie preference data: stored for up to 12 months from the date of consent.
6. Sharing Your Personal Data
We do not share your personal data with third parties except in the following limited circumstances:
- Service providers: we may share technical data with trusted analytics and hosting providers who process data on our behalf under data processing agreements. These providers are not permitted to use the data for their own purposes.
- Legal requirements: we may disclose personal data where required to do so by law, court order, or regulatory authority.
- Third-party embedded content: certain pages embed content from Google Maps. Interacting with this content may result in data being sent to Google. Please refer to Google's privacy policy for further information.
All third-party service providers are required to maintain the confidentiality and security of your personal data and to process it only in accordance with our instructions.
7. International Transfers
Some third-party service providers we use may process data outside the United Kingdom. Where such transfers occur, we take steps to ensure that appropriate safeguards are in place, including standard contractual clauses approved by the UK Information Commissioner's Office (ICO) or adequacy decisions where applicable.
8. Your Rights
Under the UK GDPR, you have the following rights in relation to your personal data:
- Right of access: to obtain a copy of the personal data we hold about you.
- Right to rectification: to have inaccurate data corrected.
- Right to erasure: to request deletion of your personal data in certain circumstances.
- Right to restriction: to restrict how we process your data in certain circumstances.
- Right to data portability: to receive your personal data in a structured, commonly used format.
- Right to object: to object to processing based on legitimate interests.
- Right to withdraw consent: where processing is based on consent, to withdraw that consent at any time.
To exercise any of these rights, please contact us at [email protected]. We will respond to all legitimate requests within one calendar month. If you are dissatisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.
9. Security
We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, or unauthorised disclosure. The Website is served over HTTPS, and access to stored personal data is restricted to authorised personnel only. While we implement reasonable precautions, no online data transmission is fully secure as entirely secure.
10. Children's Privacy
The Website is intended for general adult audiences and is not directed at children under the age of 16. We do not knowingly collect personal data from children. If we become aware that personal data from a child has been submitted, we will delete it promptly. If you believe a child has submitted personal data through the Website, please contact us at [email protected].
11. Links to Other Websites
The Website may contain links to external websites for reference or attribution purposes. This Privacy Policy applies only to grolan.info. We are not responsible for the privacy practices of external sites and encourage you to review their own privacy notices before providing any personal information.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date of the most recent revision is shown at the top of this page. Continued use of the Website after any update constitutes your acknowledgement of the revised policy. For significant changes, we will take reasonable steps to notify readers.
13. Contact
For any questions or requests relating to this Privacy Policy or the personal data we hold about you, please contact the editorial desk:
Grolan Press36 Briset Street, London EC1M 5UH, United Kingdomdom
London EC1M 6BP
United Kingdom
+44 20 7382 9416
[email protected]
Monday — Friday, 09:00 – 18:00 GMT