Privacy Policy

1. Introduction

This Privacy Policy ("Policy") describes how NonGamStop UK, operating through the website adamhilton.org ("the Website," "we," "us," or "our"), collects, uses, discloses, stores, and protects your personal data when you visit our Website or interact with our services.

We are committed to protecting your privacy and handling your personal data with transparency and care. This Policy has been drafted in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR).

By accessing or using our Website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our data practices as described herein, please do not use our Website.

This Policy should be read alongside our Terms and Conditions and our Cookie Policy, which provide additional information about your relationship with our Website.

2. Who We Are

NonGamStop UK is an independent online publication providing reviews, guides, and informational content about online casinos and gambling platforms not registered with the GamStop self-exclusion scheme. For the purposes of data protection law, NonGamStop UK is the data controller responsible for your personal data collected through this Website.

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your data protection rights, you can contact our Data Protection Officer at:

• Email: [email protected]
• Subject line: "Data Protection Enquiry"

We aim to respond to all data protection enquiries within 30 days, in accordance with UK GDPR requirements.

3. Information We Collect

We collect different types of information depending on how you interact with our Website. We are committed to collecting only the minimum amount of personal data necessary for the purposes described in this Policy.

3.1 Information You Provide Directly

When you voluntarily submit information to us, for example through our contact form or via email, we may collect:

• Contact information: Your name and email address, as provided in the contact form or email correspondence
• Communication content: The content of your messages, enquiries, feedback, or other communications sent to us
• Subject category: The topic or category you select when submitting a contact form enquiry

We do not require you to create an account or register to use our Website. The vast majority of our visitors browse our content without providing any personal data directly.

3.2 Information Collected Automatically

When you visit our Website, certain information is collected automatically through cookies and similar tracking technologies. This may include:

• Device information: Your device type, operating system, and browser type and version
• Usage data: Pages visited, time spent on pages, click patterns, scroll depth, and navigation paths through our Website
• Technical data: Your IP address, internet service provider, referring URL, and exit pages
• Location data: Approximate geographic location derived from your IP address (country and region level only, not precise location)
• Cookie data: Information stored in cookies and similar technologies placed on your device, as described in our Cookie Policy

3.3 Information from Third Parties

We may receive limited aggregated or anonymised data from third-party analytics services (such as Google Analytics) and affiliate network partners. This data is used to understand traffic patterns, measure the effectiveness of our content, and improve our Website. We do not receive personally identifiable information from these third parties unless you have separately consented to their sharing of such data.

4. How We Use Your Information

We use the information we collect for the following purposes:

• To respond to your enquiries: When you contact us through our contact form or email, we use your name, email address, and message content to respond to your enquiry and provide the assistance you have requested.
• To improve our Website: We use analytics data to understand how visitors use our Website, identify popular content, diagnose technical issues, and make improvements to the user experience, content quality, and site performance.
• To measure content effectiveness: We analyse usage patterns to understand which reviews, guides, and other content resonates with our audience, enabling us to create more useful and relevant material.
• To manage affiliate relationships: We use aggregated click and referral data to manage our commercial relationships with affiliate partners, track the performance of our content, and ensure accurate commission accounting. This data is typically anonymised and does not identify individual users.
• To ensure security: We use technical data to protect our Website from malicious activity, detect fraud, and maintain the security and integrity of our systems.
• To comply with legal obligations: We may process personal data where necessary to comply with applicable laws, regulations, or legal processes.

We do not use your personal data for automated decision-making or profiling that produces legal effects or similarly significant effects on you.

5. Legal Basis for Processing

Under the UK GDPR, we must have a valid legal basis for processing your personal data. The legal bases we rely on depend on the specific processing activity:

• Consent (Article 6(1)(a)): Where you have given us clear consent to process your personal data for a specific purpose, such as when you submit a contact form or consent to non-essential cookies. You have the right to withdraw your consent at any time.
• Legitimate interests (Article 6(1)(f)): Where processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Our legitimate interests include: improving our Website and content; understanding our audience; managing our business operations; maintaining the security of our Website; and managing our affiliate partnerships. We conduct balancing tests to ensure our legitimate interests are not overridden by your rights.
• Contractual necessity (Article 6(1)(b)): Where processing is necessary for the performance of a contract with you, or to take steps at your request prior to entering into a contract. This applies when you submit an enquiry and we process your data to respond.
• Legal obligation (Article 6(1)(c)): Where processing is necessary to comply with a legal obligation to which we are subject, such as tax reporting requirements or responding to lawful requests from authorities.

6. Cookies and Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site usage, and support our affiliate partnerships. A cookie is a small text file that is placed on your device when you visit a website.

We use the following categories of cookies:

• Essential cookies: These are strictly necessary for the Website to function and cannot be switched off in our systems. They include cookies that enable core functionality such as page navigation, security features, and access to secure areas of the Website.
• Analytics cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Website. They help us understand which pages are the most and least popular and how visitors navigate the site. All information these cookies collect is aggregated and therefore anonymous.
• Affiliate and tracking cookies: When you click on affiliate links on our Website, cookies may be placed by our affiliate partners to track referrals and attribute commissions. These cookies enable our affiliate partners to identify that you were referred from our Website and are essential to the functioning of our affiliate business model.

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse or delete cookies. However, if you choose to disable cookies, some features of our Website may not function as intended.

For detailed information about the specific cookies we use, their purposes, and their expiry periods, please refer to our Cookie Policy.

7. Third-Party Services

We use a limited number of third-party services to help us operate and improve our Website. Each of these services may collect and process data in accordance with their own privacy policies:

7.1 Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC, to analyse how visitors use our Website. Google Analytics uses cookies to collect information about your use of the Website, including your IP address (which is anonymised before storage), pages visited, time on site, and referring sources. This information is transmitted to and stored by Google on servers that may be located outside the United Kingdom. Google's privacy policy is available at policies.google.com/privacy.

We have enabled IP anonymisation in Google Analytics, which means your IP address is truncated and anonymised before being stored, reducing the personal data collected. We do not use Google Analytics to track individual users or to create personal profiles.

7.2 Affiliate Networks

We participate in affiliate programmes operated by various iGaming affiliate networks. When you click on an affiliate link on our Website, you may be directed to a third-party casino or betting site, and the affiliate network may place cookies on your device to track the referral. The data processing practices of these third parties are governed by their own privacy policies, which we encourage you to review before registering or providing personal data on their platforms.

We do not receive personally identifiable information about individual users from our affiliate partners. The data we receive from affiliate networks is limited to aggregated performance metrics such as click counts, registration counts, and commission figures.

7.3 Hosting and Infrastructure

Our Website is hosted on secure servers. Our hosting provider may process technical data (such as IP addresses and access logs) as part of providing hosting services. This processing is governed by our data processing agreement with the hosting provider and is limited to what is necessary for the provision of hosting services.

8. Affiliate Partners and Links

Our Website contains affiliate links to third-party gambling platforms. When you click on these links, you leave our Website and enter a platform operated by a third party. We are not responsible for the privacy practices of these third-party platforms.

We strongly recommend that you read the privacy policy of any third-party website you visit, particularly before creating an account, providing personal information, or making financial transactions. Online casinos and betting sites typically collect significant amounts of personal data as part of their registration and verification processes, and their data handling practices may differ substantially from ours.

Our affiliate relationships do not involve the sharing of your personal data with affiliate partners. The tracking that occurs when you click an affiliate link is performed through cookies placed by the affiliate network, not through our direct sharing of your information.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Our specific retention periods are as follows:

• Contact form submissions: We retain your name, email address, and message content for up to 24 months from the date of your last communication with us, after which it is securely deleted unless there is an ongoing need to retain it (for example, an unresolved enquiry or a legal obligation).
• Email correspondence: We retain email correspondence for up to 24 months from the date of the last message in a conversation thread. Correspondence relating to legal matters, formal complaints, or data protection requests may be retained for up to 6 years in accordance with limitation periods under English law.
• Analytics data: Aggregated and anonymised analytics data is retained for up to 26 months from the date of collection, in accordance with Google Analytics default retention settings. This data does not identify individual users.
• Cookie data: Cookie retention periods vary by cookie type. Please refer to our Cookie Policy for specific details.
• Server logs: Server access logs, which may contain IP addresses and user agent strings, are retained for up to 90 days for security and diagnostic purposes, after which they are automatically purged.

When the retention period for any personal data expires, we securely delete or anonymise the data so that it can no longer be associated with you.

10. Your Rights Under UK GDPR

Under the UK General Data Protection Regulation and the Data Protection Act 2018, you have the following rights in relation to your personal data. These rights are not absolute, and certain exemptions may apply depending on the circumstances:

• Right of access (Article 15): You have the right to request a copy of the personal data we hold about you. This is commonly known as a "Subject Access Request" (SAR). We will provide a copy of your data in a commonly used electronic format within one month of your request.
• Right to rectification (Article 16): You have the right to request that we correct any personal data we hold about you that is inaccurate or incomplete. We will make corrections within one month of being notified.
• Right to erasure (Article 17): Also known as the "right to be forgotten," you have the right to request that we delete your personal data where it is no longer necessary for the purpose for which it was collected, where you withdraw consent, where you object to processing and there are no overriding legitimate grounds, or where the data has been unlawfully processed.
• Right to restriction of processing (Article 18): You have the right to request that we restrict the processing of your personal data in certain circumstances, including where you contest the accuracy of the data, where processing is unlawful but you do not want erasure, or where you have objected to processing and we are considering whether our legitimate grounds override yours.
• Right to data portability (Article 20): Where processing is based on consent or contractual necessity and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
• Right to object (Article 21): You have the right to object to processing based on legitimate interests or public interest at any time. We will cease processing unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms.
• Right to withdraw consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, please contact us at [email protected] with the subject line "Data Protection Request." We may need to verify your identity before processing your request. We will respond to all valid requests within one month. If your request is complex or we receive a high volume of requests, we may extend this period by a further two months, in which case we will inform you within the initial one-month period.

There is no fee for exercising your data protection rights. However, if your request is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee or refuse to comply with the request, in accordance with UK GDPR provisions.

11. International Data Transfers

Some of the third-party services we use, particularly Google Analytics, may transfer and store data on servers located outside the United Kingdom. Where personal data is transferred outside the UK, we ensure that appropriate safeguards are in place to protect your data in accordance with UK data protection law.

These safeguards may include:

• Transfers to countries that have been deemed to provide an adequate level of data protection by the UK Secretary of State
• Use of standard contractual clauses approved by the Information Commissioner's Office (ICO)
• Use of International Data Transfer Agreements (IDTAs) or UK Addenda to the EU Standard Contractual Clauses
• Reliance on the recipient's binding corporate rules

If you would like further information about the specific safeguards applied to international transfers of your data, please contact us at [email protected].

12. Children's Privacy

Our Website is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children under 18 years of age. Our Website contains content related to online gambling, which is an activity restricted to adults aged 18 and over in the United Kingdom.

If we become aware that we have collected personal data from a child under 18, we will take immediate steps to delete that data from our systems. If you are a parent or guardian and believe that your child has provided personal data to us, please contact us at [email protected] so that we can take appropriate action.

13. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised or unlawful processing, accidental loss, destruction, or damage. Our security measures include:

• Encryption in transit: All data transmitted between your browser and our Website is encrypted using Transport Layer Security (TLS/SSL), as indicated by the HTTPS protocol in our Website address.
• Access controls: Access to personal data is restricted to authorised team members who need it to perform their duties. All team members with access to personal data are bound by confidentiality obligations.
• Secure hosting: Our Website is hosted on servers with industry-standard security measures including firewalls, intrusion detection systems, and regular security updates.
• Regular reviews: We regularly review our data processing activities and security measures to ensure they remain appropriate and effective.
• Incident response: We have procedures in place to detect, report, and investigate personal data breaches. In the event of a breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform you without undue delay, as required by UK GDPR.

While we implement robust security measures, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to protecting your data to the best of our ability using current industry standards.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or business operations. When we make changes, we will update the "Effective" date at the top of this Policy.

For significant changes that materially affect your rights or how we process your personal data, we will make reasonable efforts to notify you, such as by displaying a prominent notice on our Website. However, we encourage you to review this Policy periodically to stay informed about how we protect your data.

Your continued use of our Website after any changes to this Policy constitutes your acceptance of the updated Policy. If you do not agree with the changes, you should stop using our Website.

15. Contact and Complaints

If you have any questions, concerns, or requests relating to this Privacy Policy or our data processing practices, please contact us:

• Data Protection Officer: [email protected]
• Subject line: "Data Protection Enquiry" or "Data Protection Request"

We take all privacy concerns seriously and will endeavour to resolve any issues promptly and fairly. We aim to respond to all data protection enquiries within 30 days.

Complaints to the ICO

If you are not satisfied with our response to your data protection concern, or if you believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's independent authority for data protection and information rights:

• Website: ico.org.uk
• Telephone: 0303 123 1113
• Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would appreciate the opportunity to address your concerns before you approach the ICO, but you are entitled to contact them at any time.

This Privacy Policy was last updated on 1 May 2026.