Skip to content
Psyentific
Sign in Subscribe

Privacy Policy

Effective date: 24 May 2026

1. About this policy

1.1 This Privacy Policy explains how personal data is collected, used and protected when you use www.psyentific.co.uk (the 'Site').

1.2 This policy is issued under and complies with the UK General Data Protection Regulation ('UK GDPR') and the Data Protection Act 2018.

2. Who is the data controller

2.1 The data controller for personal data collected through the Site Kiryl Oliveira, a sole individual based in the United Kingdom, contactable at contact@psyentific.co.uk (the 'Controller').

2.2 As an individual processing personal data only for the purposes of operating a personal publication and sending first-party email updates to subscribers who have requested them, the Controller is not currently required to register with the Information Commissioner's Office. This position is kept under review.

3. What personal data is collected

3.1 The Controller collects and processes the following categories of personal data:

(a) Subscriber data: email address, date of subscription, subscription status, and any name you choose to provide;

(b) Engagement data: limited information about how subscribers interact with emails, such as whether an email was opened or a link was clicked, where the email service provider makes this available;

(c) Site usage data: aggregated and pseudonymised information about how the Site is used, including pages viewed, referring source, approximate location (country or region) and device type;

(d) Communications data: the content of any messages you send to the Controller via email or contact forms.

3.2 The Site does not knowingly collect personal data from children. If you are under 18, please do not submit personal data through the Site.

4. How personal data is collected

4.1 Personal data is collected:

(a) directly from you when you subscribe to the Site, register an account, or contact the Controller;

(b) automatically when you visit the Site, through cookies and similar technologies as described in clause 8; and

(c) from third-party service providers used to operate the Site, as described in clause 7.

5. Lawful basis and purpose of processing

5.1 The Controller processes personal data on the following lawful bases under Article 6 of the UK GDPR:

(a) Consent (Article 6(1)(a)): for sending email updates to subscribers who have signed up to receive them, and for any non-essential cookies;

(b) Legitimate interests (Article 6(1)(f)): for operating, securing and improving the Site, for measuring the reach of published content through aggregated analytics, and for responding to enquiries. The Controller's legitimate interests are balanced against your rights and freedoms;

(c) Legal obligation (Article 6(1)(c)): where processing is necessary to comply with a legal obligation, including responding to lawful requests from public authorities.

6. How long personal data is kept

6.1 Personal data is retained only for as long as necessary for the purposes for which it was collected:

(a) subscriber data is kept for as long as you remain subscribed and is deleted within a reasonable period after you unsubscribe, save where retention is required to evidence consent or to comply with a legal obligation;

(b) engagement and site usage data is retained in aggregated form for analytical purposes;

(c) communications data is retained for as long as necessary to respond to your enquiry and to maintain a reasonable record of correspondence.

7. Third-party service providers

7.1 The Site is hosted and delivered using third-party service providers acting as data processors on the Controller's behalf. Each is bound by appropriate data protection terms.

7.2 The principal processors currently used are:

(a) Ghost Foundation (publishing platform, subscriber management, email delivery and built-in site analytics), based in Singapore with hosting infrastructure as set out in Ghost's own privacy notice at ghost.org/privacy;

(b) Stripe Payments Europe, Limited (payment processing), only if and when paid subscriptions are introduced.

7.3 Some processors may be located outside the United Kingdom. Where personal data is transferred internationally, the Controller relies on appropriate safeguards as required by the UK GDPR, including adequacy decisions, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses, as applicable.

7.4 Personal data is not sold, rented or shared with any third party for that third party's marketing purposes.

8. Cookies and similar technologies

8.1 The Site uses a small number of cookies and similar technologies:

(a) Strictly necessary cookies, required for the Site to function, including for sign-in and subscription management. These do not require consent;

(b) Analytics, provided through Ghost's built-in analytics, which are configured to operate without identifying individual visitors and do not rely on third-party tracking cookies.

8.2 The Site does not use third-party advertising cookies or cross-site tracking technologies.

8.3 You can control cookies through your browser settings. Disabling strictly necessary cookies may affect the operation of the Site.

9. Your rights

9.1 Under the UK GDPR, you have the following rights in relation to your personal data:

(a) the right to be informed about how your personal data is processed;

(b) the right of access to your personal data;

(c) the right to rectification of inaccurate personal data;

(d) the right to erasure ('right to be forgotten') in certain circumstances;

(e) the right to restrict processing in certain circumstances;

(f) the right to data portability;

(g) the right to object to processing carried out on the basis of legitimate interests or for direct marketing; and

(h) the right to withdraw consent at any time, where processing is based on consent.

9.2 To exercise any of these rights, contact kiryl.oliveira@psyentific.co.uk. Requests will be responded to within one month, as required by the UK GDPR.

9.3 You have the right to lodge a complaint with the Information Commissioner's Office ('ICO'), the UK supervisory authority for data protection matters. Details are available at www.ico.org.uk. The Controller would, however, appreciate the opportunity to address your concerns before you approach the ICO.

10. Security

10.1 Appropriate technical and organisational measures are in place to protect personal data against accidental loss, unauthorised access, alteration or disclosure. No transmission over the internet is, however, entirely secure, and the Controller cannot guarantee the security of data sent to or from the Site.

11. Changes to this policy

11.1 This policy may be updated from time to time. The version published on this page is the version in force. Material changes will be notified to registered subscribers by email.

12. Contact

12.1 Questions about this policy or about how your personal data is processed should be sent to contact@psyentific.co.uk