Privacy Policy

1. Introduction

Staven Almanac is an independent editorial publication focused on everyday wellness practices. The publication is not affiliated with any commercial, governmental, or institutional body. This Privacy Policy explains how Staven Almanac ("we", "us", "the publication") collects, uses, stores, and shares personal data when you visit staven.info or interact with the editorial team.

This policy is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using this website you acknowledge that you have read and understood this policy. If you have questions about how your data is handled, please contact us at [email protected].

2. Data Controller

The data controller for this publication is Staven Almanac, based at 29 Chart Street[email protected] / +44 20 7193 4852.

3. What Data We Collect

We collect two categories of data:

3.1 Data you provide directly. When you submit the contact form, we collect your name, email address, and the content of your message. This data is used solely to respond to your enquiry and is retained only for the duration necessary to complete that correspondence.

3.2 Data collected automatically. When you visit the website, standard server logs record your IP address, browser type, operating system, referring URL, pages visited, and time of visit. This data is collected in aggregate and is not linked to your identity unless there is a specific operational need (such as investigating a security incident).

We also use cookies and similar technologies to measure readership and improve editorial navigation. For a detailed account of cookies in use, please see the Cookie Policy.

4. Legal Basis for Processing

We rely on the following legal bases under the UK GDPR:

• Legitimate interests — for the collection of server log data and analytics, where this does not override your privacy rights.
• Consent — for the use of non-essential cookies. You may withdraw this consent at any time using the Cookie Settings link in the footer.
• Contract performance — where processing is necessary to respond to a direct enquiry you have submitted.

5. How We Use Your Data

Data collected through the contact form is used exclusively to respond to your enquiry. We do not use this data for marketing, profiling, or any secondary purpose. We do not sell personal data to third parties under any circumstances.

Aggregate analytics data is used to understand which editorial content is most read, to identify navigation patterns that might indicate usability issues, and to make general improvements to the publication.

6. Data Sharing

We may share data with the following categories of third parties:

• Hosting and infrastructure providers — who process data on our behalf under data processing agreements.
• Analytics providers — who receive aggregated, anonymised readership data.
• Law enforcement or regulatory authorities — where we are legally required to disclose data.

We do not share personal data with advertisers, data brokers, or any commercial partners.

7. Data Retention

Contact form submissions are retained for a maximum of 12 months from the date of the last correspondence, after which they are securely deleted. Server log data is retained for a maximum of 90 days. Analytics data is retained in aggregated, non-identifiable form indefinitely.

8. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

• The right to access a copy of the personal data we hold about you.
• The right to request correction of inaccurate personal data.
• The right to request deletion of your personal data, subject to legal retention requirements.
• The right to object to the processing of your data on the basis of legitimate interests.
• The right to data portability for data you have provided directly.
• The right to withdraw consent for cookie-based data collection at any time.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. International Transfers

Where third-party service providers are based outside the United Kingdom, we ensure that appropriate safeguards are in place — such as UK adequacy decisions or Standard Contractual Clauses — before transferring any personal data.

10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. The website is served over HTTPS. Access to contact form submissions is restricted to the editorial team.

11. Children

This website is not directed at individuals under the age of 16. We do not knowingly collect personal data from minors. If you believe we have inadvertently received data from a minor, please contact us at [email protected] and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be noted at the top of this page with a revised date. Continued use of the website after a policy update constitutes acknowledgement of the revised terms.