Privacy Policy
Effective date: 12 July 2026. Martyn's Law Check is operated at this website. This policy explains what personal information we collect, how we use it, and the choices you have under the UK GDPR and the Data Protection Act 2018. We keep the data footprint of this product deliberately small.
What we collect
We collect only what we need to deliver the report you pay for:
- The answers you enter (premises or event, use, capacity band, event access, who controls the premises, responsible-person type, nation, and the premises name and address you choose to add). We use these solely to generate your report. The premises name and address are printed on the report as you enter them and are not verified.
- Your email address, so we can deliver the finished report and your receipt.
- Payment details are processed by Stripe. We never see or store your full card number, CVC or expiry. Stripe is a PCI-DSS Level 1 certified payment processor; your card data goes directly to Stripe. We receive only confirmation that payment succeeded and a limited record (such as the last four digits and a transaction ID) for our records and refunds.
The free scope check runs in your browser
The scope check on the site works entirely in your browser. Your answers are held in your browser's session storage only to carry them into the order form if you choose to buy a report. They are not sent to us unless you complete a purchase.
Lawful basis
Under the UK GDPR, we process your email and the details you submit to perform the contract for the report you buy. We rely on our legitimate interests for basic, non-identifying records needed for accounting and fraud prevention, and on legal obligation for records we must keep, for example for tax.
Analytics: cookieless, no personal data
Where we measure aggregate traffic, we use a privacy-first, cookieless analytics service that sets no cookies, collects no personal data, does no cross-site or cross-device tracking, and does not build advertising profiles. Because it collects no personal data and sets no cookies, it operates without a cookie-consent banner. We cannot use analytics data to identify you.
We do not sell or share your personal information
We do not sell your personal information, and we do not share it for targeted advertising. We do not have, and will not create, any such data-sale program.
How we use your information
- To generate and deliver the report you ordered.
- To email you the report, a receipt, and any delivery follow-up.
- To process refunds and respond to support requests.
- To keep basic, non-identifying records required for accounting and fraud prevention.
We do not use your email for marketing unless you explicitly opt in.
Data retention
We keep your report inputs and email only as long as needed to deliver the report and provide support, and to meet legal, tax and accounting obligations. Payment records held by Stripe are retained under Stripe's own policies. You may ask us to delete your data at any time (see below), subject to records we are legally required to keep.
Your rights under the UK GDPR
You have the right to access, rectify, erase, restrict or port your personal information, and to object to processing. To exercise any of these, email hello@martynslawscope.co.uk and we will respond within the timeframe required by the UK GDPR (usually one month). You also have the right to complain to the UK's supervisory authority, the Information Commissioner's Office (ICO), at ico.org.uk.
Children's privacy
This service is intended for adults and business users and is not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, email us and we will delete it.
Data security
Data is transmitted over encrypted HTTPS connections. Payment card data is handled entirely by Stripe. No method of transmission or storage is perfectly secure, but we limit the personal data we hold precisely to reduce risk.
International transfers
Some of our processors (such as Stripe) may process data outside the UK. Where personal data is transferred outside the UK, it is protected by appropriate safeguards recognised under the UK GDPR, such as the UK International Data Transfer Agreement or adequacy regulations.
Changes to this policy
We may update this policy from time to time. When we do, we will revise the effective date above. Material changes will be reflected on this page.
Contact
Questions about this policy or your data? Email hello@martynslawscope.co.uk.