Privacy Policy
This policy explains how we—United Kingdom Botanical History—collect, use, and protect your personal information when you visit our educational archive, UKBotanicalHistory.com. It was last updated on 6 December 2025. We are committed to transparency and your privacy rights under UK data protection law, including the UK General Data Protection Regulation (UK GDPR).
1. Who We Are
The data controller for this website is United Kingdom Botanical History (Registration: SC314110), a Scottish entity founded in 2015. We operate the UKBotanicalHistory.com archive as an educational resource.
Our contact details are as follows:
- Address: 45 Suite 3/12, Falkirk Business Hub, 45 Vicar Street, Falkirk, Scotland, FK1 1LL
- Email: info@UKBotanicalHistory.com
- Phone: +44 116 370 49 97
If you have questions about your data, this is the team to contact. We aim to respond to data-related enquiries within 10 working days.
2. The Information We Collect
We collect different types of information, depending on how you interact with the archive. The vast majority of our visitors browse without providing any personal data at all.
Information You Provide Directly
This is data you give us voluntarily, for example when you:
- Contact us via email or our website form.
- Sign up for our (hypothetical) research newsletter.
- Submit an enquiry about archival material.
This typically includes your name, email address, and the content of your message. We never ask for sensitive personal data (like health information) unless it is strictly necessary for a specific research purpose—and we would always ask for your explicit consent first.
Information Collected Automatically
Like most websites, we collect technical data through cookies and server logs. This includes:
- IP Address & Browser Type: To ensure site security and compatibility.
- Pages Visited & Time Spent: We analyse which botanical topics (e.g., 'Manor Gardens' vs. 'Forestry') are most popular to improve our content. This data is aggregated and anonymised.
- Referring Site: How you found us—was it a search engine, a link from another archive, or a social media post?
We treat this data like a historical ledger—recording activity for maintenance and improvement, not for intrusive profiling.
3. Our Legal Basis for Processing (UK GDPR)
Under UK law, we must have a lawful reason to process your personal data. For our archive, these are the primary bases:
- Legitimate Interests: This is our main basis for processing technical data (like analytics) and responding to your enquiries. Our legitimate interest is to operate, secure, and improve a free, public educational resource. We have balanced this interest against your privacy rights.
- Consent: For optional uses, like non-essential cookies or a mailing list, we ask for your clear, affirmative consent. You can withdraw consent at any time.
- Contractual Necessity: If you were to engage us for a paid research service, we'd process data to fulfil that contract.
- Legal Obligation: To comply with laws, such as retaining financial records for HMRC.
4. How We Use Your Information
To Maintain the Archive
Server logs and security monitoring help us keep the site online and protect it from misuse, ensuring access for all researchers.
To Respond to You
If you contact us with a question about 18th-century herbals, we use your email address to reply. We don't add it to a marketing list unless you ask us to.
To Improve Content
Anonymous data shows us if visitors are deeply reading about agricultural tools or quickly leaving a page, guiding where we focus our editorial efforts.
We do not: Sell your personal data. Use it for automated decision-making or profiling. Or share it with third parties for their marketing purposes.
5. Data Sharing & Third Parties
We use a minimal number of trusted service providers who help us run the archive. These "data processors" act only on our instructions:
- Hosting Provider: Our website is hosted on servers, likely within the UK or European Economic Area (EEA).
- Analytics: We may use a privacy-focused analytics service (like a self-hosted or EU-based tool) that anonymises IP addresses.
- Email Service: If you email us, our email provider processes that data.
We require all processors to provide adequate safeguards. We will disclose personal data if required by law—to a law enforcement agency with a valid warrant, for instance.
6. Data Retention: How Long We Keep Information
We don't keep data longer than necessary. Our retention periods are based on the purpose of processing:
- Enquiry Emails: We typically delete them after 24 months, unless they form part of an ongoing research correspondence.
- Server Logs: Anonymised after 30 days; raw logs containing IP addresses are deleted after 90 days.
- Financial/Contract Records: Retained for 7 years as required by UK tax law.
- Mailing List Data: Held until you unsubscribe or we discontinue the list.
7. Cookies & Similar Technologies
Cookies are small text files placed on your device. We use them sparingly:
- Essential Cookies: Necessary for the site to function (e.g., remembering your cookie preference). These cannot be refused.
- Analytics Cookies: Help us understand aggregate usage patterns. These are non-essential and require your consent.
- No Advertising Cookies: We do not use tracking cookies for third-party advertising.
You can manage cookies through your browser settings. Blocking all cookies may affect site functionality.
The cookie banner at the bottom of the page allows you to accept non-essential cookies. You can change your mind at any time by clearing your browser cookies.
8. Your Data Protection Rights
Under UK GDPR, you have rights regarding your personal data. To exercise any of these, please contact us using the details in Section 1.
Right of Access
You can request a copy of the personal data we hold about you (a "subject access request"). We have one month to respond, usually at no charge.
Right to Rectification
If your data is inaccurate or incomplete, you can ask us to correct it.
Right to Erasure
You can ask us to delete your data in certain circumstances (e.g., if it's no longer necessary for our purposes).
Right to Object
You can object to our processing based on legitimate interests. We will stop unless we have compelling legitimate grounds that override your interests.
You also have rights to restrict processing, data portability, and to withdraw consent. You have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner's Office (ICO).
9. International Data Transfers
Our operations are based in the UK. If any of our service providers transfer data outside the UK (e.g., to the EU or USA), we ensure the transfer is protected by appropriate safeguards, such as the UK's International Data Transfer Agreement (IDTA) or an adequacy decision.
10. Security of Your Information
We implement appropriate technical and organisational measures to protect your data. These include encryption (SSL/TLS) for data in transit, access controls, and regular security reviews. However, no online transmission is 100% secure—we cannot guarantee absolute security.
11. Links to Other Websites
Our archive contains links to external resources—other botanical libraries, museum collections, or academic papers. This privacy policy applies only to UKBotanicalHistory.com. We are not responsible for the privacy practices of other sites. We encourage you to read their privacy notices when you leave our site.
12. Changes to This Privacy Policy
We may update this policy to reflect changes in law, technology, or our services. The "last updated" date at the top will change. We will not reduce your rights under this policy without your explicit consent. Significant changes may be highlighted on the website or notified to you directly if we have your contact details.
Questions About Your Data?
If anything in this policy is unclear, or if you wish to exercise your rights, please get in touch.
Contact Our Data Team