GDPR Privacy Notice

Last updated: 26 December 2025

At eRated, we are committed to protecting your privacy and personal data. This Privacy Notice explains how we collect, use, store, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

eRated ("we", "us", or "our") is a product rating platform that provides objective, AI-powered product ratings for UK consumers. We are the data controller responsible for your personal data.

2. Information We Collect

We collect and process the following types of personal data:

2.1 Information You Provide

• Contact information (if you contact us via email or contact forms)
• Feedback and correspondence when you communicate with us
• Any information you voluntarily submit through our website

2.2 Automatically Collected Information

• Usage Data: Pages visited, time spent on pages, click patterns, and navigation paths
• Technical Data: IP address, browser type and version, device type, operating system, and screen resolution
• Cookies and Similar Technologies: We use cookies to enhance your experience, analyze site usage, and remember your preferences

3. How We Use Your Information

We use your personal data for the following purposes:

• Service Delivery: To provide and improve our product rating services
• Website Functionality: To ensure our website works correctly and to personalize your experience
• Analytics: To understand how visitors use our site and to improve our content and services
• Communication: To respond to your inquiries and provide customer support
• Legal Compliance: To comply with legal obligations and protect our legal rights

4. Legal Basis for Processing

We process your personal data under the following legal bases:

• Legitimate Interests: To operate and improve our website, analyze usage patterns, and provide our services
• Consent: Where you have given clear consent for specific processing activities (e.g., cookies)
• Legal Obligation: To comply with applicable laws and regulations

5. Data Storage and Security

We store your personal data securely and take appropriate technical and organizational measures to protect it against unauthorized access, loss, or destruction. Data is stored primarily in the UK and EU where possible, in compliance with UK GDPR requirements.

We retain personal data only for as long as necessary to fulfill the purposes outlined in this notice, unless a longer retention period is required by law.

6. Data Sharing and Third Parties

We may share your personal data with:

• Service Providers: Third-party services that help us operate our website (e.g., hosting providers, analytics services)
• Legal Authorities: When required by law or to protect our legal rights

We do not sell your personal data to third parties. All third-party service providers are required to handle your data in accordance with applicable data protection laws.

7. Cookies

Our website uses cookies to enhance functionality and analyze usage. You can control cookies through your browser settings. For more information, please see our Cookie Policy (if applicable) or manage your preferences through our cookie consent banner.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data (subject to legal requirements)
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the details provided below.

9. International Transfers

Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the relevant data protection authority.

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Notice

We may update this Privacy Notice from time to time. We will notify you of any material changes by posting the updated notice on this page and updating the "Last updated" date.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Notice or our data practices, please contact us:

• Email: privacy@erated.co.uk (or your contact email)
• Subject Line: "GDPR Request" or "Privacy Inquiry"

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data in accordance with UK GDPR. Visit ico.org.uk for more information.

13. Data Minimization

We follow the principle of data minimization, collecting only the personal data that is necessary for the purposes outlined in this notice. We do not collect sensitive personal data unless absolutely necessary and with your explicit consent.