Research Access
Privacy Policy | The British Megalithic Archive & NeolithicBritain.com

Privacy Policy for The British Megalithic Archive & NeolithicBritain.com

Last Updated: [Date]

Effective Date: [Date]

This Privacy Policy describes how The British Megalithic Archive ("we", "us", or "our"), operating through the website NeolithicBritain.com (the "Site"), collects, uses, and discloses your personal information when you visit, use our services, or interact with us. We are committed to protecting your privacy and handling your data in an open and transparent manner in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

The British Megalithic Archive is a dedicated digital resource for the study and public dissemination of information on the Neolithic monuments of Britain. We are the Data Controller for the personal data processed via this Site.

1. Information We Collect

We collect information that you provide directly to us and information automatically collected during your use of the Site.

1.1 Information You Provide Voluntarily

  • Contact Information: When you contact us via email, contact forms, or newsletters, you may provide your name, email address, and any other information included in your message.
  • User Contributions: If you submit research, photographs, site reports, corrections, or comments to the archive, you may provide personal data within those contributions.
  • Account Data: If we create a contributor account for you, we will store your name, institutional affiliation (if applicable), email address, and a record of your submissions.
  • Communication Records: Copies of your correspondence with us.

1.2 Information Collected Automatically

  • Technical Data: Internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Site.
  • Usage Data: Information about how you use our Site, including the full URLs, clickstream to, through and from our Site (including date and time), pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
  • Cookies & Similar Technologies: Please see our separate Cookie Policy (Section 9) for detailed information.

2. How We Use Your Information (Purposes & Legal Bases)

We will only use your personal data when the law allows us to. Under UK GDPR, we rely on the following legal bases:

Purpose of Processing Type of Data Legal Basis for Processing
To operate, maintain, and provide the core features of the Site and archive. Technical Data, Usage Data Legitimate Interests (to provide our non-commercial educational service).
To respond to your enquiries, comments, or requests for information. Contact Information, Communication Records Legitimate Interests (to communicate with users and the public).
To process, credit, and publish user contributions (e.g., photographs, reports) to the archive with your permission. Contact Information, User Contributions Consent (explicitly given for the specific contribution).
To send administrative emails (e.g., policy updates, contributor account management). Contact Information Legitimate Interests (necessary administration).
To analyse and improve the Site's performance, content, and user experience. Technical Data, Usage Data, Cookies Legitimate Interests (to improve our services and ensure network security).
To prevent fraud, maintain security, and protect the integrity of the archive. Technical Data, Usage Data Legitimate Interests (to protect our services).
To comply with legal or regulatory obligations. Any relevant data Legal Obligation.

3. How We Share Your Information

We do not sell, trade, or rent your personal data to third parties for marketing purposes. We may share your data in the following limited circumstances:

  • Service Providers: With trusted third-party vendors who provide essential services on our behalf (e.g., web hosting, email delivery, analytics). These providers are contractually bound to use your data only to perform services for us and in accordance with this policy.
  • Published Contributions: If you submit content for publication (e.g., a photograph), your name (and optionally affiliation) will be published alongside that content as a credit, as per your consent.
  • Legal Requirements: Where required by law, regulation, legal process, or governmental request; to enforce our terms; or to protect the rights, property, or safety of the Archive, our users, or the public.
  • Academic Collaboration: In an anonymised and aggregated form for legitimate academic research related to archaeology and digital humanities.

4. Data Security

We have implemented appropriate technical and organisational security measures designed to protect your personal data from accidental loss, unauthorised access, alteration, or disclosure. These include secure servers, encryption (where appropriate), and access controls. However, no electronic transmission or storage method is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security.

5. Data Retention

We will retain your personal data only for as long as is necessary for the purposes set out in this policy, or as required to fulfil any legal, accounting, or reporting obligations.

  • Contact Enquiries: Retained for 3 years from the date of last contact for reference purposes.
  • Published Contributions: Retained indefinitely as part of the permanent academic and public record of the archive, alongside your credited name.
  • Technical & Usage Data: Retained in an anonymised form for analytics; raw logs are typically deleted after 12-26 months.
  • Contributor Account Data: Retained for the duration of your active association with the archive and for a reasonable period thereafter.

We will securely delete or anonymise your data when it is no longer needed.

6. International Data Transfers

Our primary servers are located within the United Kingdom. However, some of our third-party service providers (e.g., cloud hosting, analytics) may operate outside the UK, including in the United States. Where we transfer your data to a country not deemed to provide an adequate level of data protection, we will ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or Standard Contractual Clauses (SCCs).

7. Your Data Protection Rights (Under UK GDPR)

You have the following rights regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete data.
  • Right to Erasure ('Right to be Forgotten'): You can request deletion of your data, subject to certain legal exceptions (e.g., where we have a legal obligation to retain it, or it forms part of a published academic record).
  • Right to Restrict Processing: You can request we temporarily suspend the processing of your data under certain conditions.
  • Right to Data Portability: You can request a structured, commonly used, machine-readable copy of data you provided directly, where processing is based on consent or contract.
  • Right to Object: You can object to processing based on our legitimate interests. We will comply unless we have compelling legitimate grounds that override your interests.
  • Rights related to Automated Decision-Making: We do not engage in automated decision-making or profiling.
  • Right to Withdraw Consent: Where processing is based on your consent (e.g., for a specific contribution), you can withdraw it at any time. This does not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us using the details in Section 11. We may need to verify your identity before responding. You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner's Office (ICO).

8. Children's Privacy

Our Site is intended for a general audience and is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has provided us with data, please contact us. If we learn we have collected such data, we will delete it promptly.

9. Cookies & Similar Technologies

We use cookies and similar tracking technologies to track activity on our Site and hold certain information to enhance functionality and analyse usage.

9.1 What Are Cookies?

Cookies are small data files placed on your device. They are widely used to make websites work efficiently and to provide reporting information.

9.2 Types of Cookies We Use

  • Essential/Strictly Necessary Cookies: Required for the Site to function (e.g., security, load balancing). They do not require consent.
  • Analytics/Performance Cookies: Help us understand how visitors interact with the Site (e.g., pages visited, error messages). We use a privacy-focused setup that anonymises IP addresses and minimises data collection. We seek your consent for these via our cookie banner.
  • Functionality Cookies: Allow the Site to remember choices you make (e.g., display preferences) to provide a more personalised experience.

9.3 Managing Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. Please note that disabling essential cookies may affect the functionality of parts of our Site. You can manage your preferences via our cookie consent banner upon first visit.

10. Third-Party Links

Our Site contains links to other websites operated by third parties (e.g., academic journals, heritage organisations, mapping services). This Privacy Policy applies only to our Site. We are not responsible for the privacy practices or content of third-party sites. We encourage you to read the privacy policies of any external sites you visit.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact the Data Controller:

The British Megalithic Archive
Email: privacy@neolithicbritain.com
Postal Address: [Insert Postal Address, if applicable]

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other reasons. We will post the updated policy on this page with a revised "Last Updated" date. We encourage you to review this page periodically for the latest information on our privacy practices. Material changes will be communicated to registered contributors via email where appropriate.

We use cookies to enhance your browsing experience and provide academic research functionality. By continuing to use our site, you consent to our cookie policy.