GDPR Privacy Policy – PrayerTimesLondon.com
Last Updated: Today
1. Introduction
PrayerTimesLondon.com (“we”, “us”, “our”, or the “Website”) is committed to protecting and respecting your privacy in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This GDPR Privacy Policy explains how we collect, use, store, and protect your personal data when you use our Website, which provides Islamic prayer times for London, UK, and related services.
Data Controller:
- Name: PrayerTimesLondon.com
- Email:[email protected]
- Location: United Kingdom
2. What Personal Data We Collect
Under GDPR, “personal data” means any information relating to an identified or identifiable natural person.
2.1 Data You Provide Directly
Table
Copy
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Name | Communication, identification | Consent |
| Email address | Responding to inquiries, updates | Consent |
| City/Borough | Personalizing prayer times for London areas | Legitimate Interest |
| Comments/Feedback | Improving services | Consent |
2.2 Data Collected Automatically
Table
Copy
| Data Type | Purpose | Legal Basis |
|---|---|---|
| IP address | Security, analytics, fraud prevention | Legitimate Interest |
| Browser type & version | Website optimization | Legitimate Interest |
| Device information | Responsive design improvement | Legitimate Interest |
| Operating system | Compatibility testing | Legitimate Interest |
| Pages viewed & time spent | User experience improvement | Consent (via cookies) |
| Referring/exit pages | Traffic analysis | Consent (via cookies) |
| Approximate location | Displaying accurate London prayer times | Legitimate Interest |
| Cookies & similar technologies | Functionality, analytics, advertising | Consent |
3. Legal Basis for Processing (GDPR Article 6)
We process your personal data based on the following legal grounds:
3.1 Consent (GDPR Article 6(1)(a))
- Cookie usage (non-essential)
- Marketing communications
- Optional user accounts (if introduced)
You have the right to withdraw consent at any time by contacting us at [email protected].
3.2 Legitimate Interests (GDPR Article 6(1)(f))
- Website security and fraud prevention
- Analytics and performance monitoring
- Displaying location-based prayer times for London
- Technical maintenance
We conduct a Legitimate Interests Assessment (LIA) to ensure your rights are not overridden.
3.3 Legal Obligation (GDPR Article 6(1)(c))
- Compliance with UK law
- Data retention requirements
- Regulatory investigations
3.4 Contract (GDPR Article 6(1)(b))
- Providing requested services
- User support and communication
4. How We Use Your Personal Data
Table
Copy
| Purpose | Data Used | Retention Period |
|---|---|---|
| Providing London prayer times | IP address, approximate location | 12 months |
| Website analytics | IP address, browser data, cookies | 26 months (Google Analytics) |
| Advertising (Google AdSense) | Cookies, browsing behavior | Per Google policies |
| Security & fraud prevention | IP address, access logs | 12 months |
| User communication | Name, email | 24 months after last contact |
| Legal compliance | All relevant data | As required by law |
5. Cookies and Tracking Technologies
5.1 Types of Cookies We Use
Table
Copy
| Category | Purpose | GDPR Compliance |
|---|---|---|
| Strictly Necessary | Website functionality, prayer time display | Legitimate Interest — no consent required |
| Analytics | Google Analytics, performance monitoring | Consent required |
| Advertising | Google AdSense, personalized ads | Consent required |
| Functional | Language preferences, location settings | Consent required |
5.2 Cookie Consent Management
- UK/EU users see a cookie consent banner on first visit
- You can accept, reject, or customize cookie preferences
- Essential cookies cannot be disabled (required for core functionality)
- You may withdraw consent at any time via browser settings or our cookie manager
5.3 Third-Party Cookies
Table
Copy
| Provider | Purpose | Privacy Policy |
|---|---|---|
| Google Analytics | Traffic analysis | Google Privacy |
| Google AdSense | Personalized advertising | Google Ads |
| Cloudflare | Security, performance | Cloudflare Privacy |
6. International Data Transfers
Your personal data may be transferred to and processed in countries outside the UK, including:
- United States (Google services)
- European Union (hosting services)
Safeguards We Implement:
Table
Copy
| Mechanism | Description |
|---|---|
| UK GDPR Standard Contractual Clauses (SCCs) | For transfers to non-adequate countries |
| Adequacy Decisions | Transfers to EU/EEA countries |
| Data Processing Agreements (DPAs) | With all third-party processors |
| Encryption | TLS 1.3 for data in transit |
7. Data Security Measures
We implement appropriate technical and organizational measures to protect your data:Table
Copy
| Measure | Implementation |
|---|---|
| Encryption | SSL/TLS certificates (HTTPS) |
| Access Control | Restricted admin access, role-based permissions |
| Regular Backups | Encrypted, geographically distributed |
| Security Monitoring | 24/7 threat detection |
| Software Updates | Regular security patches |
| Staff Training | GDPR compliance training |
In the event of a personal data breach, we will notify the Information Commissioner’s Office (ICO) within 72 hours and affected users without undue delay.
8. Your Rights Under GDPR
As a data subject, you have the following rights:
8.1 Right to Access (GDPR Article 15)
- Request a copy of your personal data
- Receive information about how we process your data
Contact:[email protected]
8.2 Right to Rectification (GDPR Article 16)
- Request correction of inaccurate data
- Request completion of incomplete data
8.3 Right to Erasure (“Right to be Forgotten”) (GDPR Article 17)
Request deletion of your personal data when:
- Data is no longer necessary
- You withdraw consent
- Data was unlawfully processed
- Legal obligation requires erasure
Exceptions: We may retain data for legal compliance or legitimate interests.
8.4 Right to Restrict Processing (GDPR Article 18)
Request limitation of processing when:
- You contest data accuracy
- Processing is unlawful
- We no longer need the data
- You object to processing
8.5 Right to Data Portability (GDPR Article 20)
- Receive your data in structured, commonly used format
- Transmit data to another controller
8.6 Right to Object (GDPR Article 21)
- Object to processing based on legitimate interests
- Object to direct marketing (opt-out anytime)
8.7 Rights Related to Automated Decision-Making (GDPR Article 22)
- We do not use automated decision-making or profiling
8.8 Right to Withdraw Consent
- Withdraw consent at any time
- Does not affect lawfulness of prior processing
9. Data Retention Policy
Table
Copy
| Data Category | Retention Period | Reason |
|---|---|---|
| Contact form submissions | 24 months | Customer service, legal claims |
| Analytics data | 26 months | Google Analytics default |
| Advertising data | Per Google policy | Third-party controller |
| Security logs | 12 months | Fraud prevention, legal compliance |
| Cookie consent records | 12 months | Proof of compliance |
After retention periods expire, data is securely deleted or anonymized.
10. Children’s Privacy (GDPR Article 8)
- We do not knowingly collect data from children under 13
- If we discover such data, we delete it immediately
- Parents/guardians may contact us to request data removal
11. Data Protection Officer (DPO)
While not legally required, we have designated a Data Protection Contact:
For GDPR-related inquiries, please include “GDPR Request” in the subject line.
12. Supervisory Authority
If you believe we have violated your GDPR rights, you may lodge a complaint with:
Information Commissioner’s Office (ICO)
- Website:www.ico.org.uk
- Phone: 0303 123 1113
- Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We encourage you to contact us first to resolve any issues.
13. Changes to This GDPR Policy
We may update this policy to reflect:
- Changes in UK law
- New processing activities
- Updated third-party services
Material changes will be notified via:
- Website banner notice
- Email (if we have your contact details)
14. Contact Information
For GDPR-related questions, data subject requests, or privacy concerns:
📧 Email: [email protected]
🌐 Website: https://www.PrayerTimesLondon.com
Response Time: We aim to respond to all GDPR requests within 30 days.