Privacy policy

Privacy policy

Last updated: 2026-06-09 — Compliant with GDPR EU 2016/679 + Spanish LOPDGDD 3/2018 + UK GDPR / Data Protection Act 2018 (if UK users).

1. Data controller

• Identity: José Manuel Volante González
• Tax ID (NIF): 49108819R
• Postal address: C/ Zafra 5, 21310 La Zarza (Huelva), España
• Email: [email protected]
• GDPR rights email: [email protected]

2. Purposes of processing

1. Site operation: serve pages and maintain availability.
2. Inquiry handling: respond to communications sent to the contact email.
3. Legal compliance: respond to lawful requests from authorities.

No automated decisions producing legal effects (GDPR Art 22). No commercial profiling.

3. Legal basis

• Site operation: legitimate interest (Art 6.1.f GDPR).
• Inquiries: consent (Art 6.1.a GDPR).
• Legal compliance: legal obligation (Art 6.1.c GDPR).
• Affiliate links: legitimate interest (Art 6.1.f GDPR) — monetisation of a free service.

4. Categories of data

• Technical data: IP anonymised by Cloudflare, User-Agent, page visited, timestamp. Cloudflare Web Analytics is cookieless.
• Identification data if you contact us by email.
• No special categories processed.

5. Retention

• Cloudflare technical logs: 7 days.
• Aggregated Web Analytics: 6 months.
• Email correspondence: up to 2 years after last interaction.

6. Recipients

• Cloudflare, Inc. (hosting + analytics + CDN, USA, with Standard Contractual Clauses).
• Affiliate programmes when the user clicks affiliate links (referrer only, no personal data).
• Public authorities when legally required.

7. User rights

Access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. To exercise, email [email protected] with "GDPR Request" in the subject and ID copy attached.

8. Complaints

• Spain: Agencia Española de Protección de Datos — https://www.aepd.es/
• UK: Information Commissioner's Office — https://ico.org.uk/
• EU: your national supervisory authority.

Data shared with third parties (affiliates)

When the user clicks an affiliate link, an affiliate referrer ID is transmitted to the partner. No personal data is transmitted beyond the regular HTTP request metadata. Downstream processing is governed by the third party's policy.

9. Automated decisions

No automated decisions producing legal effects (GDPR Art 22).

10. Changes

This policy may be updated for legal or operational reasons. The version in force is always the one published at this URL with the date above.

Contact

For data-related questions: [email protected].

Privacy notice

Last updated: 2026-05-18

Summary. UK ETA Transit Checker is a free, single-page eligibility checker. We do not collect, store, or share any personal information about you. Your nationality, travel document, trip type, transit airport, dual-citizenship flag, and travel date stay in your browser tab and are forgotten when you close it. There is no signup, no account, no login, no tracking cookie, no server that receives your form inputs.

What runs on your device

The verdict ("ETA REQUIRED", "NO ETA NEEDED", etc.), the fee estimate, the validity window, and the rule citation are all computed in your browser from a static dataset that ships with the page (src/lib/eta-data.ts, sourced from GOV.UK). Nothing is sent anywhere when you fill in the form.

If you press Download summary, a .txt file is generated locally and saved by your browser. We do not see it.

Analytics (cookieless, aggregate only)

If the operator has enabled Cloudflare Web Analytics, an aggregated, cookieless count of page visits is collected. Cloudflare Web Analytics does not use cookies, does not use localStorage, does not fingerprint your device by IP address or User Agent, and does not assign user IDs. No personal identifier ever reaches us. The service is explicitly designed to work without a consent banner under GDPR / UK-GDPR / LGPD / CCPA.

You can read Cloudflare's privacy posture for this product at cloudflare.com/web-analytics and the broader privacy policy at cloudflare.com/privacypolicy.

Outbound links

When you click an outbound link (GOV.UK, the affiliate cards in the result panel, or any external resource we cite), you leave this site and that destination's privacy policy applies. We do not control those sites. Where a link earns us a commission, the disclosure "Sponsored" is shown next to it — see also our Terms of service.

Your rights — and why most of them are no-ops here

Because we do not collect personal information about you, there is nothing for us to access, correct, or delete on your behalf. We list the rights that apply by jurisdiction below for completeness; if you believe we hold data about you (we do not), you can exercise them by emailing the contact at the bottom of this notice.

United States — California (CCPA / CPRA)

• Right to know what is collected — N/A: nothing.
• Right to delete — N/A: nothing held.
• Right to correct — N/A.
• Right to opt out of sale or sharing — N/A: we do not sell or share.
• Right to limit use of sensitive personal information — N/A.

United States — other states (Colorado, Connecticut, Virginia, Utah, etc.)

The same rights as above apply under state-specific privacy laws (CPA, CTDPA, VCDPA, UCPA). Same answer: nothing collected, nothing to exercise rights over.

Canada (PIPEDA)

Right to access and challenge accuracy of personal information held by organisations. We hold none.

Australia (Privacy Act 1988 + Australian Privacy Principles)

APP 6/12/13 rights of access, correction, complaint. We hold no personal information about you.

Mexico (LFPDPPP)

ARCO rights — Acceso, Rectificación, Cancelación, Oposición. We hold no datos personales about you.

Argentina (Ley 25.326) and Chile (Ley 21.719)

Right of access, rectification, suppression, and confidentiality. We hold no data about you.

European Union / United Kingdom (GDPR / UK-GDPR)

Even though our target markets are non-EU/UK, EU and UK travellers reach the site. Under GDPR Art. 15–22 (and the UK-GDPR equivalents) you have rights of access, rectification, erasure, restriction, portability, and objection. Because no personal data is processed, there is nothing for us to act on.

Contact

If you have a privacy question, write to [email protected].

You may also lodge a complaint with your local supervisory authority — e.g. ANPD (Brazil), ICO (UK), CNIL (France), DPC (Ireland), FTC (US), OAIC (Australia), or the equivalent regulator in your jurisdiction.