Cookie Policy

Tracking and cookies

Our Website uses cookies and other technical measures to monitor and protect against malicious traffic and to collect limited analytical data in order to understand how users engage with the Website. We respect “do not track” requests and only deploy non-essential cookies (e.g. those that gather analytics and statistics) on the basis of your consent.

We have limited the cookies deployed to the following:

  • Strictly necessary Cloudflare cookies to protect the Website against DDoS attacks
  • Strictly necessary application cookies to facilitate user logins and protect the Website against attempts to inject malicious code into registration forms

Opting in and out of cookies

The Cloudflare and application cookies perform essential Website security functions and as such, it is not possible to opt-out.

Browser settings can also be used to manage cookie preferences. Each browser is different, so check the Help or Settings menu of your particular browser to learn how to change your cookie preferences.

Information security

We take all reasonable steps to ensure that personal data is processed securely and treated in accordance with this Policy. The technical and organisational measures to prevent unauthorised access to personal data include limiting staff and processor access to personal data in accordance with specific job responsibilities or contractual obligations, the encryption of data where possible, the institution of security protocols and staff training.

Although we do our best to protect personal data, information transmitted over the internet remains vulnerable to interception – for this reason, the transmission of any personal data to our websites or via email to us is therefore at the data subjects’ own risk.

Data sharing and processors


We engage third-party service providers to perform certain data processing tasks that enable us to run the Website and mailing list, these include:

These third parties are engaged on terms that ensure the confidentiality of data and compliance with applicable data protection laws.

Data sharing

No personal data will be shared with any parties outside of People vs Big Tech and The Citizens.

International transfers of data

Where we transfer your data outside of the European Union or the European Economic Area, we will ensure that your data is appropriately protected by requiring the recipient to respect and uphold your rights as a data subject under all applicable laws and by making the transfer subject to an international transfer safeguard, for example, the Standard Contractual Clauses issued by the European Commission.

External websites

The Website includes links to external websites, or other external resources and social media platforms that may process your data or use cookies. You can find out more about these services and the way they process data through their respective websites and privacy policies. Please note we cannot control the way those external websites collect and retain your personal data, so you use those external services at your own risk.

Your rights

Individuals whose personal data is processed in accordance with this Policy may have the following rights available:

  • The right to be informed as to whether we hold data about them;
  • The right of access to that information;
  • The right to have inaccurate data corrected;
  • The right to have their data deleted;
  • The right to opt-out of particular data processing operations;
  • The right to receive their data in a form that makes it “portable”;
  • The right to object to data processing;
  • The right to receive an explanation about any automated decision making and/or profiling, and to challenge those decisions where appropriate.

To make a subject access request or complaint related to the processing of your personal data under this Policy contact [email protected].

You also have the right to bring concerns to your national data protection regulator if you feel that your personal data has been unlawfully processed. For example, data subjects covered by EU law may also be entitled to lodge complaints in regard to data processing or the handling of subject access requests with data protection supervisory authority in their country of residence. Relevant supervisory authority names and contact details are listed here.

Changes and revisions

If we make changes to this Policy, the date and nature of the change will be listed below. Should a change to the Policy result in a material impact on the handling of any personal data, we will contact the impacted data subjects to inform them directly.

 of subject access requests with data protection supervisory authority in their country of residence. Relevant supervisory authority names and contact details are listed here.

See full details of our Privacy Policy here.