01 Who we are
This privacy notice explains how TruePay Calculator ("TruePay", "we", "us", or "our") collects, uses, and protects information about you when you visit truepaycalculator.co.uk.
TruePay is operated as a sole-trader / individual publisher in the United Kingdom. We are the data controller for personal data collected through this website, which means we decide how and why your personal data is processed.
You can contact us at any time at enquiry@truepaycalculator.co.uk with questions about this policy or your data.
02 What we collect
You can use TruePay's calculator without entering any identifiable information about yourself. The salary, pension, and tax details you enter into the calculator are processed entirely in your browser — they never reach our servers and we cannot see them.
The information we (or our third-party processors) collect is limited to:
Information you give us voluntarily
- Email address — only if you choose to subscribe to our newsletter "The Brief". We use this solely to send you the newsletter and you can unsubscribe at any time.
- Cookie preferences — recorded by our consent management tool when you accept or reject cookies.
Information collected automatically
- Technical data — your IP address, browser type and version, operating system, device type, screen size, language settings, and the page that referred you to us.
- Usage data — pages you visit, time on page, links you click, broad geographic location (country/region, derived from IP).
- Advertising identifiers — if you have consented to personalised advertising, Google AdSense may set identifiers used to serve relevant ads.
We do not collect or process any special category data (such as health, religion, or political opinions) and we do not deliberately collect any data from children under 13.
03 Why we collect it & legal basis
Under the UK GDPR and the Data Protection Act 2018, every use of personal data must have a lawful basis. The table below shows what we use each category of data for, and the basis we rely on:
| What | Why | Legal basis (Art. 6 UK GDPR) |
|---|---|---|
| Strictly necessary cookies | To remember your cookie preferences and let the site function | Legitimate interests (Art. 6(1)(f)) — and exempt from PECR consent |
| Newsletter email address | To send you "The Brief" updates you've requested | Consent (Art. 6(1)(a)) |
| Analytics data (via GA4) | To count visitors and understand which content is useful | Consent (Art. 6(1)(a)) |
| Advertising data (via AdSense) | To show ads that fund the free service | Consent (Art. 6(1)(a)) for personalised ads; legitimate interests for non-personalised ads |
| Server logs (via Netlify) | To detect abuse, debug errors, and protect site integrity | Legitimate interests (Art. 6(1)(f)) |
Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal. You can change your cookie choices using the "Cookie Preferences" link, accessed via the consent banner.
05 Third parties & processors
We use the following third parties to deliver this service. Each is a separate data controller or processor under UK GDPR. Where applicable, we have a data processing agreement in place.
| Service | Provider | What it does | Privacy policy |
|---|---|---|---|
| Hosting | Netlify, Inc. (USA) | Serves the website pages; processes server logs | netlify.com/privacy |
| Domain registration & DNS | GoDaddy.com, LLC (USA) | Provides domain name and routing; no visitor tracking | godaddy.com/legal |
| Cookie consent | CookieYes Limited (UK) | Consent banner and preference storage | cookieyes.com/privacy-policy |
| Analytics | Google Ireland Ltd | Visitor analytics via Google Analytics 4 | policies.google.com/privacy |
| Advertising | Google Ireland Ltd | Display advertising via Google AdSense | policies.google.com/privacy |
| Web fonts | Google Ireland Ltd | Serves Fraunces, Inter Tight and JetBrains Mono fonts | policies.google.com/privacy |
We will only share your personal data with these processors for the purposes listed and we have taken reasonable steps to ensure they have appropriate security in place. We do not sell your data to anyone.
06 Advertising
This site shows ads served by Google AdSense. Ads help us keep the calculator and The Brief free to use.
Google may use cookies and similar technology to serve ads based on your previous visits to this and other websites. If you have consented to personalised ads, those ads may be tailored to your interests. If you have refused personalised ads, Google will only show non-personalised contextual ads (based on the page content rather than your browsing history).
You can opt out of personalised advertising at any time:
- For Google services: google.com/settings/ads
- For all participating networks: youronlinechoices.com/uk
- Via your browser's ad-blocking settings or extensions
For more on how Google uses information from sites that use its services, see policies.google.com/technologies/partner-sites.
07 Analytics
We use Google Analytics 4 (GA4) to understand how the site is used — which pages are most read, how long people stay, where in the world visitors come from. This helps us improve the calculator and write better articles.
GA4 collects data via cookies and tags. It only runs after you accept analytics cookies. If you reject analytics cookies, GA4 does not load on your device.
The data GA4 collects is pseudonymous — it doesn't directly identify you. However, IP addresses are used briefly to derive approximate location and detect bot traffic, and Google may combine this data with other data they hold under their own privacy policy.
We have configured GA4 with the following privacy settings:
- IP anonymisation enabled (default in GA4)
- Data retention set to 2 months (the minimum offered)
- "Google signals" personalisation features disabled
- No advertising features enabled within GA4 itself
08 International transfers
Some of our processors (notably Google and Netlify) are based in the United States or transfer data globally. Where personal data leaves the UK, we rely on:
- UK adequacy decisions where they exist (e.g. for the EU/EEA)
- The UK Extension to the EU-US Data Privacy Framework for transfers to certified US providers (Google LLC and Netlify, Inc. are certified)
- Standard Contractual Clauses with the UK International Data Transfer Addendum (IDTA) where the Data Privacy Framework does not apply
You can request more information about the safeguards in place for any specific transfer by contacting us.
09 How long we keep data
| Type of data | Retention |
|---|---|
| Newsletter email subscribers | Until you unsubscribe (one click); deleted within 30 days of unsubscribing |
| Cookie consent records | Up to 12 months; refreshed when you re-consent |
| Google Analytics data | 2 months (configured minimum) |
| Server access logs (Netlify) | 30 days, then automatically deleted |
| AdSense data | As per Google's retention policies — typically up to 26 months |
10 Your rights
Under the UK GDPR you have the following rights regarding your personal data. Most can be exercised by emailing us:
- Right of access — ask us what personal data we hold about you
- Right to rectification — ask us to correct inaccurate data
- Right to erasure ("right to be forgotten") — ask us to delete your data, subject to certain exceptions
- Right to restrict processing — ask us to stop using your data while a question is being resolved
- Right to object — object to processing based on legitimate interests, including for direct marketing
- Right to data portability — receive a copy of data you've given us in a structured, machine-readable format
- Right to withdraw consent — for any processing based on consent
- Right not to be subject to solely automated decisions with legal effects (we don't make any such decisions)
We will respond to any request within one month. There is normally no fee, although we may charge a reasonable fee or refuse to act on requests that are clearly unfounded or excessive.
To exercise any of these rights, email enquiry@truepaycalculator.co.uk. We may need to verify your identity before acting on a request.
11 Security
We take appropriate technical and organisational measures to protect your data:
- The site is served over HTTPS (TLS) for all visitors
- Strict security headers (HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy) are set on every page
- The calculator processes your inputs entirely in your browser — they never travel to our servers
- We work only with reputable processors who themselves implement strong security
No method of internet transmission is 100% secure. If we become aware of a breach affecting your personal data, we will notify the Information Commissioner's Office where required, and notify affected individuals where the breach is likely to result in high risk to their rights and freedoms.
12 Children
This site is intended for adults. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
13 Changes to this policy
We may update this policy from time to time to reflect changes in our practices, our service providers, or applicable law. The "Last updated" date at the top of this page shows when it was last revised. For substantive changes, we'll give reasonable notice via the site or by email if you've subscribed to the newsletter.
14 Contact & complaints
For privacy questions or to exercise any of your rights, email enquiry@truepaycalculator.co.uk.
If you're not satisfied with our response, you have the right to lodge a complaint with the UK's data protection authority:
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline: 0303 123 1113 (Mon–Fri 9am–5pm)
Web: ico.org.uk/make-a-complaint
We hope you'll come to us first so we have the chance to put things right.