Privacy & Cookie Policy
Effective Date: 1 Feb 2026
Alchemybluemoon (“we”, “us”, or “our”) is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal information in compliance with the UK GDPR, the Data Protection Act 2018, and the Data Use and Access Act 2025.
1. Information Collection and Use
We collect personal information only when necessary to provide our services.
- What we collect: This may include your name and email address (e.g., via contact forms or newsletter sign-ups).
- Special Category Data: Our services explore philosophical and spiritual themes. However, we do not require you to provide “Special Category Data” (information revealing religious beliefs, health data, or philosophical affiliations) to use this website. Any such information shared via contact forms is provided at your own discretion.
- Purpose: We use this data to respond to inquiries, improve our website, and send requested information.
- Legal Basis: We process data based on Consent (for newsletters) and Legitimate Interests (for responding to inquiries and website security).
- Marketing Communications: If you sign up for our newsletter, we will use your email address to send you updates and content. You can “unsubscribe” at any time using the link at the bottom of any email we send.
2. Log Data & Analytics
Whenever you visit Alchemybluemoon, your browser sends “Log Data.” This includes your IP address, browser type, pages visited, and time spent on the site. We use this to monitor site performance and security. Under the DUAA 2025, some of this “low-risk” processing is permitted to ensure the website functions efficiently and safely.
3. Cookies, Scripts, and Web Beacons
- Cookies: Small data files stored on your device to remember preferences.
- Scripts: Code used to make the site interactive.
- Web Beacons (Pixels): Invisible tags used to track user traffic patterns.
3.1 Your Consent
When you first visit, a cookie banner will appear.
- Functional Cookies: Essential for the site to work. These do not require consent.
- Analytical/Marketing Cookies: We only use these if you click “Accept”. You can withdraw your consent at any time via your browser settings.
4. Third-Party Service Providers
We use trusted third-party providers to help run our Service. These providers only have access to your data to perform specific tasks on our behalf:
- Hosting & Security: DreamHost, Malcare WordPress.
- Analytics: Google Analytics.
- Communications: Kit (email newsletter management).
- Content: Enfold, LinkedIn
Note: Some providers are based in the United States. We ensure these transfers are protected by Standard Contractual Clauses (SCCs) or the UK-US Data Bridge.
5. Embedded Content and External Links
Articles on this site may include embedded content (e.g., videos). This content behaves as if you visited the external website directly. These sites may collect data about you and use their own tracking cookies. We are not responsible for the privacy practices of external sites.
6. Data Security and Retention
Your Personally Identifiable Information is stored securely and is only accessible to authorised personnel.
- Security: We use industry-standard encryption and security plugins to protect against unauthorised access.
- Breach Protocol: In the unlikely event of a data breach that poses a risk to your rights, we commit to notifying the Information Commissioner’s Office (ICO) and affected individuals within 72 hours of discovery.
- Retention: We only keep your data for as long as necessary to fulfil the purpose for which it was collected (e.g., for the duration of your newsletter subscription).
7. Your Data Rights
Under UK law, you have the following rights regarding your data:
- The Right to Access: You can request a copy of the data we hold about you.
- The Right to Rectification: You can request that we correct inaccurate information.
- The Right to Erasure (“Right to be Forgotten”): You can ask us to delete your data.
- The Right to Withdraw Consent: Where we rely on consent, you can change your mind at any time.
- The Right to Data Portability: The right to receive your data in a structured, machine-readable format to move it to another service.
- The Right to Restrict Processing: The right to ask us to “pause” the use of your data (e.g., while you contest its accuracy).
- The Right to Object: You have the specific right to object to our processing of your data, even where we rely on Legitimate Interests.
To exercise these rights, please contact us using the details below.
8. Formal Complaints Procedure
In accordance with the Data Use and Access Act 2025, if you have a concern about our data practices, please follow this procedure:
- Lodge a Complaint: Contact us directly via the website. We will acknowledge your complaint within 30 days.
- Internal Review: We will provide a formal response without undue delay.
- Escalation: If you remain dissatisfied, you may then escalate your concern to the Information Commissioner’s Office (ICO).
9. Changes to this Policy
We may update this Privacy Policy from time to time to reflect changes in law or technology. We will notify you of any significant changes by posting the new policy on this page.
10. Contact Us
For questions regarding this policy or our data practices, please contact us:
Website: https://www.alchemybluemoon.com
Data Lead: Lon Teija