Privacy Policy
punts1.com
The operator of this website (“we”, “us” or “our”) operates, under the Punts1 brand, the website punts1.com (the “Site”). We respect your privacy. This Privacy Policy explains how we collect, use, store and protect personal data when you visit our Site, subscribe to our services or otherwise get in touch with us. We process personal data in accordance with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.
1. Controller
The controller for the purposes of the UK GDPR and the Data Protection Act 2018 is the operator of the Site. Contact details are set out in the Legal Notice of this Site.
If you have any questions about this Privacy Policy or about the processing of your personal data, you can contact us at any time by email at info@punts1.com.
2. What personal data do we process?
We collect and process only the data needed to run the Site, provide our services and respond to your enquiries — together with any data you provide to us voluntarily.
2.1 Contact data: name, company (if provided), email address, telephone number and the content of your message. We receive this data directly from you when you contact us.
2.2 Technical data: IP address, browser type and version, device used, operating system, time zone, date and time of access, pages visited, referrer URL and similar log data.
2.3 Subscription and payment data: if you take out a subscription, we process the data needed to set up and manage it (for example your email address, your Telegram username and your subscription status). Payments are processed by our payment provider Whop; we do not receive or store your full payment card details.
2.4 Cookies and measurement data: we use strictly necessary cookies for security, load balancing and the basic functions of the Site. For usage statistics we use Cloudflare Web Analytics, a tool that works without cookies and does not build personal profiles of visitors. In addition, on individual pages of our campaigns we use the Meta Pixel of Meta Platforms to measure the effectiveness of our advertising; when you visit those pages, technical data (for example your IP address, browser information and the pages you visited) is transmitted to Meta and Meta cookies may be set on your device. You can object to this at any time (see the section “Cookies and similar technologies”).
3. For what purposes and on what legal basis do we process data?
3.1 Providing and managing subscriptions and delivering our content (including via Telegram and email) — legal basis: performance of a contract (Article 6(1)(b) UK GDPR).
3.2 Responding to enquiries and communication — legal basis: our legitimate interests and, where applicable, your consent (Article 6(1)(f) and (a) UK GDPR).
3.3 Operation, security and maintenance of the Site — legal basis: our legitimate interests (Article 6(1)(f) UK GDPR).
3.4 Advertising and conversion measurement using the Meta Pixel — legal basis: our legitimate interests in measuring and optimising our advertising (Article 6(1)(f) UK GDPR). You can object to this processing at any time (see the section “Cookies and similar technologies”).
3.5 Compliance with legal obligations — legal basis: legal obligation (Article 6(1)(c) UK GDPR).
4. Disclosure of personal data
We do not sell or rent your personal data. We share personal data only with the service providers we use to run the Site and provide our services (acting as processors or, in some cases, as independent controllers), where we are legally required to do so, or in the context of corporate transactions. We currently use in particular:
Whop — payment processing and subscription management.
Telegram — delivery of subscriber content via the Telegram messaging service.
GetResponse — email newsletters and marketing emails.
Mailgun — transactional email delivery.
Cloudflare — hosting, content delivery, security and cookieless web analytics.
Meta Platforms — advertising and conversion measurement via the Meta Pixel.
5. International data transfers
Some of the service providers listed above (in particular Meta, Whop, Mailgun and Cloudflare) process data in the United States or in other countries outside the United Kingdom. Where personal data is transferred outside the UK, we ensure an adequate level of protection through UK adequacy regulations (including, where the recipient is certified, the UK Extension to the EU–US Data Privacy Framework) or through appropriate safeguards such as the International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses.
6. Retention period
Contact data is deleted no later than 24 months after our last contact with you. Technical log data is kept only for as long as necessary for security and operational reasons. Data relating to your subscription is kept for the duration of the contract and thereafter only for as long as statutory retention obligations require.
7. Your rights
Under the UK GDPR and the Data Protection Act 2018 you have the following rights: access, rectification, erasure, restriction of processing, objection, data portability and withdrawal of consent.
To exercise your rights, contact us at info@punts1.com. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection (ico.org.uk).
8. Cookies and similar technologies
Our Site uses strictly necessary cookies. For statistical analysis of visits we use Cloudflare Web Analytics: this tool does not set cookies and does not build personal profiles of visitors. In addition, the Meta Pixel is active on individual pages of our campaigns and is used to measure the effectiveness of our advertising; when you visit those pages, the pixel transmits technical data to Meta and may set Meta cookies on your device. You can restrict or disable the use of cookies in your browser settings, manage your advertising preferences in your Meta account (facebook.com/adpreferences), opt out of interest-based advertising via youradchoices.com, and object to tracking via the settings of your device.
9. External links
The Site may contain links to external websites. We have no influence over their content or their data protection practices.
10. Children’s data
Our services are aimed exclusively at persons aged 18 or over. We do not knowingly collect data relating to minors.
11. Data security
We take appropriate technical and organisational measures: HTTPS encryption, firewalls, access restrictions and a role-based permissions system.
12. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The current version is available at punts1.com.