Legal

Data Privacy Statement.

SaniTap takes the importance of your data seriously. This site uses no cookies and no personal-data analytics.

Download PDF →

This data privacy statement applies for the use of the website www.sanitap.org ("the website"). For other websites referenced via links, the data privacy notices and statements published there apply.

Data privacy is extremely important to SaniTap. The collection and processing of your personal data takes place in compliance with the applicable legal data protection provisions, in particular the General Data Protection Regulation (GDPR). This statement describes how and for what purpose your personal data is collected and used, and what options you have in connection with your data.

This site does not use cookies, and runs no analytics or visitor-tracking. No advertising profiles, no cross-site identifiers, no consent banner needed.

1. Controller

The controller responsible for the collection, processing, and use of your personal data within the meaning of the GDPR is:

SaniTap Ltd
Tel: +44 333 77 26 26 9
Email: info@sanitap.org
Managing directors: Andrew Tanswell and Adriaan Mol

2. What we collect and process

2.1 Server log files

When you access this website, our web server automatically logs basic information about each request: the URL accessed, the date and time of access, the data quantity transferred, the HTTP response code, browser type and version, operating system, referrer URL, the requesting IP address, and the requesting provider.

We use these logs — without matching them to you personally or otherwise creating profiles — for statistical analysis (operation, security, optimisation) and for the anonymous recording of visitor numbers. We may check log files if there are specific reasons for legitimate suspicion of unlawful use. Logs are retained for a limited period and then deleted.

2.2 Web analytics

This website currently runs no web analytics, visitor tracking, or session-replay tools. We do not use Google Analytics, Microsoft Clarity, Facebook Pixel, LinkedIn Insight Tag, or any equivalent. No cookies are set for analytics or marketing purposes.

If we add web analytics in future, we will use a privacy-friendly, cookieless service that processes no personal data, and this statement will be updated accordingly.

2.3 Contact and enquiry forms — Formspree

Our contact and enquiry forms are processed by Formspree, a US-based form-handling service. When you submit a form, the data you provide (such as your name, email address, phone number, company, and message) is transmitted to Formspree's servers and forwarded to the relevant SaniTap email inbox.

Formspree retains submitted form data in its dashboard for a limited period to enable us to review and respond to enquiries. Formspree's processing is governed by their privacy policy. We use Formspree on the basis of our legitimate interest in efficiently responding to enquiries (Art. 6(1)(f) GDPR).

2.4 Third-party fonts and hosting

Web fonts. This website loads typography (Bebas Neue, Outfit, DM Mono) from Google Fonts. When fonts are loaded, your browser establishes a connection to Google's font CDN, which receives your IP address as part of the request. Google does not match these requests with other data and does not place cookies via the Fonts service. See Google's privacy policy.

Hosting. The website is hosted on a VPS provided by Bluehost in the United States. Server infrastructure, computing capacity, storage, and security services are operated by Bluehost on our behalf. We have appropriate data-processing arrangements in place with our hosting provider.

2.5 Categories of data and purposes

Categories of data processed:

  • Contact details you submit via forms (name, email, phone, company)
  • Content data you submit (your enquiry, message)
  • Server access metadata (IP address, browser type, referrer, time of access — held briefly in logs)
  • None from analytics — no analytics service currently runs on this site

Categories of data subjects: visitors and users of the website ("users").

Purposes of processing: provision of the website and its content; response to contact and commercial enquiries; security and operational integrity; aggregate usage analysis.

3. Your rights as a data subject

In accordance with applicable laws, you have the following rights regarding your personal data. To exercise these rights, please send a request via email or post, clearly identifying yourself.

3.1 Right of access

You have the right to receive confirmation from us about whether we process personal data concerning you, and to receive free information and a copy of that data, including the purpose, categories, recipients, planned retention, and the existence of rights to rectification, erasure, restriction, and objection.

3.2 Right to rectification

You have the right to request that we immediately rectify incorrect personal data concerning you, and complete incomplete personal data.

3.3 Right to erasure ("right to be forgotten")

You have the right to request the immediate erasure of personal data we hold about you where one of the GDPR's grounds applies — including where the data is no longer necessary, where you withdraw consent, or where you object to the processing.

3.4 Right to restriction of processing

You have the right to request restriction of processing in defined circumstances — such as where you dispute the accuracy of the data, or where you have objected to the processing pending verification.

3.5 Right to data portability

You have the right to receive the personal data you have provided to us in a structured, common, and machine-readable format, and to transfer that data to another controller — where the processing is based on consent or contract and takes place by automated means.

3.6 Right to object

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that takes place on the basis of legitimate interests (Art. 6(1)(e) or (f) GDPR).

3.7 Automated decision-making

You have the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal effects concerning you. No automated decision-making takes place on the basis of personal data collected by SaniTap via this website.

3.8 Right to withdraw consent

Where processing is based on your consent, you have the right at any time to withdraw that consent.

3.9 Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority — particularly in the EU member state of your place of residence, your place of work, or the location of a suspected violation — if you believe that the processing of personal data concerning you is unlawful.

4. Data security

The website is served over HTTPS using TLS. Personal data is transmitted in encrypted form. We take technical and organisational security measures appropriate to the nature of the data we hold and adjust them as technology evolves. We cannot guarantee perfect protection against unauthorised access, particularly for data sent via email; however, the volume and sensitivity of personal data this website handles is intentionally minimal.

5. Data transfers outside the EU/EEA

Two of our processors are based outside the EU/EEA:

  • Formspree (United States) processes form submissions you make. We rely on the EU–US Data Privacy Framework and appropriate contractual safeguards.
  • Bluehost (United States) provides the hosting infrastructure. We rely on the EU–US Data Privacy Framework and contractual processing arrangements.

6. Data Protection Officer

For any questions about our data privacy practices or this statement — or to exercise your rights as a data subject — please contact us at info@sanitap.org or by post to SaniTap Ltd.

7. Changes to this statement

SaniTap reserves the right to update this statement to reflect changes in the law, our services, or our processing arrangements. Users are encouraged to review this statement periodically.

Last updated: May 2026 · Download PDF