Privacy Policy

Stories of History is the controller of personal data processed through this website and related services, except where this policy states otherwise.

This Privacy Policy applies to personal data we collect when you:

• visit and browse Stories of History,
• create or use an account,
• subscribe to a free or paid plan,
• contact us by email or through a form,
• join a waiting list or mailing list,
• use interactive features on the site,
• purchase a subscription or other paid service,
• or otherwise interact with the platform.

The personal data we collect depends on how you use the site. It may include:

• Identity and account data, such as your name, username, login credentials, account ID, or profile details.
• Contact data, such as your email address and any information you provide when contacting us.
• Subscription and transaction data, such as plan type, billing status, renewal dates, and limited payment-related information provided by payment processors.
• Technical data, such as IP address, browser type, device type, operating system, approximate location, referring pages, and site performance data.
• Usage data, such as pages viewed, stories opened, clicks, time on page, feature use, and navigation behaviour.
• Communications data, such as messages you send to us and our replies.
• Marketing preferences, such as whether you have opted in to receive updates.
• Cookie and similar technology data, where these tools are used on the site.

We do not intentionally collect special category personal data unless there is a clear reason to do so and an appropriate lawful basis applies.

We collect personal data in the following ways:

• Directly from you, for example when you sign up, subscribe, contact us, or join a mailing list.
• Automatically, through server logs, cookies, analytics tools, and similar technologies when you use the site.
• From service providers, such as payment processors, authentication providers, hosting platforms, analytics tools, email providers, and customer support tools.

We may use personal data to:

• provide, operate and improve the platform,
• create and manage user accounts,
• process subscriptions and payments,
• deliver paid or premium features,
• send service-related messages,
• respond to support requests and enquiries,
• monitor usage, diagnose technical issues and improve performance,
• protect the site, users and business from fraud, abuse or misuse,
• comply with legal and regulatory obligations,
• send marketing communications where permitted by law,
• and analyse site usage to improve content, features and design.

Under UK data protection law, we rely on one or more lawful bases depending on the type of processing:

• Contract where processing is necessary to provide the services you requested, such as creating an account or managing a subscription.
• Legitimate interests where processing is necessary for our legitimate interests, provided those interests are not overridden by your rights and interests. This may include site security, analytics, fraud prevention, platform improvement, and business administration.
• Consent where required, for example for certain marketing communications or non-essential cookies and tracking technologies.
• Legal obligation where we need to process personal data to comply with legal or regulatory requirements.

Where we rely on legitimate interests, we aim to ensure the processing is proportionate and does not unfairly impact your rights.

We may use cookies, pixels, local storage, analytics tools and similar technologies to operate the site, remember preferences, understand usage and improve performance.

These technologies may include:

• strictly necessary technologies required for the site to function,
• analytics technologies that help us understand how the site is used,
• preference technologies that remember settings,
• and marketing technologies if used and lawfully enabled.

Where required by law, we will ask for consent before setting non-essential cookies or similar technologies.

You can also control cookies through your browser settings, although disabling some technologies may affect site functionality.

We may use analytics providers to understand how visitors use the site, which pages are most useful, how users move through the platform, and where technical or content improvements are needed.

If you use a specific analytics tool such as Google Analytics, Plausible, PostHog or another provider, name it here and explain what data it receives.

If you purchase a subscription or other paid service, payment information is usually processed by a third-party payment provider rather than directly by us.

We may receive limited payment-related information, such as:

• billing status,
• subscription tier,
• renewal or cancellation status,
• partial card metadata such as card type or last four digits, if supplied,
• transaction identifiers,
• and payment failure or refund status.

Replace this section with accurate details of your actual payment setup, such as Stripe or another provider.

We may share personal data with trusted third parties, including:

• hosting and infrastructure providers,
• authentication and account providers,
• payment processors,
• analytics providers,
• email and communications providers,
• customer support tools,
• professional advisers, where necessary,
• and regulators, law enforcement, courts or authorities where required by law.

We require service providers to process personal data only as permitted and with appropriate security and confidentiality protections.

Some service providers may process personal data outside the UK. Where personal data is transferred internationally, we aim to use appropriate safeguards required by applicable law.

These safeguards may include:

• an adequacy decision, where one applies,
• standard contractual clauses or the UK international data transfer addendum,
• or other recognised lawful transfer mechanisms.

If your providers store or access data in the United States or other countries, list that clearly here before launch.

We keep personal data only for as long as reasonably necessary for the purposes described in this policy, including to provide services, maintain records, resolve disputes, enforce agreements, and comply with legal obligations.

Retention periods may vary depending on the type of data. For example:

• account data may be retained while your account remains active and for a reasonable period afterwards,
• billing and transaction records may be retained for tax, accounting or legal compliance purposes,
• support enquiries may be retained for operational and evidential reasons,
• and analytics data may be retained according to the settings of the relevant analytics provider.

Depending on your circumstances, you may have the right to:

• be informed about how your personal data is used,
• request access to your personal data,
• request correction of inaccurate or incomplete personal data,
• request erasure of personal data in some circumstances,
• request restriction of processing in some circumstances,
• object to certain processing, including some processing based on legitimate interests and some direct marketing,
• request portability of certain personal data,
• withdraw consent where we rely on consent,
• and complain to the UK Information Commissioner’s Office.

These rights are not absolute and may be subject to conditions or exemptions under applicable law.

To make a privacy-related request, please contact us using the details in this policy.

We may need to verify your identity before responding to a request. We will aim to respond within the time required by law.

If you have concerns about how we handle personal data, we would prefer to have the opportunity to address them first.

You also have the right to complain to the UK Information Commissioner’s Office if you believe your personal data has been handled unlawfully.

Stories of History is an educational platform and may be read by a broad audience, but it is not intended to knowingly collect personal data from children in breach of applicable law.

If you believe a child has provided personal data to us unlawfully, please contact us so the matter can be reviewed.

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, disclosure or alteration.

No internet transmission or storage system is guaranteed to be fully secure, so we cannot guarantee absolute security.

This site may contain links to third-party websites, products or services. Their privacy practices are governed by their own policies, not this one.

We are not responsible for the privacy practices of third-party services that are not controlled by us.

We may update this Privacy Policy from time to time to reflect changes to the platform, legal requirements, service providers or data processing practices.

The latest version will always be published on this page with the updated date shown at the top.

If you have questions about this Privacy Policy or how Stories of History handles personal data, please contact: