NestScope UK

N

Privacy Policy

Last updated: March 2026

1. Data Controller

NestScope UK (“we”, “us”, “our”) operates the website nestscope.uk. For data protection enquiries, contact us at privacy@nestscope.uk.

2. What Data We Collect

NestScope is designed to minimise personal data collection. We collect:

  • Postcode search history — stored locally in your browser via a cookie (nestscope_postcodes) only if you consent to functional cookies. This data never leaves your device.
  • Cookie consent preference — stored in a cookie (nestscope_consent) to remember your choice. This is a strictly necessary cookie and does not require consent.
  • IP address — processed temporarily in server memory for rate limiting (abuse prevention). IP addresses are not stored persistently, not written to any database or log file, and are discarded when the server process recycles. The lawful basis is legitimate interest (Article 6(1)(f)).

We do not collect names, email addresses, payment information, or any form of behavioural analytics. We do not use Google Analytics, Meta Pixel, Microsoft Clarity or any third-party tracking scripts.

3. Legal Basis for Processing

Under the UK General Data Protection Regulation (UK GDPR), our legal bases are:

  • Consent (Article 6(1)(a)) — for functional cookies (postcode search history). You may withdraw consent at any time via the cookie banner.
  • Legitimate interest (Article 6(1)(f)) — for strictly necessary cookies that enable the website to function (consent preference storage), and for temporary processing of IP addresses for rate limiting and abuse prevention.

4. Third-Party Services & Processors

Infrastructure

  • Vercel Inc. (San Francisco, USA) — website hosting and edge delivery. Vercel may process your IP address and request metadata as part of serving pages. See Vercel's privacy policy at vercel.com/legal/privacy-policy.
  • Neon Inc. (San Francisco, USA) — PostgreSQL database hosting. Stores public government data only (schools, transport, healthcare, etc.). No personal user data is stored in this database.

External APIs

NestScope makes requests to the following external APIs on your behalf when you use the map. These requests are proxied through our server — your IP address is not shared directly with these services:

  • Postcodes.io (Ideal Postcodes Ltd) — postcode geocoding
  • UK Police API (data.police.uk) — street-level crime data
  • Environment Agency (environment.data.gov.uk) — flood monitoring and noise data
  • Carbon Intensity API (carbonintensity.org.uk) — energy data

Map tiles are loaded directly from CartoDB (CARTO) and OpenStreetMap tile servers by your browser.

5. Cookies

CookiePurposeDurationType
nestscope_consentStores your cookie consent preference1 yearStrictly necessary
nestscope_postcodesRemembers recent postcode searches1 yearFunctional (requires consent)

No marketing or analytics cookies are used.

6. Data Retention

All user data is stored locally in your browser. We do not maintain server-side databases of user information. Cookie data expires after 1 year or when you clear your browser data.

7. International Data Transfers

Some of our infrastructure providers (Vercel, Neon) are based in the United States. Where personal data is transferred outside the UK, these transfers are protected by:

  • The UK–US data bridge (UK Extension to the EU–US Data Privacy Framework), or
  • Standard Contractual Clauses (SCCs) with the UK International Data Transfer Addendum

We only use processors that maintain appropriate safeguards for international transfers as required by UK GDPR Chapter V.

8. Your Rights Under UK GDPR

You have the right to:

  • Access — request a copy of any personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data (“right to be forgotten”)
  • Restriction — request we limit processing of your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interest
  • Withdraw consent — at any time via the cookie banner

To exercise any of these rights, contact privacy@nestscope.uk. We will respond within one month.

9. Complaints

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: ico.org.uk
  • Helpline: 0303 123 1113

10. Changes to This Policy

We may update this policy from time to time. The “last updated” date at the top will reflect the most recent revision. We encourage you to review this page periodically.