Privacy policy.
What captainrandom.co.uk collects, why, how long it's kept, who else sees it, and what you can do about it. Written to match what the code actually does — if the two ever disagree, that's a bug, please report it.
Last updated: 2026-06-09
Who I am
This site is run by Cedric “Cj” Mukolonga as a personal project. For privacy questions, subject access requests, erasure requests, or any other UK GDPR matter:
- Email: hello@captainrandom.co.uk
- Postal: available on request via the email above
I am the data controller for everything described below.
What the site collects when you just browse
Nothing. The site is statically exported HTML/CSS/JS served from a cPanel host. There's no analytics, no cookies set by the application, no tracking pixels, no third-party scripts, no fingerprinting.
The web server (LiteSpeed at JustHostMe / Great British Web Hosting) keeps standard access logs — timestamp, IP address, requested URL, user agent, referrer — for operational reasons. I don't have routine access to those logs and I don't process them.
What the site collects if you subscribe to the newsletter
The “Build log. In your inbox.” form on the homepage collects:
- Email address — stored plaintext, because I need it to send you the newsletter
- Subscription status (pending / confirmed / unsubscribed) — plaintext, to know whether to email you
- Timestamps (signed-up at, confirmed at, unsubscribed at) — UTC datetimes for retention windows + audit trail
- Hashed IP address — SHA-256 with a server-side salt, for abuse triage (rate limiting, spam detection). Never stored in raw form.
- Hashed browser user-agent — same hashing discipline as the IP. Never stored in raw form.
The IP and user-agent are hashed at the server before insert. The raw values exist only in memory for the duration of the HTTP request. There is no way to reverse the hashes back to your IP or user-agent.
I do not collect your name, location, language, browser version, or anything else. I never run profiling. I never make automated decisions about you.
Why I collect it (lawful basis)
Consent (UK GDPR Article 6(1)(a)) is the lawful basis for sending you the newsletter. Subscribing is a clear affirmative action; the double opt-in (click the link in the email I send you to confirm) is the consent record. The consented_at column in the database stores the exact timestamp.
Legitimate interest (UK GDPR Article 6(1)(f)) is the lawful basis for the hashed-IP / hashed-user-agent fields. The legitimate interest is preventing abuse of a free public form by bots and spammers, which protects the deliverability of mail to people who actually want it. The interest is balanced by hashing the values so they can never identify you outside the abuse-triage context.
How long it's kept
- Pending subscription (you signed up but never confirmed): hard-deleted within 1 hour of the 60-minute confirmation token expiring.
- Confirmed subscription: kept while you are subscribed.
- Unsubscribed record: soft-deleted on unsubscribe (kept 30 days for “wait I didn't mean to do that”), then hard-deleted by a nightly cron.
- Event log entries (sign-up attempt, confirm, unsubscribe, rate-limit hit): 12 months, then hard-deleted by the same nightly cron.
- kind='bot_detected' event log entries: 90 days. Shorter — pure noise after that.
The cron jobs that enforce these schedules run on the cPanel host at 03:17 UK time nightly and on the hour for the pending-expiry pass.
Who else sees it
- JustHostMe / Great British Web Hosting (cPanel infrastructure) — they operate the server, MySQL database, and SMTP relay that sends the confirmation email.
- No one else. I don't share, sell, rent, or syndicate the email list. I don't connect to a third-party CRM, ESP, analytics provider, or ad network.
If that ever changes — e.g. if I migrate to a managed email provider — this policy will be updated and the change announced in a newsletter issue before the migration happens.
Your rights under UK GDPR
You have the right to:
- Access: ask for a copy of the data I hold about you. I'll respond within 30 days.
- Rectification: ask me to correct an error.
- Erasure: ask me to delete your data. I will, within 30 days. (The simplest way is the unsubscribe link in any email.)
- Objection: object to the processing entirely.
- Portability: receive the data in a machine-readable format (CSV / JSON).
- Restriction: ask me to pause processing while a dispute is resolved.
All of these route through hello@captainrandom.co.uk.
You also have the right to complain to the UK Information Commissioner's Office (ICO): ico.org.uk/make-a-complaint or 0303 123 1113. I'd rather you tell me first so I can fix whatever's wrong, but you don't have to.
What happens if there's a breach
If the subscriber database is compromised in a way that could lead to spam, phishing, or other harm to subscribers, I will:
- Notify the ICO within 72 hours of discovery (UK GDPR Article 33).
- Notify affected subscribers as soon as practicable.
- Publish a post-mortem on the site once the incident is resolved.
Risk assessment (DPIA)
I assessed this processing against the ICO's Data Protection Impact Assessment threshold criteria. It is low-risk: no profiling, no special-category data, no large-scale monitoring, no automated decision-making, no children's data targeted. A DPIA is not required. Reviewed 2026-06-09.
Changes to this policy
Material changes (new data collected, new processors added, retention extended) will be announced in a newsletter issue at least 14 days before they take effect, and the “Last updated” date at the top of this page will change. Cosmetic changes (typos, clarifications that don't change meaning) update the date silently.