Privacy Policy
Last updated: 5 April 2026
If It Happens ("the Service") is operated by BBRL Ltd. We take your privacy seriously. This policy explains what data we collect, why, and how we protect it.
1. Data we collect
Area reports (free)
When you request an area report, we receive only the outward postcode you enter (e.g. "CV23"). This identifies a geographic area covering thousands of households — it is not a full postcode and cannot identify you personally. We do not require registration or login to use free reports.
Personalised plans (premium)
When you complete the personalised plan questionnaire, your answers fall into two categories:
| Category | Examples | Where stored |
|---|---|---|
| Sensitive / health | Medical equipment (CPAP, oxygen), medications, dietary needs, allergies | Your browser only (localStorage). Never sent to or stored on our servers. |
| Non-sensitive preferences | Household size, heating type, property type, vehicle, garden | Our server (customers.db) — linked to your purchase token, not your name |
Payment
Payments are processed by Gumroad. We receive your email address and a transaction reference from Gumroad. We do not receive or store your payment card details. See Gumroad's privacy policy for how they handle your payment data.
Contact form
If you use our contact form, we receive the name, email address, and message you provide. These are used solely to respond to your enquiry.
2. How sensitive data stays private
Your health and medical information is handled entirely in your browser:
- When you fill in the questionnaire, answers are saved to your browser's localStorage.
- When you generate a PDF, your browser sends the full questionnaire to our server in a single request. The server builds the PDF in memory and streams it back to you.
- We do not save, log, or retain sensitive questionnaire fields on the server. Once the PDF response is sent, that data is gone.
- You can clear your localStorage at any time through your browser settings.
3. Cookies and tracking
We do not use cookies for tracking or analytics. No third-party analytics scripts are loaded. The only browser storage we use is localStorage for your questionnaire answers, which is not transmitted automatically and is not shared with any third party.
4. Data retention
- Customer records (email, outward code, non-sensitive preferences) are retained for as long as your plan is active.
- Sensitive data is never retained on our servers.
- Contact form messages are retained only as long as needed to respond to your enquiry.
5. Your rights (UK GDPR)
Under UK data protection law, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate data
- Erasure — ask us to delete your data
- Portability — receive your data in a structured format
- Object — object to processing of your data
To exercise any of these rights, contact us. We will respond within 30 days.
6. Data security
All connections to the Service are encrypted via HTTPS. Server access is restricted. The sensitive-by-design architecture means most personal data never reaches our servers in the first place.
7. Third parties
We share data only with:
- Gumroad — payment processing (email, transaction details)
We do not sell, rent, or share your data with advertisers or data brokers.
8. Children
The Service is not directed at children under 16. We do not knowingly collect personal data from children.
9. Changes to this policy
We may update this policy from time to time. The "last updated" date will change. Material changes will be noted on this page.
10. Contact
For privacy-related questions or to exercise your data rights: contact us.