GDPR & International Cookie Policy

Effective Date:23 NOV 25
Applies to: EU, UK, EEA, USA, Canada, Australia, Asia, Middle East, Africa
Platform: Police.Reviews

1. Introduction

This Cookie Policy explains how Police.Reviews uses cookies and similar technologies in compliance with:

GDPR (EU 2016/679)

EU ePrivacy Directive (2002/58/EC)

UK-GDPR & PECR

CCPA/CPRA (California)

PIPEDA (Canada)

Australian Privacy Principles (APPs)

Singapore PDPA

International privacy frameworks

Our priority is privacy, anonymity, and minimal tracking.
We use only essential cookies unless the user explicitly consents.

2. What Are Cookies?

Cookies are small text files stored on your device to:

Enable website functionality

Enhance user experience

Improve security

Police.Reviews keeps cookie usage minimal for privacy reasons.

3. Types of Cookies We Use

3.1 Essential Cookies (Strictly Necessary)

Required for:

Secure browsing

Anti-bot protection

Authentication (for registered users)

Core website operations

Form submissions

Legal Basis (GDPR): Article 6(1)(f) Legitimate Interest
Consent Required: No

3.2 Functional Cookies (Optional)

Used for:

Language settings

Layout preferences

Accessibility features

Legal Basis: Consent (GDPR Art. 6(1)(a))
Consent Required: Yes (EU/UK)

3.3 Analytics Cookies (Anonymous Only)

We may use privacy-friendly analytics (e.g., Matomo, Plausible) that:

Do NOT track personal data

Do NOT store IP addresses

Do NOT share information with third parties

Are GDPR-, PECR-, and ePrivacy-compliant

Legal Basis: Consent (EU), Legitimate Interest (International)
Consent Required:

EU/UK: Yes

USA/Canada: No (anonymous data)

3.4 Cookies We Do NOT Use

Police.Reviews does NOT use:

❌ Advertising cookies
❌ Behavioural tracking
❌ Cross-site profiling
❌ Social-media pixel tracking
❌ Remarketing/retargeting scripts

This ensures user safety—especially for whistleblowers.

4. International Compliance

🇪🇺 European Union (GDPR + ePrivacy Directive)

We use consent banners for non-essential cookies.
Users may reject all cookies except essential ones.

🇬🇧 United Kingdom (UK-GDPR + PECR)

Same standards as GDPR with UK-specific regulatory obligations.

🇺🇸 United States (CCPA/CPRA)

We do not sell or share personal data; therefore:

“Do Not Sell My Personal Information” is respected.

Cookie preference opt-outs are available.

🇨🇦 Canada (PIPEDA)

Cookies are used for reasonable purposes only.
Consent applies when cookies identify a user.

🇦🇺 Australia (APPs)

Functional cookies require implied consent.
No sensitive identifiers are stored.

🇸🇬 Singapore (PDPA)

Cookies used only for legitimate business purposes.
User consent available for optional cookies.

🌍 Global territories

We follow ISO/IEC international privacy standards.

5. How We Obtain Cookie Consent

In EU/UK, users see a mandatory banner:

Accept All

Reject Non-Essential

Cookie Settings

In the USA, Canada, Asia, and other regions:

Consent is implied unless personalised tracking occurs (we DO NOT track).

6. Managing Cookies

Users can manage, block, or delete cookies via browser settings:

Chrome

Firefox

Safari

Edge

Opera

Mobile browsers

Blocking essential cookies may prevent the site from functioning.

7. Duration of Cookies

Session cookies: deleted after closing browser

Persistent cookies: limited to 1–12 months

Analytics cookies may store anonymous metrics for compliance purposes

No permanent cookies or tracking identifiers are used.

8. Third-Party Cookies

Police.Reviews does not use third-party advertising or profiling cookies.

If privacy-friendly analytics tools are used, they operate:

Without sharing personal data externally

Without cross-site tracking

With strong anonymity

No data ever goes to:

❌ Google Ads
❌ Facebook Pixel
❌ TikTok Pixel
❌ Ad networks

9. Security Measures

To protect user data (especially sensitive reports):

End-to-end encryption

No IP logging for anonymous mode

No device fingerprinting

Secure HTTPS/TLS

ISO 27001-aligned server infrastructure

Cookies are never used for identification of whistleblowers.

10. Changes to Cookie Policy

This Policy may be updated to comply with:

New laws

Platform changes

Security updates

Users will be notified of significant revisions.

Contact Information

For privacy inquiries, GDPR requests, or cookie concerns:

📧 dipu@countrypolicy.com
🌐 www.police.reviews

1. COOKIE CONSENT BANNER TEXT (EU & UK GDPR Compliant)

Cookie Banner (Short Version – for immediate display)

We use essential cookies to make Police.Reviews work. With your consent, we use optional cookies to improve functionality and security. You can Accept, Reject, or manage preferences.

Buttons:

Accept All Cookies

Reject Non-Essential

Manage Cookie Preferences

Cookie Preferences Panel (Detailed Legal Text)

Essential Cookies
Required for security, anonymous submissions, and website functionality. These cannot be disabled.

Functional Cookies
Used for language settings, accessibility, and usability improvements.

Analytics Cookies (Anonymous)
Help us understand usage patterns without storing personal data or tracking individuals. Fully GDPR-compliant and anonymised.

We do NOT use advertising cookies, tracking cookies, or social media pixels.

Buttons:

Save Preferences

Accept All

 2. FULL GDPR COMPLIANCE DOCUMENTATION (Platform Version)

GDPR Compliance Document

Police.Reviews

1. Data Controller

Police.Reviews
Contact: dipu@countrypolicy.com

2. Lawful Basis for Processing (GDPR Article 6)

Activity	Lawful Basis	Explanation
Anonymous submissions	Art. 6(1)(f) Legitimate Interest	Public-interest reporting of policing behaviour
Account creation	Art. 6(1)(a) Consent	User chooses to provide email
Evidence uploads	Art. 6(1)(e) Public Interest	Supports transparency and misconduct reporting
Security & anti-abuse	Art. 6(1)(f) Legitimate Interest	Required to protect users from harm
Analytics (anonymous)	Art. 6(1)(a) Consent	Optional, privacy-friendly analytics

3. Data Subject Rights (GDPR Articles 12–23)

Users have the right to:

Access personal data

Rectify incorrect data

Delete data

Withdraw consent

Restrict processing

Data portability

Object to processing

Submit complaints to supervisory authorities

Requests: dipu@countrypolicy.com

4. Data Protection Measures (GDPR Articles 24–32)

Police.Reviews implements:

End-to-end encrypted submissions

No IP logging of anonymous submissions

No device fingerprinting

Secure HTTPS/TLS

Role-based access control

ISO 27001-aligned hosting

Encrypted evidence storage

No sale or external sharing of personal data

5. DPIA Requirement (GDPR Art. 35)

A Data Protection Impact Assessment (DPIA) has been completed due to:

Public-interest reporting

Sensitive policing topics

Whistleblower protection

Conclusion: Low residual risk due to anonymity and technical safeguards.

6. Data Retention

Anonymous reports: indefinite unless removal requested

Accounts: kept until deletion

Evidence: retained only as required for public transparency or legal basis

7. DPO (If Required)

If Police.Reviews becomes large-scale, a Data Protection Officer will be appointed.

 3. WEBSITE LEGAL FOOTER TEMPLATES

Place these at the bottom of every page:

Legal Footer Version 1 (Compact)

© Police.Reviews • All Rights Reserved
Privacy Policy | Terms of Service | Cookie Policy | Whistleblower Protection | Legal Notice

Legal Footer Version 2 (Extended)

© Police.Reviews
Privacy Policy • Terms of Service • Cookie Policy • Legal Notice • GDPR Compliance • Law Enforcement Request Policy
For privacy inquiries: dipu@countrypolicy.com

Legal Footer Version 3 (Public Safety Focus)

© Police.Reviews — Platform for Police Transparency
GDPR Privacy • Terms • Cookies • Whistleblower Protection • Data Request Policy
Contact: dipu@countrypolicy.com

 4. INTERNATIONAL DATA TRANSFER AGREEMENT (IDTA/SCC)

(For transfers outside the EU/EEA — GDPR Articles 44–50)

International Data Transfer Agreement (IDTA/SCC Summary)

Police.Reviews

1. Purpose

To ensure all personal data transferred outside the EU/EEA complies with GDPR.

2. Transfer Mechanisms

Police.Reviews may transfer data using:

Standard Contractual Clauses (SCC) (EU-approved)

UK International Data Transfer Addendum (IDTA) where applicable

Adequacy Decisions (countries recognized as safe by EU)

Binding Corporate Rules (if used by third-party providers)

No data is transferred without a lawful basis.

3. Types of Data Transferred

Encrypted evidence files

Optional user emails (if account exists)

Non-identifiable analytics data

Anonymous submissions have no transferable personal data.

4. Safeguards

We ensure:

Encryption in transit and at rest

No third-party access

No data sale or commercial sharing

Contracts requiring GDPR-level protection

Immediate suspension of transfers if foreign authority access is suspected

5. Government Access Protections

Police.Reviews will:

Contest unlawful foreign data access

Notify users if allowed by law

Reject requests without valid court orders

Minimise data to only what is required

6. Data Subject Rights

Users retain full GDPR rights during international transfers.

7. Sub-Processors

If external service providers (e.g., servers) are used, they must:

Sign SCC or IDTA

Follow ISO/IEC 27001 security standards

Not access or process data unless authorised