Privacy Policy

Last updated: 19.11.2025

We take protecting your privacy seriously and aim to collect and process as little information about our users as possible, and only when necessary.  

Our company website (visual-meaning.com) does not collect, store, or share information about you, with one exception: it may temporarily record and use the Internet Protocol address of your computer to recognize and defend against denial-of-service and other technical attacks.

visual-meaning.com does not use cookies or other ways to track you. It doesn’t direct your computer to make requests to other websites or services for tracking purposes, either. The website itself does not share any information about you with advertisers, marketing companies, or anyone else except for Third Party Services required for website functionality, as outlined below. 

We only collect personal data for the purposes of accessing and interacting with our online maps, and this is data which you provide to us directly for this purpose. 

The type of personal data we collect
To access a map, we currently just collect and process email addresses and IP addresses. Your email address may be personal data, depending on the form of your email address and how easily you can be identified by it. 

If you choose to set up a user account, additional personal data you supply to us (such as your name and contact details) will also be collected. 

How we get the personal data and why we have it
As a map user, the only personal data we process is provided to us directly by you. We need this to give you access to our maps and record your comments, votes and other information you choose to leave. Your IP address is collected and correlated to Hyper-Text Transfer Protocol (HTTP) requests that are stored in our system in so far as it is required for network-level operations in the server. Logs are kept for no longer than 90 days. We do not collect persistent application data or data which is sold to other people or advertisers. 

We don’t receive any personal data indirectly for map users, and we don’t share your information with anyone else.

For the data contained and displayed in our maps, we may receive personal data from organisations we’re building the maps for and from other publicly available external sources. This could include names, contact details and positions and roles within organisations. This information is used to populate our maps and can only be accessed by those granted access to the map. It’s not used for any other purpose apart from populating the map. 

Access to our maps containing personal data is only ever shared with those who we have explicit approval to share it with. The organisation we’re building the map for will tell us who can have access and who can’t. We don’t share this information with anyone else. 

Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information is that we have a legitimate interest. The legitimate interest is to control access to the maps and to track and attribute interactions with the maps, for which we need to associate accounts with individual email addresses. We think this is appropriate and reasonable, but if you’d like to opt-out of this, please let us know on enquiries@visual-meaning.com.

For map content, the legitimate interest is to provide a service to the organisation that has provided the data and asked us to map it. 

How we store your personal data
Any personal data we hold is securely stored using Amazon Web Services (AWS) using strong encryption and unique encryption keys. The data is held by AWS in European data centres (currently in Dublin (EU-West-1) and London (EU-West-2)). Access to the data is limited to Visual Meaning personnel and contractors. 

User data will be stored until you request your user account to be deleted, which can be done by emailing enquiries@visual-meaning.com.

To access the maps, your identity is stored in an encrypted cookie hosted on your machine which can only be accessed by our key. This cookie is used to identify you as a valid user and has an automatic 2-week expiry. You can manually delete this from your machine before the expiry date if wanted. 

Third Party services
We only use third party services which record the minimum amount of information required to provide the service. Generally, this means an IP address (with no other identifiable information) is recorded. Our Network hosting providers may also have HTTP level records of some access to the service which includes IP address. 

Please refer to the third-party providers’ privacy policies for more information. Third Party providers are Heroku (https://devcenter.heroku.com/articles/security-privacy-compliance), AWS (https://aws.amazon.com/privacy/), Google (https://policies.google.com/privacy?hl=en-GB), Plausible (https://plausible.io/privacy) and in the instances of Single Sign On being used to access the site, also Microsoft (https://www.microsoft.com/en-gb/privacy/privacystatement). 

Visual-meaning.com uses Google’s reCAPTCHA to prevent data processing abuse attempts (e.g. phishing). This analyses various information of the respective visitor (e.g. IP address, mouse movements of the user, length of stay on the website). By using reCAPTCHA, data is transferred to Google, which is used to determine whether the visitor is a human being or a (spam) bot. Visual Meaning has a legitimate interest in protecting its web offers against abusive automated spying, against spam as well as protecting third parties against such attacks. Visual-meaning.com also uses YouTube to show external videos. Both reCAPTCHA and YouTube set cookies from Google. You can read which data is collected by Google and what this data is used for at https://policies.google.com/privacy. You can read the terms of use for Google services and products at https://policies.google.com/terms. 

Privacy policy changes
Visual Meaning may change its Privacy Policy from time to time. We encourage visitors to frequently check this page for any changes. You can tell when this policy was last updated by looking at the date at the top of the statement. Any change to our Privacy Policy will be effective immediately. 

Our contact details
Visual Meaning Limited
Oxford Centre for Innovation, 9 Alfred Street, Oxford, OX1 4EH
www.visual-meaning.com
enquiries@visual-meaning.com

Your data protection rights
Under data protection law, you have rights including:

Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask us to transfer the personal information that you gave us to another organisation, or directly to you in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at enquiries@visual-meaning.com if you wish to make a request.

How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at enquiries@visual-meaning.com.
You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk