Last Updated: 22 November 2025
1. Introduction
M2 Magazine (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share your personal information when you visit our website at https://m2magazine.co.uk/ (the “Site”).
We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data (Use and Access) Act 2025. Please read this policy carefully to understand our practices.
2. Information We Collect
We collect information that you provide directly to us and data about how you use our Site.
| Information Category | Specific Data Collected | How We Collect It |
|---|---|---|
| Personal Information | Name, email address | When you comment on articles, subscribe to our newsletter, or contact us via a form. |
| Technical Information | IP address, browser type, device information | Automatically via cookies and similar technologies when you browse the Site. |
| Usage Data | Pages visited, time spent on Site, referring website | Collected through analytics services like Google Analytics. |
3. How We Use Your Information (Our Legal Bases)
We use your information for several purposes based on different legal grounds under the UK GDPR, as amended by the DUAA:
-
To send newsletters: We use your email address to send you our newsletter if you have subscribed. Legal basis: Your consent.
-
To analyse and improve our Site: We use technical and usage data to understand how our content is performing and to improve user experience. Legal basis: Our legitimate interests in providing a high-quality blog.
-
For security and fraud prevention: We use data such as your IP address to ensure the security of our website and to detect fraudulent activities. Legal basis: Our legitimate interests.
-
To respond to your enquiries: If you contact us, we use your information to respond. Legal basis: Our legitimate interests in communicating with our readers.
The DUAA introduces a list of “Recognised Legitimate Interests” that gives us more confidence to use data for certain purposes like security without conducting a full balancing test.
4. How We Share Your Information
We may share your information with:
- Service Providers: We use third-party services to operate our blog, such as email marketing platforms and analytics providers (e.g., Google Analytics). These partners are obligated to handle your data securely.
- Legal Obligations: We may disclose information if required by law.
We do not sell your personal information.
5. Cookies and Tracking Technologies
Our Site uses cookies. The DUAA has introduced new exceptions to consent requirements for cookies used for specific, low-risk purposes.
- Consent-Required Cookies: We will ask for your consent for cookies used for detailed behavioural advertising and profiling.
- Non-Consent Cookies: We may use certain cookies without consent where they are necessary for:
- System security and fraud detection.
- Collecting information for statistical purposes to improve our service.
You can control cookies through your browser settings.
6. Your Data Protection Rights
Under UK law, you have the following rights:
- Right of Access: You can request a copy of the personal data we hold about you.
- Right to Deletion: You can ask us to delete your personal data.
- Right to Correct: You can request correction of inaccurate data.
- Right to Object: You can object to certain processing, such as direct marketing.
The DUAA has clarified the process for Data Subject Access Requests (DSARs). We now have up to two months to respond to complex requests and are only required to conduct a “reasonable and proportionate” search for your data.
7. New Right to Complain to Us
The DUAA grants you a new right: if you believe we are in breach of data protection law, you can file a complaint directly with us. We are required to provide a way for you to do this (e.g., an electronic form) and inform you of the outcome.
8. Automated Decision-Making
The DUAA creates a more permissive framework for automated decision-making (ADM). We currently do not use fully automated decision-making that produces legal or similarly significant effects for our readers. Should this change, we will update this policy and implement the required safeguards, such as providing you with a right to obtain human intervention.
9. International Data Transfers
The DUAA has simplified the rules for transferring personal data outside the UK. The standard for protection is now that the other jurisdiction’s laws are not “materially lower” than UK law. We ensure any international transfers of your data are conducted in a compliant manner.
10. Children’s Privacy
Our Site is not directed at children. However, the DUAA introduces new requirements for online services likely to be accessed by children. We are committed to protecting children’s data and will consider technical measures to support this principle.
11. Changes to This Privacy Policy
We may update this policy to reflect legal changes or changes to our practices. The “Last Updated” date at the top will be revised. We will notify you of any material changes.
12. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at: Email: [contact@m2magazine.co.uk]