Privacy Policy
1. Who we are
This site is operated by inihcrats.uk ("we", "us", "our"), a sole trader based in the United Kingdom. We publish short-form video content under the brand The POST Mortem Report on third-party platforms including YouTube, TikTok and Instagram, and operate this website as a public information page for that channel.
For the purposes of UK data protection law, we are the data controller for personal data processed in connection with this website. The full legal name of the controller is available on request to the contact address below.
Contact: postmortem2026@gmail.com
2. Scope of this policy
This policy explains how we handle personal data collected through thepostmortemreport.com. It does not cover personal data processed by the third-party platforms on which our content is published. Each platform operates under its own privacy policy, and you should refer to those policies for information about how they process your data:
- YouTube / Google — policies.google.com/privacy
- TikTok — tiktok.com/legal/privacy-policy
- Instagram / Meta — privacycenter.instagram.com/policy
3. What personal data we collect
This website is a static information site. It contains no user accounts, no forms, no comment system, no advertising and no analytics tracking. We do not set any cookies or use similar client-side storage technologies.
The only personal data processed in connection with the site is the following, handled by our hosting provider:
3.1 Server logs (via Cloudflare)
- IP address of the requesting device
- Date and time of the request
- Requested URL and HTTP response code
- User-agent string (browser and device type)
- Referring URL, where provided by your browser
Under UK GDPR, an IP address can constitute personal data. These logs are generated automatically by Cloudflare for the purposes of delivering the site, protecting it from abuse and detecting security threats.
4. Lawful basis for processing
We rely on the following lawful bases under Article 6 of the UK GDPR:
- Legitimate interests (Article 6(1)(f)) — for security logging and abuse prevention. Our legitimate interest is the safe and reliable operation of the site. We have considered the impact on visitors and concluded that the processing is limited, expected for any internet-facing service, and does not override your rights and freedoms.
- Legal obligation (Article 6(1)(c)) — where we are required to retain or disclose data to comply with applicable UK law.
5. Cookies and similar technologies
This site does not set any cookies, local storage values, fingerprinting scripts or other tracking technologies in your browser. No consent banner is shown because none is required under the Privacy and Electronic Communications Regulations 2003 (PECR).
If we add analytics or any other technology that requires consent in future, we will update this policy and present an appropriate consent mechanism before the technology is activated.
6. Who we share data with
We share personal data with the following processors and recipients:
- Cloudflare, Inc. — hosting, DNS and edge security for this website. Cloudflare processes server logs on our behalf under its data processing addendum. See cloudflare.com/privacypolicy.
- Email service providers — if you contact us by email, your message is processed by Google (Gmail) for the purpose of receiving and responding to your enquiry. See policies.google.com/privacy.
- Law enforcement and regulators — where required to comply with a lawful request.
7. International transfers
Cloudflare and Google operate global infrastructure, so personal data may be transferred to and processed in countries outside the UK, including the United States. Where this happens, the transfer is protected by an appropriate safeguard recognised under UK GDPR, such as the UK Extension to the EU–US Data Privacy Framework, the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses.
8. How long we keep your data
- Cloudflare server logs are retained according to Cloudflare's standard log retention policy (typically a small number of days for the data accessible to us).
- Email correspondence is retained for as long as needed to handle the matter you contacted us about, and then for up to 24 months for record-keeping, after which it is deleted.
9. Your rights
Under UK GDPR you have the following rights in relation to your personal data:
- The right to be informed about how your data is processed (covered by this policy)
- The right of access to your personal data
- The right to rectification of inaccurate data
- The right to erasure ("right to be forgotten")
- The right to restrict processing
- The right to data portability
- The right to object to processing carried out on the basis of legitimate interests
- Rights related to automated decision-making and profiling (we do not carry out any such processing)
To exercise any of these rights, email postmortem2026@gmail.com. We will respond within one calendar month.
10. Data deletion requests
To request deletion of any personal data we hold about you, send an email with the subject line Data deletion request to postmortem2026@gmail.com. Include enough information for us to identify the data concerned (for example, the email address you used to contact us, or the approximate date of any correspondence). We will confirm deletion within one calendar month.
This page section serves as our published data deletion instructions for the purposes of third-party platform developer review processes.
11. Complaints to the ICO
If you believe we have not handled your personal data lawfully, you have the right to complain to the Information Commissioner's Office:
Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Helpline: 0303 123 1113. Website: ico.org.uk.
We would prefer the chance to address your concerns first, so please consider contacting us before filing a complaint.
12. Children
This site is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to us, please contact us and we will delete it.
13. Third-party platform integrations
We may in future use the developer APIs of YouTube (Google API Services), TikTok and Meta to publish or analyse our own content. If we do, the only personal data those integrations process is data belonging to the operator of this site, not data belonging to visitors of this site. Where Google API Services are used, our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
14. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top of the page reflects the most recent revision. Material changes will be highlighted on this page for a reasonable period after they take effect.