Skip to content
Firework Pet Alert

Protecting pets through advance notice.

Privacy Policy

Last updated: 25 June 2025

1. Who We Are

Firework Pet Alert (“we”, “us”, “our”) is a free, community-driven alert system that connects people who are planning firework displays with nearby pet owners and residents who would benefit from advance notice.

This website is operated from the United Kingdom. For any data-protection queries, contact us at [email protected].

2. What We Collect

We collect only the minimum data necessary to run the service:

Data Purpose Lawful Basis
Email address Account creation, alert delivery, password resets Contract / Consent
Display name Community identification (optional) Consent
Postcode (first part only) Approximate location for alert matching Legitimate interest
Pet profiles Personalised guidance & community features Consent
Alert preferences Notification timing & channel selection Contract
Uploaded images Pet profile photos & community stories Consent

We do not collect payment information, government IDs, health data, or precise GPS coordinates.

3. How We Use Your Data

  • Sending advance alerts to subscribers within the estimated sound radius.
  • Delivering account-related emails (verification, password reset, newsletter).
  • Displaying community content you have chosen to share (e.g. pet stories).
  • Improving the service through aggregated, anonymised usage analytics.

We never sell, rent, or trade your personal data to third parties.

4. Postcode & Approximate Radius

Your exact postcode is never shared — only an approximate sound radius is shown.

When a firework display is registered, we convert the postcode to an approximate centre-point and calculate a sound radius (typically 1–3 km). Subscribers whose postcode district falls within this radius receive an alert. At no point is a full postcode displayed on a map or shared with other users.

Display locations are shown as shaded circles on a map — there is no way for other users to pinpoint the exact address.

5. Encryption & Storage

Sensitive personal data (including pet profiles) is encrypted at rest using AES-256-GCM with per-record initialisation vectors. Encryption keys are stored separately from the data they protect.

Passwords are hashed using WordPress’s built-in wp_hash_password() (bcrypt-based) and are never stored in plaintext.

All connections to this site are encrypted in transit via HTTPS / TLS 1.2+.

6. Cookies & Local Storage

We use only strictly necessary cookies and local-storage items:

Name / Key Purpose Duration
wordpress_logged_in_* WordPress authentication session Session / 14 days
wp_lang Language preference Session
Service Worker cache Offline asset caching for faster page loads Until manually cleared
Push subscription (IndexedDB) Web-push notification endpoint Until unsubscribed

We do not use analytics cookies or cross-site tracking pixels.

7. Third-Party Services

The site uses the following external services, each subject to their own privacy policies:

  • OpenStreetMap / Nominatim — Geocoding postcodes to approximate coordinates. No personal data is sent; only the postcode string.
  • Leaflet.js — Map rendering library loaded from unpkg CDN (no data transmitted).

We do not embed social-media tracking widgets or analytics SDKs.

8. Your Rights (GDPR)

Under the UK General Data Protection Regulation, you have the right to:

Access

Request a copy of all personal data we hold about you.

Rectification

Correct inaccurate or incomplete data via your dashboard or by contacting us.

Erasure

Request deletion of your account and all associated data (“Right to be Forgotten”).

Restriction

Ask us to limit processing of your data in certain circumstances.

Portability

Receive your data in a structured, machine-readable format.

Object

Object to processing based on legitimate interest at any time.

To exercise any of these rights, email [email protected]. We will respond within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

9. Data Retention

Data Type Retention Period
Account data Until you delete your account
Display submissions 12 months after the display date, then anonymised
Email verification tokens 24 hours (auto-expired)
Password-reset links 24 hours (auto-expired)
Server access logs 30 days (managed by hosting provider)

10. Children’s Privacy

This service is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be highlighted on this page with an updated “Last updated” date. Continued use of the service after changes constitutes acceptance of the revised policy.

12. Contact Us

For any privacy-related questions, data requests, or concerns:

[email protected]

fireworkpetalert.com