Privacy policy

MyTop50 collects as little personal data as possible. No account system, no trackers beyond the bare minimum we need, and no selling or sharing of data with third parties we do not name on this page.

This policy explains what we do collect, why, and how long we keep it. Last updated 17 April 2026.

Template notice. This document is an initial template aligned with UK GDPR and the Privacy and Electronic Communications Regulations (PECR). Before the site goes fully live you should have a solicitor or qualified data protection adviser review and sign off the final wording for your specific operation.

Who we are

MyTop50 is operated by TonyGrant.AI, based in the United Kingdom. For any data protection matter, contact [email protected].

What we collect

When you visit the site

  • Server logs held by Cloudflare (our hosting provider) — your approximate location, the pages you requested, the time of the request, and your browser user-agent. Retained for a maximum of thirty days for troubleshooting and abuse prevention.
  • Aggregated traffic statistics so we can see which pages are popular. No personal identifiers, no cross-site tracking.

When you click an affiliate link

Clicking an Amazon link takes you to Amazon. At that point Amazon's privacy policy applies, not ours. MyTop50 does not record which affiliate link you clicked, and does not receive personal data about you from Amazon in return for a purchase — we only see aggregated commission totals.

When you email us

Your email address, name if you give one, and the content of your message. Retained until the matter is resolved plus six months for audit, then deleted.

What we do not collect

  • We do not run an advertising network on the site.
  • We do not set cross-site tracking cookies.
  • We do not fingerprint devices, sell data to data brokers, or participate in real-time bidding.
  • We do not have an account system, so we cannot collect passwords, addresses, or payment details — because there is nowhere to store them.

Cookies

The site uses a minimal set of strictly-necessary cookies set by Cloudflare for security and load balancing. These are exempt from the consent requirement under PECR and UK GDPR. We do not set any analytics, advertising, or tracking cookies.

If we later add an analytics tool, we will update this policy and add a consent banner at that point — not before.

Lawful basis

  • Server logs and aggregated traffic stats: legitimate interest (site security and performance).
  • Email correspondence: legitimate interest (responding to your enquiry) and, where you are a customer-equivalent, contractual necessity.
  • Affiliate click-through: no personal data processed by MyTop50 at this step.

Your rights under UK GDPR

You have the right to:

  • Ask for a copy of any personal data we hold about you.
  • Ask us to correct inaccurate data.
  • Ask us to delete your data ("right to be forgotten") where we have no continuing lawful basis.
  • Object to processing based on our legitimate interest.
  • Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, email [email protected]. We will reply within thirty days.

Third parties we use

  • Cloudflare — static hosting and DNS for the site. Based in the United States with UK data centres; transfers are covered by the UK-US Data Bridge.
  • Amazon — the destination of our affiliate links. Amazon's privacy policy governs any interaction you have with Amazon's site.
  • Our email provider — for inbound and outbound correspondence on mytop50.com addresses. Currently hosted on our own mail infrastructure.

Changes to this policy

If we materially change how we process personal data, we will update this page and note the date at the top. Minor wording updates will not be flagged.