PECR · UK GDPR
Cookies
River Truth sets no cookies, embeds no analytics scripts, and runs no per-visitor or third-party tracking. Our own server keeps minimal access logs in which your IP address is never recorded (it is replaced with a fixed placeholder before the entry is written — see below). This page exists so you can verify that.
Last updated: 2026-05-19
What we don't set
- No first-party cookies (functional, preference, or otherwise)
- No analytics cookies (no Google Analytics, Plausible, PostHog, etc.)
- No advertising or ad-targeting cookies
- No session-replay or heatmap cookies
- No
localStorageorsessionStoragewrites
Because no non-essential cookies are set, no consent banner is required under PECR. You should be able to use River Truth without any consent prompt.
What your browser does contact
When you load a page, your browser fetches resources from these third-party services. Like any HTTP request, those services see your IP address — but River Truth does not pass any other information about you, and these services do not set tracking cookies via us.
- OpenFreeMap (
tiles.openfreemap.org) — map tiles, when you view a page with a map. - Wikimedia Commons (
upload.wikimedia.org) — river and canal hero photographs. - Google Fonts (
fonts.gstatic.com) — the typefaces used in our typography. Loaded via Next.js font optimisation; we don't set or read fonts-related cookies. - Cloudflare Turnstile (
challenges.cloudflare.com) — only on the citizen report form. Cookieless bot challenge; Cloudflare have stated Turnstile does not set tracking cookies and does not use fingerprinting against the wider web.
Server-side, our backend talks to the Environment Agency, postcodes.io, the UK Parliament Members API, and similar public data providers when rendering pages. Those server-side calls do not forward your IP.
Server access logs
Like any web server, our reverse proxy records that a request was made. We have configured it so that your IP address is replaced with a fixed placeholder (the same value for every visitor) and any forwarding/identifying headers are removed before the log line is written, so your real address is never stored. Each entry holds only the time, the page path, the HTTP status and the browser user-agent string. There is no cookie and nothing that singles you out, so these logs cannot count or follow individual visitors — they are used only for aggregate figures (which pages are viewed, error rates). Logs rotate and are deleted after about 30 days.
How to verify this yourself
Open your browser DevTools, switch to the Application or Storage tab, and inspect the Cookies entry for rivertruth.co.uk. You should see no entries. The Network tab will show requests to the third-party hosts listed above and nothing else cross-domain.
If we ever change this
If River Truth ever needs a cookie (for example, to remember a logged-in admin session) we'll update this page, declare the cookie's name, purpose, and expiry, and — if it's non-essential — request your consent before setting it.
See also the full privacy notice.