Privacy

What we collect

When you report a pothole (required)

• The location of the pothole (latitude and longitude)
• The road name
• How bad it is (severity)
• A short description
• A photo, if you provide one

Optional

• Your name and email address — only if you want status updates. You can report entirely anonymously.

Photos

We strip EXIF metadata from every photo before it is stored. That means any embedded GPS coordinates, camera serial number, or timestamp from your phone is removed. Only the picture itself is kept.

IP addresses

Your IP address is never stored in its raw form. Before anything is written to disk, we hash it with SHA-256 and a server-side salt. The hash lets us spot the same person voting on the same pothole twice without letting us (or anyone else) work backwards to the original address.

Admin session cookies

When a moderator logs in, we set one session cookie. It is HttpOnly, Secure, SameSite=Strict, and expires after 24 hours. Public visitors get no cookies at all.

Legal bases (UK GDPR Article 6)

• Legitimate interest for the civic reporting work itself — pothole locations, photos, road details, severity. Reporting highway defects to a council is a recognised public-interest activity.
• Consent for email notifications. If you tick the box to receive updates, that's the basis; you can withdraw it at any time by emailing us.

Who we share data with

Herefordshire Council

Verified reports are exported as a CSV and sent to the council's highways department so they can schedule repairs. The export includes the location, road name, severity, description, and photo. It does not include your name or email address — those are only used by us to send you updates, and never leave our systems.

Cloudflare

Cloudflare provides our tunnel and CDN, which means traffic to this site passes through their network. They act as a data processor under UK GDPR, handling requests on our behalf. We use their EU data centres where possible. See Cloudflare's own privacy policy for details.

Nobody else

We do not sell data. We do not run adverts. We do not use Google Analytics, Facebook pixels, or any other third-party tracker. The site has no analytics at all.

How long we keep things

• Pothole reports: kept indefinitely. They're a record of civic interest and of the council's response, and highways matters can have a long statutory tail.
• Photos: same as the report they belong to.
• Your email address: deleted whenever you ask. It isn't used as a database key, so we can remove it cleanly without affecting the report.
• IP hashes: deleted automatically after 90 days.

Your rights under UK GDPR

You have the right to:

• Access — ask what data we hold about you
• Rectification — correct anything inaccurate
• Erasure — ask us to delete your personal data
• Restrict processing — tell us to pause using it
• Data portability — get a copy in a usable format
• Object — to processing based on legitimate interest

To exercise any of these, email [email protected]. We'll respond within one month, usually much sooner.

Cookies

If you're a public visitor, we set no cookies whatsoever. There's no tracking, no analytics, nothing to consent to.

The only cookie on the site is the admin login session cookie described above. It's strictly necessary for the login to work, so under the Privacy and Electronic Communications Regulations (PECR) we don't need a consent banner for it.

Data controller

The data controller for PatchHereford is Josh Lam, who operates the site in a personal capacity. You can contact him at [email protected].

Complaints

If you're not happy with how we've handled your data, please tell us first so we can put it right. You also have the right to complain to the UK's data protection regulator, the Information Commissioner's Office, at ico.org.uk.