1. Introduction
This privacy policy explains how nhstakehome.co.uk ("the Site") collects and uses data when you visit the NHS Agenda for Change Salary Calculator for England, Wales, Scotland and Northern Ireland.
The Site is operated on a non-commercial basis to help NHS staff estimate their take-home pay. For questions about this policy, contact us at contact@nhstakehome.co.uk.
Effective date: 24 March 20262. What Data We Collect
Salary calculations
All salary calculations are performed entirely in your browser. No salary data, tax codes, weekly hours, or personal financial information is ever sent to our servers or any third party.
Analytics data
If you consent to cookies, we use Google Analytics 4 (GA4) to collect anonymous usage statistics. This helps us understand how visitors use the calculator so we can improve it. We collect:
- Pages visited and time spent on site
- Browser type and device category (desktop/mobile)
- General geographic region (country/city level, not precise location)
- Which calculator features are used - for example, which pay bands are most commonly checked, which country is selected, and which optional features (such as unsocial hours or student loans) are toggled on
URL state
When you share a calculator link, your selected options (pay band, country, hours, etc.) are encoded into the URL. This data stays in the URL itself and is not transmitted to our servers. Anyone with the link can see the encoded settings.
Mailing list
If you choose to subscribe to our mailing list, we collect your email address only. This is used solely to notify you when NHS pay scales, tax rates, or pension thresholds are updated (typically once per year in April). Your email is stored and processed by Mailchimp (Intuit Inc.).
- Subscription is entirely optional and requires your explicit action
- You can unsubscribe at any time via the link in every email
- We do not share your email with any other third party
- We do not send marketing or promotional emails unrelated to NHS pay updates
What we do NOT collect
Beyond the optional mailing list, we do not collect any personally identifiable information (PII), including:
- Your actual salary, tax code, or weekly hours
- Mileage, expense, or on-call hour amounts
- Your name or IP address (GA4 does not log IP addresses)
- Any free-text input values
3. Cookies
We only use cookies for Google Analytics. We do not use marketing, advertising, or social media cookies.
| Cookie | Purpose | Expiry |
|---|---|---|
_ga |
Distinguishes unique visitors | 2 years |
_ga_<ID> |
Maintains session state | 2 years |
These cookies are only set if you click "Accept" on our cookie consent banner. If you reject cookies, no analytics cookies are set and no usage data is collected.
We also store your cookie preference in your browser's local storage (key: nhs_cookie_consent) and your theme preference (key: nhs_theme). These are not cookies - they are small text values stored locally so we remember your choices.
4. Local Storage
In addition to cookies, we use your browser's local storage for the following:
| Key | Purpose |
|---|---|
nhs_cookie_consent |
Remembers your cookie consent choice (accepted/rejected) |
nhs_theme |
Remembers your light/dark mode preference |
Local storage data never leaves your device and is not accessible to us or any third party.
5. Legal Basis for Processing
Under the UK General Data Protection Regulation (UK GDPR), our legal basis for processing is your consent (Article 6(1)(a)):
- Analytics cookies - consent obtained via cookie banner before any cookies are set
- Mailing list - consent obtained when you voluntarily submit your email address to subscribe
Under the Privacy and Electronic Communications Regulations (PECR), we obtain your consent before setting any non-essential cookies.
You can withdraw analytics consent at any time by clicking "Manage Cookies" in the site footer. You can withdraw mailing list consent by clicking "Unsubscribe" in any email we send.
6. Data Processors
Google LLC - processes analytics data through Google Analytics 4.
- Google's privacy policy: policies.google.com/privacy
- Data retention period: 14 months
- We do not enable Google Signals, User-ID, or any feature that enables cross-device tracking or re-identification
Intuit Inc. (Mailchimp) - processes mailing list data if you choose to subscribe.
- Mailchimp's privacy policy: intuit.com/privacy/statement
- Data stored: email address only
- You can unsubscribe at any time via the link in every email, which deletes your data from the list
7. International Data Transfers
Analytics data and mailing list data may be transferred to and processed in the United States by Google and Intuit (Mailchimp) respectively. Both participate in the EU-US Data Privacy Framework, which has been recognised as providing adequate protection under UK data protection law.
8. Your Rights
Under UK GDPR, you have the right to:
- Withdraw consent - click "Manage Cookies" in the site footer for analytics, or "Unsubscribe" in any email for the mailing list
- Access your data - request details of any data we hold about you
- Erasure - request deletion of your data
- Lodge a complaint - with the Information Commissioner's Office (ICO)
Contact the ICO
- Website: ico.org.uk
- Helpline: 0303 123 1113
9. Children's Privacy
This site is not directed at children under 13. We do not knowingly collect data from children.
10. Changes to This Policy
We may update this policy from time to time. The effective date at the top of this page will be updated accordingly.
11. Contact
If you have any questions about this privacy policy or your data, contact us at: