Skip nav

Here are the most important things about privacy on

  • We only ask for and store your personal information if we need it (for example, your name and email address when you create an account) or if it helps make the site better or more interesting (for example, your website address, which is optional).

  • We will not disclose any of your personal information without your permission unless we are required by law to do so (for example, if required to do so by a court order or for the purposes of prevention of fraud or other crime).

    When creating a account, if you choose to receive emails from others we may share your name and email address with other organisations in the future. You can change this setting by logging in and visiting your account settings page.

  • If you link your account with Flickr, Instagram or Twitter accounts then we will only access public photos, tweets, etc.


There are three reasons we store cookies on your computer. (Learn more about cookies.)

  1. To make the site work well as you move around it. We store a “session ID” cookie that helps us know you're the same person when you go from one page of to another. If you're logged in then we can show you content personal to you, or your private pages, by checking this ID. Otherwise you'd have to log in before viewing every page.

  2. To prevent automated attacks on the site. We store a “CSRF token” cookie so that when you submit a form (like when you log in) we know you're doing so from a real HistoryTag page. Computers sending automated attacks wouldn't have this token.

  3. To measure usage of the website. We use Google Analytics to measure the numbers of people using and recording information about their computers and web browsers. This helps us know, in a very general sense, who our users are.

    We have set our Google Analytics account to never share your data – anonymously or otherwise – with Google products or third-parties. If you're concerned about the data Google Analytics collects, Google have a browser add-on that lets you opt-out.

Third party services

If you choose to connect your HistoryTag account with a third party service such as Flickr or Twitter then we use OAuth so that you can give us permission to access your photos or tweets.

We will never post photos or tweets to your Flickr, Instagram or Twitter accounts.

If you connect an account then we store a “token” and a “secret” (both random-looking short pieces of text) that lets us access your Flickr/Instagram/Twitter account in future without you having to re-approve this each time. We also store your usernames from the services, so that we can display these on

If you disconnect your Flickr, Instagram or Twitter account then we delete the token and secret and can no longer access your account on those services.

We only allow you to connect a public Twitter account, because we don't want to display private Tweets.

We may display photos from a private Instagram account, because Instagram doesn't offer us a way of determining the privacy level of a photo or account.

When connecting a Flickr account you have to grant us permission to access all of your photos, because there is no finer-grained permission available. However, we only fetch photos that are marked as public (not private, or “friends and family only”, for example).

If you see that we're displaying one of your public photos or tweets on that you don't want to see here, you are able to hide them, if you are logged in.

We store a variety of data about each public photo or tweet, such as name, description, and (if available) the geographical location of each one.


Please also see the even more dull Terms and Conditions.