Legal

Privacy Policy

Effective date: February 20, 2026

1. Data Controller

WhereToGoInUK acts as the data controller for personal data processed through this platform. For privacy requests, contact: hello@wheretogoinuk.com.

2. Personal Data We Collect

We may collect the following categories of personal data:

  • Account details: name, email address, password hash, account preferences.
  • User-generated content: place submissions, ratings, comments, wishlist activity.
  • Technical and usage data: IP address, browser, device type, basic analytics and security logs.
  • Support and communication data you provide to us.

3. Lawful Bases (GDPR Article 6)

  • Contract: to provide account features and platform services.
  • Legitimate interests: platform safety, abuse prevention, service improvement, and performance monitoring.
  • Consent: where required, including cookie/reCAPTCHA-related processing.
  • Legal obligation: where processing is required by law.

4. How We Use Data

  • To create and manage user accounts.
  • To display and moderate place-related content.
  • To support community features like reviews and wishlists.
  • To detect fraud, abuse, and unauthorized activity.
  • To maintain, secure, and improve the service.

5. Data Sharing

We do not sell personal data. We may share data with service providers (hosting, infrastructure, analytics, email delivery, anti-bot/security providers) strictly as needed to operate the service under appropriate safeguards and contractual protections.

6. International Transfers

If personal data is transferred outside the UK/EEA, we apply safeguards such as standard contractual clauses or other lawful transfer mechanisms where required.

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy, legal obligations, dispute resolution, and enforcement. Retention periods vary by data category and legal requirement.

8. Your GDPR Rights

Subject to applicable law, you have rights to access, rectification, erasure, restriction, objection, portability, and to withdraw consent where applicable. You may also lodge a complaint with your supervisory authority.

9. Security

We use technical and organizational measures to protect personal data, including access controls, monitoring, and secure transport where possible. No system is completely risk-free.

10. Children’s Data

The service is not intended for children under 13. If we learn personal data has been collected from a child without proper authorization, we will take appropriate action.

11. Contact & Requests

For privacy requests or questions, contact hello@wheretogoinuk.com.

Please also review our Terms & Conditions.