No selling
We do not sell personal data to anyone.
No trackers
No analytics cookies, ad pixels or fingerprinting.
Opt-in email
Newsletter reminders are double opt-in with one-click unsubscribe.
1. Who is the data controller
Cordage & Co Ltd (company number 17142359, registered in England and Wales) is the data controller for personal data collected on World Wide Pride Guide. You can reach us at hello@worldwideprideguide.com.
2. What we collect
Only what we need for each thing you do.
Browsing the site
We store a session identifier in a first-party cookie so the site works and to protect forms against cross-site request forgery. We do not store your IP address or set analytics cookies.
Our hosting provider may briefly read the country code that our content-delivery network attaches to your request so we can suggest Prides near you. That country code isn't stored against a profile.
Creating an account
We store your name, email address and a hashed password. If you sign in with Google, we also store the Google account identifier used to recognise you on future logins.
Submitting a Pride event
We keep the event details you enter along with your email address (if you're not signed in). If you say you're officially involved with the event, we also keep the role you told us and any link or note you provided so our editors can verify it.
Claiming a listing as an organiser
We store your email address and a one-time verification token so we can confirm you own the email address before giving you access to a listing.
Newsletter subscription
We store your email address, the date you confirmed it and, if applicable, the date you unsubscribed. Nothing else.
Contacting us
If you email us, we keep your message and email address so we can reply and follow up.
We don't ask for — and generally have no reason to know — any special-category data about you, such as your sexual orientation or gender identity. Please don't send it to us unless it's genuinely necessary for a listing you want to submit.
3. Why we use it (and our legal basis)
Under UK GDPR we need a lawful basis for every use of personal data. Ours are:
| What we use it for | Legal basis |
|---|---|
| Running your account and letting you sign in | Performance of a contract with you |
| Reviewing and publishing event submissions | Legitimate interests (running the guide accurately) |
| Sending you the double opt-in and reminder emails | Consent |
| Verifying that you own an event email address (organiser claim) | Legitimate interests |
| Protecting the site (rate limits, CSRF, spam prevention) | Legitimate interests |
| Replying to your emails | Legitimate interests |
You can withdraw consent to the newsletter at any time by clicking the unsubscribe link in any email, and you can object to processing based on our legitimate interests — see Your rights.
6. International transfers
Some of the providers listed above are based outside the UK, including in the United States. When personal data is transferred there, we rely on the UK Government's adequacy decisions, the UK addendum to the EU Standard Contractual Clauses or the UK – US Data Bridge, as appropriate.
7. How long we keep it
- Account data — for as long as your account is open. If you close it, we delete or anonymise your personal details within 30 days, unless we're required to keep them longer.
- Event submissions — the submitter's email address is kept while the event is on the site so we can contact you about it, and up to a year afterwards. The event details themselves may stay on the site indefinitely as part of the historical record.
- Organiser claim tokens — expire after 7 days if unused.
- Newsletter subscribers — kept until you unsubscribe, then removed within 30 days (we may keep a hashed record of your email address for a short period to honour your unsubscribe request).
- Emails to us — kept for up to 2 years, then deleted.
- Backups — personal data may persist in encrypted backups for a short window until they roll off.
8. Security
We use industry-standard measures to protect your data, including HTTPS across the site, hashed passwords, database access controls and rate limits on sensitive forms. No system is ever perfectly secure — if you believe your account or data has been compromised, please email us straight away.
9. Your rights
Under UK data-protection law you have the right to:
- Access — ask for a copy of the personal data we hold about you.
- Rectification — ask us to correct inaccurate or incomplete data.
- Erasure — ask us to delete your data, subject to some legal exceptions.
- Restriction — ask us to pause using your data while a query is resolved.
- Portability — get a machine-readable copy of the data you gave us.
- Objection — object to processing based on our legitimate interests.
- Withdraw consent — for anything we do on the basis of consent, at any time.
Email hello@worldwideprideguide.com to exercise any of these rights. We won't charge you and we'll respond within one month.
You also have the right to complain to the UK Information Commissioner's Office, though we'd always like the chance to put things right first.
10. Children
The site is a public directory of events; no account or personal information is needed to browse it. Accounts and newsletter subscriptions are intended for people aged 16 and over. If you are a parent or guardian and believe a child under 16 has provided us with personal data, please contact us and we will remove it.
11. Changes to this notice
We may update this notice from time to time. When we do, we'll update the “last updated” date at the top. If the changes are significant, we'll let you know — for example, in the newsletter or with a notice on the site.
12. Contact & complaints
Data-protection questions or requests can go to hello@worldwideprideguide.com. Post can be addressed to Cordage & Co Ltd (company number 17142359) in England and Wales — email us for the current registered address.
Also useful
Our terms of service
The rules that apply when you use the site.