We do NOT sell your data. Not now, not ever. Our business model is membership and events, not surveillance.
We do NOT use your photos or profile data to train public AI models. Your face stays yours.
We delete your data 90 days after you leave. We keep it briefly for safety/investigation purposes only, then it is gone forever.
Welcome to want ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a safe experience. This policy explains how we collect, use, and protect your data when you use our app and attend our events.
Contact Us: For any privacy questions or to exercise your rights, email us at team@want.london or privacy@want.london.
We collect only what is necessary to connect you with great matches and run safe events.
We use your data to:
We use Artificial Intelligence to help us understand your preferences and suggest better matches. We do NOT use your conversations or photos to train general-purpose AI models (like ChatGPT or Gemini) for the public. Your data is used only within our private ecosystem to improve your personal experience.
We use cookies and similar technologies on want.london and app.want.london to keep the site working, understand how people use it, and measure the effectiveness of our advertising. You can control non-essential cookies via the cookie banner shown when you first visit, or at any time by clearing your browser cookies to trigger the banner again.
These are required for the site to function and cannot be disabled. They include session cookies set by our authentication provider (Clerk) and cookies that remember your cookie preferences.
When you consent to analytics cookies, we use PostHog (EU-hosted) and Vercel Analytics to understand how visitors interact with the site (for example, which pages are visited and where people drop off). This data is aggregated and does not identify you personally. We rely on your consent (UK GDPR Article 6(1)(a)) for analytics cookies.
When you consent to marketing cookies, we use the Meta Pixel (operated by Meta Platforms Ireland Ltd) to measure the performance of our advertising campaigns on Facebook and Instagram. The Meta Pixel collects:
This data is sent to Meta, who processes it as an independent data controller under their own Data Policy. We rely on your consent (UK GDPR Article 6(1)(a)) for marketing cookies. Meta may retain this data in accordance with their own retention policies.
We use Google Tag Manager (GTM) to manage the loading of analytics and marketing scripts on our site. GTM itself does not collect personal data or set cookies. It is a tag management system that controls when other tools (such as the Meta Pixel) are loaded, based on your cookie consent preferences.
We obtain your consent for analytics and marketing cookies through the cookie banner displayed on your first visit. You can accept all, reject all, or choose specific categories. If you have already accepted cookies, your preference is saved for 12 months. You can change your mind at any time by clearing your browser cookies for want.london. The cookie banner will reappear and you can make a new choice.
We do not sell data. We only share data with trusted tech providers who help us run the service ("Data Processors"). We have strict contracts with them to ensure they protect your data.
| Category | Purpose | Service Provider(s) |
|---|---|---|
| Hosting & Database | Securely storing your data | Supabase (London/EU), Vercel |
| Identity & Auth | Logging you in & verifying you | Clerk (Auth), Sumsub (ID Verification) |
| Events & Ticketing | Processing event tickets | Ticket Tailor |
| Analytics | Improving app experience | PostHog (EU-Hosted), Vercel Analytics |
| Communications | Push alerts, emails, SMS | OneSignal |
| Payments | Processing transactions | Stripe |
| AI Providers | Generating profiles/matches | Azure OpenAI (Microsoft), Vercel AI SDK, Google Gemini |
| Advertising & Marketing | Measuring ad performance, conversion tracking | Meta Platforms Ireland Ltd (Meta Pixel) |
| Tag Management | Managing analytics & marketing script loading | Google Tag Manager (Google Ireland Ltd) |
When you purchase a ticket, you are entering data into Ticket Tailor, who acts as a "Data Processor" on our behalf. We remain the "Data Controller," meaning we are responsible for your data. Payment details are processed directly by Stripe and are not stored on our servers.
We keep your data as long as your account is open.
When you request deletion, we retain your data for 90 days before permanently deleting it. This is a safety measure to effectively investigate any reports of harassment or criminal activity that may arise after a user leaves.
Verification data (via Sumsub) may be kept for legal compliance periods as required by UK law.
You have the right to:
To exercise any of these rights, email privacy@want.london. We will respond within 30 days.
We store your core data in the UK/EU (Supabase London eu-west-2, PostHog EU). However, some of our service providers are based in the United States, including Clerk (authentication), Vercel (hosting), OneSignal (push notifications), OpenAI/Microsoft Azure (AI), Stripe (payments), and Meta (advertising). Where data is transferred outside the UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the UK ICO, or the service provider's participation in frameworks recognised as providing adequate protection.
We take security seriously and utilize a "defense in-depth" approach:
Usage data stored in Supabase's London region eu-west-2 to ensure data sovereignty.
All data encrypted in transit TLS and at rest AES-256.
Regular security reviews and automated vulnerability scanning.
If a high-risk data breach occurs, we pledge to notify affected users within 72 hours.
We may update this policy. If we make big changes, we will notify you in the app.