Privacy Policy

Last updated: January 2026

Community Stack ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share personal information when you visit our website, register with our platforms, sign up via Meetup, attend our events, complete registration forms, or engage with our ecosystems.

We process personal data in accordance with UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Community Stack operates and supports a portfolio of communities, ecosystems, and shared platforms, including (where applicable) Community Engine and Community Switchboard.

Contact details

Privacy: privacy@communitystack.io

Press: press@communitystack.io

Partnerships: partnerships@communitystack.io

2. What information we collect

We may collect and process the following categories of personal information.

a) Information you provide

This includes information you submit through our website, application forms, sign-up pages, community platforms, and event registrations, such as:

  • Name
  • Email address
  • Organisation/company name
  • Role/title
  • Speaker proposals, biographies, and session submissions
  • Sponsorship or partnership enquiries
  • Event registrations and attendance details
  • Community/organisation listing details (for directories)
  • Information you submit in forms, surveys, feedback requests, or contact enquiries

b) Information collected automatically

When you use our website or services, we may collect technical and usage information including:

  • IP address
  • Browser type and device information
  • Pages visited and time spent
  • Referrer/traffic source
  • Cookie and analytics identifiers (where enabled)

c) Information collected via third-party platforms (including Meetup)

Where you interact with Community Stack via platforms such as Meetup, ticketing systems, or event tools, we may receive information from those platforms (depending on their settings and your choices), such as:

  • Your name and profile identifier
  • RSVP / attendance status
  • Event sign-up details
  • Responses to event registration questions

d) Sensitive information

We do not intentionally collect sensitive personal data (for example, health information). If you voluntarily provide sensitive information, we will handle it with appropriate care and minimise retention.

3. How we use your information

We use personal information to:

  • Provide and improve our website, services, and ecosystem platforms
  • Process event registrations and manage attendance
  • Respond to enquiries, partnership requests, and community submissions
  • Maintain community, speaker, venue, or partner directories (where applicable)
  • Communicate ecosystem updates, event invitations, operational notices, and service messages
  • Produce responsible, non-extractive insight reporting (aggregated where possible)
  • Maintain platform safety, prevent abuse, and protect our communities
  • Administer sponsorship agreements, including sponsor fulfilment where relevant

Where we rely on marketing communications, we will provide you with appropriate choices and opt-out mechanisms.

4. Our legal basis for processing (UK GDPR)

We process personal data under one or more of the following legal bases:

  • Consent (e.g., where you opt in to receive communications)
  • Contractual necessity (e.g., to provide event access, deliver services, or respond to requests)
  • Legitimate interests (e.g., operating communities responsibly, improving our services, administering events and partnerships)
  • Legal obligation (e.g., regulatory or compliance requirements)

5. How we share information

We may share personal information with the following categories of recipients, where necessary and appropriate:

a) Our service providers ("processors")

We may share personal data with trusted third-party tools we use to operate our website and ecosystems, such as:

  • Website hosting and infrastructure providers
  • Analytics providers
  • Email and communications platforms
  • CRM and partnership management tools
  • Event registration and ticketing systems
  • Survey and form providers

These providers only process data on our instructions and are required to protect it.

b) Event sponsors and partners (including ecosystem sponsors)

Where an event, ecosystem programme, or conference is supported by a sponsor or delivery partner, we may share limited attendee or registration information with them where required for sponsor fulfilment or event delivery.

This may include:

  • Your name
  • Your email address
  • Your organisation/company (if provided)
  • Your job title/role (if provided)
  • Your attendance status (e.g., RSVP/attended)

We will only share what is necessary and proportionate, and we expect sponsors and partners to handle personal data responsibly.

In some cases, sponsors may receive attendee information:

  • to follow up with individuals who attended an event
  • to measure engagement and report on sponsorship outcomes
  • to support session logistics or access management

c) Aggregated or anonymised reporting

We may provide sponsors, partners, or stakeholders with aggregated insights (for example, attendee numbers, community growth, or content engagement). This is designed to be non-extractive and to protect individual privacy.

d) Legal and regulatory disclosures

We may disclose personal information where required by law, regulation, or legal process, including to regulators or law enforcement authorities.

We do not sell personal data.

6. Data retention

We retain personal data only as long as necessary to:

  • Deliver services and manage events
  • Maintain records of engagement and participation
  • Meet legal, operational, and reporting requirements

Retention periods may vary depending on the type of data and our obligations.

7. International data transfers

Where personal data is processed outside the UK, we ensure appropriate safeguards are in place, such as:

  • UK adequacy regulations where applicable, or
  • standard contractual clauses (or equivalent safeguards) where required

8. Your rights

Under UK GDPR, you may have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Restrict processing
  • Object to processing
  • Withdraw consent (where applicable)
  • Request data portability

To exercise your rights, contact: privacy@communitystack.io

9. Security

We implement appropriate technical and organisational measures designed to protect personal data. However, no system can be guaranteed 100% secure, and you acknowledge that data transmission over the internet carries inherent risks.

10. Third-party links and platforms

Our website may link to third-party platforms (including community platforms, ticketing tools, and event services). Their privacy practices are not controlled by us, and you should review their policies separately.

11. Changes to this policy

We may update this Privacy Policy periodically. We recommend checking this page for changes. Where changes are material, we may provide additional notice.

Questions about privacy?

Contact us at privacy@communitystack.io

← Back to Home