The Social Seen

Privacy Policy

Last updated: 30 April 2026

Who we are

The Social Seen is a curated social events platform for London professionals, operated as a sole-trader business in the United Kingdom. The operator’s legal name and contact address are available on request from info@the-social-seen.com. The operator is the data controller for the personal data described below.

Contact us at info@the-social-seen.com with any privacy questions.

What we collect

  • Account data: email, full name, phone number, password hash (via Supabase Auth).
  • Profile details:job title, company, industry, bio, LinkedIn URL, interests, profile photo — all optional and self-provided.
  • Booking history: which events you booked, waitlisted, cancelled, attended, or were marked no-show for.
  • Reviews: ratings and text reviews you leave for events.
  • Payment records: the fact that you paid, when, how much, and whether refunded. We do not store card numbers — Stripe handles all card data. We keep a Stripe Customer id so you can reuse saved cards.
  • Communication log: a record that we sent you an email (to support retries + GDPR compliance). The content is anonymised when you delete your account.
  • Analytics:if you consent to cookies, we track page views and key events via PostHog (EU hosting). No cookies means no analytics — the site still works fully.

Why we collect it

  • Contract: bookings, payments, reviews, and event attendance are necessary to run the service.
  • Legitimate interests: sending event reminders and venue-reveal emails, moderating members to keep the community good, improving the product through aggregated analytics (with your consent).
  • Consent: marketing email (optional at sign-up, revocable any time) and analytics cookies.
  • Legal obligation: accounting records retained as required by UK law (typically 6 years after the tax year for payment records).

Who we share with

  • Supabase (database + auth, EU hosting).
  • Vercel (website hosting, global edge).
  • Stripe (payments, Ireland + US, standard contractual clauses).
  • Resend (transactional email, US, SCCs).
  • PostHog (analytics, EU hosting, consent- gated).
  • Sentry (error reporting, EU/US).

We do not sell your data to anyone, ever. We do not share it with marketing or advertising networks.

How long we keep it

  • Active accounts: as long as you remain a member.
  • Deleted accounts:profile is anonymised immediately, hard-deleted 30 days later. If you ever booked a paid event, your Stripe Customer record is deleted at the same time — Stripe keeps Charge records separately for UK tax compliance. Bookings that affect aggregate reporting (attendance counts) keep the booking row but lose all identifying fields.
  • Payment records: retained for 6 years from the end of the relevant tax year.

Your rights

Under UK GDPR you have the right to:

  • Access the data we hold about you — use Your data & privacy on your profile to download it instantly.
  • Correct inaccurate data — edit your profile at any time.
  • Erase your data — same profile page, Delete my account.
  • Restrict or object to processing — email us.
  • Data portability — the download is in JSON.
  • Withdraw consent — uncheck marketing consent in your profile, or decline analytics cookies.
  • Complain to the ICO if you think we’ve mishandled your data.

Cookies

We use a session cookie (strictly necessary) to keep you logged in. If you consent, we also set a PostHog analytics cookie. You can decline or change your choice any time via the cookie banner or your browser settings.

Changes to this policy

If we change how we handle your data we’ll update this page and, for material changes, email the account address. The “Last updated” date at the top is the authoritative version marker.