Privacy Policy

‍Effective Date: 1st September 2025

At want, your privacy matters to us. This Privacy Policy explains how we collect, use, and protect your personal information.

Who We Are

want ("we", "our", "us") is a connection platform designed to help people build meaningful relationships, romantic, platonic, or social, through thoughtful matching, smart tech, and curated in-person events.

Your privacy is at the heart of what we do, and we’re committed to keeping your information safe and using it to make your experience better. If anything’s unclear, just drop us a line.

Website: https://want.london
Registered Office: 41b Brick Lane, London, E1 6PU
Contact: For data-related questions, email privacy@want.london or team@want.london

What We Collect and Why

We collect information to help you connect with the right people and keep want safe and fun. Here’s what we gather, why, and how we justify it under UK GDPR.

Examples

Why We Collect It

Legal Basis

Account Information

Name, email, phone number, date of birth

To create and manage your account

Contract (to deliver our services)

Sensitive Data

Gender identity, preferences, openness to meeting certain genders, onboarding insights (e.g., values, goals)

To personalise matches and curated events

Explicit consent (GDPR Art. 9(2)(a) - your clear agreement to process sensitive data)

Profile Data

AI-generated personality profile, editable answers, photos, height, interests

To enable matching and introductions

Consent (your agreement to share)

Chat Data

Messages, voice notes, shared media

To facilitate conversations and ensure safety

Legitimate interest (to maintain a safe platform)

Payment Data

Payment information processed via Stripe

To manage subscriptions and event tickets

Contract (to process payments)

Verification Data

ID verification via Sumsub

To confirm you're real and enhance safety

Legitimate interest (to protect our community)

Analytics and Cookies

Device information, usage patterns, Meta Pixel, Google Tag

To improve experience, marketing, and app performance

Consent (via cookie settings)

Note: "GDPR Art. 9(2)(a)" means we only process sensitive data (e.g., gender identity) with your explicit permission. See UK GDPR for details.

Automated Decision-Making and Profiling

We use smart technology to make want work better for you, helping you find connections that click. This involves profiling and some automated decision-making under GDPR Art. 22.

Our tech:

Builds your profile: Creates a profile based on your onboarding answers, reflecting your values and preferences.
Suggests matches: Suggests compatible connections by analysing your preferences and profile data.
Curates events: Invites you to in-person events with members who share similar goals and interests.
Keeps things safe: Flags profiles or chats that might not follow our House Rules, like spotting harassment or fake profiles.

These AI processes help you find meaningful connections but do not make legally binding decisions (e.g., account suspensions). You can:

Request an explanation of how our AI works by emailing privacy@want.london.
Challenge or request human review of significant decisions (e.g., match suggestions) within 30 days.
Opt out by deleting your account.

We audit our AI annually to minimise bias, ensuring fair and inclusive matching across all identities. For more details, see our FAQ.

Chat Moderation & Safety

We’ve got your back when it comes to safety, but we respect your privacy:

We don’t read or monitor every chat.
Our team might check messages if we spot potential issues, like harassment or unsolicited content.
This could lead to warnings, restricted features, or account suspensions if needed.

Third-Party Data Sharing

We share data with trusted processors to deliver our services. We never sell your data.

Third Party

Purpose

Data Shared

Policy Link

Stripe

Subscription payments & ticketing

Email & Payment details

stripe.com/gb/privacy

Sumsub

ID verification

Name, date of birth, ID images

sumsub.com/privacy-notice

Supabase

Secure data storage

Account & profile data

supabase.com/privacy

Meta Pixel

Analytics & adverts

Device & interaction data

meta.com/privacy

Google Tag Manager

Analytics & optimisation

Device & usage data

policies.google.com/privacy

Events & Ticketing

If you attend want-curated events:

Tickets: Non-refundable unless you cancel at least 7 days before and we find someone with similar preferences/values to take your spot.
Safety: We may have verified hosts to help keep things safe, but we can’t control what happens or how others act.
Liability: want is not responsible for personal injury, loss, or actions at third-party venues.

Your Rights

Under UK GDPR, you’re in control. You can:

Access your data
Request corrections or deletions
Restrict processing
Object to profiling
Request data portability
Withdraw consent at any time

Email privacy@want.london or team@want.london to exercise these rights. We'll respond within 30 days. You won't be penalised for using your rights.

Data Retention

Profile Data: Kept until you delete your account.
Chat Data: Deleted 90 days after account deletion.
ID Verification: Deleted 30 days post-verification.
Event Data: Kept for 6 months post-event.

Data Security

Stored in Supabase's London region (eu-west-2).
Encrypted in transit and at rest.
Regular security reviews to maintain standards.Regular security reviews to maintain standards.
If a high-risk data breach occurs, we'll notify affected users within 72 hours.

Contact Us

For concerns, email privacy@want.london or team@want.london. If unresolved, you can complain to the ICO: ico.org.uk.

Changelog

1 September 2025: Added explicit consent for sensitive data, AI profiling with bias audits, chat moderation, third-party sharing table, breach notification, dual contact emails.