K
know a guy
Draft, pending UK solicitor sign-off

Privacy Policy

Last updated: [DD Month YYYY]

This is how Know A Guy handles personal data. We are the data controller for the data described below.

  • Controller: [Know A Guy Ltd], registered in England and Wales, company number [##########].
  • Registered office: [Registered address].
  • ICO registration: [ICO registration number].
  • Contact: [privacy@knowaguy.co]

1.What we collect

  • Account: email, password hash, display name, role, optional handle.
  • Profile: sectors, region, title, track record, logos, the things you choose to write about yourself.
  • Application: the membership-review answers you submit (full name, what you do, qualifications, who you can reach, payout note), kept private and used to vet your account.
  • Verification (when required for larger deals): a photo of your ID, a selfie, an address. Handled by our verification partner; we do not store the raw documents.
  • Need and deal content: what you post, your responses, your in-app messages.
  • Usage: log entries, IP address, device, pages viewed (only via cookies you've consented to).
  • Marketing preferences: what you've said yes or no to.

2.Lawful bases (UK GDPR)

  • Contract: running your account, the marketplace, your deals.
  • Legitimate interests: keeping the platform secure, preventing fraud and abuse, vetting members at a basic level, debugging.
  • Consent: non-essential cookies, marketing emails, marketing pixels. You can withdraw consent at any time.
  • Legal obligation: tax, accounting, responding to lawful requests.

3.Who we share it with

Members see only what we show on your public profile (first name + initial, role, region, sectors, vetted flag). Real names, contact details, and LinkedIn stay private until a deal is live and you've both accepted the Deal & Fee Agreement.

We use the following processors:

  • Supabase, database, authentication, file storage (EU region).
  • Resend, transactional and (if you opt in) marketing email.
  • Google Analytics 4, analytics, only loaded if you accept analytics cookies.
  • Meta Pixel / TikTok Pixel, measuring ads, only loaded if you accept marketing cookies.
  • [Identity verification partner], only when KYC is required for larger deals.

4.Retention

  • Account and profile: while your account exists, plus [12 months].
  • Deal records and messages: [7 years] for tax and dispute reasons.
  • Application answers: [3 years] after decision.
  • Verification result (verified yes/no): with your account; raw documents are not stored by us.
  • Marketing consent log: [6 years].

5.Your rights

Under UK GDPR you can ask us to give you a copy of your data; correct it; delete it; restrict or object to processing; or export it. The fastest way is Account & data in your account, where you can export everything and delete your account.

You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.

6.Security

We host on managed infrastructure with row-level security and access scoped to the signed-in user. Passwords are hashed. Service-role keys are kept off the client. We use HTTPS end-to-end. No platform is bulletproof; if something serious happens we'll tell you and the ICO as required.

7.International transfers

Our infrastructure runs in the UK / EU. Some processors (e.g. analytics) may transfer data to the US under appropriate safeguards (UK IDTA / SCCs).

8.Changes

We'll update this policy as the platform evolves. Material changes are notified by email and in-app.