We take your privacy seriously. This policy explains what data we collect, how we use it, and the choices you have.
The short version: We collect only what we need to run the service. We never sell your data. You own your community's data and can export or delete it at any time. We are GDPR compliant.
Guildbase ("we", "us", "our") operates guildbase.io and related services. This Privacy Policy describes how we collect, use, store, and share information when you use our platform.
We act as a data controller for the personal data of our account holders, and as a data processor for the personal data that community administrators collect from their applicants through our platform.
This policy applies to all users of Guildbase, including community administrators, staff members, and applicants who submit information through community-hosted forms.
We collect the following categories of data:
| Category | Examples | Purpose |
|---|---|---|
| Account data | Name, email, password hash | Account creation & authentication |
| Profile data | Community name, logo, settings | Personalisation & configuration |
| Usage data | Pages visited, features used, timestamps | Service improvement & analytics |
| Payment data | Billing address, last 4 digits of card (via Stripe) | Processing payments |
| Community data | Application forms, responses, member data | Core platform functionality |
| Technical data | IP address, browser type, device info | Security & service delivery |
We do not collect sensitive personal data (such as racial origin, health data, or financial information beyond billing) unless explicitly required for your use case and consented to by applicants.
We use the data we collect to:
We do not use your data to serve third-party advertising. We do not sell, rent, or share personal data with advertisers.
We share data with third parties only in the following circumstances:
We never share your community's application data with other communities or third parties without your explicit authorisation.
We retain your data for as long as your account is active. When you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it for longer (for example, financial records for 7 years).
Application data submitted by your community's applicants is retained according to your own configuration. You can delete individual applications or all data at any time from your dashboard.
We implement industry-standard security measures to protect your data, including:
Despite our best efforts, no method of electronic transmission or storage is 100% secure. If you discover a security vulnerability, please contact us at security@guildbase.io.
Under GDPR and applicable data protection laws, you have the right to:
To exercise any of these rights, contact us at privacy@guildbase.io. We will respond within 30 days. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).
We use cookies and similar technologies to operate the Service. For full details on the cookies we use, please see our Cookies Policy.
Essential cookies are necessary for the Service to function and cannot be disabled. You can control non-essential cookies through the cookie preferences panel or your browser settings.
The Service is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you become aware that a child has provided us with personal data, please contact us so we can delete it.
Community administrators are responsible for ensuring their application forms comply with applicable laws regarding the collection of data from minors.
If you have any questions about this Privacy Policy or how we handle your data, please contact our Data Protection Officer:
This policy is governed by the laws of England and Wales. We are registered with the UK Information Commissioner's Office (ICO).