Socialdance.net

PRIVACY POLICY

Last updated: May 8, 2026

This Privacy Policy explains how Social Dance Tech Ltd ("we", "us" or "our") collects, uses, stores and shares personal data through socialdance.net and related websites, organiser-branded pages, custom-domain community sites, checkout flows, digital content areas, organiser tools and related services powered by our platform (together, the "Platform").

This Privacy Policy should be read together with our Cookie Policy and any other privacy information we give you from time to time.

1. IMPORTANT INFORMATION AND WHO WE ARE

Social Dance Tech Ltd is a company incorporated in England and Wales with company number 16618392 and registered office at Belmont Suite Paragon Business Park, Chorley New Road, Horwich, Bolton, United Kingdom, BL6 6HG.

For the purposes of UK data protection law, Social Dance Tech Ltd acts as controller or processor depending on the context. Further detail is set out in section 3 below.

If you have any questions about this Privacy Policy or about how we handle your personal data, please contact us at:

Email: info@socialdance.net Post: Belmont Suite Paragon Business Park, Chorley New Road, Horwich, Bolton, United Kingdom, BL6 6HG.

2. SCOPE OF THIS PRIVACY POLICY

This Privacy Policy applies to personal data we collect when you:

  • visit or use the Platform;
  • create or use an account;
  • buy tickets, classes, subscriptions, merchandise, add-ons or digital content;
  • receive tickets or access rights in your wallet;
  • contact us;
  • sign up for updates or marketing;
  • apply to become an Organiser; or
  • use organizer tools, pages or services powered by the Platform.

This Platform is intended for users aged 18 or over. We do not knowingly collect personal data from children.

This Privacy Policy also applies to organizer-branded pages, event pages and related communications operated through the Platform

3. DIFFERENT DATA ROLES ON THE PLATFORM

Because the Platform supports both customers and Organisers, our role may differ depending on the context.

3.1 Where we act as controller

We act as controller for personal data we use for our own purposes, including where we:

  • create and manage user accounts;
  • operate, secure and improve the Platform;
  • manage onboarding, compliance, fraud prevention and support;
  • process organiser relationship data;
  • process transaction and payment-related data for our own purposes, including where we are the seller or merchant of record;
  • manage our own marketing and communications;
  • comply with legal and regulatory obligations; and
  • maintain business records and audit trails.

3.2 Where an Organiser acts as controller

Each Organiser is generally responsible as an independent controller for personal data used for its own events, services, customer relationship and marketing activities. This includes, for example:

  • event logistics, including RSVP lists and attendee check-ins;
  • registration data collected for event-specific questions, such as dietary requirements or similar requests; and
  • organiser communications, including confirmations, reminders, updates and marketing sent to the Organiser’s own marketing lists.

3.3 Where we may act on behalf of an Organiser

In some cases, we process personal data on behalf of an Organiser as its processor, where we process that data only on the Organiser’s instructions and for the purpose of providing the Platform. This may include, for example:

  • managing RSVP lists and attendee check-ins;
  • processing answers to event-specific registration questions;
  • sending transactional messages for an Organiser, such as confirmations, reminders or updates; and
  • sending marketing emails on behalf of an Organiser to that Organiser’s own marketing lists.

In those cases, the Organiser remains responsible as controller for that processing.

3.4 Merchant of record and transaction-specific responsibility

Depending on the transaction, either we or the relevant Organiser may be the seller or merchant of record. That position should be identified in the checkout flow or related transaction documents. Where we and an Organiser each use personal data for our own purposes in relation to the same transaction, each party may be acting as a separate controller for its own processing activities. ICO guidance distinguishes controllers, joint controllers and processors by who decides the purposes and means of processing.

4. THE PERSONAL DATA WE COLLECT

We may collect, use, store and share different categories of personal data about you.

4.1 Identity and account data

This may include:

  • name;
  • username or account identifier;
  • login credentials;
  • date of birth or age confirmation, where required;
  • profile details;
  • preferred language; and
  • account status information.

4.2 Contact data

This may include:

  • email address;
  • billing address;
  • postal address;
  • telephone number; and
  • other contact details you provide.

4.3 Transaction and payment data

This may include:

  • order details;
  • ticket purchases;
  • subscriptions;
  • classes;
  • merchandise purchases;
  • donations;
  • add-ons;
  • refunds;
  • payment status;
  • transaction history; and
  • limited payment-related information.

Card and payment details are typically processed by our payment providers, such as Stripe, and not stored in full by us.

4.4 Event, attendance and access data

This may include:

  • events or classes booked;
  • attendance records;
  • ticket or wallet status;
  • digital access rights;
  • viewing permissions for restricted recordings or content;
  • order fulfilment data; and
  • related customer support history.

4.5 Organiser and business data

If you are an Organiser or apply to become one, we may collect:

  • business name;
  • company details;
  • contact details;
  • billing details;
  • onboarding information;
  • verification information;
  • payout-related information;
  • tax or compliance information; and
  • details relating to your use of organiser tools and services.

4.6 Technical and usage data

This may include:

  • IP address;
  • browser type and version;
  • device type and identifiers;
  • operating system;
  • time zone;
  • log data;
  • page views;
  • clicks;
  • referral source;
  • cookie or similar technology data; and
  • information about how you use the Platform.

Our use of cookies and similar technologies is explained in our Cookie Policy. PECR applies to cookies and similar technologies, and where cookie data is personal data the UK GDPR also applies.

4.7 Marketing and communications data

This may include:

  • your marketing preferences;
  • communication preferences;
  • consent records;
  • unsubscribe records;
  • campaign interaction data; and
  • records of messages sent to or by you through the Platform.

4.8 Content and community data

This may include:

  • event listings;
  • blog posts;
  • comments;
  • reviews;
  • feedback;
  • support requests;
  • uploads;
  • media;
  • messages; and
  • other content you make available through the Platform.

4.9 Preference data

This may include your interests, saved preferences and, where relevant to classes or events, whether you prefer to dance as a lead or follow.

We do not intend to collect special category personal data through the Platform. Where a preference such as lead/follow is collected, it is collected as an event or participation preference, not as gender data.

5. HOW WE COLLECT YOUR PERSONAL DATA

We collect personal data in a number of ways.

5.1 Directly from you

You may provide personal data to us when you:

  • create an account;
  • buy a ticket, subscription or other product;
  • fill in forms;
  • join a waitlist;
  • contact support;
  • apply to become an Organiser;
  • upload content;
  • set preferences; or
  • communicate with us or through the Platform.

5.2 Automatically

As you use the Platform, we may collect technical and usage data automatically through cookies, logs and similar technologies.

5.3 From Organisers

We may receive personal data from Organisers where they use the Platform to manage customer relationships, event access, communications or support.

5.4 From payment and service providers

We may receive transaction confirmations, fraud indicators, verification information and limited payment-related data from payment providers and other service providers.

5.5 From public sources or verification sources

For Organiser onboarding, compliance, anti-fraud or business verification purposes, we may obtain information from public registers, sanctions or verification tools, and other lawful sources.

If we obtain personal data from sources other than the individual concerned, Article 14 UK GDPR requires privacy information to be given within a reasonable period and, at the latest, within one month unless an exemption applies.

6. HOW WE USE YOUR PERSONAL DATA

We must have a lawful basis to use your personal data. The lawful bases we rely on may include:

  • performance of a contract with you;
  • legitimate interests;
  • legal obligation; and
  • consent, where required.

ICO guidance states that privacy information should explain both the purposes of processing and the lawful basis relied upon.

6.1 Purposes and lawful bases

| Purpose | Categories of data | Lawful basis -|-|- To create and manage your account |Identity, contact, account data | Performance of a contract To process orders, deliver tickets, subscriptions, wallet access and digital content | Identity, contact, transaction, event and access data | Performance of a contract To process payments, refunds, fraud checks and transaction administration |Identity, contact, transaction, payment and technical data | Performance of a contract; legitimate interests; legal obligation To operate, secure, monitor and improve the Platform | Technical, usage, account, transaction and support data |Legitimate interests; legal obligation where applicable To provide customer support and respond to requests or complaints | Identity, contact, transaction, communications and support data | Performance of a contract; legitimate interests; legal obligation To onboard, verify and manage Organisers | Organiser and business data, identity, contact, transaction and compliance data | Performance of a contract; legitimate interests; legal obligation To enforce our terms, investigate misuse, prevent fraud and manage risk | Identity, contact, transaction, technical, usage and communications data | Legitimate interests; legal obligation To send service messages, updates and administrative notices | Identity, contact, account, transaction and communications data | Performance of a contract; legal obligation; legitimate interests To send marketing communications where permitted | Identity, contact, usage, profile, transaction and marketing data | Consent and/or legitimate interests, depending on the context and applicable Privacy and Electronic Communications (EC Directive) Regulations 2003. To comply with tax, accounting, regulatory and legal obligations | Identity, contact, transaction, business and compliance data | Legal obligation To establish, exercise or defend legal claims | Relevant categories depending on the issue | Legitimate interests; legal obligation

6.2 Legitimate interests

Where we rely on legitimate interests, these may include:

  • running and improving the Platform;
  • fraud prevention and platform security;
  • customer support;
  • risk management;
  • internal administration;
  • enforcing our terms;
  • maintaining records;
  • business development; and
  • promoting relevant events, services or offerings where lawful.

We do not use your personal data on this basis where our interests are overridden by your rights and freedoms.

7. MARKETING COMMIUNICATIONS

We and Organisers may send service or transactional communications where necessary to operate the Platform and fulfil orders.

We or an Organiser may also send marketing communications by email or other electronic means where permitted by applicable law.

Under ICO guidance on electronic mail marketing, unsolicited marketing emails or texts to individuals generally require consent unless the sender can satisfy all elements of the “soft opt-in”; the soft opt-in is limited to the same entity that collected the contact details in the course of a sale or negotiations for a sale.

Where relevant to the Platform:

  • if we are the relevant sender and the legal requirements are met, we may send you marketing about our platform services, events or related offerings;
  • if an Organiser is the relevant sender and the legal requirements are met, that Organiser may send you its own marketing;
  • each sender is responsible for its own compliance with marketing law for the messages it sends; and
  • you can opt out of marketing at any time using the unsubscribe link in the message, your account settings, or by contacting the relevant sender.

Opting out of marketing will not stop service or transactional communications.

8. COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies on the Platform. Please see our Cookie Policy for full details.

Where required by law, we will seek your consent before using non-essential cookies or similar technologies.

9. DISCLOSURE OF YOUR PERSONAL DATA

We may share your personal data where necessary with the following categories of recipients.

9.1 Organisers

We may share data with the relevant Organiser where necessary for event delivery, access management, customer service, refunds, communications, compliance or related administration.

9.2 Service providers

We may share data with trusted service providers acting on our behalf, including providers of:

  • payment processing;
  • hosting and infrastructure;
  • cloud storage;
  • communications;
  • analytics;
  • customer support tools;
  • fraud prevention;
  • verification; and
  • technical services.

Based on the information provided, these may include providers such as Stripe, Amazon Web Services and Google Analytics, subject to the Platform’s actual live configuration.

9.3 Professional advisers and authorities

We may share data with lawyers, accountants, auditors, insurers, regulators, law enforcement bodies, courts and public authorities where required or appropriate.

9.4 Business transfers

If we sell, merge or reorganise our business or assets, personal data may be disclosed to the relevant third party, subject to appropriate confidentiality and legal protections.

9.5 Other parties at your direction

We may share data with other parties where you ask us to do so or where this is inherent in a service you choose to use.

Where we use processors, the UK GDPR requires appropriate contractual protections. ICO guidance also distinguishes the responsibilities of controllers and processors depending on who determines the purposes and means of processing.

10. INTERNATIONAL TRANSFERS

Some of our service providers may process personal data outside the UK.

For example, where we use payment providers such as Stripe, personal data may be processed or transferred outside the UK, including to the EEA and the United States. Organisers may also access the Platform and personal data relating to their events while they are outside the UK. In addition, if users post comments or other content in public areas of organiser websites or community pages, that content may be viewable by people in other countries.

Where we transfer personal data outside the UK, we will do so only where there is a lawful transfer mechanism in place, such as:

  • adequacy regulations;
  • the UK International Data Transfer Agreement;
  • the UK Addendum to the EU Standard Contractual Clauses; or
  • another lawful safeguard or derogation.

ICO guidance states that restricted transfers outside the UK require an appropriate transfer mechanism unless an exception applies.

You can contact us for further information about the safeguards we rely on for relevant transfers.

11. DATA SECURITY

We have implemented appropriate technical and organisational security measures designed to protect personal data from accidental loss, unauthorised access, misuse, alteration or disclosure.

We also limit access to personal data to people and providers who have a genuine business need to know it and who are subject to confidentiality and security obligations.

12. DATA RETENTION

We keep personal data only for as long as reasonably necessary for the purposes for which it was collected, including to meet legal, accounting, tax, regulatory and dispute-resolution requirements.

Typical retention periods may include:

  • account data: while your account remains active and for up to 24 months after closure;
  • transaction, payment, tax and accounting records: usually 6 years after the end of the relevant financial year or transaction relationship;
  • organiser onboarding and compliance records: usually 6 years where needed for legal, accounting, fraud or dispute reasons;
  • support correspondence and complaints: usually 24 months after closure, unless needed for a dispute;
  • marketing preference and suppression records: for as long as necessary to honour your preferences and demonstrate compliance;
  • technical and analytics data: in line with our Cookie Policy and only for as long as needed for security, troubleshooting and analytics; and
  • user-generated content: for as long as it remains live, and for a limited period afterwards where needed for moderation, dispute handling or backup deletion.

We may retain personal data for longer where necessary to establish, exercise or defend legal claims, investigate fraud or comply with law.

13. YOUR LEGAL RIGHTS

Subject to applicable law, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate or incomplete personal data;
  • request erasure of your personal data;
  • request restriction of processing;
  • object to processing based on legitimate interests;
  • object to direct marketing at any time;
  • request portability of certain personal data;
  • withdraw consent where we rely on consent; and
  • complain to the ICO.

The ICO explains that privacy notices should tell individuals what rights they have and how to exercise them.

If you want to exercise any of these rights, please contact us using the details in section 16 below.

If the relevant processing is carried out by us on behalf of an Organiser, we may need to refer your request to that Organiser, although we will assist where appropriate.

We may need to verify your identity before acting on a request.

14. AUTOMATED DECISION MAKING

We may use automated tools to support fraud prevention, security, account protection, operational monitoring, content moderation and marketing relevance.

However, we do not currently intend to make decisions based solely on automated processing that produce legal effects or similarly significant effects on you without appropriate safeguards and legal basis.

15. THIRD PARTY LINKS AND SERVICES

The Platform may contain links to third-party websites, content or services.

If you follow a third-party link or use a third-party feature, that third party may collect information from you in accordance with its own privacy practices. We are not responsible for third-party privacy policies or content.

16. CONTACT DETAILS

If you have any questions about this Privacy Policy, want to exercise your rights, or want to make a privacy-related complaint, please contact us:

Social Dance Tech Ltd Email: info@socialdance.net Post: Belmont Suite Paragon Business Park, Chorley New Road, Horwich, Bolton, United Kingdom, BL6 6HG.

17. COMPLAINTS

You have the right to complain to the Information Commissioner’s Office if you think that we have mishandled your personal data.

We would, however, appreciate the opportunity to deal with your concerns first.

18. CHANGES TO THE PRIVACY POLICY

We may update this Privacy Policy from time to time.

When we do so, we will post the updated version on the Platform and update the “Last updated” date at the top of this policy.