Privacy Policy
Last updated: 1 July 2026
This policy explains how GuildUp (the "Website", "we", "us") collects, uses, and protects your personal data, and your rights under UK data protection law (including the UK GDPR). Those who operate the Website are the data controller for the information described here.
1. What we collect
- Account data: your username, email address, and a securely hashed version of your password (we never store your password in plain text).
- Profile data: anything you choose to add, such as your bio, skills, links, timezone, and availability.
- Content you post: projects, devlogs, images, builds, comments, applications, and messages.
- Communications: messages you send us through the contact form.
- Technical data: limited log and device data (such as IP address and browser type) processed by our hosting provider to keep the service running and secure.
- Preferences: whether you have opted in to marketing emails.
2. How and why we use it
- to create and operate your account and provide the service;
- to display your profile and content as you direct;
- to send service notifications (applications, comments, follows, devlogs, warnings);
- to review submissions and moderate the community;
- to keep the Website secure and prevent abuse;
- to send occasional marketing emails, only if you have opted in.
3. Legal bases
We process your data to perform our contract with you (providing the service), for our legitimate interests (keeping the Website secure, moderating, and improving it), and, for marketing emails, on the basis of your consent, which you can withdraw at any time in your settings.
4. Cookies
We use a single essential cookie to keep you signed in. We do not use advertising or third-party tracking cookies.
5. Who we share it with
We do not sell your personal data. We share it only with the service providers that host and run GuildUp, who process it on our behalf:
- Vercel - website hosting;
- Neon - database hosting;
- Cloudflare R2 - storage for images and files.
We may also disclose data where required by law.
6. International transfers
Some of our providers may process data outside the UK. Where they do, we rely on appropriate safeguards (such as UK-approved standard contractual clauses) to protect your data.
7. Retention
We keep your data for as long as your account is active. If you delete your account or content, we remove it from the live service, though copies may remain briefly in backups.
8. Your rights
Under UK data protection law you have the right to access, correct, delete, or restrict the processing of your data, to object to certain processing, to data portability, and to withdraw consent for marketing at any time. To exercise any of these, contact us through the contact form. You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.
9. Security
Passwords are stored using strong one-way hashing, traffic is encrypted over HTTPS, and access to data is restricted. No system is perfectly secure, but we take reasonable steps to protect your data.
10. Children
GuildUp is not intended for anyone under 16. We do not knowingly collect data from children under 16; if you believe we have, contact us and we will delete it.
11. Changes
We may update this policy from time to time. We will update the date above and, where changes are significant, let you know.
12. Contact
For any privacy question or request, reach us through the contact form.