The Tech Founders
The Tech Founders
HomeNewsGuidesEventsPartner with us

✨ Looking for Sponsor Licence for your business in the UK? Contact Nara Solicitors

The Tech Founders

We are a community of early-stage Indian tech entrepreneurs, tech professionals, and students who want to create, grow, and launch global products from the UK and be at the frontier of its growth.

hello@thetechfounders.co.uk
London, United Kingdom

Content

  • News
  • Guides
  • Startup Stories
  • AMAs
  • Podcast
  • Events

Community

  • About Us
  • Why Join Us
  • For Founders
  • For Professionals
  • For Investors
  • For Students
  • Partner With Us
  • Sign In

Legal

  • Privacy Policy
  • Terms and Conditions
  • GDPR Compliance
  • Cookie Policy
© 2026 The Tech Founders. All rights reserved.PrivacyTermsCookies
HomeEvents

GDPR Compliance

Last updated: 17 February 2025

The Tech Founders is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018). This page explains how we comply with these regulations and outlines your rights as a data subject.

1. Data Controller

The Tech Founders acts as the Data Controller for all personal data processed through our website and services.

  • Organisation: The Tech Founders
  • Contact email: privacy@thetechfounders.co.uk
  • Address: London, United Kingdom

2. Lawful Basis for Processing

We only process personal data where we have a lawful basis to do so under Article 6 of UK GDPR:

Processing ActivityLawful Basis
Account creation and managementContract (Article 6(1)(b))
Event registration and confirmation emailsContract (Article 6(1)(b))
Analytics cookies (Google Analytics)Consent (Article 6(1)(a))
Marketing cookies (Meta Pixel)Consent (Article 6(1)(a))
Platform security and fraud preventionLegitimate interest (Article 6(1)(f))
Service improvement and analyticsLegitimate interest (Article 6(1)(f))
Legal and regulatory complianceLegal obligation (Article 6(1)(c))

3. Data We Collect

Personal data provided by you

  • Full name and email address
  • LinkedIn profile information (when signing in via LinkedIn)
  • Profile details (bio, professional title, company)
  • Event registration details
  • Content you publish (posts, comments)
  • Messages and communications

Personal data collected automatically

  • IP address (used for geolocation to determine cookie consent requirements)
  • Browser type and version
  • Device type and operating system
  • Pages visited and interaction data
  • Referral source
  • Cookie identifiers (with consent)

4. Data Processing and Sub-Processors

We use the following third-party processors to deliver our services. Each operates under a Data Processing Agreement (DPA) compliant with UK GDPR:

ProviderPurposeLocation
SupabaseDatabase, authentication, storageEU/US (with SCCs)
VercelWebsite hosting and deliveryGlobal CDN (US-based, with SCCs)
ResendTransactional email deliveryUS (with SCCs)
Google AnalyticsWebsite analytics (consent-based)US (with SCCs)
Meta (Facebook)Marketing analytics (consent-based)US (with SCCs)
LinkedInSocial authenticationUS (with SCCs)

SCCs = Standard Contractual Clauses as approved by the ICO for international data transfers.

5. International Data Transfers

Where personal data is transferred outside the United Kingdom, we ensure compliance with Chapter V of UK GDPR through one or more of the following safeguards:

  • Transfer to a country with an adequacy decision from the Secretary of State
  • UK International Data Transfer Agreement (IDTA) or addendum
  • Standard Contractual Clauses (SCCs) approved by the ICO

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected:

  • Active accounts: Data retained while the account is active. Users can delete their account at any time via their dashboard settings.
  • Deleted accounts: Account data is permanently deleted upon account deletion. Some anonymised data may remain in aggregated analytics.
  • Event registrations: Retained for up to 12 months after the event.
  • Cookie consent records: Retained for 12 months.
  • Unverified accounts: Automatically purged after 48 hours.
  • Server logs: Retained for up to 30 days for security purposes.

7. Your Rights Under UK GDPR

As a data subject, you have the following rights. We will respond to all valid requests within 30 days.

Right of Access (Article 15)

You can request a copy of all personal data we hold about you. We will provide this in a commonly used electronic format.

Right to Rectification (Article 16)

You can update your personal data at any time through your profile settings, or contact us to correct inaccurate data.

Right to Erasure (Article 17)

You can delete your account from your dashboard, which removes your personal data. You can also contact us to request erasure of specific data.

Right to Restrict Processing (Article 18)

You can request that we restrict how we process your data in certain circumstances, for example while we verify the accuracy of your data.

Right to Data Portability (Article 20)

You can request your personal data in a structured, commonly used, machine-readable format (such as JSON or CSV).

Right to Object (Article 21)

You can object to processing based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds.

Right to Withdraw Consent (Article 7)

Where processing is based on consent (e.g. analytics and marketing cookies), you can withdraw consent at any time via our Cookie Policy page or by adjusting your browser settings.

Right to Lodge a Complaint

If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: ico.org.uk/make-a-complaint
  • Phone: 0303 123 1113

8. Consent Management

We implement a cookie consent system that:

  • Requires explicit opt-in consent from UK visitors before activating analytics or marketing cookies
  • Allows users to accept all cookies, reject non-essential cookies, or manage preferences at any time
  • Records consent choices with timestamps for audit purposes
  • Does not load any tracking scripts until consent is granted

You can manage your cookie preferences at any time on our Cookie Policy page.

9. Data Security Measures

We implement appropriate technical and organisational measures as required by Article 32 of UK GDPR:

  • Encryption: All data transmitted via HTTPS/TLS. Data at rest is encrypted by our database provider.
  • Access controls: Role-based access with admin, user, and public permission levels enforced through Row Level Security (RLS).
  • Authentication: Secure authentication via LinkedIn OAuth and email/password with email verification.
  • Monitoring: Automated security monitoring and audit logging.
  • Incident response: In the event of a data breach, we will notify the ICO within 72 hours and affected individuals without undue delay, as required by Articles 33 and 34.

10. Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) where processing is likely to result in a high risk to individuals' rights and freedoms, as required by Article 35 of UK GDPR. This includes assessments for new features, third-party integrations, and changes to data processing activities.

11. Children's Data

Our services are not intended for individuals under the age of 16. We do not knowingly collect or process personal data from children. If we discover that we have inadvertently collected data from a child under 16, we will delete it immediately and notify the relevant authorities if required.

12. Changes to This Policy

We review our GDPR compliance regularly and will update this page to reflect any changes. Significant changes will be communicated to registered users via email.

13. Contact Us

For any data protection queries or to exercise your rights:

  • Email: privacy@thetechfounders.co.uk
  • General enquiries: hello@thetechfounders.co.uk

Related Policies

  • Privacy Policy
  • Cookie Policy
  • Terms and Conditions