Privacy policy

Introduction

This is the privacy policy for Guardian Voices and explains how Guardian News & Media Limited (collectively referred to as “Guardian”, “we”, “us” or “our” in this policy) collect, use, share and transfer your personal data when you use the services provided on https://guardianvoices.co.uk (“our site”) and interact with us. 

This privacy policy is separate to how we use personal data collected via theguardian.com website. For information on how personal data is used on theguardian.com website, please read the privacy policy here and the cookie policy here

Our values guide everything that we do – including our editorial approach and how we use personal data. We are strongly committed to keeping your personal data safe. This commitment exists throughout the lifecycle of your personal data, from the design of any Guardian service which uses personal data to the deletion of that data.

We think carefully about our use of personal data, and below you can find the details of what we do to protect your privacy. This policy covers, among other topics:

  • Information about your rights, the choices available to you, and our obligations.
  • Transparency about how we collect and use your personal data, including when and how it is shared.
  • Information on how we protect your personal data. 
  • Information on how we will facilitate your rights and respond to your questions.

Find out more about how we manage your personal data below.

Contents

  1. About this privacy policy
  2. Who we are 
  3. The types of personal data we collect about you
  4. How we collect personal data
  5. How we use your personal data
  6. Personal data that we receive about you from other organisations
  7. Children’s personal data
  8. Security of your personal data
  9. When we share your personal data
  10. International data transfers
  11. How long we keep your personal data
  12. How we may contact you
  13. Cookies and similar technologies
  14. Your privacy and data protection rights with regard to the personal data that we hold about you
  15. Contact us for information about how we use your personal data
  16. Changes to this privacy policy

1. About this privacy policy

This privacy policy explains how we collect, use, share, and transfer your personal data when you use the services provided on our sites or interact with us. This privacy policy also explains your data privacy rights.

Personal data is any information about you by which you can be identified or be identifiable. This can include information such as:

  • Your name, date of birth, gender, email address, postal address, phone number, mobile number.
  • Information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based).
  • Information relating to your personal circumstances and how you use our site and services.

Sometimes our sites may contain links to sites and services that are not part of the Guardian family of offerings. These sites and services have their own privacy policies. If you follow a link to these non-Guardian sites and apps, you should read the privacy policy shown on their site.

2. Who we are

Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU is the data controller in respect of your personal data that you share with us. This means that we are responsible for deciding how and why we hold and use your personal data. If you want to contact us, you can find our contact details in the “Contact us for information about how we use your personal data” section below.

3. The types of personal data we collect about you

Guardian Voices is our insight community. We collect your personal data when you register to become a member and when you complete surveys. We will only collect your personal data in line with applicable laws. We collect your personal data in the following ways:

  • Directly from you, e.g. when you sign up for our services, purchase products or services, including by signing up for newsletters or selecting specific topics you are interested in, including through My Guardian, and when you browse or use our sites.
  • Personal data we generate about you, e.g. personal data we use to authenticate you, or personal data we generate about you from your IP address or your preferences.
  • Personal data we collect from third parties, e.g. personal data that helps us to combat fraud or which we collect, with your permission, when you interact with us through your social media accounts.

More details about the types of personal data we collect are provided below.

The personal data we collect when you register to use our site and through the initial registration survey

When you first register for Guardian Voices, we will also ask you to complete a brief initial survey. We collect the following personal data, through the initial survey:

  • Your name.
  • Your email address.
  • Your gender.
  • Your date of birth.
  • The region you live in.
  • Your employment status.
  • Information on how you use Guardian content and on what media platform/s.

Updating your personal data and your profile page
When you register with the Guardian Voices, you have access to a profile page. You can update personal data we hold about you, such as your name and email address under the “User Profile Information” section of your profile page when you are logged into the site.

Personal data we generate about you 

When you register for a Guardian Voices account, we assign you a unique ID number. We use this to manage your preferences, for example, the emails you receive. When you register for an account we use your unique ID to recognise you when you are signed in to our services. This will recognise you if you sign in using the same account on a new device.

When you use our site we may also use cookies or similar technologies to collect extra data, including: 

  • Your IP address - a numerical code to identify your device, together with the country, region or city where you are based. 
  • Your geolocation data - your IP address can be used to find information about the latitude, longitude, altitude of your device, its direction of travel, your GPS data and data about connection with local Wi-Fi equipment.
  • Information on how you interact with our services.
  • The browsing history of the content you have visited on our site, including how you were referred to our site via other websites. 
  • Details of your computer, mobile, TV, tablet or other devices, for example, the unique device ID and browsers used to access our content. 

We will not collect special categories of data from you - such as personal data concerning your race, political opinions, religion, health or sexual orientation, unless you have chosen to provide that information to us.

When you post (comments) on our forum

For certain surveys or polls, we may make a forum available where members can participate in a discussion. When you register as a member you will be asked to select a screen name which will be visible to others when you post information on your member page.

We will also store and use any additional personal data you provide to us, when you complete one of our surveys or polls or when you upload a comment or other content on Guardian Voices.

When you post personal data on one of our forums, this is visible on the portal. This means that people reading your posts and looking at the forums will see your user name. This includes other people posting as well as those who work to moderate the Guardian Voices and offer support services.

If you upload images or videos, these may contain metadata that includes your location. Other users may be able to download your images or videos, including the metadata that includes your location. You can prevent other users of the forum from viewing your images or videos by adjusting your account settings.

4. How we collect personal data

We collect personal data when you:

  • Register to use the site.
  • Complete surveys.
  • Manage your account settings.
  • Enter our competitions, prize draws, bids and surveys.
  • Post or comment in our online community.
  • Use mobile devices to access our content.
  • Contact us via email, social media, our apps or similar technologies.
  • Test our products, participate in focus groups or provide us with feedback.

We also collect personal data through cookies and other similar technologies. Please refer to our cookie policy for more details on how we use cookies. 

5. How we use your personal data

We use personal data collected through our site only when we have a valid reason and the legal grounds to do so. We determine the legal grounds based on the purposes for which we have collected your personal data.

Legal grounds for using your personal data
The legal ground may be one of the following:

  • Consent: Often we will use your personal data because we have asked for your consent, which you can withdraw at any time. Please refer to the table below for examples of where we ask for your consent. 
  • Performance of a contract with you (or in order to take steps prior to entering into a contract with you): We will use your personal data if we need to in order to perform a contract with you. 
  • Compliance with law: In some cases, we may have a legal obligation to use or keep your personal data. 
  • Our legitimate interest: We may process your personal data where it is necessary for our legitimate interests in a way that might be expected as part of running the Guardian and in a way which does not materially impact your rights and freedoms. For example, it is in our legitimate interests for us to understand our readers, promote our services and ways to support us, and operate our site efficiently for the creation, publication and distribution of news, media and related journalistic content both online and in print form, globally. Please refer to the table below for examples of when we rely on our legitimate interests to use your personal data. 

Purpose

Lawful Basis

Our Legitimate Interest (if applicable)

To place non-essential cookies, or other similar technologies.

Consent

N/A

To register your account on our site

Consent

N/A

To improve and manage our site, using your IP address.

Legitimate Interest

To understand how it is used and improve our content.

To remember your settings, and recognise you when you sign in on our site.

Legitimate Interest

To personalise our services (for example, by welcoming you back, when you sign in).

To backup our systems and databases.

Legitimate Interest

For recovery purposes in the event of any issue with our systems.

In addition to the above, we also rely on the legitimate interests below to use your personal data:

  • For internal administrative purposes related to our services.
  • To enable you to register as a member on Guardian Voices.
  • To ensure that we invite you to surveys and polls that are relevant to you.
  • To invite you to complete new surveys and polls via email or to let you know about a new survey, poll or a survey or poll result.
  • To enter you into our regular prize draws.
  • To let you participate in a discussion by posting or uploading photos and videos on one of our forums.
  • For statistical purposes such as analysing our site’s performance and to understand how members use our site.
  • To inform you of any changes to our services, such as updates to our terms and conditions.
  • When we respond to your queries and to resolve complaints.
  • When we moderate comments under our community standards and participation guidelines.
  • To troubleshoot technical issues on our site and their functionalities.
  • When we de-identify or anonymise personal data.
  • For security and fraud prevention, and to ensure that our site is safe and secure and used in line with our terms of use.
  • To contact you directly via social media or email if you send us emails or engage with the Guardian on social media or contact us.

Where we rely on cookies to collect any personal data please see our cookie policy for more information.

Where personal data has been de-identified or anonymised, it will not be used in order to re-identify individuals.

The Guardian is a media organisation and publisher. Data protection law includes certain exemptions when personal data is processed for the purposes of journalism. Those exemptions apply to some of the ways the Guardian uses personal data. This privacy policy does not cover personal data that the Guardian processes for the purposes of journalism.

6. Children’s personal data

We do not aim any of our products or services directly at children under the age of 13 and we do not knowingly collect personal data about children under 13 in providing our services. Some of our services may have a higher age restriction and this will be shown at the point of registration.

7. Security of your personal data

We have implemented appropriate technical and organisational controls to protect your personal data against unauthorised processing and against accidental loss, damage or destruction. You are responsible for choosing a secure password when we ask you to set up a password to access our site. You should keep this password confidential and you should choose a password that you do not use on any other site. You should not share your password with anyone else, including anyone who works for us. Unfortunately, sending any information via the internet is not completely secure. We cannot guarantee the security of any personal data sent to our site while still in transit and so you provide it at your own risk.

8. When we share your personal data 

Within the Guardian group of companies

Depending on where you live, we may share your personal data within the Guardian group of companies in the UK, US, or Australia. We may share it in order to perform a contract with you, for administrative purposes, or when we have a legitimate interest in doing so. For example:

  • Sometimes we may receive a letter, email or another form of communication from you that we consider to be significant to the history of the Guardian. We may decide to share this with the Guardian Archive run by the Guardian Foundation for historic and archiving purposes.

With external organisations

We share your personal data with other organisations that are not directly linked to us under the following circumstances:

Service providers - We may share your data with other organisations that provide services on our behalf. We may do this to perform a contract we have entered into with you, where it is in our legitimate interests or with your consent. Examples of when we may share your data with service providers include sharing with:

  • We use a third party service provider, QuMind, to manage our site, to develop surveys on our behalf, to offer support services to members of the Guardian Voices, and to act as moderators for the forums. They will see the public information from your profile, for example your screen name and posts, but they will not see the responses to the surveys you complete.
  • Internet and cloud hosting services providers, such as Amazon Web Services (AWS).
  • Error tracking software providers, such as Sentry and Google Firebase, to help us diagnose and fix errors and optimise the performance of our website and apps.
  • Google ReCaptcha, which we use to protect our sites from fraudulent users.

Agencies and authorities if required by law - We may reveal your personal data to any law enforcement agency, court, regulator, government authority, or in connection with any legal action if we are required to do so to meet a legal or regulatory obligation, where the request is proportionate, or otherwise to protect our rights or the rights of anyone else (for example, in response to a valid and properly served legal process such as subpoena or warrant). If we have your contact details, we will take reasonable steps to attempt to notify you prior to disclosing your data unless (i) prohibited by applicable law from doing so, or (ii) there are clear indications of unlawful conduct in connection with your use of Guardian services.

Prize draws, competitions and bids - We may share your personal data with sponsors and partners for the purposes of selecting and notifying winners when you participate in any of our prize draws, competitions and bids. We may also share your data with entities offering any prize you have won in order for that entity to contact you about such a prize.

Organisation/s that buy any of the Guardian group companies - We may share your personal data to any other organisation that buys, or to which we transfer all, or substantially all, of our assets and business. If this sale or transfer takes place, we will use reasonable efforts to try to make sure that the organisation we transfer your personal data to uses it in line with our privacy policy.

When we share your personal data, as specified above, with any organisation which accesses your data in the course of providing services on our behalf, they will be governed by strict contractual restrictions to make sure that they protect your data and comply with applicable law. We may also independently audit these service providers to make sure that they meet our standards.

9. International data transfers

Data we collect may be transferred to, stored and processed in any country or territory where one or more of our Guardian group companies or service providers are based or have facilities. While other countries or territories may not have the same standards of data protection as those in your home country, we will continue to protect personal data that we transfer in line with this privacy policy.

Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:

  • We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data.
  • We may also use specific approved contracts that use Standard Contractual Clauses for the protection of personal data where appropriate, with our service providers that are based in countries outside the UK or the EEA, including those based in the US or Australia. These contracts give your personal data the same protection it has in the UK or the EEA.

If you are located in the UK or the EEA, you may contact us for a copy of the safeguards which we have put in place for the transfer of your personal data outside the UK or the EEA.

10. How long we keep your personal data

We keep your personal data for only as long as we need to. How long we need your personal data depends on what we are using it for, as set out in this privacy policy. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means. When you cancel your membership, you will stop receiving communications from us about surveys. We will not delete the answers that you have provided to the Guardian Voices through surveys and forum posts, but we will make your survey responses anonymous by removing all details that identify you. You can cancel your membership to the Guardian Voices through the “My Profile” section of your member profile when you are logged in to the portal. You can also cancel your membership by using the unsubscribe link at the bottom of the survey invitation emails.

If we have asked for your permission to process your personal data and we have no other lawful grounds to continue with that processing, and you withdraw your permission, we will delete your personal data. However, when you unsubscribe from emails inviting you to complete surveys, we will keep your email address to ensure that we do not send you any emails in the future.

11. How we may contact you

Service communications

From time to time we may send you service emails or SMS, for example, notifying you when a new survey becomes available or when another member replies to one of your posts on the forums. You can manage your communications preferences on your Guardian Crowd account.

Marketing communications and newsletters

If we have your permission or you have not opted out, we may send you materials we think may interest you, such as our newsletter. Depending on your marketing preferences, this may be by email or SMS.

You can decide not to receive these emails at any time and will be able to “unsubscribe” directly by clicking a link in the email.

Responding to your queries or complaints

If you have raised a query or a complaint with us, we may contact you to answer your query or to resolve your complaint.

12. Cookies and similar technology

When you visit our site, we may also collect personal data from you automatically using cookies or similar technologies. 

This privacy policy includes our cookie policy, where you can find more information about our use of cookies.

13. Your privacy and data protection rights with regard to the personal data that we hold about you

You have a number of rights with regard to the personal data that we hold about you and you can contact us with regard to the following rights in relation to your personal data:

  • You have the right to receive a copy of the personal data we hold about you.
  • You have the right to correct the personal data we hold about you.
  • Where applicable, you may also have a right to receive a machine-readable copy of your personal data.
  • You also have the right to ask us to delete your personal data or restrict how it is used. There may be exceptions to the right to erasure for specific legal reasons which, if applicable, we will set out for you in response to your request.
  • Where applicable, you have the right to object to processing of your personal data for certain purposes.
  • Where you have provided us with consent to use your personal data, you can withdraw this consent at any time.
  • If you do not want us to use your personal data for marketing analysis, you can change your settings in the “Data privacy” tab of your Guardian account.

If you would like to exercise any of your rights specified above, please email dataprotection@theguardian.com or write to the Data Protection Officer at Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU. We will respond to all standard legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a large number of requests. In this case, we will notify you and keep you updated.

We may need verification of your identity to proceed with a request. If you provide us with proof of identity containing information that does not match our records, we may request further proof of identity from you. This is a security measure to ensure that your personal data is not disclosed to any person who has no right to receive it. 

You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, for any further copies requested by you, we may charge a reasonable fee based on administrative costs.

14. Contact us for information about how we use your data

If you have any questions about how we use your data or if you have a concern about how your personal data is used, please contact the Data Protection Officer at Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU or email dataprotection@theguardian.com.

Complaints will be dealt with by the Data Protection Team, and will be responded to within 30 days.

If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.

If you have a question about anything else, please see our Contact us page here.

15. Changes to the Privacy Policy

If we decide to change our privacy policy, the updated privacy policy will be posted on this page. If the changes are significant, we may also choose to email all our registered users with the new details. If required by law, we will get your permission or give you the opportunity to opt-out of any new uses of their data.

Changes to this privacy policy to date

The most recent changes to this privacy policy were made on:

  • July 2024: General update

A list of all previous changes are available upon request.