← Back to WhoGoes

GDPR Compliance

Last updated: March 15, 2026

1. Our Commitment

WhoGoes is committed to protecting personal data in accordance with the General Data Protection Regulation (GDPR). This page explains how we handle data for individuals in the European Economic Area (EEA) and the United Kingdom.

2. Legal Basis for Processing

We process personal data under the following legal bases:

  • Legitimate interest (Article 6(1)(f)): Processing publicly available B2B contact data for the purpose of facilitating business-to-business communication. The data subjects have made their event attendance public on social media platforms.
  • Consent (Article 6(1)(a)): For our customers who create accounts and provide their personal data to use our service.
  • Contract (Article 6(1)(b)): Processing necessary to deliver our service to paying customers.

3. Data Subject Rights

If you are in the EEA or UK, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the data we hold about you
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data ("right to be forgotten")
  • Right to restriction: Request that we limit how we use your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to our processing of your data based on legitimate interest

4. How to Exercise Your Rights

To exercise any of these rights, email us at hello@whogoes.co with the subject line "GDPR Request." Include your full name, email address, and a description of your request. We will respond within 30 days.

5. Data Retention

  • Customer account data: Retained for the duration of your account, plus 12 months after deletion for legal compliance
  • Attendee contact data: Retained as long as the source post remains publicly available. Data is refreshed periodically and removed if the source is no longer accessible
  • Payment records: Retained for 7 years as required by financial regulations

6. Data Transfers

Data may be processed outside the EEA. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), to protect your data in compliance with GDPR requirements.

7. Data Protection Contact

For any GDPR-related inquiries, contact us at:

Email: hello@whogoes.co
Subject line: "GDPR Inquiry"