Coworking Tech Stack
explorers club
Sign in

Legal

Privacy Policy

This policy explains how Coworking Tech Stack handles personal information across our editorial site, product showcase, newsletter, member areas, product submission flows, and related account features.

Last updated: June 15, 2026. Effective date: June 15, 2026.

1. Who We Are

Coworking Tech Stack is operated by Coworkies Ltd, a United Kingdom company ("Coworkies", "Coworking Tech Stack", "we", "us", or "our"). For the personal information described in this policy, Coworkies Ltd is the controller unless we clearly say otherwise.

Coworking Tech Stack is the year-round content, newsletter, community, and product discovery platform connected to the Coworking Tech Week ecosystem. Coworking Tech Week is a separate event platform with its own data flows and privacy policy, available at www.coworkingtechweek.com/privacy/. We may link to Coworking Tech Week content, sessions, recordings, products, exhibitors, and event pages, but event registration consent and Coworking Tech Stack newsletter consent are separate.

You can contact us about privacy at team@coworkingtechstack.com. If your request relates specifically to Coworking Tech Week, please use the contact details shown in the Coworking Tech Week privacy policy.

2. What This Policy Covers

This policy covers the website at coworkingtechstack.com, our public content graph, newsletter forms, account and member features, community posts, bookmarks, product and company profile management, product submission and upgrade flows, sponsor and advertiser inquiries, contact forms, and admin/editor workflows.

It does not cover third-party websites or services that we do not control, including exhibitor websites, sponsor websites, LinkedIn, Reddit, Stripe-hosted checkout pages, Cloudflare, Supabase, Resend, Cloudinary, social networks, video platforms, or Coworking Tech Week pages. Those services may have their own privacy notices and terms.

3. People Who Use the Platform

The information we process depends on how you use the platform. Typical user types include:

  • Public readers and search visitors: people who read articles, news, guides, product pages, category pages, company profiles, people profiles, sponsor pages, recordings, or public member posts.
  • Newsletter subscribers: people who sign up to receive Coworking Tech Stack email updates.
  • Explorers Club members: people who create a passwordless account, maintain a profile, publish community posts, save bookmarks, report posts, or use member-only areas.
  • Product submitters and vendor representatives: people who submit product listings, complete product profiles, manage brand or product pages, upload media, or request product review.
  • Brand teams and product editors: authenticated users assigned to a company or product with owner, admin, editor, or similar permissions.
  • Paid supporters and members: people or companies that buy or manage a membership, sponsorship, supporter plan, or product profile upgrade.
  • Sponsors, advertisers, partners, and applicants: people who contact us about partnerships, sponsorship, advertising, collaboration, or commercial placements.
  • Editorial contributors and public figures: authors, experts, speakers, vendor representatives, operators, and people mentioned in editorial content or public profiles.
  • Admins and editors: internal users who manage content, members, newsletters, imports, products, sponsors, and platform operations.

4. Information We Collect

Information you provide directly. This can include your name, email address, company, role, username, profile details, biography, website and social links, contact messages, newsletter consent, product and company information, product descriptions, pricing summaries, target customers, features, integrations, regions served, screenshots, logos, files, community post content, report reasons, and other information you choose to submit.

Account and authentication information. We use passwordless email authentication for member and vendor-style accounts. Supabase Auth processes sign-in emails or one-time codes and stores account identifiers, email address, session information, authentication metadata, and role or permission metadata where applicable. Admin access is role-based and limited to approved admin or editor users.

Newsletter information. We store your email address, subscription status, signup source, consent status, consent text, consent timestamp, unsubscribe token, and related delivery or unsubscribe metadata. Resend may process email delivery, bounce, complaint, contact, and unsubscribe events for us.

Product, company, and vendor information. Product submissions can include submitter name, business email, company name, product name, profile content, website URL, review status, completion token metadata, consent records, upgrade intent, and Stripe subscription or checkout metadata if you purchase a paid product profile option.

Membership and billing information. If you buy a membership or paid plan, Stripe handles payment card details. We store only the information needed to connect your membership to your account, such as plan, tier, billing interval, subscription status, renewal or cancellation status, Stripe customer or subscription identifiers, and payment-related metadata. We do not store full card numbers.

Community information. If you publish a member post, the post title, URL, body, tags, author profile fields, and publication time may be public. Bookmarks are private to your account. Reports are private to admins and moderation workflows, unless disclosure is required to handle a dispute, abuse report, or legal issue.

Technical, security, and usage information. We may process IP address, browser and device information, request headers, referrer, timestamps, pages visited, form submissions, authentication events, rate-limit keys, bot-check results, logs, and security events. We use this to keep the service available, prevent spam and abuse, troubleshoot issues, and understand aggregate usage.

Information from Coworking Tech Week or other sources. We may import or reference public or event-related product, company, session, recording, sponsor, exhibitor, speaker, or content information from Coworking Tech Week where relevant to the Coworking Tech Stack content graph. We do not automatically add Coworking Tech Week event registrants to the Coworking Tech Stack newsletter unless appropriate newsletter consent has been captured.

Public and professional sources. For editorial coverage, directories, product profiles, company pages, and people profiles, we may use information from public websites, professional profiles, press materials, sponsor materials, public event pages, submitted materials, and communications with the relevant person or company.

Please do not submit special category data, sensitive personal information, confidential trade secrets, payment card numbers, government identifiers, health information, or information about another person unless the form clearly asks for it and you have the right to provide it.

5. How We Use Information

We use personal information for these purposes:

  • Operate, secure, maintain, and improve Coworking Tech Stack.
  • Publish and maintain editorial content, product pages, company pages, people pages, topic hubs, sponsor pages, and public content references.
  • Send newsletters and service emails, manage consent, and process unsubscribes.
  • Create, authenticate, and manage accounts, sessions, member profiles, roles, and permissions.
  • Enable members to publish posts, manage profiles, save bookmarks, report content, and access member features.
  • Process product submissions, vendor edits, review workflows, product upgrades, and brand team permissions.
  • Process paid memberships, sponsorships, supporter plans, invoices, receipts, and subscription status.
  • Respond to messages, support requests, commercial inquiries, sponsorship discussions, and legal requests.
  • Moderate content, enforce our terms, investigate abuse, prevent fraud, rate-limit spam, and protect users and systems.
  • Generate aggregate or de-identified insights about content, products, categories, newsletter performance, and platform health.
  • Comply with legal, tax, accounting, regulatory, contractual, and recordkeeping obligations.
  • Establish, exercise, or defend legal claims.

6. Lawful Bases

Where UK GDPR or similar law applies, we rely on one or more lawful bases depending on context:

  • Consent: newsletter signup, optional marketing communications, certain cookies or similar technologies, and other cases where we ask for consent.
  • Contract: account features, memberships, paid plans, product submissions, product upgrades, and other services you request.
  • Legitimate interests: publishing a professional content platform, maintaining a product and company directory, operating a member community, securing the platform, preventing abuse, responding to inquiries, improving services, measuring non-intrusive engagement, managing editorial workflows, and running a sustainable media and discovery business. We balance these interests against your rights and expectations.
  • Legal obligation: tax, accounting, sanctions, compliance, regulatory, law enforcement, and other legal duties.
  • Legal claims: where processing is necessary to establish, exercise, or defend legal claims.

You can withdraw consent at any time where processing is based on consent. Withdrawing consent does not affect processing that happened before withdrawal, and it does not affect processing based on another lawful basis.

7. Public Information and Editorial Content

Coworking Tech Stack is a public content and discovery platform. Product pages, company pages, people pages, articles, news posts, sponsor pages, topic pages, member posts, and public profile pages may be indexed by search engines, archived, quoted, shared, and cached by third parties.

If you submit a product profile, company profile, public member post, biography, logo, screenshot, social link, author profile, or other public-facing content, you should assume that the final published content can be visible worldwide. We may edit, format, moderate, reject, remove, or decline to publish submissions in line with our editorial standards, platform safety needs, and legal obligations.

We may continue to maintain factual, editorial, archival, and public-interest references to products, companies, people, sponsors, sessions, recordings, and events, even if an account is closed or a commercial relationship ends, unless applicable law requires a different result.

8. Sharing Information

We may share information with the following categories of recipients:

  • Service providers and processors: including Supabase for database and authentication, Cloudflare for hosting, security, DNS, and Turnstile, Resend for email delivery, Stripe for checkout and billing, Cloudinary for media hosting and optimization, and other providers that help us operate the platform.
  • Public users: when information is included in public profiles, product pages, company pages, articles, member posts, sponsor placements, recordings, or other published content.
  • Brand teams and product collaborators: where needed to manage company or product pages and permissions.
  • Event ecosystem links: where relevant to Coworking Tech Week references, sessions, recordings, exhibitors, sponsors, or product cross-references. We keep newsletter consent separate unless we have an appropriate basis to connect records.
  • Sponsors, exhibitors, or partners at your direction: for example, if you request follow-up, a demo, sponsorship information, or partner contact.
  • Professional advisers: including lawyers, accountants, auditors, insurers, and security advisers.
  • Authorities and legal recipients: where required by law, legal process, regulation, or to protect rights, safety, property, users, or systems.
  • Business transfer recipients: if we are involved in a merger, acquisition, financing, restructuring, asset sale, or similar transaction.

We do not sell personal information for money. We also do not knowingly share personal information for cross-context behavioural advertising on Coworking Tech Stack. If that changes, we will update this policy and the Cookie Policy and provide any legally required choices.

9. International Transfers

We are based in the United Kingdom, but our users, service providers, and infrastructure may be located in other countries, including the United States and countries in the European Economic Area. Where personal information is transferred internationally and safeguards are required, we rely on appropriate mechanisms such as adequacy regulations, standard contractual clauses, the UK International Data Transfer Agreement or Addendum, provider transfer frameworks, or other lawful transfer mechanisms.

10. How Long We Keep Information

We keep information only for as long as reasonably necessary for the purposes described in this policy, unless a longer period is required or permitted by law.

  • Newsletter records: kept while you are subscribed. If you unsubscribe, we retain enough information to honour the unsubscribe, prove consent history, and avoid re-subscribing you by mistake.
  • Accounts and member profiles: kept while your account is active and for a reasonable period afterwards for security, audit, support, legal, and operational purposes.
  • Public content and submissions: kept for as long as the content remains published, useful for archival or editorial purposes, or needed for disputes, attribution, product history, legal compliance, or platform integrity.
  • Product submission and review records: kept for review history, fraud prevention, product/profile management, and legal or commercial records.
  • Billing, subscription, tax, and accounting records: generally kept for up to seven years, or longer if required for tax, accounting, legal, dispute, or regulatory reasons.
  • Contact and commercial inquiries: generally kept for up to two years after the last meaningful interaction, unless a longer period is needed.
  • Security logs, rate-limit records, and bot checks: kept for a limited period appropriate to security, abuse prevention, troubleshooting, and legal needs.
  • Backups: may retain copies for a limited time before routine deletion or overwrite.

11. Security

We use technical and organisational measures designed to protect personal information, including HTTPS/TLS, role-based admin access, Supabase row-level security for user-scoped data, service-role separation for privileged operations, secure cookies where applicable, rate limiting, bot verification, webhook signature validation, and restricted access to production systems and secrets.

No website, database, email system, or internet transmission is perfectly secure. You are responsible for using a secure email account, keeping access to your inbox safe, and signing out on shared devices.

12. Your Privacy Rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or receive a portable copy of your personal information. You may also have the right to withdraw consent and to object to direct marketing at any time.

To exercise rights, contact team@coworkingtechstack.com. We may need to verify your identity and may decline, limit, or delay a request where the law allows or requires us to do so, including for security, legal claims, accounting records, public-interest editorial records, or the rights of other people.

If you are in the UK, you can complain to the Information Commissioner's Office at ico.org.uk/make-a-complaint/. If you are in the EEA, you may contact your local supervisory authority. If you are in another region, local privacy rights may also apply.

13. Marketing Choices

You can unsubscribe from the Coworking Tech Stack newsletter using the unsubscribe link in any email or by contacting us. We keep unsubscribe records so we can respect your choice. Operational emails, account emails, product submission emails, membership billing emails, security emails, and legally required notices may still be sent where necessary.

Coworking Tech Week event communications are separate from Coworking Tech Stack newsletter communications unless we clearly combine or cross-reference them with an appropriate lawful basis and notice.

14. Cookies and Similar Technologies

We use cookies and similar technologies for authentication, security, bot prevention, checkout, and related site functionality. We do not currently design Coworking Tech Stack around advertising cookies. For details, see our Cookie Policy.

15. AI-Assisted Tools

We may use AI-assisted tools to help with internal drafting, editing, content operations, classification, support, moderation triage, or image workflows. We aim to avoid sending personal information to AI tools unless necessary, proportionate, and covered by suitable provider terms. We do not use AI to make solely automated decisions about people that produce legal or similarly significant effects.

16. Children

Coworking Tech Stack is intended for a professional audience and is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided personal information to us, contact us and we will take appropriate steps.

17. Changes to This Policy

We may update this policy from time to time. If we make material changes, we will take reasonable steps to notify affected users, which may include posting a notice on the site or sending an email where appropriate. The updated policy applies from the effective date shown at the top unless the notice says otherwise.

18. Contact

For privacy questions, requests, or concerns, contact:
Coworkies Ltd (UK)
Email: team@coworkingtechstack.com
Website: coworkingtechstack.com