Privacy Policy

Last updated: 1 July 2026

Community Meetup Hub ("we", "us") respects your privacy and is committed to protecting your personal data in line with the EU General Data Protection Regulation (GDPR), the UK GDPR, and equivalent laws. This page explains what we collect, why, and the rights you have.

1. Who we are

The data controller for this site is the Community Meetup Hub team. You can reach us at mail@darrenmillar.com for any privacy question or to exercise your rights.

2. Data we collect

  • Account: email address, password (hashed), sign-in provider.
  • Profile: Whatnot username, display name, avatar, country, state/region, city, ZIP/postal code.
  • Private profile (not public): first & last name, phone number.
  • Meetup activity: events you host or apply to, your RSVP answers, payment status.
  • Notifications: push subscription tokens if you opt in, in-app notification history.
  • Technical: minimal server logs for security and abuse prevention.

3. Why we use it (legal bases)

  • Contract — to create your account and let you host or join meetups.
  • Legitimate interests — to keep the service secure, prevent abuse, and improve features.
  • Consent — for push notifications and non-essential cookies (you can withdraw at any time).

4. Who sees your data

Your public profile (username, display name, avatar, country, state, city) is visible to other signed-in members. Your ZIP code, real name, phone number, and email are private. Meetup venue addresses are only revealed to attendees the host has approved.

5. Processors we rely on

  • Supabase — authentication, database, and file storage.
  • Google — only if you choose to sign in with Google.
  • Resend — transactional emails (verification, welcome, meetup updates).
  • PayPal — only if you pay for a meetup ticket; payments go directly to the event organiser.
  • OpenStreetMap / Zippopotam.us — for city and address lookup (queries are anonymous).

6. International transfers

Some processors are based outside the EU/UK. Where that is the case we rely on Standard Contractual Clauses or an adequacy decision to protect your data.

7. How long we keep it

We keep your account data for as long as your account is active. If you delete your account we remove your profile, private profile, RSVPs, notifications and push subscriptions immediately. Meetups you have hosted are also removed. Minimal security logs may be retained for a short period for fraud prevention.

8. Your rights

Under GDPR you have the right to:

  • Access a copy of your data — use the "Download my data" button in your profile.
  • Rectify inaccurate data — edit it in your profile at any time.
  • Erase your account and data — use the "Delete my account" button in your profile.
  • Object to or restrict processing, and to data portability.
  • Withdraw consent for push notifications or cookies at any time.
  • Lodge a complaint with your local data protection authority.

9. Cookies

We use only essential cookies and local storage needed to keep you signed in and remember your preferences. We do not use advertising or third-party tracking cookies.

10. Children

The service is not intended for children under 16. Do not create an account if you are under 16.

11. Changes

We will update this page when our practices change and note the date at the top.

See also our Terms of Service.