Privacy and Cookie Policy of
Who London Ltd
Please read before using this site

This policy (together with our Terms of Website Use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

We are registered as a Data Controller, Registration Number ZA061972, in accordance with the Data Protection Act 1998 (the “Act”), and we are GDPR-compliant (General Data Protection Regulation).

We may collect and process the following data about you on a lawful legitimate basis and by lawful consent to send your our newsletters by email. If you join as a member you will be emailed the member newsletter on a legitimate basis, but you can click unsubscribe at any time.

• Information that you provide by filling in forms on our site (“our site”) or through our newsletters. This includes information provided at the time of registering to use our site, subscribing to our service, booking our events, filling in forms, posting material or requesting further services. We may also ask you for information when you report a problem with our site.

• If you contact us, we may keep a record of that correspondence. You have the right to ask us to delete this at any point in time, unless we are bound by law to retain this information.

• We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.

• Details of transactions you carry out through our site, including invoicing, collecting payment and of the fulfilment of your orders.

• Details of your visits to our site and the resources that you access.

• For the purpose of running competitions.

• So you can share social media content, for example “like” our Facebook post or share our Facebook post, or share content via our site or on our social media pages.

• Photos of you for our newsletter, leaflets, social media posts and our website and for other marketing purposes – however we will only use these photos with your express consent and you have the right to object to being photographed. If you add a profile photo or cover photo on your membership account for our private messaging service and for commenting on blog posts, we will not use this anywhere else.

• Any comments you write on our public blog or private blog with the name which you supply as a non-member, or with the first name and surname you use within your Who London membership account and profile.

• Your name, email address and mobile/telephone number from someone booking a ticket on your behalf, so that we can update you by email about your ticket, send you our post-event survey and where absolutely necessary call you regarding this event e.g. if timings change of this event – in this case you will need to look at this Privacy & Cookie Policy in full and contact us at or call 020 3393 3343 should you have any queries.

We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.

Who London is for persons aged 50+ and we therefore do not intend to collect children’s data. In the event of any children’s data being unknowingly held by us, upon our subsequent knowledge of such, we will delete this data immediately.

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. We may do so, for example, through showing you an advertisement on social media, through Google AdSense or through Google AdWords. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

We may obtain information about your general internet usage by using cookie files which are stored on the hard drive of your computer. These cookies collect information, and are then sent back to the originating website on each subsequent visit. They help us to improve our site and to deliver a better and more personalised service. They enable us:

• To estimate our audience size and usage pattern.

• To store information about your preferences, and so allow us to customise our site according to your individual interests.

• To speed up your searches.

• To recognise you when you return to our site.

List of cookies:

_utma, _utmb, _utmc, _utmz
Google Analytics is a web analytics service provided by Google to help us see how our website is used. The data collected by Google Analytics is used to analyse how frequently the same people revisit the website, how the website is found and which pages are most (and least) frequently viewed. This information is combined with data from every visitor to create an overall picture of website use, and is never identified individually or personally and is not linked to any other information we store about you. Click here to learn how to reject or delete the Google cookies.

The PHPSESSID cookie is native to PHP and enables websites to store serialised county data. On the website it is used to establish a user session and to pass county data via a temporary cookie, which is commonly referred to as a session cookie. As the PHPSESSID cookie has no timed expiry, it disappears when the browser is closed.

wordpress_*, wordpress_logged_in_*
Stored data: unique identifiers and control variables necessary for the normal functioning of the site.

Most Google users will have a preferences cookie called ‘PREF’ in their browsers. A browser sends this cookie with requests to Google’s sites. The PREF cookie may store your preferences and other information. NID is used by Google to generate images for maps.

wpf_leadsource, wpf_ref
WP Fusion’s lead source tracking uses cookies to keep track of a visitor’s UTM variables and referrer. If the visitor later registers an account or makes a purchase, these values are sent to your CRM along with the contact data.

woocommerce_cart_hash woocommerce_items_in_cart
woocommerce_recently_viewed store_notice[notice id]
Helps WooCommerce determine when basket contents/data change. Contains a unique code for each customer so that it knows where to find the basket data in the database for each customer. Powers the Recent Viewed Products widget. Allows customers to dismiss the Store Notice.

This cookie is set by ActiveCampaign. This cookie is used to keep track of the site usage.

This cookie is used to recognise the visitors using live chat at different times in order to optimise the chat-box functionality.

__lc_cid, __lc_cst, __lc2_cid, __lc2_cst
This cookie is necessary to enable the website live chat-box function. It is used to distinguish different users using live chat at different times in order to reconnect the last agent with whom the customer had chatted.

If you’ve accepted cookies from our website, you agree we can place these types of cookies on your device. However, you can set your browser to refuse some/all browser cookies. You can also set alerts when websites place on your device or access cookies. If you disable all cookies, including essential cookies, you may not achieve full functionality of our site. If you do disable cookies, please refresh your page to ensure that the new settings have taken effect. Except for essential cookies, all cookies will expire after 1 or 2 years.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We use security plugins on our website, anti-malware software on our devices and secure passwords for technology.

We use information held about you in the following ways:

• To ensure that content from our site is presented in the most effective manner for you and for your computer.

• To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes. If you have asked to be placed on our mailing list and/or to receive our newsletter, we will retain your email address. We will only do this if you have asked us to do so, and we will remove your address from the list on request.

• To carry out our obligations arising from any contracts entered into between you and us, such as giving your name as an event attendee to your event provider.

• For customer care, for example to assist you booking an event or to discuss an event, or to assist you with using any of our membership features.

• To allow you to participate in interactive features of our service, such as commenting on our blog or sending a private message, when you choose to do so.

• To notify you about changes to our service.

• To ask you for and store feedback and comments after attending a Who London event.

• In the unlikely event of a medical emergency or for legal purposes.

If you are an existing customer and have consented to us emailing you, we will only contact you by electronic means (email) with information about goods and services similar to those which were the subject of a previous sale to you.

If you are a new customer, we will contact you by electronic means only if you have consented to this.

We may have to share your personal data with the parties set out below. We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

• If our business or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions of supply and other agreements; or to protect the rights, property, or safety of our business, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

• If you have consented to receive our e-newsletter and/or subscribed to it on our website or via Facebook, we will provide updates by email in which case we will disclose your email address and possibly your name, gender, date of birth and mobile number if you have provided this information, and any notes from our verbal or email conversation (such as who referred you to us, where you are based, or what types of events you are interested in) to our newsletter software provider and their associated software providers.

• For our website to function for its purpose, with the use of third party technologies.

• For third party spamming detection to protect our site from external spamming, which would otherwise interfere with our site.

• For developing our services using Google Analytics and our email marketing software of your visits to our site and the resources that you access.

• To ask you for and store feedback and comments after attending a Who London event using our email marketing software and their associated providers.

• To create communities on our website, Facebook or similar.

• For acquiring your voicemail messages by telephone, by email, and by an app, through our telephone provider.

• For acquiring your written messages on our website live chat and on our live chat app.

• For business purposes utilising the assistance of our lawyers, accountants, administrators and developers.

• To take payments or to refund you through PayPal or Stripe and for a potential debt collector to collect debt owed to us – we do not store card payment details on our systems, nor are your passwords visible to us.

We may transmit some personal data outside of the EEA for e.g. website hosting and/or for plugins which are used for the site functionality.

If there is a breach of personal data, i.e. access to, loss of, or incorrectly filed data, we will notify you and the Information Commissioner’s Office (“ICO”) where appropriate within 72 hours, as well as take legal action where appropriate or necessary.

You have the right to ask us not to process your personal data for marketing purposes and can withdraw your consent at any time for certain or all of your data to be erased. In circumstances where this will affect the services we offer to you we will make you aware of this. You also have the right to request access to or correction of your data, as well as the transfer of it to a third party. We will require ID or specific information in order to confirm your identity so we can undertake these actions securely. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise the right to prevent such processing at any time by contacting us at or clicking the unsubscribe link on our e-newsletter. Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

The Data Protection Act gives you the right to access information held about you. You can see more about these rights here. Your right of access can be exercised in accordance with this Act and can be made verbally or by emailing We have one month to comply with such a request or if we refuse such a request we will tell you why and you will have the right to complain to the supervisory authority and to a judicial remedy. Any access request is free of charge, unless your request is manifestly unfounded, excessive or repetitive and we need to meet our costs in providing you with details of the information we hold about you. If you think there is a problem with the way we handle your data we would appreciate your contacting us in the first instance and we will try to be as open and helpful as possible. If this does not result satisfactorily to you, you can complain to the ICO. Our data retention period is six years.

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.

In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.

Questions, comments and requests regarding this privacy policy are welcomed and should be emailed to

Last updated on 5th July 2021.