Legal

Privacy Policy

Last updated: 5 June 2026

We collect only what we need to run the service. We never sell your personal data. This policy explains what we collect, why, and your rights under UK GDPR.

1. Who we are

Regatta Exchange is a UK sole trader business operating regattaexchange.com and a WhatsApp-based AI ticket matching service. We are the data controller for personal data collected through the service.

Contact: hello@regattaexchange.com

2. What data we collect

When you use Regatta Exchange, we may collect:

We do not collect or store payment card details. We do not process payments for ticket sales.

3. How we use your data

We use your personal data to:

4. Consent to future contact

By messaging our WhatsApp number, you consent to us contacting you in future about Regatta Exchange and similar events we operate — for example, next year's Henley ticket exchange or other regatta services.

These messages will relate to the service or similar events, not unrelated marketing. You can withdraw consent at any time by messaging us STOP on WhatsApp or emailing hello@regattaexchange.com. We will then stop future contact messages, though we may still send messages directly related to an active listing or request you have with us.

5. Legal basis for processing (UK GDPR)

6. Who we share data with

We share data only where necessary:

We do not sell, rent, or trade your personal data to third parties for their marketing.

7. How long we keep your data

We keep your data for as long as needed to provide the service and for a reasonable period afterwards so we can handle follow-ups or queries. Conversation and match records are typically kept for up to 2 years unless you ask us to delete them sooner.

We may keep certain records longer where required by law.

8. Your rights

Under UK GDPR, you have the right to:

To exercise any of these rights, email hello@regattaexchange.com or message us on WhatsApp. We will respond within one month. Deleting your data will remove your contact details from our system, though we cannot delete messages already sent to another user once contact details have been shared.

9. Cookies

Our website uses only essential cookies needed to operate the site. We do not use advertising or tracking cookies.

10. Security

We take reasonable steps to protect your data, including encrypted connections (HTTPS) and secure cloud storage with access controls. No online service is completely secure, but we work to keep your information safe.

11. International transfers

Some of our service providers may process data outside the UK. Where this happens, we ensure appropriate safeguards are in place as required by UK GDPR.

12. Children

Our service is not intended for anyone under 18. We do not knowingly collect data from children. If you believe a child has contacted us, please email hello@regattaexchange.com and we will delete their data.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will update the date at the top of this page. Significant changes may also be communicated via WhatsApp where appropriate.

14. Complaints

If you have a privacy concern, contact us first at hello@regattaexchange.com. You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.