Newsletters|RSS
lobbyinsider
Live
Loading the latest…

Legal

Privacy & cookies

Last updated: 1 January 2026. How we handle your personal data under UK GDPR and the Data Protection Act 2018.

1. Who we are

Lobby Insider Ltd ("we", "us", "our") is the data controller for the personal data we collect through the Lobby Insider website, apps, newsletters and other services (together, the "Services"). Our registered office is 14 Great Smith Street, London SW1P 3BU. You can reach our data team at privacy@lobbyinsider.co.uk.

This policy explains what personal data we collect, why we collect it, how we use it, who we share it with, how long we keep it, and the rights you have over it. It applies whether you visit us as a logged-out reader, register an account, subscribe to a newsletter, post a comment, or contact us.

2. The data we collect

Data you give us

  • Account data: name, email address and a hashed password when you register.
  • Profile data: optional avatar, biography, job title, location and social links if you fill them in.
  • User content: comments, tips, letters and other contributions you submit.
  • Communications: the contents of emails or messages you send us, including support and complaints correspondence.
  • Marketing preferences: the newsletters you have opted into and any topic preferences you set.

Data we collect automatically

  • Usage data: pages and articles viewed, time on page, referring URL, search terms used on the site.
  • Device data: IP address (truncated where possible), browser type and version, operating system, device type, language and approximate location (country / city level).
  • Cookies and similar technologies: see section 8 below.

Data from third parties

  • Our payment provider tells us whether a subscription payment succeeded — we never see your full card number.
  • Our email provider tells us whether newsletter emails were delivered, opened or clicked.

3. How we use your data and why

UK GDPR requires us to have a lawful basis for using your data. The bases we rely on are:

  • Contract: to create and run your account, deliver subscriptions you have paid for, and provide customer support.
  • Legitimate interests: to keep the Services secure, prevent fraud and abuse, measure and improve our content and product, and tell existing readers about similar services.
  • Consent: for non-essential cookies, marketing newsletters and any sensitive data processing. You can withdraw consent at any time.
  • Legal obligation: to comply with tax, accounting, regulatory and law-enforcement obligations.

4. Who we share your data with

We never sell your personal data. We share it only with:

  • Service providers who process data on our behalf under written contracts — for hosting (Supabase), email delivery, analytics, payments and customer support.
  • Professional advisers such as auditors, lawyers and insurers, where necessary.
  • Authorities where we are legally required to disclose data, for example in response to a valid court order or to protect our rights and the safety of others.
  • A buyer of all or part of our business if we are sold or restructured, subject to the protections in this policy.

5. International transfers

Some of our suppliers are based outside the UK or European Economic Area. Where we transfer personal data internationally we rely on adequacy decisions (for example to the EEA) or use Standard Contractual Clauses approved by the UK Information Commissioner, together with additional safeguards where appropriate.

6. How long we keep your data

  • Account data: for as long as your account is active and for up to 24 months after closure, in case you reopen it.
  • Comments and user content: for as long as the related article is published, unless you ask us to remove it sooner.
  • Subscription and billing records: for at least 6 years after the end of the relationship, to meet HMRC requirements.
  • Marketing data: until you unsubscribe or your engagement falls below our re-permission threshold (typically 24 months of inactivity).
  • Server logs: for up to 90 days for security and debugging.

7. Your rights

Under UK GDPR you have the right to:

  • Access a copy of the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data in certain circumstances ("right to be forgotten").
  • Restrict or object to certain processing, including direct marketing.
  • Data portability — receive your data in a machine-readable format.
  • Withdraw consent at any time where we rely on it.
  • Complain to the UK Information Commissioner's Office (ico.org.uk).

To exercise any of these rights, email privacy@lobbyinsider.co.uk. We will respond within one month and may need to verify your identity first.

8. Cookies and similar technologies

Cookies are small text files placed on your device. We use them, together with similar technologies like local storage, to make the Services work, to remember your preferences, and (with your consent) to measure how readers use the site. The table below lists every cookie and storage key we currently use, what it does, who sets it, and how long it lasts.

You can manage non-essential cookies in Privacy options in the footer, and you can clear or block cookies in your browser settings. Blocking essential cookies may break parts of the site (for example, you may not be able to stay logged in).

0 items detected on your device
NameProviderPurposeCategoryDurationType
No cookies or storage detected on your device.

This list is generated live from the cookies and storage on your device right now. It updates automatically whenever you reload — no manual maintenance required.

9. Children

The Services are not directed at children under 16 and we do not knowingly collect personal data from them. If you believe a child has given us their data, please contact us so we can delete it.

10. Security

We use industry-standard technical and organisational measures to protect your data, including TLS encryption in transit, encryption at rest for our databases, hashed passwords, access controls and audit logging. No system is 100% secure, but we work hard to keep your data safe and will notify you and the ICO of any breach that is likely to affect your rights.

11. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page tells you when it was last revised. Where changes are material we will let registered users know by email or an in-product notice.

12. Contact us

For privacy questions or to exercise your rights, email privacy@lobbyinsider.co.uk or write to: Data Protection, Lobby Insider Ltd, 14 Great Smith Street, London SW1P 3BU. Our Data Protection Officer can be contacted at dpo@lobbyinsider.co.uk.