Privacy Policy

Last updated: 18 June 2026

This policy explains how CultComps collects, uses, stores and protects your personal information when you use our website.

1. Who we are

CultComps is an online skill-based competition platform. Company registration number: 13257663. Registered address: 71-75 Shelton Street, Covent Garden, London, England, WC2H 9JQ. If you have any privacy questions, contact us at hello@cultcomps.com.

2. Information we collect

• Account information: name, email address, phone number and encrypted password hash.
• Transaction details: entries, basket activity, payments, and ticket numbers.
• Technical information: IP address, browser/device details, and session/cookie data.
• Support messages you send to us.
• Verification information when you are a prize winner: details submitted through automated checks (Didit) or manual verification (for example notes from a video call and any reasonable evidence you provide).

3. How we use your information

• Create and manage your account.
• Process entries and payments, and issue ticket confirmations.
• Run and administer competitions, including winner verification.
• Carry out identity verification for prize winners and support fraud prevention.
• Prevent fraud, abuse, and security incidents.
• Comply with legal and regulatory obligations.
• Send service communications about your account or entries.

4. Legal basis for processing

We process personal data where necessary to perform our contract with you, comply with legal obligations, and protect our legitimate interests (such as security and fraud prevention).

5. Sharing your information

We only share data when needed to run the service, for example:

• Payment providers (Pixxles) to complete your payment.
• Didit, when you choose automated identity verification, to run the check on our behalf.
• Technology suppliers (hosting, email, security monitoring).
• Regulators, law enforcement, or legal advisers when required by law.

We do not sell your personal data.

6. Cookies and tracking

We use essential cookies for login/session functions and basket management. We may also use analytics cookies to improve performance. You can control cookies in your browser settings.

7. Data retention

We apply retention by category:

• Active account profile data: while your account remains active.
• Competition and transaction records: retained for legal, tax, fraud prevention, dispute handling and audit purposes (typically up to 6 years after the relevant transaction).
• Automated verification (Didit): Didit holds verification data for a short period (typically about one month). We retain verification outcomes and related audit records on our systems.
• Manual verification: we keep minimal notes for audit purposes where a video call or manual review applies.
• Security logs and technical logs: retained for a limited period needed for monitoring and incident response.
• Marketing preferences and suppression data: retained as needed to respect opt-out choices.

When you close your account, we remove or anonymize direct identifiers where possible, but may retain limited records where legally required or where there is an overriding legitimate interest (for example anti-fraud, accounting, or unresolved disputes).

8. Security

We use industry-standard safeguards including encrypted password hashing, access controls and secure server practices. Identity verification is handled through trusted third-party providers and our own internal processes. No system is 100% risk-free, but we continuously improve protections.

9. Your rights

You may have rights to access, correct, erase, restrict or object to processing of your personal data, and to request a copy of your data. You can also close your account from your account page. Contact us to make a request.

10. Changes to this policy

We may update this policy from time to time. The latest version is always published on this page with an updated date.