PRIVACY POLICY
Last updated: 14 July, 2026
This Privacy Policy explains how Cubed Events Limited (“we”, “our”, “us”) collects, uses, and protects your personal information in connection with Cubed! 2026 and related services. It applies when you claim a ticket, join our Minecraft server, apply for a booth, panel, or volunteer position, sign up for marketing, or otherwise interact with our website and event.
Cubed Events Limited is a company registered in England and Wales (company number 15861967) and is the data controller responsible for your personal data. Our registered office address is available on the Companies House public register. For any privacy or data protection matter, please contact us at [email protected].
Part A – What We Collect and Why
- We collect only the data we need to run Cubed! 2026. Depending on how you interact with us, this includes:
- Ticket claim: your Minecraft username and email address.
- Joining our Minecraft server: your Minecraft username and UUID, IP address, in-game chat logs, and playtime/activity data (collected for moderation, security, and the operation of the event).
- Volunteer applications: your name, age, and the information needed to assess your application. Some volunteers may be aged 16–17; we handle applicant data from under-18s with appropriate care.
- Booth and panel applications: your Discord username and contact details, together with information about your proposed booth or panel.
- Marketing: if you opt in, your email address, which is added to our mailing list.
- Technical data: basic, aggregated information such as pages visited and visitor numbers, used to keep the website running and secure.
- We use this data, relying on the following lawful bases under the UK GDPR:
- Performance of a contract – to deliver your ticket, packages, booths, and other benefits, and to operate the event you have signed up for.
- Legitimate interests – to run, secure, and moderate our servers and platforms (including the use of chat logs and IP data for safety and anti-abuse), to respond to enquiries, and to administer applications. We balance these interests against your rights.
- Consent – to send you marketing about future Cubed events, where you have opted in. You can withdraw this at any time.
- Legal obligation – to comply with our statutory duties, including keeping financial records.
- We will not sell or rent your personal data. We only share it with the trusted service providers needed to run the event (see Part B), or where required by law. We do not request special category data (such as health, political views, religion, or sexual orientation), and you should not submit such information to us.
- You can withdraw your marketing consent, or ask us about any of your rights, at any time by contacting [email protected] (see Part D).
Part B – Service Providers We Use
- We use a small number of trusted third-party providers to operate Cubed! 2026. Where they process personal data on our behalf, they do so under data processing agreements and may only use it for the purposes we specify:
- Stripe – processes payments. Stripe is an independent data controller for your payment and card details and handles them under its own privacy policy. We do not receive or store your full card details; we receive only the limited information needed to confirm your purchase and deliver your benefits. Stripe may process data outside the UK under appropriate safeguards.
- Brevo – manages our marketing email list and sends our newsletters, where you have opted in.
- CloudFlare - We utilise CloudFlare Turnstile to keep our website safe, you can view their privacy policy here.
- Discord. We use Discord as a community channel. Discord is a separate platform with its own privacy policy and terms, and any data you share there is governed by Discord, not by us. Discord operates and enforces its own minimum age requirement of 13.
- We do not use non-essential or tracking cookies. Our website uses only essential cookies required for it to function.
Part C – Age Requirements
- Cubed! 2026 is not directed at children under 13, and you must be at least 13 years old to claim a ticket, join our server, provide us with personal data, or otherwise use our services.
- We do not knowingly collect personal data from anyone under 13. If we become aware that we have collected data from a child under 13, we will delete it promptly. If you believe a child under 13 has provided us with data, please contact [email protected].
- Additional age requirements apply to certain activities: volunteers and moderators must be at least 16, and purchases must be made by, or with the permission of, someone aged 18 or over (see our Terms of Service).
Part D – Your Rights
- Under the UK GDPR and Data Protection Act 2018, you have the right:
- to access your personal data and information about how we process it,
- to request correction of inaccurate data,
- to request erasure of your data in certain circumstances,
- to restrict or object to processing in certain circumstances,
- to receive your data in a portable format,
- to withdraw consent at any time (where we rely on consent),
- not to be subject to solely automated decisions producing significant legal effects,
- to be informed of any personal data breach that is likely to affect your rights.
- To exercise any of these rights, contact us at [email protected]. We will respond without undue delay and within the time limits required by law.
Part E – Data Retention
- We keep personal data only for as long as necessary. In general, we retain event-related data for up to two years after the event ends, after which it is deleted or anonymised.
- Financial and transaction records are kept for longer where required by law (typically up to six years) to meet our tax and accounting obligations.
- You can ask us to delete your data sooner, subject to any legal retention requirements.
Part F – Remedies and Complaints
- If you have concerns about how we handle your data, please contact us first so we can try to resolve them.
- You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk, and to seek a judicial remedy or compensation through the courts where you have suffered harm as a result of unlawful processing.
Part G – International Transfers
- We are based in the UK. Some of our service providers (such as Stripe) may process data outside the UK. Where this happens, we ensure appropriate safeguards are in place, such as the UK’s International Data Transfer Agreement or equivalent contractual protections.
Part H – Changes to This Policy
- We may update this Privacy Policy from time to time. The date at the top of this page shows when it was last revised.
- For minor changes, posting the updated policy on this page is sufficient. For material changes that affect how we use your data, we will take reasonable steps to notify you in advance — for example, by email to registered users or by a notice on our website or community channels.
- The version of this policy in effect at the time you claim a ticket, join our server, submit an application, or make a purchase applies to that action.
Part I – Governing Law
- This Privacy Policy is governed by the laws of England and Wales, and any disputes are subject to the exclusive jurisdiction of the English courts.
Part J – Contact Us
For any questions about this Privacy Policy or your personal data, contact our Data Protection Team at [email protected].