Guardian Privacy Policy: Data Collection, Use, and Your Rights Explained
Guardian Privacy Policy: Data Collection, Use, and Your Rights

Guardian News & Media Limited ("Guardian", "we", "us", or "our") is committed to protecting your personal data. This privacy policy covers our sites such as theguardian.com and associated apps. It explains what personal data we collect, how we use it, and your rights.

Who We Are

Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU is the data controller. The Guardian is a media organisation and publisher, and data privacy law includes certain exemptions for journalistic purposes.

Personal Data We Collect

We collect personal data when you visit our sites, register for an account, subscribe, make contributions, or interact with us. This includes your name, email address, username, contact number, billing address, and image if you add a profile photo. We also generate data such as a unique ID number, browsing behaviour, geolocation data from your IP address, and device details. When you use our apps, we collect data on content viewed, app interactions, and crash reports. If you sign in via social media (Apple or Google), we receive limited data from your profile.

Wide Pickt banner — collaborative shopping lists app for Telegram, phone mockup with grocery list

How We Collect Personal Data

We collect data directly from you when you sign up for services, purchase products, attend events, enter competitions, post comments, or contact us. We also collect data from third parties, such as fraud prevention services, payment providers, and survey partners. Cookies and similar technologies are used to collect additional data; see our cookie policy for details.

Why and How We Use Your Personal Data

We use personal data only when we have a valid legal ground: consent, performance of a contract, compliance with law, or legitimate interest. For example, we rely on consent for non-essential cookies and personalised advertising. We use legitimate interest for internal administration, account registration, content sharing, comment moderation, security, and fraud prevention. We may contact you for service communications, editorial newsletters, market research, or to respond to queries.

How We Share Your Personal Data

We share data within the Guardian group of companies in the UK, US, and Australia for administrative, historic, or advertising purposes. With external organisations, we share data with service providers (e.g., payment processors, cloud hosting, analytics, email platforms), advertising partners (e.g., Google Ad Manager, LiveRamp, ID5), affiliate marketing partners (e.g., Skimlinks), law enforcement if required, event sponsors, competition partners, and social media organisations. If the Guardian group is sold, data may be transferred to the buyer.

International Data Transfers

Personal data may be transferred to countries where Guardian group companies or service providers are based. We ensure protection through adequacy decisions or Standard Contractual Clauses.

How Long We Keep Your Personal Data

We retain personal data only as long as necessary for the purposes described. When no longer needed, we delete or anonymise it. If you withdraw consent, we delete your data unless another lawful basis applies. When you unsubscribe from marketing, we retain your email to prevent future sends.

Security of Your Personal Data

We implement technical and organisational measures to protect against unauthorised processing, loss, damage, or destruction. Account verification uses a 30-minute email code. You should keep your password confidential.

Your Data Privacy and Data Protection Rights

You have rights to access, correct, delete, restrict, object to processing, and withdraw consent. To exercise these, email dataprotection@theguardian.com or write to the Data Protection Officer at the address above. We respond within one month. Verification of identity may be required.

Your Australian Privacy Rights

Under the Australian Privacy Act, you have rights of access and correction. You may opt out of personalised advertising via the "Privacy settings" link. Complaints can be made to the Office of the Australian Information Commissioner.

Pickt after-article banner — collaborative shopping lists app with family illustration

Contact Us

For questions or concerns, contact the Data Protection Team at dataprotection@theguardian.com or by post at Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU. Complaints are acknowledged within 30 days. EU individuals may contact our representative at theguardian@mcf.ie or MCF Legal Technology Solutions Limited, Riverside One, Sir John Rogerson’s Quay, Dublin 2, Ireland.

Changes to This Privacy Policy

Updates will be posted on this page. Significant changes may be emailed to registered users. Last updated: 8 July 2026.