Privacy Policy

Last updated:

1. Data Controller

moveIQ ("we", "us", "our") is the data controller responsible for your personal data. Registered address: [Company address — to be confirmed]. Data Protection Officer: privacy@playdraughts.org

2. Data We Collect

Account Information

  • Email address, display name, and profile information you provide.
  • OAuth profile data if you sign in with Google or Facebook.

Usage Data

  • Game history, puzzle attempts, lesson progress, and performance metrics.
  • Log data including IP address, browser type, pages visited, and timestamps.

Payment Data

Payment details are processed by Stripe. We store only a Stripe customer ID and subscription status — never card numbers.

Communications

Messages sent through the platform or to our support team.

3. How We Use Your Data

  • To provide and improve the Service, including personalised learning recommendations.
  • To process payments and manage subscriptions.
  • To communicate service updates, security alerts, and support messages.
  • To send marketing communications (only with your consent).
  • To comply with legal obligations.
  • To detect and prevent fraud, cheating, and abuse.
  • Contract: Processing necessary to deliver the Service you've signed up for.
  • Legitimate interests: Security monitoring, fraud prevention, and platform improvement.
  • Consent: Marketing emails and optional cookies (see Cookie Policy).
  • Legal obligation: Retention of records as required by applicable law.

5. Data Sharing

We do not sell your personal data. We share data with:

  • Stripe (payment processing).
  • Cloud infrastructure providers (hosting and storage).
  • Analytics providers (aggregated, anonymised data only).
  • Coaches on the platform (limited to session-relevant data with your consent).
  • Law enforcement or regulators when required by law.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. After account deletion, data is anonymised or deleted within 90 days, except where retention is required by law (e.g., financial records for 7 years).

7. Your Rights

Under GDPR you have the right to:

  • Access your personal data (Data Subject Access Request).
  • Rectify inaccurate data.
  • Erasure ("right to be forgotten") subject to legal retention obligations.
  • Restrict or object to processing.
  • Data portability in a machine-readable format.
  • Withdraw consent at any time (this does not affect prior lawful processing).

To exercise any of these rights, contact privacy@playdraughts.org. You also have the right to lodge a complaint with your local supervisory authority.

8. Children's Privacy

Users under 16 require verifiable parental or guardian consent before creating an account. We implement additional safeguards for minors including restricted data use and parental oversight features. See our GDPR Statement for full details.

9. International Transfers

Your data may be transferred to and processed in countries outside the EEA. We ensure adequate protection through Standard Contractual Clauses approved by the European Commission.

10. Security

We use industry-standard security measures including TLS encryption, hashed passwords, and regular security audits. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

11. Contact

For privacy enquiries or to exercise your rights, contact: privacy@playdraughts.org