What personal data does PaddlePals collect?

PaddlePals collects only essential data: account information (name, email), profile data (optional location, skill level), game data (scores, dates, opponents), and usage data. We never collect biometric data, track location without permission, or access contacts without consent. All data collection is GDPR-compliant and transparent.

Does PaddlePals sell user data to third parties?

No, never. PaddlePals does not sell, rent, or share user data with advertisers, data brokers, marketing companies, or social media platforms. We only share data with trusted service providers (hosting, email) under strict contracts, and only when legally required by court order.

How can I delete my PaddlePals account and data?

You can delete your account anytime from your privacy settings. All personal data is permanently deleted within 30 days, and backups are purged within 90 days. Under GDPR, you have the right to data deletion, and we provide simple tools to exercise this right with full confirmation of deletion.

Where is PaddlePals data stored and how is it protected?

All data is stored on UK servers with EU backups. We use encryption (SSL/TLS), bcrypt password hashing, access controls, and regular security audits. Data never leaves the EU/UK without adequate protection. We maintain GDPR compliance with 72-hour breach notification and UK data protection standards.

What are my GDPR rights with PaddlePals?

Under GDPR, you have rights to: access your data (download complete profile), correct inaccurate information, delete your account, restrict data processing, data portability, and object to certain processing. You can exercise these rights anytime through your account settings or by contacting privacy@paddlepals.co.uk.

Privacy Policy | PaddlePals UK | Your Data, Your Control | GDPR Compliant

Our Privacy Promise

                We Keep It Simple:
                Your data belongs to you, always
We never sell your information to anyone
We don't share your data with third parties for marketing
When you delete your account, all your data is permanently removed
We use your data only to provide and improve PaddlePals services
We comply with GDPR and UK data protection laws

            

Information We Collect

1. Information You Provide

Account Information: Name, email address, username, and password (encrypted)
Profile Data: Profile picture, location (optional), skill level, favourite sports
Game Data: Match scores, dates, opponents, court locations
Social Features: Friend connections, messages, forum posts
Payment Information: For premium users only - processed securely through Stripe (we don't store card details)

2. Information Collected Automatically

Usage Data: How you interact with PaddlePals (features used, pages visited)
Device Information: Device type, browser type, operating system
Log Data: IP address, access times, referring URLs
Cookies: Session cookies for login and preferences (essential cookies only)

3. Information We DON'T Collect

We don't track your location unless you explicitly enable court finder
We don't access your contacts without permission
We don't collect biometric data
We don't monitor your activity outside PaddlePals

How We Use Your Information

Core Services

Track and display your game statistics and history
Calculate and update leaderboard rankings
Generate victory and participation certificates
Connect you with friends and other players
Help you find and book courts near you
Send game invitations and notifications (with your permission)

Platform Improvements

Understand how players use PaddlePals to make it better
Fix bugs and improve performance
Develop new features based on user needs
Ensure platform security and prevent fraud

Communication

Send important account updates and security alerts
Provide customer support when you contact us
Send optional newsletters about paddle sports (you can unsubscribe anytime)

Data Storage & Security

Where We Store Data

Primary servers located in the United Kingdom
Backup servers within the European Union
All data transfers use encryption (SSL/TLS)
We never transfer data outside the EU/UK without adequate protection

How We Protect Your Data

Encryption: All passwords are hashed using bcrypt
Secure Connections: HTTPS everywhere, always
Access Controls: Staff access on a need-to-know basis only
Regular Audits: Security testing and vulnerability assessments
Incident Response: 72-hour breach notification policy

Data Retention

Active Accounts: Data kept while account is active
Inactive Accounts: Reminder sent after 12 months of inactivity
Deleted Accounts: All personal data permanently deleted within 30 days
Backup Retention: Backups purged within 90 days of deletion request

Your Rights & Controls

Under GDPR and UK Data Protection Act, you have the right to:

Access Your Data

Request a copy of all data we hold about you
Export your game history and statistics
Download your complete PaddlePals profile

Control Your Data

Correction: Update or correct any inaccurate information
Deletion: Request complete deletion of your account and data
Restriction: Limit how we process your data
Portability: Receive your data in a machine-readable format
Object: Opt out of certain data processing activities

Privacy Settings

Control who can see your profile and statistics
Manage friend requests and connections
Choose notification preferences
Opt in/out of newsletters and updates
Hide from public leaderboards if desired

Data Sharing & Third Parties

We NEVER Share Your Data With:

Advertisers or advertising networks
Data brokers or resellers
Marketing companies
Social media platforms (unless you explicitly share)

Limited Sharing (Only When Necessary):

Service Providers: Trusted partners who help run PaddlePals (hosting, email)
Payment Processing: Stripe for secure payment handling (Premium users only)
Legal Requirements: If required by law or court order (we'll notify you if possible)
Safety: To protect users and prevent harm or illegal activities

Your Public Information:

Username and public profile (if you choose to make it public)
Leaderboard rankings (you can opt out)
Forum posts and comments (public by design)
Game results with friends (visible to participants only)

Cookies & Tracking

Essential Cookies We Use:

Session Cookies: Keep you logged in while using PaddlePals
Preference Cookies: Remember your settings and choices
Security Cookies: Protect against fraud and unauthorised access

Analytics (Optional):

Google Analytics to understand usage patterns (anonymised)
You can opt out of analytics in your privacy settings
We never use tracking for advertising purposes

What We DON'T Do:

No third-party advertising cookies
No cross-site tracking
No selling of browsing data
No behavioural profiling for ads

Children's Privacy

PaddlePals is designed for users aged 13 and above. We don't knowingly collect data from children under 13.

Users must confirm they're 13+ during registration
Parents can contact us to remove a child's account
We comply with COPPA and UK age-appropriate design codes
Under-18 accounts have enhanced privacy settings by default

International Users

While PaddlePals is UK-based, we welcome international players:

EU users are protected under GDPR
We apply UK data protection standards globally
Data may be processed in the UK/EU
We use standard contractual clauses for any necessary transfers

Changes to This Policy

We'll notify you via email about significant changes
Minor updates will be posted here with the date
Continued use after changes means acceptance
You can always request the previous version

Contact Our Privacy Team

Questions About Your Privacy?

We're here to help and take your privacy seriously.

Data Protection Officer:
PaddlePals Ltd
123 Paddle Street
London, SW1A 1AA
United Kingdom

Email: privacy@paddlepals.co.uk

Phone: +44 20 1234 5678

Response time: Within 48 hours for all privacy enquiries

UK Information Commissioner's Office (ICO):
If you're not satisfied with our response, you can contact the ICO at
ico.org.uk