LGICBANKER
START PLAYING
Back to home Legal · Privacy

We don't sell your data. Here's the proof.

No data brokers. No ad-tracking pixels. No "anonymized" packages we slip to third parties. The full list of what we collect, why, where it lives, and how to delete it — in plain English, GDPR-aligned, written by a human.

0
data brokers
EU
data residency
7d
median GDPR reply
6
total vendors

01The 30-second version

We need an email to log you in, your progress so the game works, and your country so we can show the right currency.

  • We don't sell your data, ever.
  • We don't run third-party ad-tracking pixels across the app.
  • You own your data — export it, correct it, or delete it at any time.
  • We use analytics to make the product better. Aggregate, no resale.

02What we collect

Account
Email, display name, optional avatar. Country & preferred language so we show the right currency & localized lessons.
Auth
Hashed password (Argon2id) or third-party OAuth identifier (Apple ID, Google sub). We never see your raw password.
Progress
Which lessons you've completed, gem balance, level, streak, badges. The game would be pointless without this.
Device
OS, app version, screen size, time zone. Used for compatibility & bug triage.
Usage
Page views, button taps, lesson accuracy. Aggregated by us; never shared in a way that identifies you.
Optional
Profile bio, leaderboard opt-in, school code (if you joined via a class).

What we don't collect

No location beyond country, no contacts, no microphone, no camera, no clipboard, no biometrics, no ad ID. We don't read your other apps' data.

03How we use it

Strictly to:

  1. Run the product — log you in, save progress, send streak reminders you opt into.
  2. Improve the product — find broken lessons, slow screens, confusing flows. Always aggregated.
  3. Communicate with you — transactional emails (receipts, password resets) and the optional weekly digest.
  4. Comply with the law — keep books, respond to subpoenas, prevent fraud.

04Who we share it with

We use a small set of vendors. Every one is contractually bound to our privacy standards.

VendorWhat forRegion
Hetzner CloudServer hosting · primary infrastructureEU (Falkenstein)
CloudflareCDN · DDoS protectionEU / global edge
PostmarkTransactional emailUS (DPA in place)
StripePayments & subscriptionsEU / US (SCCs)
PlausiblePrivacy-respecting analytics · no cookiesEU (Frankfurt)
SentryError reporting · scrubbed of personal dataEU (Frankfurt)

05Where it lives

Primary data is stored in the European Union (Hetzner, Falkenstein, Germany). Backups are encrypted at rest, replicated to a second EU region. If we ever need to transfer data outside the EU (e.g. for payments), we use Standard Contractual Clauses approved by the European Commission.

06How long we keep it

  • Account data — for as long as the account is active.
  • After deletion — purged within 30 days from primary systems; up to 90 days from encrypted backups.
  • Billing records — 7 years (legal accounting requirement, EU).
  • Inactive accounts — we email you after 24 months of inactivity, then delete after 36.

07Your rights under GDPR

You can do any of the following at any time. Most are self-serve in Settings → Privacy.

Access
Get a copy of everything we have about you. See Data export.
Rectify
Fix incorrect details. Inline in Settings → Profile.
Erase
Delete your account & all associated data.
Restrict
Pause processing while you investigate something.
Portability
Get your data in a machine-readable format (JSON).
Object
Opt out of marketing email, analytics, or any non-essential processing.
Complain
Lodge a complaint with Datatilsynet — the Danish Data Protection Authority (or your local DPA).

08Cookies & tracking

We use a small number of cookies, all explained on the Cookies page. We do not use third-party ad-tracking cookies. Analytics (Plausible) is cookieless and aggregated.

09Children

LogicBanker is intended for users 13 and over. If you're under 16 (in some EU countries, under 13), we require parental consent before processing your data for anything beyond the bare minimum needed to run the app. Schools using our classroom program have a separate, stricter regime — see Schools & partners.

10Contact our DPO

Our Data Protection Officer is Lena Schmid. You can reach her at [email protected]. We respond to all GDPR requests within 30 days, usually within 7.