Privacy Policy

1. Who We Are

IOLoc ("we", "our", "us") operates the website IOLoc.com and the services accessible through it. This policy explains how we collect, use, and protect your personal data when you use our platform.

For any privacy-related questions, you can reach us at the contact details listed at the bottom of this page.

2. Data We Collect

We collect only the information necessary to provide and improve our service:

• Account data — your email address and password (stored as a secure hash) when you register
• Usage data — game sessions, scores, and progress to power your personal dashboard
• Payment data — billing information for paid subscriptions, processed by our third-party payment provider; we do not store card details
• Technical data — IP address, browser type, and device information collected automatically via cookies and server logs

3. How We Use Your Data

We use the information we collect to:

• Create and manage your account
• Deliver and personalise the service, including your progress tracking and analytics
• Process payments and send billing-related communications
• Send service updates or important notices (you may opt out of marketing emails at any time)
• Monitor and improve platform performance and security

We do not sell your personal data to third parties.

4. Legal Basis for Processing

We process your data on the following legal grounds under GDPR:

• Contract — to provide the service you signed up for
• Legitimate interests — to maintain security, prevent fraud, and improve the platform
• Consent — for any optional marketing communications
• Legal obligation — where required by applicable law

5. Cookies

We use essential cookies to keep you logged in and maintain your session. We may also use analytics cookies to understand how the platform is used in aggregate. You can disable non-essential cookies in your browser settings, though some features may not function correctly as a result.

6. Data Retention

We retain your account and usage data for as long as your account is active. If you delete your account, we will erase your personal data within 30 days, except where we are required to retain it by law (for example, billing records for tax purposes).

7. Third-Party Services

We use a limited number of trusted third-party providers to operate the platform, including payment processors and hosting infrastructure. These providers are contractually required to handle your data in accordance with applicable privacy law and are not permitted to use it for their own purposes.

8. Your Rights

If you are located in the European Economic Area or United Kingdom, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data ("right to be forgotten")
• Object to or restrict certain processing
• Request a portable copy of your data
• Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using the details below. We will respond within 30 days.

9. Security

We implement industry-standard technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "last updated" date at the top of this page. For significant changes, we will notify registered users by email.

11. Contact Us

For any questions, data requests, or concerns regarding this policy, please get in touch: