MyGamePlan
New plan

Privacy Notice

Last updated: June 1, 2026

1. Who we are

MyGamePlan is operated by Jessica Keller, an individual sole proprietor ("we", "us", "our"). For the personal data described in this notice, we act as the data controller.

2. The personal data we collect

  • Account data: email address, password hash, display name (optional), and authentication identifiers (e.g. when you sign in with Google).
  • Plan and voting data: plan titles, event details you enter, votes you cast, and the share tokens used to invite others.
  • Support communications: messages you send us and our replies.
  • Usage and device data: IP address, browser type, pages visited, and basic telemetry needed to operate and secure the Service.
  • Payment-related identifiers: we receive a transaction reference, plan tier, subscription status, and country from our Merchant of Record (Paddle). Full card details are handled by Paddle and never reach us.

3. Why we use your data and the legal basis

  • To provide the Service (creating plans, collecting votes, showing results) — performance of the contract with you.
  • To create and secure your account — performance of the contract and our legitimate interest in account security.
  • To process payments and unlock paid features — performance of the contract.
  • To prevent fraud and abuse — legitimate interest in protecting the Service.
  • To improve the product — legitimate interest in understanding how MyGamePlan is used.
  • To send transactional emails (receipts, password resets, plan notifications) — performance of the contract.
  • To send marketing email, if any — only with your consent, which you can withdraw at any time.
  • To comply with legal obligations (e.g. tax records via Paddle) — legal obligation.

4. Who we share your data with

  • Merchant of Record — Paddle.com Market Ltd. Paddle is the seller of record for all paid transactions and handles payments, tax compliance, invoicing, subscription management, and refunds. See Paddle's privacy notice.
  • Infrastructure and subprocessors we use to run the Service, including our hosting provider, our database / authentication provider (Supabase), and email-delivery providers. These act only on our instructions under written contracts.
  • Professional advisers (legal, accounting) where reasonably necessary.
  • Authorities or other parties where required by law, court order, or to protect our rights or the safety of others.

We do not sell your personal data.

5. International transfers

Some of our providers are located outside your country, including in the United States and the European Economic Area. Where personal data is transferred internationally, we rely on appropriate safeguards such as the EU Standard Contractual Clauses or applicable adequacy decisions.

6. How long we keep your data

We keep account data for as long as your account is active, and for a reasonable period afterwards to handle disputes and comply with legal obligations. Plan and vote data is retained while the plan is in use and then deleted or anonymised when no longer needed. Payment records are retained by Paddle as required by tax law.

7. Your rights

Depending on where you live, you may have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate data;
  • request deletion of your data ("right to be forgotten");
  • restrict or object to certain processing;
  • request a portable copy of data you provided;
  • withdraw consent at any time where processing is based on consent;
  • lodge a complaint with your local data-protection authority.

To exercise any of these rights, contact us through the in-app support flow. We will respond within one month.

8. Security

We use appropriate technical and organisational measures to protect your personal data, including encryption in transit, encrypted storage, access controls, password hashing, and protection against compromised passwords. No system is perfectly secure, but we work hard to keep your data safe.

9. Cookies and similar technologies

We use a small number of essential cookies and local-storage entries to keep you signed in and to remember settings. We do not currently use advertising cookies. If we add analytics in the future, we will update this notice and, where required, ask for your consent.

10. Children

MyGamePlan is not directed at children under 13 (or the equivalent age in your jurisdiction). If you believe a child has provided personal data, contact us so we can delete it.

11. Changes to this notice

We may update this notice from time to time. Material changes will be highlighted through the Service or by email.

12. Contact

Data-protection questions or requests? Contact Jessica Keller via the in-app support flow or by email at the address shown in your purchase receipt.