← Back to Home

Privacy Policy

Last updated: July 2026

1. Introduction

DaVinChess ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our chess training platform, including our website and our iOS and Android mobile apps (together, the "Services").

2. Information We Collect

We collect the following types of information:

  • Account Information: Email address and name when you create an account. Authentication (including any password or social sign-in) is handled by our authentication provider, Clerk.
  • Chess Training Data: Games you import or upload (PGN files), the repertoires and opening lines we build for you, your blunder/mate/endgame drills, and your training results, statistics, and progress.
  • Linked Chess Accounts: If you connect a Chess.com or Lichess account, we store the username you provide and import your publicly available games from that service at your direction.
  • Feedback & Support Content: The messages, bug reports, and any screenshots or images you choose to attach when you contact us or use the in-app feedback feature.
  • Device & App Information (mobile): Basic technical details submitted with feedback or collected for diagnostics, such as app version, operating system version, and device model.
  • Payment & Subscription Information: Your subscription status and transaction identifiers. Card and billing details are processed by our payment providers (Stripe on the web; Apple or Google on mobile) — we do not store your full card number.
  • Usage Data: How you interact with the Services, including training sessions and progress.
  • Analytics Data: Anonymous usage statistics collected on our website via Google Analytics (with your consent).

3. How We Use Your Information

We use your information to:

  • Provide and improve our chess training services across web and mobile
  • Build your repertoire and analyze your games
  • Process your subscription and verify your entitlements across platforms
  • Send transactional emails (welcome, receipts, password resets)
  • Respond to your support requests and feedback
  • Personalize your learning experience
  • Analyze usage patterns, prevent fraud, and keep the Services secure

4. Data Sharing

We do not sell your personal data. We share information only with service providers who help us operate the Services:

  • Clerk: Authentication and account management
  • Stripe: Secure payment processing for web subscriptions
  • Apple & Google: In-app purchase processing and subscription management for the iOS and Android apps
  • Vercel: Website and API hosting, and storage of feedback screenshots you upload
  • Neon: Managed database hosting for your account and training data
  • Upstash: Rate limiting and abuse prevention
  • Google Analytics: Anonymous website usage analytics (only with your consent)
  • Chess.com & Lichess: When you link an account, we request your public game data from these services at your direction

We may also disclose information if required by law, or to protect the rights, safety, and security of our users and the Services.

5. Mobile Apps

Our iOS and Android apps collect the same categories of information described above. A few specifics apply to the apps:

  • Photo selection: If you attach a screenshot to feedback, the app lets you pick an image from your device. We only receive the image you explicitly select; we do not access your photo library otherwise.
  • In-app purchases: Subscriptions purchased inside the apps are processed by Apple (App Store) or Google (Google Play). We receive your subscription status and transaction identifiers to unlock features, but not your payment-card details.
  • No advertising or cross-app tracking: We do not use third-party advertising SDKs and do not track you across other companies' apps or websites.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (HTTPS) and secure authentication through Clerk. Payment data is handled entirely by Stripe, Apple, or Google, which are PCI-DSS compliant. Feedback screenshots are stored in access-controlled cloud storage.

7. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contract performance: To provide our chess training services and process your subscription (account data, usage data, payment data)
  • Legitimate interest: To improve our platform, respond to feedback, prevent fraud, and ensure security (usage analytics, error logs, audit logs)
  • Consent: For analytics cookies (Google Analytics). You may withdraw consent at any time via the cookie consent banner

8. Data Retention

We retain your data for the following periods:

  • Account data: Retained while your account is active and for 30 days after you request deletion
  • Training data: Games, repertoires, and training sessions are retained while your account is active and deleted with your account
  • Feedback & screenshots: Retained while we work on your report and for a reasonable period afterward for quality and support history, then deleted
  • Payment records: Retained for up to 7 years for tax and legal compliance (managed by Stripe, Apple, or Google)
  • Audit logs: Retained for 1 year for security and compliance purposes
  • Analytics data: Anonymized after 14 months (managed by Google Analytics)

9. Your Rights

You have the right to:

  • Access: Request a copy of your personal data. Use the "Download My Data" button in Account Settings to export your data as JSON
  • Rectification: Request correction of inaccurate data via your account profile or by contacting us
  • Erasure: Request deletion of your account and data. Use the "Delete My Account" button in Account Settings (web) or your app settings. Your data is marked for deletion immediately and permanently removed after a 30-day grace period. See our account & data deletion page
  • Portability: Export your data in a structured, machine-readable JSON format via Account Settings
  • Restriction: Request that we limit processing of your data in certain circumstances
  • Objection: Object to processing based on legitimate interest
  • Withdraw consent: Withdraw cookie consent at any time by clearing your browser cookies and revisiting the site

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you also have the right to lodge a complaint with your local data protection authority.

10. Cookies

Our website uses the following categories of cookies (the mobile apps do not use advertising cookies):

  • Essential cookies: Required for authentication (Clerk) and core platform functionality. These cannot be disabled. Duration: session-based
  • Analytics cookies: Google Analytics (GA4) cookies used to understand how users interact with our platform. These are only set if you consent via our cookie banner. Duration: up to 2 years
  • Preference cookies: Store your cookie consent choice. Duration: 1 year

We do not use marketing or advertising cookies. You can manage your cookie preferences through the consent banner displayed on your first visit, or by clearing your browser cookies.

11. Children's Privacy

The Services are not directed to children. You must be at least 16 years old (or the minimum age required in your country to consent to processing of your personal data) to create an account. We do not knowingly collect personal data from children under this age. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. International Users

DaVinChess is a service operated by Rozek Industries Ltd, a company registered in England and Wales (company no. 16474200) with its registered office in London, United Kingdom. Your personal data is processed in the United Kingdom and the European Economic Area, and may also be transferred to and processed in the United States and other countries by the service providers we rely on (such as Vercel, Neon, and Clerk). Where we transfer personal data outside the UK or EEA, we put appropriate safeguards in place — such as the UK International Data Transfer Agreement or the European Commission's Standard Contractual Clauses — to keep it protected.

13. Contact Us

If you have questions about this privacy policy, your data, or wish to exercise any of your rights, contact us at:

Email: privacy@davinchess.com

You can also use our contact form or the in-app feedback feature.

14. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will notify you via email.

Privacy Policy | DaVinChess