Privacy Document

Privacy Policy

Effective date: January 1, 2025 Last updated: March 1, 2025

At Playlax Neo, your privacy matters. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights you have. By using our Service, you agree to the practices described in this Policy.

01 Overview

Playlax Neo ("we", "us", "our") operates the Playlax Neo website and platform (the "Service"). This Privacy Policy applies to all personal data processed when you use the Service, regardless of where you are located.

We act as the data controller for the personal data described in this Policy. We are committed to processing your data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.

We do not sell your personal data to third parties. We do not use your data for advertising profiling beyond what is necessary to operate and improve the Service.

02 Data We Collect

We collect data in three ways: data you provide directly, data collected automatically, and data from third parties.

2.1 Data You Provide

  • Account data: display name, email address, and password (stored as a salted hash) when you register.
  • Profile data: optional avatar, bio, and preferences you add to your profile.
  • Communications: messages you send us via support, feedback forms, or email.
  • User content: reviews, comments, and other content you submit on the platform.

2.2 Data Collected Automatically

  • Usage data: challenges attempted, completion times, scores, streaks, and in-app navigation behaviour.
  • Device & technical data: IP address, browser type and version, operating system, device identifiers, screen resolution, and time zone.
  • Log data: server logs including access timestamps, pages visited, referring URLs, and error reports.
  • Cookies & similar technologies: see Section 6 for details.

2.3 Data from Third Parties

  • Single Sign-On (SSO): if you choose to register or log in via Google or another provider, we receive your name, email address, and profile picture from that provider, subject to their privacy policies.
  • Analytics partners: aggregated, anonymised behavioural data from analytics services to help us understand platform usage.

03 How We Use Your Data

We use the data we collect for the following purposes:

  • Providing the Service: creating and managing your account, delivering challenges, tracking progress, and displaying achievements.
  • Personalisation: tailoring challenge recommendations and difficulty settings based on your history and preferences.
  • Communication: sending transactional emails (account confirmation, password reset, important service notices). We will only send marketing emails if you have opted in.
  • Security & fraud prevention: detecting and preventing cheating, abuse, unauthorised access, and other harmful activity.
  • Analytics & improvement: understanding how users interact with the Service to fix bugs, improve features, and develop new content.
  • Legal compliance: fulfilling obligations under applicable laws, responding to lawful requests from authorities, and enforcing our Terms of Service.

We do not use your data to make fully automated decisions that produce significant legal effects on you without human oversight.

05 Data Sharing & Disclosure

We do not sell, rent, or trade your personal data. We may share your data only in the following circumstances:

  • Service providers: trusted third-party vendors who process data on our behalf (e.g. cloud hosting, email delivery, analytics). All processors are bound by data processing agreements and may not use your data for their own purposes.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.
  • Legal requirements: if required by law or valid legal process (court order, subpoena, regulatory demand), or to protect the rights, property, or safety of Playlax Neo, our users, or the public.
  • With your consent: for any other purpose with your explicit prior consent.

We never share your data with advertisers for the purpose of targeting you with third-party advertisements within Playlax Neo products.

06 Cookies & Tracking Technologies

We use cookies and similar technologies to operate and improve the Service. The categories we use are:

  • Strictly necessary: essential for authentication, session management, and security. These cannot be disabled.
  • Functional: remember your preferences (language, theme, difficulty settings). Disabled by default; enabled when you save preferences.
  • Analytics: help us understand how users navigate the platform. We use anonymised, aggregate data only. Require your consent.

You can manage or withdraw cookie consent at any time via the cookie settings panel accessible from the footer of any page. Removing strictly necessary cookies may affect your ability to use the Service.

We do not use third-party advertising or tracking cookies.

07 Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specific retention periods:

  • Account data: retained for the duration of your account and deleted within 30 days of account closure, unless a longer retention period is required by law.
  • Usage & analytics data: retained in anonymised or aggregated form for up to 24 months for platform improvement purposes.
  • Support communications: retained for 12 months after the issue is resolved.
  • Legal & compliance records: retained for up to 7 years as required by applicable law.

When data is no longer needed, we securely delete or anonymise it in accordance with our data destruction procedures.

08 Security

We implement industry-standard technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These measures include:

  • Encryption of data in transit using TLS 1.2 or higher.
  • Encryption of passwords using bcrypt with per-user salts.
  • Encryption of sensitive data at rest.
  • Strict access controls and role-based permissions for internal staff.
  • Regular security audits and vulnerability assessments.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. If you suspect unauthorised access to your account, contact us immediately at security@playlaxneo.com.

09 Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your personal data ("right to be forgotten"), subject to legal retention requirements.
  • Restriction: request that we limit processing of your data in certain circumstances.
  • Portability: receive your data in a structured, commonly used, machine-readable format.
  • Objection: object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • CCPA rights: California residents may request disclosure of categories and specific pieces of personal data collected, and opt out of any sale of personal data (we do not sell personal data).

To exercise any of these rights, contact us at privacy@playlaxneo.com. We will respond within 30 days. You may also lodge a complaint with your local data protection authority.

10 Children's Privacy

Playlax Neo is not directed at children under the age of 18. We do not knowingly collect personal data from anyone under 18. If we discover that we have inadvertently collected such data, we will delete it promptly.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at privacy@playlaxneo.com and we will take immediate action.

11 International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. When transferring data outside the European Economic Area (EEA), we rely on appropriate safeguards including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions issued by the European Commission for the destination country.
  • Other legally approved transfer mechanisms as applicable.

You can obtain more information about these safeguards by contacting us at privacy@playlaxneo.com.

12 Third-Party Links

The Service may contain links to third-party websites, applications, or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party services.

We encourage you to review the privacy policies of any third-party services you visit.

13 Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will update the "Last updated" date at the top of this page and notify you via email or a prominent in-app notice at least 14 days before the changes take effect.

Your continued use of the Service after the effective date constitutes acceptance of the updated Policy. If you do not agree to the changes, you must stop using the Service and may request account deletion.

14 Contact & Data Protection Officer

For any questions, requests, or concerns about this Privacy Policy or your personal data, please contact our Data Protection Officer:

Data Protection Officer — Playlax Neo
privacy@playlaxneo.com
Playlax Neo, 123 Digital Ave, Tech City, 00100
Terms of Service Back to home