Privacy Policy
Last updated: 21 May 2025
1. Who we are
nonoodle.com (trading as Checker) is a limited company registered in England & Wales.
Contact for all privacy matters: hello@sharethetruth-t2.emvigotech.co.uk
2. What data we collect
| Category | What we collect | Why we need it | Lawful basis |
|---|---|---|---|
| Identity & contact | First name, last name, email address, WhatsApp phone number | • Create and manage your account • Send fact-check results and service updates | Contract |
| Payment metadata | Stripe customer ID, subscription tier, billing postcode, last-4 card digits | • Process subscription payments • Issue invoices and refunds | Contract / Legal obligation (tax) |
| Usage data | Site actions, page views, error logs, IP address*, device/browser info* | • Keep the service secure • Understand feature use • Fix bugs | Legitimate interests |
* Collected automatically by analytics/error-tracking tools (see Section 10).
3. Special-category & children's data
We do not collect special-category data (e.g. health, race) or knowingly collect data from anyone under 16. If you believe a child has supplied data, email us so we can delete it.
4. Why we process your data
- Provide the Checker service (check videos, deliver results).
- Take payment for subscriptions and manage plan changes.
- Send essential service notices (renewals, technical issues).
- Send our own marketing (offers, new features, tips) — you may opt out.
- Run analytics and adverts to improve reach and performance.
- Comply with UK tax and accounting law.
5. Marketing practices
- We email product news only with your opt-in (or "soft opt-in" for existing customers).
- We may upload hashed email addresses to Meta (Facebook/Instagram), TikTok, Google Ads, LinkedIn and Amazon Ads to build Custom / Matched Audiences for our own advertising.
- Because we do not have restrictive processor-only agreements with those platforms, regulators treat this as sharing data that the platforms may also reuse in their wider ad-targeting ecosystems.
- You can ask us to exclude you at any time.
6. Sharing & international transfers
| Partner | Service | Data shared | Location / safeguard |
|---|---|---|---|
| Stripe Payments UK Ltd | Payments & customer portal | Email, Stripe ID, limited billing info | USA — SCCs |
| Vercel Inc. | Hosting & edge delivery | IP, cookies, log files | USA + global edge — SCCs |
| Supabase (EU region) | Database & authentication | Name, email, phone, auth tokens, transcripts | EU only |
| WhatsApp Business (Meta) | Message delivery | Phone number, message content | USA — SCCs |
| Meta, TikTok, Google Ads/Tag Mgr, LinkedIn, Amazon Ads | Pixels & Custom Audiences | Hashed email, browsing events, IP | USA / Singapore — SCCs / DPF |
| PostHog Cloud | Product analytics | Pseudonymised usage data | EU data centre |
| Microsoft Clarity | Heat-maps | Usage data | USA — SCCs |
| Sentry | Error tracking | Error logs, IP | USA — SCCs |
| YouTube (Google) | Embedded videos | IP, device info | USA — DPF |
Transfers outside the UK/EU are protected by Standard Contractual Clauses (SCCs) or the EU–US Data Privacy Framework (DPF).
7. Retention & deletion
| Data set | Retention rule |
|---|---|
| Payment & tax records | 6 years after the end of the financial year |
| Active account data | While subscription is live |
| Dormant / cancelled accounts | Delete / anonymise after 24 months of inactivity |
| Support tickets & WhatsApp chats | Delete after 18 months |
| Marketing-consent log | Kept until you opt out |
| Custom-audience files | Deleted immediately after upload; refreshed monthly |
Automated scripts run monthly or quarterly to enforce these limits.
Users may email hello@sharethetruth-t2.emvigotech.co.uk at any time to request deletion; we respond within one month.
8. Cookies & similar technologies
We use:
- First-party cookies to keep you logged in and remember you between visits.
- Third-party cookies from the tools listed in Section 6 (analytics, advertising, payments, error tracking).
You can manage consent through our banner or your browser settings. Full details are in our Cookie Tables.
9. Security measures
We apply industry-standard safeguards, including TLS encryption, role-based access, hashed & salted passwords, least-privilege API keys, regular patching, and automated intrusion monitoring.
We do not yet support multi-factor authentication (MFA) — please seek legal confirmation on whether this is sufficient for your risk profile.
10. Your rights
- Access the data we hold about you
- Correct inaccurate data
- Erase your data ("right to be forgotten")
- Restrict or object to processing
- Port your data to another service
- Withdraw marketing consent at any time
- Complain to the UK ICO
11. How to exercise your rights
Email hello@sharethetruth-t2.emvigotech.co.uk. We aim to respond within one month.
To stop marketing: click "unsubscribe" in any email or reply "STOP BS" to a WhatsApp message.
12. Complaints
If you're unhappy, contact us first. You may also complain to the Information Commissioner's Office (ICO): ico.org.uk | +44 (0)303 123 1113.