Privacy Policy

Last updated: July 4, 2025

1. Introduction

PickAFav ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our voting platform at pickafav.com and app.pickafav.com.

2. Information We Collect

2.1 Google OAuth Information

When you sign in with Google, we collect:

  • Email address - Used for account identification and vote integrity
  • Name - Displayed in your voting interface
  • Profile picture - Optional display in your account
  • Google user ID - Used to ensure one vote per pair per user

2.2 Voting Data

We collect your voting choices to:

  • Aggregate anonymous voting results
  • Prevent duplicate voting on the same pairs
  • Generate public statistics (without personal identification)

2.3 Technical Information

We automatically collect:

  • Log data - IP address, browser type, device information (for security)
  • Usage analytics - Aggregated, non-personal usage statistics
  • Essential cookies - Session management and security tokens only

3. How We Use Your Information

3.1 Core Functionality

  • Account authentication - Secure login via Google OAuth
  • Vote integrity - Ensuring fair voting (one vote per pair per user)
  • Results generation - Creating anonymous, aggregated voting statistics

3.2 Service Improvement

  • Performance monitoring - Ensuring fast, reliable service
  • Security protection - Preventing abuse and maintaining service integrity
  • Anonymous analytics - Understanding usage patterns without personal identification

3.3 What We DON'T Do

  • ❌ We do NOT sell your personal information
  • ❌ We do NOT use tracking cookies for advertising
  • ❌ We do NOT share individual voting choices
  • ❌ We do NOT send marketing emails without consent
  • ❌ We do NOT use third-party analytics that track users

4. Information Sharing

4.1 Public Information

We share only aggregated, anonymous voting results publicly:

  • Vote counts and percentages
  • Popular pairs and trending categories
  • Statistical summaries

4.2 Service Providers

We use these trusted services:

  • Google OAuth - Authentication service
  • Cloudflare - Content delivery and security
  • All providers - GDPR compliant with data processing agreements

4.3 Legal Requirements

We may disclose information only when required by law or to protect our rights and users' safety.

5. Data Security

We implement industry-standard security measures:

  • Encryption - All data transmitted via HTTPS/TLS
  • Access controls - Limited access to personal data
  • Data minimization - We collect only necessary information
  • Regular security audits - Ongoing security assessments

6. Your Rights (GDPR Compliance)

If you're located in the EU/EEA, you have these rights:

6.1 Access and Portability

  • Right to access - Request a copy of your personal data
  • Data portability - Receive your data in a machine-readable format

6.2 Correction and Deletion

  • Right to rectification - Correct inaccurate personal data
  • Right to erasure - Request deletion of your account and data

6.3 Control and Objection

  • Right to restriction - Limit processing of your data
  • Right to object - Object to certain types of processing
  • Withdraw consent - Remove consent for data processing at any time

To exercise these rights: Contact us at [email protected]

7. Cookies and Tracking

7.1 Essential Cookies Only

We use minimal, essential cookies:

  • Authentication tokens - Keep you logged in securely
  • CSRF protection - Prevent cross-site request forgery
  • Session management - Maintain your voting session

7.2 No Tracking Cookies

We do NOT use:

  • ❌ Advertising cookies
  • ❌ Third-party tracking pixels
  • ❌ Social media tracking
  • ❌ Marketing automation cookies

7.3 Cookie Management

You can:

  • Accept only essential cookies via our consent banner
  • Manage cookie preferences in your browser settings
  • Contact us to update your cookie consent

8. Data Retention

  • Account data - Retained while your account is active
  • Voting history - Kept for vote integrity (anonymized after 12 months)
  • Log data - Automatically deleted after 90 days
  • Deleted accounts - All personal data removed within 30 days

9. International Transfers

Your data may be processed in countries outside your residence. We ensure adequate protection through:

  • GDPR-compliant service providers
  • Standard contractual clauses
  • Adequate security measures

10. Children's Privacy

PickAFav is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

  • Post the updated policy on this page
  • Update the "Last modified" date
  • Notify users of significant changes via email or app notification

12. Contact Information

For privacy-related questions or to exercise your rights:

Email: [email protected]

Data Protection Officer: [email protected]

Response Time: We respond to privacy requests within 30 days

12.1 EU Representative

If you're in the EU and have concerns about our data processing, you can contact your local data protection authority or file a complaint.

13. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Consent - When you sign in with Google and agree to our terms
  • Legitimate interests - For security, fraud prevention, and service improvement
  • Contract performance - To provide the voting service you requested

Summary: We collect minimal data for voting functionality, use Google OAuth for authentication, share only anonymous aggregated results, and respect your privacy rights. No ads, no tracking, no data sales.

Start Voting Contact Us