The 50/50 Club logo

Privacy Policy

Last updated: May 2026

1. Data Controller

The 50/50 Club Ltd ("we", "us", "our") is the data controller responsible for your personal data. We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Contact: [email protected]

2. What Data We Collect

We collect and process the following personal data:

Account Information

Full name, email address, date of birth, display name, encrypted password

Game & Performance Data

Game scores, quiz answers, response times, rounds survived, achievements, leaderboard rankings

Payment Information

Subscription status, billing plan. Payment card details are processed by Stripe and never stored on our servers.

Delivery & Order Information

Full name, postal address, phone number, order history, and credits spent — collected only when you place a shop order

Technical Data

Push notification subscriptions, device information for notifications, session tokens

3. Lawful Basis for Processing

We process your data under the following lawful bases (Article 6, UK GDPR):

  • Contract: To provide our gaming services, manage your account, process tickets, deliver prizes, and fulfil Club Shop orders.
  • Consent: For push notifications, marketing communications, and cookies.
  • Legitimate Interests: To improve our service, prevent fraud, and maintain fair play.
  • Legal Obligation: To comply with tax, accounting, and regulatory requirements.

4. How Long We Keep Your Data

We retain your data for as long as your account is active, plus:

  • Account data: Until you request deletion, or 3 years after your last login.
  • Game performance data: As long as your account exists (needed for leaderboards).
  • Payment records: 7 years after the transaction (legal/tax requirement).
  • Order & delivery data: 7 years from the date of the order (HMRC record-keeping requirements). Delivery addresses are retained for order fulfilment and may be deleted upon request once the order has been fulfilled.
  • Communication records: 2 years from the date of communication.

5. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of Access

Request a copy of all personal data we hold about you (Subject Access Request).

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data ('right to be forgotten').

Right to Restrict Processing

Request we limit how we use your data.

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests or direct marketing.

Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, email [email protected] or use the data request form on your profile page. We will respond within 30 days.

6. Cookies

We use the following cookies:

Essential Cookies

Session authentication, security tokens. These are strictly necessary for the site to function and cannot be disabled.

Preference Cookies

Sound settings, cookie consent choice. These remember your preferences to improve your experience.

We do not use third-party advertising or tracking cookies. You can manage cookies through your browser settings or our cookie consent banner.

7. Data Sharing & Third Parties

We share your data only with:

  • Stripe: Payment processing (PCI DSS compliant). See Stripe's Privacy Policy.
  • Fulfilment & logistics partners: When you place a Club Shop order, we may share your name, delivery address, and order details with third-party fulfilment, printing, or shipping providers solely for the purpose of manufacturing and delivering your order. These partners act as data processors under a written agreement and may only use your data for order fulfilment. The specific provider may change from time to time; the current partner(s) can be confirmed by contacting [email protected].
  • Hosting providers: Our servers and database are hosted securely with encryption at rest and in transit.

We do not sell, rent, or trade your personal data to any third party. We do not transfer your data outside the UK/EEA unless required for order fulfilment (e.g., if a fulfilment partner operates in the EEA), in which case appropriate safeguards are in place under UK GDPR.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encrypted passwords (bcrypt), HTTPS encryption for all data in transit, secure session management, and access controls. No system is 100% secure, but we take all reasonable steps to protect your data.

9. Children

Our service is not intended for anyone under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

10. Your Right to Complain

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
ico.org.uk/make-a-complaint

11. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email or an in-app notification. The "last updated" date at the top of this page will be revised accordingly.

12. Contact Us

For any questions about this privacy policy or to exercise your data rights, contact us at [email protected].