Legal

Privacy Policy

Effective date: 20 February 2026

Data controller

BreakboundDigital — [email protected]

1. What We Collect

1.1 Email address

Collected when you create an account. Used for magic link authentication and delivering review notifications. This is required to use the Service.

1.2 Notification email addresses

Additional email addresses you optionally add in Settings. Used solely to deliver review notifications to your chosen recipients.

1.3 Discord webhook URL

Optionally provided in Settings. Used only to send review notifications to your Discord server. Validated and stored securely. We never post to your webhook for any other purpose.

1.4 Subscription and billing data

When you subscribe to a paid plan, Stripe handles all payment processing. We store only your Stripe customer ID and subscription status — we never see or store your card number or banking details.

1.5 Steam App IDs

The Steam game IDs you add to Feedlenz. These are public identifiers and not personal data, but are stored as part of your account configuration.

1.6 Usage data

Basic server logs including request timestamps and IP addresses, used for security monitoring and debugging. This data is not used for advertising.

2. Legal Basis for Processing (GDPR Article 6)

We process your personal data on the following legal grounds:

  • Contract performance (Art. 6(1)(b)): Processing your email address and notification preferences is necessary to provide the Service you signed up for.
  • Legitimate interests (Art. 6(1)(f)): Server logs help us maintain security, prevent abuse, and diagnose technical issues. These interests do not override your rights.
  • Legal obligation (Art. 6(1)(c)): We may retain subscription records where required by applicable law (e.g. tax or accounting obligations).

3. How We Use Your Data

  • Authenticating your access to Feedlenz via magic link
  • Delivering review notifications to your registered email and any additional addresses you configure
  • Sending notifications to your Discord server if a webhook is configured
  • Managing your subscription status and communicating billing-related information
  • Maintaining the security and reliability of the Service

We do not use your data for advertising, profiling, or sale to third parties.

4. Third-Party Processors

We share your data with the following processors, each under their own data processing agreements and privacy policies:

  • Supabase (supabase.com) — database and authentication infrastructure. Stores your account data, game configurations, and notification history.
  • Stripe (stripe.com) — payment processing. Handles all subscription billing. Stripe is the data controller for your payment information.
  • OpenAI (openai.com) — AI summary generation. Steam review text (public data, not your personal data) is sent to OpenAI to generate summaries.
  • Resend (resend.com) — transactional email delivery. Your email address is shared with Resend only to deliver notifications you have requested.

We do not sell, rent, or trade your personal data to any third party.

5. International Data Transfers

Some of our processors (Supabase, OpenAI, Resend) may process data outside the European Economic Area. Where such transfers occur, we rely on appropriate safeguards including Standard Contractual Clauses (SCCs) as required by GDPR Chapter V.

6. Data Retention

  • Your account data (email, notification settings, game configurations) is retained for as long as your account is active.
  • If you delete your account, your personal data is deleted within 30 days.
  • Server logs are retained for a maximum of 90 days.
  • Subscription and billing records may be retained longer where required by law.

7. Your Rights Under GDPR

As a data subject in the EU, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data (“right to be forgotten”), subject to legal retention obligations.
  • Right to restriction: Request that we limit how we process your data in certain circumstances.
  • Right to data portability: Request your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

You also have the right to lodge a complaint with your national data protection supervisory authority if you believe we have not handled your data correctly.

8. Cookies

Feedlenz uses a single session cookie to maintain your login state after authenticating via magic link. No advertising, tracking, or third-party analytics cookies are used.

9. Children's Privacy

Feedlenz is not intended for users under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email before they take effect. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy. The effective date at the top of this page reflects the most recent update.

11. Contact

For any privacy-related questions or to exercise your rights, contact the data controller:

BreakboundDigital
[email protected]

Terms of Service →