Privacy Policy

1. Who we are

Duelhouse is a household gamification app operated as a sole proprietorship. For questions about your data, contact us at duelhouseapp@proton.me.

We are the data controller for all personal data processed through duelhouse.app.

2. What data we collect

Account data

• Email address (used to create and recover your account)
• Password (stored as a secure hash — we cannot see it)

Household data

• Household member names and chosen avatars (you choose these)
• Room names and chore lists you create
• Chore completion records and timestamps
• Points and scores
• Shopping list items

Usage data

• App open times (to calculate time-of-day display)
• Chore completion timestamps

What we do NOT collect

• Your location or GPS data
• Device identifiers or advertising IDs
• Browsing history
• Contacts or photos
• Any data from children under 13

3. Why we collect it (legal basis)

Contract performance (Art. 6(1)(b) GDPR)

We need your email and household data to provide the Duelhouse service — creating your account, syncing your household across devices, and logging chores.

Legitimate interests (Art. 6(1)(f) GDPR)

We retain anonymised, aggregated statistics (household size, chores completed, streak length, broad region) after account deletion to improve the product. This data cannot identify you.

Consent (Art. 6(1)(a) GDPR)

By joining our waitlist, you consent to receiving occasional product updates. You can unsubscribe at any time by emailing us.

4. How we store your data

Your data is stored on Supabase (a PostgreSQL database hosted in the EU). All data is encrypted in transit using HTTPS and at rest.

We use Netlify to host the app. Netlify may log anonymised access requests for security purposes.

We do not use third-party analytics, advertising networks, or tracking pixels.

5. How long we keep your data

• Account and household data: Until you delete your account
• Waitlist emails: Until you ask to be removed
• Anonymised stats after deletion: Indefinitely (cannot identify you)
• Server logs: 30 days maximum

6. Your rights under GDPR

You have the following rights regarding your personal data:

• Right of access — request a copy of all data we hold about you
• Right to rectification — correct any inaccurate data
• Right to erasure — delete your account and all personal data (available directly in the app under Settings → Delete my account)
• Right to restriction — limit how we process your data
• Right to portability — receive your data in a machine-readable format
• Right to object — object to processing based on legitimate interests
• Right to withdraw consent — for waitlist emails, at any time

To exercise any of these rights, email us at duelhouseapp@proton.me. We will respond within 30 days.

7. Cookies and local storage

Duelhouse does not use advertising cookies or tracking cookies.

We use browser localStorage to store your household data and login session on your device. This is essential for the app to function and is not used for tracking. You can clear this at any time by clearing your browser data.

8. Data sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes — ever.

We share data only with:

• Supabase — our database provider (data processor under GDPR)
• Netlify — our hosting provider (data processor under GDPR)
• Law enforcement, only if legally required

Both Supabase and Netlify are GDPR-compliant and process data under Data Processing Agreements.

9. Children's privacy

Duelhouse is intended for users aged 13 and over. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has created an account, please contact us immediately and we will delete it.

When used as a family app with children, parents or guardians are responsible for the household account and any member data entered for minors.

10. Changes to this policy

We may update this privacy policy as the product evolves. If we make significant changes, we will notify active users by email. The "last updated" date at the top of this page will always reflect the most recent version.