Privacy Policy

Last updated: 1 January 2024

At Quizvo ("we", "our", "us"), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and tests at https://quizvo.com (the "Service").

By using our Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.

1. Data We Collect

We collect the following personal data when you use our Service:

• Email address — collected after you complete a test, so we can deliver your results.
• Test answers — your responses to IQ and personality test questions, stored as anonymised JSON data.
• Test scores and results — including your IQ estimate, personality type, and category breakdown.
• Gender selection — to personalise your results (optional).
• Session key — a randomly generated identifier stored in your browser's localStorage to link your session to your results.
• Payment data — if you purchase the Full Report, payment is processed by Stripe. We do not store card details.
• Usage data — general analytics such as page views, device type, and browser (via standard web server logs).

2. How We Use Your Data

We use the data we collect for the following purposes:

• To calculate and display your test results.
• To send you your personalised results report (if applicable).
• To process payments via Stripe for the Full Report upgrade.
• To improve the quality and accuracy of our tests.
• To comply with our legal obligations.

We will never sell your personal data to third parties. We will never use your email address for unsolicited marketing without your explicit consent.

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases as defined by the GDPR:

• Contractual necessity — to provide the test results and full report service you requested.
• Legitimate interests — to improve our Service and prevent abuse.
• Consent — where you voluntarily provide your email address to receive results.

4. Data Processors

We use the following trusted third-party processors to operate our Service:

• Supabase — our database and backend provider. Your test data and email are securely stored on Supabase infrastructure. Supabase is GDPR-compliant and data is stored in the EU where possible. See Supabase Privacy Policy.
• Stripe — our payment processor. Stripe handles all payment transactions. We do not store credit card numbers or payment details on our servers. See Stripe Privacy Policy.

5. Data Retention

We retain your personal data for as long as necessary to provide the Service and comply with our legal obligations. Specifically:

• Test session data (email, answers, scores) is retained for up to 24 months from the date of collection.
• Payment records are retained for 7 years to comply with financial regulations.

6. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

• Right of access — you can request a copy of the personal data we hold about you.
• Right to rectification — you can request correction of inaccurate data.
• Right to erasure ("right to be forgotten") — you can request that we delete your personal data.
• Right to restriction of processing — you can request that we limit how we use your data.
• Right to data portability — you can request your data in a machine-readable format.
• Right to object — you can object to the processing of your data for certain purposes.

To exercise any of these rights, please contact us at support@quizvo.com. We will respond within 30 days.

7. Cookies and localStorage

We use localStorage in your browser to store a randomly generated session key. This key is used to link your test results to your session. It does not contain any personally identifiable information on its own. We do not use advertising or tracking cookies.

8. Children's Privacy

Our Service is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

9. International Transfers

Your data may be transferred to and stored on servers outside your country of residence. When this occurs, we ensure that appropriate safeguards are in place (such as Standard Contractual Clauses) to protect your data in accordance with GDPR requirements.

10. Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our Service uses HTTPS encryption, and our database is secured with Row-Level Security (RLS) policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:

• Email: support@quizvo.com
• Website: https://quizvo.com