This site is in active development — things may change or break.

Privacy Policy

Last updated: 2026-07-09

This Privacy Policy explains how PairDare ("we", "us", "our") collects, uses, stores, and protects personal data when you use https://pairdare.com and related services (the "Service").

By using the Service, you confirm that you have read this Policy. Where required by law, we will ask for your consent separately (for example, for non-essential cookies or marketing).

1. Who is responsible for your data

The data controller is the operator of PairDare (https://pairdare.com).

For privacy requests, contact us at privacy@pairdare.com. We will respond within the time limits required by applicable law (typically within 30 days under GDPR).

2. Scope and age restriction

The Service is intended exclusively for adults aged 18 or older. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided data, contact us and we will delete it.

This Policy applies to visitors, registered users, and Premium subscribers.

3. Personal data we collect

We may collect the following categories of data:

  • Account data: email address, display name, password (stored only as a cryptographic hash using scrypt — we never store plain-text passwords).
  • Subscription data: Premium status, Premium expiry date, payment order identifiers and payment status (we do not store full payment card or wallet credentials).
  • Gameplay preferences stored in your browser: player names, gender selections for personalization, language preference, onboarding completion flag.
  • Technical data: IP address, browser type, device information, pages visited, and timestamps (via server logs and, if enabled, analytics).
  • Session data: an HTTP-only authentication cookie to keep you signed in.
  • Communications: messages you send us (support or legal requests).

4. How we collect data

Directly from you when you register, sign in, purchase Premium, or contact us.

Automatically when you use the Service (cookies, local storage, server logs).

From payment partners when you complete or attempt a payment (status and order metadata only).

5. Purposes and legal bases (GDPR / UK GDPR)

We process personal data for the following purposes:

Providing the Service

Legal basis: performance of a contract (Art. 6(1)(b) GDPR) and, where applicable, legitimate interests in operating a secure online service (Art. 6(1)(f)).

  • Creating and managing your account
  • Authenticating sessions
  • Enabling games, Premium features, and personalization

Payments

Legal basis: performance of a contract and compliance with legal obligations (tax/accounting where applicable).

  • Processing Premium purchases through our payment provider
  • Preventing fraud and resolving billing disputes

Security and abuse prevention

Legal basis: legitimate interests (Art. 6(1)(f)) and legal obligations.

  • Protecting accounts and infrastructure
  • Detecting unauthorized access or misuse

Analytics (optional)

If Google Analytics 4 is enabled, we use it to understand aggregate usage. Legal basis: your consent (Art. 6(1)(a)) where required — you can accept or reject analytics cookies via our cookie banner.

Legal compliance

Legal basis: compliance with legal obligations (Art. 6(1)(c)).

  • Responding to lawful requests from authorities
  • Enforcing our Terms of Service

6. Cookies and local storage

We use essential cookies and local storage that are necessary for the Service to function. Player names and language preference are stored in your browser (localStorage) and are not uploaded to our servers unless you explicitly use a server-side feature that requires them.

  • Session cookie (essential): keeps you logged in; HTTP-only; up to 30 days.
  • localStorage — locale: language preference.
  • localStorage — playerNames: names and genders for card personalization.
  • localStorage — onboarding: whether the onboarding hint was dismissed.
  • localStorage — cookieConsent: your analytics cookie choice.
  • Analytics cookies (non-essential): only if you accept analytics in the cookie banner and GA is configured.

7. Third-party processors

We use trusted providers who process data on our behalf under contractual safeguards:

  • Payment processing: Heleket — handles cryptocurrency payments; receives order amount, currency, and redirect URLs. Their privacy policy applies to payment data they process directly.
  • Analytics: Google (Google Analytics 4) — only loaded after consent where required.
  • Hosting/infrastructure: our VPS hosting provider — stores application data and server logs.

8. International data transfers

Your data may be processed in countries outside your residence (including the EU/EEA, UK, United States, and other jurisdictions where our providers operate). Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms.

9. Data retention

We retain data only as long as necessary:

  • Account data: until you delete your account or request deletion, plus a reasonable period for backups and legal obligations.
  • Payment records: as required for accounting, tax, and dispute resolution (typically up to 5 years where applicable).
  • Server logs: usually up to 90 days unless needed for security investigations.
  • Browser-stored names and preferences: until you clear site data in your browser.

10. Security

We implement appropriate technical and organizational measures, including HTTPS, hashed passwords, HTTP-only session cookies, and access controls for administrative functions. No method of transmission over the Internet is 100% secure; we cannot guarantee absolute security.

11. Your rights

Depending on your location, you may have the following rights regarding your personal data:

To exercise your rights, email privacy@pairdare.com. We may need to verify your identity.

  • Access — obtain a copy of data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure ('right to be forgotten') — request deletion where applicable.
  • Restriction — limit processing in certain cases.
  • Portability — receive data in a structured, machine-readable format where applicable.
  • Objection — object to processing based on legitimate interests.
  • Withdraw consent — where processing is consent-based (e.g. analytics cookies).
  • Lodge a complaint — with your local data protection authority (for EEA/UK users).

12. Users in Russia (152-FZ)

If you are located in the Russian Federation, personal data is processed in accordance with Federal Law No. 152-FZ. You may contact us to clarify processing purposes, request correction or blocking of inaccurate data, or withdraw consent where processing is consent-based. Cross-border transfer may occur as described in Section 8.

13. Changes to this Policy

We may update this Policy from time to time. The 'Last updated' date at the top will change. Material changes will be communicated via the Service or email where appropriate. Continued use after changes constitutes acceptance where permitted by law.

14. Contact

Questions about this Privacy Policy or your personal data: privacy@pairdare.com.

Website: https://pairdare.com