Privacy Policy

Effective Date: 14 June2026
Last Updated: 14 June2026

PersonaCode ("we", "us", "our") is operated by DreamWebCrafts. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use our website (personacode.ai) and the PersonaCode mobile application (collectively, the "Service").

We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), the Data Protection Act 2018, and all applicable data protection legislation.

1. Data Controller

The data controller responsible for your personal data is:

DreamWebCrafts
Email: support@personacode.ai

2. What Data We Collect

We collect the following categories of personal data:

2.1 Account Data

• Full name
• Email address
• Authentication method (email/password or Google Sign-In)
• Profile avatar (if provided via Google)

2.2 Assessment Data

• Your responses to personality assessment questions
• Generated archetype results and profile insights
• AI-generated behavioural analysis (Deep tier only)

2.3 Payment Data

• Web purchases: Payments are processed securely by Stripe. We do not store your credit/debit card details. We receive only a transaction reference, purchase tier, and confirmation status.
• Android app purchases: Payments are processed by Google Play Billing. Payment details are handled entirely by Google. We receive only purchase verification tokens.
• iOS app purchases (future): Payments will be processed by Apple In-App Purchase. Payment details will be handled entirely by Apple.

2.4 Technical Data

• IP address
• Browser type and version
• Device type and operating system
• Session cookies and authentication tokens

3. Legal Basis for Processing (GDPR Article 6)

We process your personal data on the following legal bases:

• Contract performance (Art. 6(1)(b)): Processing necessary to provide you with the Service, including account creation, quiz assessment, and delivery of your personality profile.
• Legitimate interest (Art. 6(1)(f)): Processing necessary for improving our algorithms, maintaining security, and preventing fraud.
• Consent (Art. 6(1)(a)): Where you have given explicit consent, such as for optional marketing communications or cookies.
• Legal obligation (Art. 6(1)(c)): Where processing is required to comply with applicable law.

4. How We Use Your Data

• To create and manage your PersonaCode account.
• To generate your personality archetype profile and insights.
• To process payments for premium tier unlocks.
• To deliver AI-powered behavioural analysis (Deep tier).
• To send essential account notifications (e.g., purchase confirmations).
• To improve our assessment algorithms and user experience.
• To maintain the security and integrity of the Service.

5. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to any third party. We share data only with the following processors:

• Google (Firebase): Authentication and application infrastructure.
• Google (Play Billing): In-app payment processing for Android.
• Stripe: Secure payment processing for web purchases.
• Apple (future): In-App Purchase processing for iOS.

All third-party processors are GDPR-compliant and process data under appropriate data processing agreements.

6. International Data Transfers

Some of our third-party processors (e.g., Google, Stripe) may process data outside the UK/EEA. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions.

7. Data Retention

• Account data: Retained for as long as your account is active.
• Assessment data: Retained for as long as your account is active to allow you to access your results.
• Payment records: Retained for 7 years to comply with tax and accounting obligations.
• Technical logs: Retained for up to 90 days for security and debugging purposes.

Upon account deletion, your personal data will be permanently erased within 30 days, except where retention is required by law.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of access (Art. 15): Request a copy of all personal data we hold about you.
• Right to rectification (Art. 16): Request correction of inaccurate personal data.
• Right to erasure (Art. 17): Request deletion of your personal data ("right to be forgotten").
• Right to restriction (Art. 18): Request restriction of processing in certain circumstances.
• Right to data portability (Art. 20): Request your data in a structured, machine-readable format.
• Right to object (Art. 21): Object to processing based on legitimate interest.
• Right to withdraw consent (Art. 7(3)): Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at support@personacode.ai. We will respond within 30 days as required by GDPR.

9. Cookies

We use essential cookies required for the operation of the Service (e.g., session authentication). We do not use tracking or advertising cookies. By using the Service, you consent to essential cookies as described in our cookie banner.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption of data in transit (TLS/SSL) and at rest.
• Secure password hashing (bcrypt).
• Role-based access controls for administrative systems.
• Regular security audits and monitoring.

11. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: ico.org.uk
Phone: 0303 123 1113

14. Contact

For any questions about this Privacy Policy or your personal data, contact us at:
support@personacode.ai