Privacy Policy

Last Updated: 2025-09-13

PlumbTheory+ (“we”, “us”) is committed to protecting your privacy. This notice explains what personal data we collect, how we use it, and your rights under UK data protection law.

Who we are (Data Controller)

PlumbTheory+ is the data controller. Contact: contact@plumbtheory.co.uk.

What we collect

  • Email address and password (authentication).
  • Subscription/payment metadata from Stripe (we do not store full card details).
  • In-app activity such as quiz progress and preferences (e.g., marketing consent).
  • Technical data like IP address, device and approximate location (for security, fraud prevention and service operation).
  • Cookies or similar technologies where used (see “Cookies & analytics”).

How and why we use your data (lawful bases)

  • Account & access (create, log in, secure your account) — Contract.
  • Deliver the app (save progress, show content, maintain the service) — Contract / Legitimate interests.
  • Payments & subscriptions (via Stripe) — Contract / Legal obligation.
  • Service communications (important notices about your account or subscription) — Contract / Legal obligation.
  • Marketing emails (updates, reminders, promotions) — Consent under PECR; you can withdraw any time.
  • Fraud/abuse prevention & securityLegitimate interests.

We rely on the lawful bases set out in UK GDPR Article 6.

Marketing emails & your choices

We only send marketing emails if you opt in (no pre-ticked boxes). You can unsubscribe at any time from your Account or using the link in our emails. We keep records of consent (what you agreed to, when, and how). PECR requires a clear, positive action for email marketing consent.

Data sharing

  • Firebase (authentication, database, hosting).
  • Stripe (payments and subscription management).
  • Other service providers strictly as needed to operate, secure, or improve the app.

We do not sell your personal data.

International transfers

Some providers may process data outside the UK. Where that occurs, we rely on adequate decisions or appropriate safeguards (e.g., UK IDTA/standard contractual clauses).

Retention

We keep personal data only as long as necessary for the purposes above. Typical examples: account data while your account is active; transactional records for legal/accounting requirements; consent records until you withdraw plus a short audit period.

Cookies & analytics

If we use non-essential cookies/analytics, we will ask for consent and honour your choices. You can change preferences in your browser or via our banner (where deployed). See ICO guidance on cookies and consent.

Children

PlumbTheory+ is not intended for users under 16. Do not register if you are under 16.

Your rights

  • Access your data and get a copy.
  • Correct inaccurate data.
  • Delete your data (where applicable).
  • Object or restrict certain processing.
  • Data portability (where applicable).
  • Withdraw consent for marketing at any time.

To exercise rights, email contact@plumbtheory.co.uk. We aim to respond within one month.

Concerns & complaints

If you have concerns, please contact us first. You also have the right to complain to the Information Commissioner’s Office (ICO): ico.org.uk/make-a-complaint or helpline 0303 123 1113.

Changes to this policy

If we make material changes, we will notify you in-app or by email.