Privacy Policy
Effective 11 July 2026 · Controller: Ictora — legal entity to be registered
1. What we collect
Account data: your email and a hashed password. Configuration you create: alphabets, patterns, subscriptions and delivery channels (including any secrets you enter). Operational data: detected matches and delivery outcomes (status, latency). Security data: your IP address, used transiently for rate-limiting and abuse prevention. We do not collect special-category data and do not sell your data.
2. Why, and legal basis
To provide the service and your account (performance of a contract); to secure the service and prevent abuse (legitimate interest); to bill paid plans (contract); and to comply with legal obligations. We rely on your consent where required, which you can withdraw.
3. Processors we use
Hosting/database: our cloud provider (e.g. DigitalOcean) in the EU. Payments (when enabled): Stripe. Delivery endpoints you configure (your webhook URL, Telegram, Discord) receive the match data you asked us to send there. These act as processors or independent controllers as applicable.
4. Retention
Matches and delivery logs are automatically deleted after a rolling retention window (default 14 days). Account and configuration data are kept until you delete your account, after which they are erased (cascading), save for records we must keep by law (e.g. invoices).
5. Your rights
You can access, correct, export and delete your data. Export and one-click account deletion are available in Settings. You may also object to or restrict certain processing. If you are in the EU/EEA you can lodge a complaint with your supervisory authority — in Belgium, the Gegevensbeschermingsautoriteit (GBA/APD).
6. Cookies
We use a single strictly-necessary session cookie to keep you signed in. We do not use advertising or third-party tracking cookies, so no cookie banner is required.
7. Contact
Controller: Ictora — legal entity to be registered, [registered address]. Privacy requests: legal@ictora.app.