Privacy Policy

Last updated: December 8, 2025

1. Introduction

This Privacy Policy explains how DailyQuiz ("we", "us", or "our") collects, uses, and protects your personal information when you use our Service. We are committed to protecting your privacy and ensuring transparency about our data practices.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address (via Clerk authentication)
  • User ID assigned by our authentication provider
  • Profile information you choose to provide

2.2 Quiz Activity Data

When you interact with quizzes, we collect:

  • Quiz attempts (which quizzes you completed and when)
  • Answer selections for each question
  • Quiz scores and performance statistics
  • Session IDs (for anonymous users before account creation)

2.3 Feedback and Communications

When you submit feedback:

  • Feedback message content
  • Optional email address for follow-up
  • Timestamp of submission

2.4 Automatically Collected Information

We automatically collect:

  • Browser type and version
  • Device information
  • IP address
  • Page views and navigation patterns
  • Access times and dates

3. How We Use Your Information

We use collected information for:

  • Providing and maintaining the Service
  • Managing user accounts and authentication
  • Tracking quiz attempts and displaying statistics
  • Syncing anonymous quiz attempts when you create an account
  • Responding to feedback and support requests
  • Improving quiz quality and user experience
  • Analyzing Service usage and performance
  • Preventing fraud and abuse
  • Complying with legal obligations

4. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing is necessary to provide the Service and fulfill our agreement with you (account management, quiz attempts, statistics)
  • Legitimate Interests: We have a legitimate interest in improving the Service, preventing fraud, and analyzing usage patterns, balanced against your rights and interests
  • Consent: For optional features like feedback submissions with email addresses, we rely on your explicit consent
  • Legal Obligation: Processing necessary to comply with legal requirements and respond to lawful requests

5. Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Quiz attempts and user data are stored in a PostgreSQL database
  • AI-generated quiz images are stored in Vercel Blob storage
  • Data is transmitted over encrypted HTTPS connections
  • Access to user data is restricted to authorized personnel only
  • We implement security measures to protect against unauthorized access

However, no method of transmission over the Internet is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Third-Party Services

We use the following third-party services that may collect and process your data:

6.1 Clerk (Authentication)

  • Manages user authentication and account information
  • Subject to Clerk's privacy policy
  • Data is processed in accordance with GDPR and other privacy regulations

6.2 OpenAI

  • Generates quiz content using GPT-5 and DALL-E 3
  • Quiz topics and content are processed by OpenAI's API
  • No personal user data is shared with OpenAI
  • Subject to OpenAI's privacy policy and data processing terms

6.3 Vercel (Hosting & Storage)

  • Hosts the application and stores quiz images
  • Processes server logs and analytics data
  • Subject to Vercel's privacy policy

6.4 Telegram (Optional)

  • Used for internal notifications (new quiz generation, feedback submissions)
  • No user data is sent to Telegram without explicit consent
  • Feedback messages may be forwarded to Telegram if you choose to submit feedback

7. Cookies and Tracking

We use the following tracking technologies:

  • Session cookies for authentication and user preferences
  • Local storage for session IDs (to track anonymous quiz attempts)
  • Analytics cookies via Vercel Analytics to understand Service usage

You can control cookie settings through your browser preferences. However, disabling cookies may limit functionality of the Service.

8. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

  • Account information: Until you delete your account
  • Quiz attempts: Indefinitely to provide historical statistics
  • Feedback submissions: Until resolved or for up to 2 years
  • Analytics data: Aggregated and anonymized after 90 days

9. Your Rights Under UK GDPR

Under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Update or correct inaccurate information
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to certain data processing activities
  • Right to Restriction: Request limitation of data processing
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, please contact us through the Feedback option or delete your account through your account settings. We will respond to your request within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, at ico.org.uk.

10. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

11. International Data Transfers

Your information may be transferred to and processed in countries outside the United Kingdom, including the United States (where our third-party service providers operate). These countries may have data protection laws different from those in the UK.

Where we transfer your personal data outside the UK, we ensure appropriate safeguards are in place, including:

  • Using service providers that comply with UK GDPR requirements
  • Standard contractual clauses approved by the UK ICO
  • Adequacy decisions recognizing equivalent data protection standards

We work with reputable international service providers (Clerk, OpenAI, Vercel) that maintain appropriate data protection measures compliant with UK standards.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through the Feedback option in the navigation menu.

← Back to Home