FlipAll5 Insights

News, Tips & Stories

Play FlipAll5

Privacy Policy

Last Updated: 4 January 2025

1. Introduction

Paul Johnson, trading as FlipAll5 ("we," "our," or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit the FlipAll5 Blog ("the Blog").

We are the data controller responsible for your personal data. This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Information You Provide

When you interact with the Blog, you may provide the following information:

  • Comments: If you leave a comment on a blog post, we collect your name and email address (which is not published publicly)
  • Contact Information: If you contact us directly, we may receive your name, email address, and the content of your message

2.2 Automatically Collected Information

When you visit the Blog, our hosting provider may automatically collect certain technical information, including:

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website
  • Date and time of visit

This information is collected for the legitimate purposes of maintaining website functionality, security, and performance optimization.

2.3 Administrative Access

For authorized administrators accessing the admin panel, we store authentication information (username and encrypted session data) necessary for secure login functionality.

3. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Consent: When you submit a comment, you consent to us storing and displaying your name and comment
  • Legitimate Interests: We have a legitimate interest in maintaining website security, preventing fraud, and improving user experience through technical data collection
  • Legal Obligation: We may process data to comply with legal obligations

4. Cookies and Similar Technologies

The FlipAll5 Blog uses only essential cookies necessary for website functionality:

  • Session Cookies: Used for admin authentication. These are temporary and deleted when you close your browser
  • Cookie Consent Cookie: A small cookie to remember your cookie consent choice

We do NOT use:

  • Advertising or tracking cookies
  • Analytics cookies (including Google Analytics)
  • Social media cookies
  • Third-party marketing cookies

You can control cookies through your browser settings. Disabling essential cookies may affect the functionality of the admin area but will not impact general blog browsing.

5. How We Use Your Information

Information collected is used exclusively for:

  • Displaying approved comments on blog posts
  • Communicating with you about your comments or inquiries
  • Providing and maintaining the Blog's functionality
  • Securing the website and preventing unauthorized access
  • Troubleshooting technical issues
  • Improving user experience
  • Complying with legal obligations

We do NOT use your information for marketing, profiling, or automated decision-making.

6. Information Sharing and Disclosure

We do NOT sell, trade, or rent your personal information to third parties. Information may only be shared in the following limited circumstances:

  • Service Providers: With our hosting provider (Render.com) and database provider (Supabase) as necessary for website operation. These providers are contractually obligated to protect your data and use it only for providing services to us
  • Legal Requirements: When required by law, court order, or governmental authority, or to protect our legal rights
  • Public Display: Your name and approved comments are displayed publicly on the Blog. Your email address is never published publicly

7. International Data Transfers

Our service providers (Render.com and Supabase) may process data outside the United Kingdom. When data is transferred internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the UK authorities
  • Transfers to countries with adequacy decisions
  • Other lawful transfer mechanisms under UK GDPR

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encrypted connections (HTTPS/SSL)
  • Secure database access controls and Row Level Security policies
  • Password protection and authentication for admin access
  • Regular security updates and monitoring
  • Limited access to personal data on a need-to-know basis

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Comments: Approved comments are retained indefinitely as part of blog content. You may request deletion at any time
  • Technical Logs: Retained only as long as necessary for operational purposes, typically 30-90 days
  • Admin Session Data: Automatically deleted when sessions expire
  • Email Correspondence: Retained for up to 2 years or as required for legal purposes

10. Your Rights Under UK GDPR

As a data subject in the United Kingdom, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us using the details in Section 15 below. We will respond to your request within one month, though this may be extended in complex cases.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your data appropriately. Visit www.ico.org.uk for more information.

11. Third-Party Services

The Blog is hosted on Render.com and uses Supabase for database services. These services have their own privacy policies:

12. External Links

The Blog may contain links to external websites, including the main FlipAll5 game at flipall5.com. We are not responsible for the privacy practices of external sites. We encourage you to review their privacy policies when you visit them.

13. Children's Privacy

The Blog is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe we have collected information from your child, please contact us immediately so we can delete it.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or for other operational reasons. Material changes will be indicated by updating the "Last Updated" date at the top of this page.

We encourage you to review this Privacy Policy periodically. Continued use of the Blog after changes constitutes acceptance of the updated policy.

15. Contact Information

If you have questions, concerns, or wish to exercise your data protection rights, please contact us at:

Data Controller: Paul Johnson (FlipAll5)

Email: pauljohnson@flipall5.com

Website: https://insights.flipall5.com

Address: Paul Johnson, Warwickshire, United Kingdom

← Back to Blog View Terms & Conditions