✨ Preview — competitions opening soon
← Back to Clinch

Privacy Policy

Last updated: June 2026

Clinch ("we", "us") is committed to protecting your personal data. This Privacy Policy explains what information we collect, why we collect it, and your rights under the EU General Data Protection Regulation (GDPR).

1. Who Is Responsible for Your Data?

The data controller is Clinch. For any privacy-related questions or requests, contact us at support.makeawish@gmail.com.

2. What Data We Collect

DataWhenWhy
Email addressRegistrationAccount creation, login, winner notification
Full nameRegistration (optional) or prize claimPrize personalisation & shipping
Delivery address, phonePrize claim (winners only)Physical prize delivery
Precision score & reaction timeEach competition entryWinner selection
Payment confirmationEntry paymentProof of paid entry — we do not store card details

We do not collect card numbers or bank details. Payments are handled entirely by VIVA Wallet under their own PCI-DSS compliance.

3. Legal Basis for Processing

We process your data under the following GDPR legal bases:

4. Third Parties We Share Data With

ProviderPurposeLocation
SupabaseDatabase & authentication hostingEU (Frankfurt)
VIVA WalletPayment processingEU (Greece / Luxembourg)
ResendTransactional email (winner notifications)EU region
VercelApplication hostingEU region

We do not sell, rent, or share your personal data with third parties for marketing purposes.

5. How Long We Keep Your Data

Account data is retained for as long as your account is active. If you delete your account, your personal data is erased within 30 days, except where we are required to retain it for legal or accounting purposes (typically 5 years for transaction records under Greek law).

6. Your Rights

Under the GDPR you have the right to:

To exercise any of these rights, email us at support.makeawish@gmail.com. We will respond within 30 days.

7. Cookies

We use only essential cookies required for authentication and session management. We do not use advertising cookies or third-party tracking cookies.

8. Security

All data is transmitted over HTTPS. Passwords are hashed and never stored in plain text. Access to the database is restricted and authenticated via secure service keys.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect any changes. Significant changes will be communicated by email.

Read our Terms of Service →