MOGGER

Privacy Policy

Last updated: February 19, 2026

1. Introduction

This Privacy Policy explains how Mogger ("we", "us", or "our") collects, uses, and protects your personal data when you use the Mogger mobile application ("the App") and website at mogger.app ("the Website").

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

Mogger

Email: contact@mogger.app

3. Personal Data We Collect

We collect the following categories of personal data:

3.1 Account Information (App)

  • Email address
  • Name
  • Date of birth
  • Country
  • Gender

3.2 Profile Content (App)

  • Selfie photo (a facial photograph of yourself)
  • Eye position coordinates (for visual effects, stored as percentage values)
  • Social media handles (optional: TikTok, Instagram, Snapchat, X)

3.3 Facial Image Data

When you upload a selfie, we store and process your facial photograph for the core purpose of the Service (displaying it in voting rounds, on your profile, and on leaderboards). We also store eye position coordinates that you manually set during onboarding for visual effects. We do not use automated facial recognition technology, biometric identification systems, or any AI-based facial analysis. Your photo is displayed as-is and is not scanned, analyzed, or processed for biometric data extraction.

3.4 App Usage Data

  • Voting history (which photos you voted on)
  • Rating scores and deviations
  • Win/loss streaks
  • App preferences (dark mode, notification settings)
  • Last active timestamp

3.5 Subscription and Payment Data

  • Subscription status (Pro membership)
  • Payment provider transaction IDs
  • Stripe customer ID (for web purchases)

We do not store your payment card details. Mobile payments are processed directly by Apple App Store or Google Play Store. Web payments are processed by Stripe. These providers handle all sensitive payment information under their own privacy policies and PCI DSS compliance.

3.6 Website Data

When you use our contact form, we collect:

  • Your name
  • Your email address
  • The subject and content of your message

We use Plausible Analytics, a privacy-friendly analytics service that does not use cookies and does not collect personal data. Plausible collects only anonymized, aggregated data (page views, browser type, country of origin) that cannot be used to identify you personally.

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds under GDPR:

4.1 Contract Performance (Article 6(1)(b))

Processing necessary to provide you with the Mogger service, including displaying your photo in voting rounds, calculating your rating, and showing you on leaderboards.

4.2 Consent (Article 6(1)(a))

For optional features like displaying your social media links, sending promotional notifications, and when you submit a contact form. You can withdraw consent at any time.

4.3 Legitimate Interests (Article 6(1)(f))

For security purposes, fraud prevention, improving our services, and understanding Website usage through privacy-friendly analytics.

5. How We Use Your Data

We use your personal data to:

  • Create and manage your account
  • Display your photo in voting rounds to other users
  • Calculate and display your rating and ranking
  • Show your profile on leaderboards (if eligible)
  • Send you notifications about voting results
  • Process subscription payments
  • Respond to your support requests and contact form inquiries
  • Enforce our Terms of Service and prevent abuse
  • Improve our App and Website

6. Data Sharing

Your data is shared with other Mogger users as follows:

  • Your selfie, name, and country are visible to users during voting
  • Your profile may appear on public leaderboards
  • Social links are shown based on your visibility settings
  • Shared profile pages on the Website display your public profile information

We use the following third-party service providers:

  • Supabase (database and authentication) — USA, with EU data processing
  • Stripe (web payment processing) — USA
  • RevenueCat (mobile subscription management) — USA
  • Apple App Store / Google Play (mobile payment processing)
  • Netlify (website hosting) — USA
  • Plausible Analytics (privacy-friendly website analytics) — EU

These providers act as data processors under GDPR and are bound by data processing agreements. We do not sell, trade, or rent your personal information to third parties.

7. Data Retention

We retain your personal data for as long as your account is active. When you delete your account:

  • Your profile and selfie are immediately deleted
  • Your voting history is anonymized
  • Aggregated statistical data may be retained

Contact form submissions are retained for up to 2 years. We may retain certain data longer if required by law or to protect our legal rights.

8. Your Rights Under GDPR

As an EU/EEA resident, you have the following rights:

Right of Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can update your profile information directly in the app, or contact us to correct inaccurate data.

Right to Erasure ("Right to be Forgotten")

You can delete your account at any time through Settings → Delete Account. This will permanently remove your personal data from our systems.

Right to Data Portability

You can request your data in a machine-readable format.

Right to Object

You can object to processing based on legitimate interests.

Right to Withdraw Consent

Where we rely on consent, you can withdraw it at any time through the app settings.

To exercise these rights, contact us at contact@mogger.app. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of data at rest
  • Secure authentication with Supabase Auth
  • Row-level security policies on database access
  • Regular security reviews

While we take reasonable precautions, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

10. International Data Transfers

Some of our service providers are located outside the EU/EEA (primarily in the USA). These transfers are protected by:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • The EU-U.S. Data Privacy Framework, where applicable
  • Additional security measures where required

11. Cookies

Our Website does not use tracking cookies. We use Plausible Analytics which is cookie-free. The only cookies that may be set are essential cookies required for the Website to function (such as session cookies for authentication).

12. Children's Privacy

Mogger is not intended for children under 13 years of age. We do not knowingly collect personal data from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete it immediately.

If you are a parent or guardian and believe your child has provided personal data to Mogger, please contact us at contact@mogger.app so we can take appropriate action.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or via email, and by posting the new policy on this page with an updated "Last updated" date. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

14. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with your local data protection supervisory authority.

15. Contact Us

For any questions about this Privacy Policy or your personal data, please contact us:

Email: contact@mogger.app

← Back to home