Privacy Policy – NDGE

Last updated: 10/09/2025

At NDGE, we respect your privacy and are committed to protecting it. This Privacy Policy explains what data we collect, how we use it, and your rights under UK GDPR and related data protection laws.

1. Data We Collect

We currently collect only minimal information needed to operate NDGE:

a. Personal Data (only if you create an account or purchase a subscription)

  • Name

  • Email address

  • Payment details (processed securely via Stripe – NDGE does not store your card details)

b. Usage Data (non-personal, anonymised)

  • Number of times a NDGE session is played

  • Topics or categories of NDGEs accessed (e.g., Smoking, Anxiety)

  • General device/browser information (type, operating system, screen size)

  • Cookie and analytics data for site performance tracking

We do not currently collect, store, or process any personalised health data or user-submitted free text for personalisation.

2. How We Collect Data

  • Directly from you: When you sign up, subscribe, or contact us.

  • Automatically: Through Squarespace’s platform tools and anonymised analytics services (e.g., play counts, topic popularity).

3. Purpose of Collection

We collect and process data to:

Data TypePurposeLegal Basis (GDPR)Name, EmailAccount creation, subscription management, customer supportContractPayment details (via Stripe)Process subscription paymentsContract / Legal obligationUsage dataImprove NDGE’s service, track popular topics, fix technical issuesLegitimate interestDevice/browser dataSite optimisation, display formattingLegitimate interestCookiesAnalytics, service performanceConsent

4. Data Sharing

We only share data with trusted third-party processors to deliver NDGE:

  • Squarespace – website hosting & basic analytics

  • Stripe – secure payment processing

  • Google Analytics / Squarespace Analytics – anonymised performance metrics

We do not sell your data to any third parties.

5. User Control

  • You can request a copy of your personal data or ask us to delete it at any time by emailing privacy@ndge.ai.

  • You can disable analytics cookies in your browser or reject cookies in our cookie banner.

  • You can withdraw consent for any optional data collection by contacting us.

6. Retention Period

  • Account & payment data – kept while your subscription is active, then securely deleted within 6 months.

  • Analytics & usage data – kept in anonymised form for service improvement.

  • Email enquiries – deleted within 12 months of resolution.

7. Data Breach Policy

If we ever experience a data breach affecting your personal data:

  • We will notify you and the UK Information Commissioner’s Office (ICO) within 72 hours, as required by law.

  • We will take immediate steps to secure the breach and prevent recurrence.

8. Children’s Data

NDGE is not designed for users under 16. We do not knowingly collect personal data from children. If you believe we have, please contact privacy@ndge.ai so we can delete it.

9. Your Rights under UK GDPR

You have the right to:

  • Access your personal data

  • Correct inaccuracies

  • Request deletion

  • Object to certain processing

  • Withdraw consent

  • Lodge a complaint with the ICO (www.ico.org.uk)

10. Contact Us

If you have any questions or requests about this Privacy Policy or your data, contact:

Privacy Officer
NDGE
Email: privacy@ndge.ai