Last Updated: May 16, 2026 Effective: May 16, 2026
1. Definitions
2. Information We Collect and How We Use It
3. Cookies and Similar Technologies
4. How We Share, Disclose, and Transfer Information
5. How We Retain and Store Information
6. How We Protect Your Information
7. Your Rights
8. Third-Party Services
9. Children's Privacy
10. Automated Decision-Making
11. Your Rights Under GDPR (EEA / UK / Switzerland)
12. Your Rights Under CCPA (California Residents)
13. International Data Transfers
14. Updates to This Policy
15. How to Contact Us
(a) "Service" means the TotalCorner mobile application together with any websites, APIs, content, features, and related services we offer.
(b) "Personal Information" means any information that identifies or can reasonably be used to identify an individual, excluding information that has been anonymized.
(c) "Sensitive Personal Information" means Personal Information that, if disclosed or misused, could harm an individual's dignity, safety, or property. Examples include payment account identifiers and information about minors.
(d) "Device Information" means information about the device used to access the Service, including device model, operating system version, device identifiers (such as Android ID), and screen resolution. Device Information alone does not identify you, but is treated as Personal Information when combined with other identifying information.
(e) "Network Information" means information about the network used to access the Service, including IP address, network type, carrier, and Wi-Fi state.
(f) "SDK" means Software Development Kit, a set of tools provided by a third party that we integrate to enable specific functionality.
(g) "Minor" means an individual under 18 years of age. "Child" means an individual under 13 years of age (or the applicable age of digital consent in your jurisdiction).
1. Account Registration and Sign-In. You can sign up for the Service using your email address or a supported third-party identity provider (such as Google). We collect your email address (or, where applicable, the OpenID, display name, and profile picture provided by the identity provider) to create and maintain your account. After registration you may add or change your display name, avatar, and bio. Browsing public match data does not require an account.
2. Account Management. You may link or unlink an email address or third-party identity in "Account & Security" to improve account security and convenience. When you change your email address we may send a verification code to confirm ownership.
3. Browsing Match Data. You can browse scores, corner statistics, line movement, and related match data without an account. We may retain your local search history on-device to make repeat lookups easier.
4. User-Generated Content. When you post analyses, comments, or other content, we collect and display your display name, avatar, the content itself, and the post time. If you upload images, we will request camera and/or photo library permission.
5. Purchases. When you purchase a subscription, one-time pass, or virtual items through the Service, we generate an order record that includes the product, amount, and payment method. Payments are processed by Google Play Billing or, on the web, by Paddle (acting as Merchant of Record). We do not collect, use, or store your full payment card number. Payment processors share with us only the information needed to confirm the transaction (order ID, amount, status, anonymized payer identifier).
6. Push Notifications. We use Firebase Cloud Messaging to deliver match alerts and system notices. You can manage notification preferences inside the Service under "Notification Settings" or disable notifications entirely in your device's system settings.
7. Security. To protect your account and prevent fraud, phishing, abuse, and other security risks, we may use and combine Device Information and Network Information to verify identity, detect anomalies, and respond to security incidents as permitted by law.
8. Diagnostics and Service Improvement. We collect crash reports and Device Information (model, OS version, identifiers, etc.) to detect and fix problems, improve performance, and keep the Service running reliably. We use Firebase Crashlytics for crash reporting.
9. Content Moderation. To maintain a healthy community, we may automatically scan user-generated content for compliance with our Terms. We do not associate your identifying account information with content submitted to moderation providers beyond what is necessary for moderation to function.
10. Other Purposes. If we want to use your Personal Information for a purpose not described in this policy, or collect Personal Information not described here, we will tell you in advance through an in-app prompt and seek your consent.
To enable certain features we may request the following device permissions. You may decline; declining only disables the specific feature.
| Permission | Used For | Required |
|---|---|---|
| Camera | Taking a profile photo or attaching an image to a post. | No |
| Photo Library | Selecting a profile photo or attaching an image to a post. | No |
| Notifications | Receiving match alerts and system notices. | No |
| Network State | Adapting download behavior and image quality to your connection. | Yes |
| Storage | Caching match data and images locally for offline browsing. | No |
Under applicable law, your consent is not required when we process Personal Information that is:
(1) necessary to enter into or perform a contract to which you are a party;
(2) necessary to comply with a legal obligation;
(3) necessary to protect your or another person's life, health, or property in an emergency;
(4) processed within a reasonable scope for journalism, public-interest research, or other public-interest purposes;
(5) already lawfully disclosed by you or by another lawful source, and processed within a reasonable scope;
(6) otherwise permitted by applicable law.
The mobile Service primarily uses local storage and SDK-provided identifiers rather than browser cookies. Our web pages may use cookies and similar technologies to:
- Keep you signed in;
- Remember your preferences;
- Measure traffic and improve performance;
- Serve relevant advertising (where applicable).
Most browsers allow you to refuse cookies or to delete them. Doing so may degrade some features of the web portal.
We do not sell your Personal Information. We share information only in the following limited circumstances:
1. With your consent. When you explicitly agree to share specific information for a specific purpose.
2. With service providers. We work with vendors who process information on our behalf to operate the Service (hosting, analytics, crash reporting, push notifications, payment processing, content moderation, customer support). These providers are bound by contract to use the information only for the agreed purpose and to protect it. A current list is in Section 8.
3. For legal reasons. When required by applicable law, legal process, or government request, or to protect the rights, property, or safety of TotalCorner, our users, or the public.
4. In a business transfer. If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you (for example, via email or in-app notice) of any change in ownership or use of your Personal Information.
Except as described in Section 4(A) or with your separate consent, we do not transfer your Personal Information to any third party.
We will publicly disclose Personal Information only with your explicit consent, or where required by law or legal process.
In line with applicable law, sharing, transfer, or disclosure of Personal Information does not require separate consent when it is necessary to (a) perform a legal obligation, (b) respond to an emergency that threatens life or property, (c) deal with information you have already lawfully disclosed yourself, (d) maintain the safe and stable operation of the Service (such as detecting fraud), or (e) is otherwise permitted by law.
We retain Personal Information only as long as needed for the purposes described in this policy, unless a longer retention period is required or permitted by law. When the retention period ends, we will delete or anonymize the information.
If we cease operating the Service, we will notify you and either delete your Personal Information or anonymize it within a reasonable period.
We store information on servers operated by reputable cloud providers. Server locations may include the United States, Europe, and the Asia-Pacific region. See Section 13 for cross-border transfer safeguards.
We use industry-standard technical safeguards, including TLS encryption in transit, at-rest encryption for sensitive fields, access controls, rate limiting, and regular security testing.
Access to Personal Information is restricted to personnel who need it to perform their job. We require contractual confidentiality from employees and vendors and conduct regular training on privacy and security obligations.
Our employees and contractors are bound by confidentiality obligations regarding Personal Information.
If a security incident affects your Personal Information, we will take prompt steps to contain it, assess the impact, and notify you and (where required) the appropriate authorities in accordance with applicable law.
No system is perfectly secure. We cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for the security of the device you use to access the Service.
You have the following rights with respect to your Personal Information, subject to applicable law:
You can view and edit most of your profile information directly inside the Service ("Profile" → "Edit Profile"). To request access to additional data we hold about you, or to correct or delete information, contact us at win@totalcorner.com.
You may request a copy of your Personal Information in a structured, commonly used, machine-readable format.
For features that rely on your consent, you can withdraw consent at any time by adjusting in-app settings (such as device permissions or notification preferences) or by contacting us. Withdrawing consent does not affect the lawfulness of processing before withdrawal.
You can delete your account at any time from inside the Service ("Settings" → "Account & Security" → "Delete Account"). Account deletion is irreversible: your profile, posts, purchases, and balances will be permanently removed (or anonymized for legal, audit, or fraud-prevention purposes) within a reasonable period. You may also request deletion by emailing win@totalcorner.com.
We will respond to verifiable requests within 30 days, or such shorter time as required by applicable law. We may need to verify your identity before fulfilling certain requests. We will not charge a fee unless your request is repetitive or excessive, in which case we may charge a reasonable fee or decline the request.
We integrate the following third-party services. Each provider's own privacy policy governs how it handles information.
| Provider | Purpose | Data Shared |
|---|---|---|
| Google Firebase (Cloud Messaging, Crashlytics, Analytics) | Push notifications, crash reports, basic analytics | Device identifier, crash logs, basic usage events |
| Google Play Billing | In-app purchases on Android | Order ID, product ID, purchase token |
| Paddle | Web purchases (Merchant of Record) | Email, billing details, transaction status |
| Google AdMob (where applicable) | Advertising | Advertising ID, app session events; subject to your consent in regions requiring it |
| Cloud hosting providers (AWS / Google Cloud / similar) | Service hosting and storage | All Service data, encrypted at rest and in transit |
We periodically review and update this list. Before integrating a new third-party service that materially changes our data handling, we will update this policy and, where required, request your consent.
If you are under 18 (or the legal age of majority in your jurisdiction), you may use the Service only with the involvement and consent of a parent or legal guardian. If you are under 13 (or the applicable age of digital consent in your jurisdiction), you must not use the Service or provide any Personal Information.
If you believe your child has provided Personal Information to us without your consent, please contact win@totalcorner.com. We will promptly investigate and, if appropriate, delete the information.
We use limited automated processing to (a) detect fraud and security risks, (b) recommend content, and (c) personalize the in-app experience. These decisions do not produce legal effects on you and you can request human review by contacting win@totalcorner.com.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) or equivalent local law:
(a) Right of access — to obtain confirmation of whether we process your Personal Information and a copy of that information.
(b) Right to rectification — to have inaccurate Personal Information corrected.
(c) Right to erasure ("right to be forgotten") — to have your Personal Information deleted where the legal basis no longer applies.
(d) Right to restrict processing — in specific circumstances.
(e) Right to data portability — to receive your Personal Information in a portable format and transmit it to another controller.
(f) Right to object — to processing based on our legitimate interests, including direct marketing.
(g) Right not to be subject to automated decision-making that produces legal effects on you.
(h) Right to withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
(i) Right to lodge a complaint with your local data protection authority.
Our legal bases for processing are: (1) performance of a contract (to provide the Service you request), (2) compliance with legal obligations, (3) your consent (for optional features like advertising personalization), and (4) our legitimate interests (security, fraud prevention, Service improvement).
To exercise any of these rights, contact win@totalcorner.com.
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
(a) Right to know what Personal Information we collect, use, disclose, and sell or share.
(b) Right to delete Personal Information we have collected from you.
(c) Right to correct inaccurate Personal Information.
(d) Right to opt out of the sale or sharing of Personal Information. We do not sell Personal Information.
(e) Right to limit use of Sensitive Personal Information.
(f) Right to non-discrimination — we will not deny service, charge different prices, or provide a lower quality of service because you exercised these rights.
To exercise these rights, email win@totalcorner.com with the subject line "California Privacy Request" and a brief description of your request. We may need to verify your identity before responding.
Because TotalCorner is a global service, your Personal Information may be transferred to, stored, and processed in countries other than the one in which you live. Those countries may have data protection laws that are different from the laws of your country.
Where we transfer Personal Information out of the EEA, the United Kingdom, or Switzerland to a country not recognized as providing an adequate level of protection, we use appropriate safeguards such as the European Commission's Standard Contractual Clauses or rely on other lawful transfer mechanisms.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the Service (for example, via an in-app banner or push notification) and update the "Last Updated" date at the top. Continued use of the Service after the effective date constitutes acceptance of the revised policy.
If you have questions, concerns, or requests regarding this Privacy Policy or our handling of your Personal Information, please contact us at:
Email: win@totalcorner.com
We aim to respond to privacy inquiries within 30 days.