Yosoku League logoYosoku League

Privacy Policy

Last updated: April 7, 2025

Back to home

Data Controller

Yosoku League is the data controller responsible for processing your personal data. Our registered address is 123 Example Street, London, EC1A 1BB, United Kingdom. For data protection inquiries, contact us at support@yosokuleague.com.

Information We Collect

We collect the essentials: your name, email address, preferences you share in the newsletter form, and usage analytics that help us improve the experience.

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6: (1) Contract - authentication and account management are necessary to provide our services; (2) Consent - we send newsletters and marketing communications only with your explicit consent, which you can withdraw at any time; (3) Legitimate Interest - we process analytics data to improve our services and ensure platform security.

How We Use Data

Contact information powers transactional emails, newsletters, and account notifications. Aggregated analytics guide feature prioritisation and product quality.

International Data Transfers

We transfer data to service providers located in the United States, including Stripe (payment processing), Vercel (hosting), and Brevo (email communications). These transfers are protected by appropriate safeguards including Standard Contractual Clauses approved by the European Commission, ensuring your data receives adequate protection equivalent to EU standards.

Data Retention Periods

We retain different types of data for specific periods: Session data is retained for 30 days from your last login. Activity logs are retained for 90 days to maintain security and audit trails. Account data, including your profile and preferences, is retained until you request account deletion via support@yosokuleague.com. Newsletter contacts that remain unconfirmed are automatically purged after one hour.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33. If the breach poses a high risk to your personal data, we will also notify affected users without undue delay, providing information about the nature of the breach and recommended protective measures.

Data Protection Officer

As a small organization processing limited personal data, we are not required to appoint a Data Protection Officer under GDPR Article 37. However, data protection inquiries and requests should be directed to support@yosokuleague.com, where they will be handled by our designated data privacy team.

Third-Party Services

We rely on trusted vendors such as Brevo for email, Stripe for billing, and Vercel for hosting. These partners follow industry-standard security programs.

Your Rights

You may request access, correction, or deletion of personal data. EU/UK residents retain rights under GDPR; California residents maintain CCPA protections.