1. Defined terms
"Personal data" means any information relating to an identified or identifiable natural person. "You" refers to any user of FunSpot — consumer chat user, signed-in account holder, or business owner. "Service" means the FunSpot.ai concierge, the heatmap, the matching, messaging, vouchers, social gifting, business owner dashboard, and any feature accessible from those surfaces. "Service provider" means a third party we engage to process personal data on our behalf under a written contract.
2. Personal data we collect
We collect personal data in three ways: data you provide (account email, password hash if any, profile fields, ID verification documents, gift messages, reviews, business listing claims, withdrawal account details), data we collect automatically (concierge chat content, query text, IP address, approximate location derived from IP, user-agent string, browser session identifier, page interactions, in-app errors, billing events), and data from third parties (Google identity for OAuth login, Google Business Profile data once the owner connects, payment status from Stripe, payout status from Wise). We do not buy personal data from data brokers.
3. How we use personal data
We use your personal data to operate the Service (run the concierge, return venue results, route messages, process payments and payouts, deliver gifts), to keep the Service safe (detect abuse, prevent fraud, run AML pre-checks on withdrawals, moderate user content via AI), to communicate with you (account notifications, security alerts, service updates), to comply with law (KYC for verified business owners, AML retention for financial transactions, tax reporting where required), to improve our product (anonymised concierge corpus for retrieval and model evaluation), and to enforce our Terms of Service.
4. How we share personal data
We share personal data only with the parties needed to deliver the Service: payment processors (Stripe for top-ups, Wise for withdrawals), AI providers (we route requests through our internal AI Execution Gateway which abstracts the underlying provider — typically Google or Anthropic — and never sends them your account ID or email), identity providers (Google for OAuth, only when you explicitly connect), cloud infrastructure (Amazon Web Services for hosting, S3 for attachment storage, SES for email), legal authorities when compelled by law, and successors in business reorganisation. We do not sell personal data and we do not share it with advertisers.
5. Legal bases for processing
Under UK GDPR Article 6 we rely on one of: contractual necessity (running the Service after you create an account), legitimate interests (preventing abuse, securing accounts, anonymised product analytics), legal obligation (KYC, AML, tax, court orders), or your consent (Art. 9 special-category data, marketing communications, optional cookies). For special-category data under Article 9 (sexual orientation, ethnicity, health and accessibility, biometric liveness, ID document) we rely solely on your explicit per-category consent recorded with timestamps in our consent ledger.
6. Your rights
You have the right to access the personal data we hold about you, rectify inaccurate data, erase it (subject to legal retention requirements), restrict or object to processing, port your data in a machine-readable format, and withdraw consent at any time. You can object to fully automated decisions, including the AI-driven concierge ranking and AML risk scoring, and request human review. To exercise any right write to privacy@funspot.ai and we will respond within 30 days. If we cannot resolve a complaint, you can contact the UK Information Commissioner's Office at ico.org.uk or your local EEA supervisory authority.
7. Concierge chat history
When you chat with the FunSpot concierge — signed in or anonymously — your messages and the assistant's replies are stored to improve answer quality, train future concierge versions, and prevent abuse. We retain identifiable chat history for 12 months from your last session, after which we anonymise it: your account ID, IP hash, user-agent, and your messages are stripped or replaced with [ERASED] tags. The anonymised assistant replies and venue citations remain in our model-training corpus indefinitely. Anonymous sessions are tied only to a transient session identifier (no account linkage) and follow the same 12-month retention. You can request immediate erasure of your chat history at any time via your account → privacy controls → Delete chat history; anonymous sessions can use the in-chat Delete this conversation button.
8. Sensitive data and Art. 9 categories
Five categories of special-category data are collected only with your explicit per-category consent: sexual orientation (optional self-declared, used for match suggestions and LGBTQ+ safety context — retained until you withdraw consent); ethnicity (optional self-declared, cultural-context matching and aggregated analytics — retained until you withdraw consent); health and accessibility (dietary needs, mobility, accessibility — used to filter venue suggestions, retained until you withdraw consent); biometric liveness (short video at verification, fraud prevention only — discarded after the verification result is computed); ID document (photo at verification, KYC compliance — image discarded after data extraction unless legal need triggers raw retention). You can withdraw consent for any category at any time. We keep an audit log of every grant and withdraw.
9. Withdrawals and AML
When you cash out your FunSpot wallet to a bank account via Wise, we run an AML pre-check (volume velocity, structuring detection, sudden accumulation, asymmetry, Trust Score) before initiating the transfer. Flagged requests pause for human review before clearing. Withdrawal request records are retained for 7 years to comply with UK financial-services rule retention — these records cannot be deleted on request, including under Article 17 erasure, until the retention period lapses.
10. Cookies and similar technologies
FunSpot.ai uses only essential and functional cookies. Essential cookies authenticate your session and keep your selected language. Functional cookies remember your concierge preferences and the cross-tab anon-session identifier used for rate limiting. We do not set advertising or cross-site tracking cookies, and we do not embed third-party analytics scripts that profile you across the open web. You can disable non-essential cookies in your browser; doing so may break features that depend on them.
11. Security
We protect personal data with encryption in transit (TLS 1.2+ everywhere), encryption at rest (AES-256 on S3, RDS, and DynamoDB), strict role-based access control (engineering access requires a hardware-key authenticator), audit logging of every administrative action, automated dependency vulnerability scanning, and quarterly third-party penetration tests. We notify you and the relevant regulator within 72 hours of confirming a personal-data breach where required by Article 33 of the UK GDPR.
12. Retention schedule
Account data: while your account is active plus 12 months after last login, then deleted. Concierge chat history: 12 months identifiable, then anonymised; anonymised corpus retained for model training. Reviews and public profile content: while published; deleted on request unless a regulator requires retention. Verification artefacts: extracted data points retained for as long as you hold a verified status; raw images discarded after extraction unless explicitly enabled. Withdrawal records: 7 years (financial-services rule). Backups: 90 days rolling. Trust Score events: lifetime of account for fairness audit. Audit logs: 6 years.
13. International transfers
FunSpot is hosted on Amazon Web Services in the us-east-1 region (United States). Personal data may also transit the United States via Stripe (payments), Google (OAuth and AI inference) and Anthropic (AI inference). Where transfers leave the UK or the EEA we rely on the UK International Data Transfer Agreement and the EU Standard Contractual Clauses with each processor, supplemented by additional safeguards including encryption in transit and at rest, pseudonymisation of training data, and contractual prohibitions on onward transfer. A copy of the safeguards is available on request to privacy@funspot.ai.
14. Children
FunSpot is intended for adults aged 18 or older. Account creation, social gifting, messaging, withdrawals, and any age-restricted content (alcohol items in the gift catalogue, nightlife venue suggestions) all require explicit verification of adult status. We do not knowingly collect personal data from anyone under 18; if we learn that we have, we will delete it without undue delay.
15. Changes to this policy
We may update this Privacy Policy when our practices, processors, or applicable law change. Material changes will be announced at least 30 days before they take effect by email to account holders, an in-product banner, and a notice on funspot.ai. The effective date and last-updated date at the top of this page reflect the current version. Prior versions remain available on request.
16. Contact
Privacy questions, rights requests, and complaints: privacy@funspot.ai. Postal address for the data controller: MW3.BIZ International Business Ltd, registered in England and Wales, contact via the email above. UK supervisory authority for complaints: Information Commissioner's Office, ico.org.uk.