Privacy Policy

Last updated: 2026-04-17

This Privacy Policy explains how HandWiz collects, uses, and protects personal data. We apply GDPR principles including transparency, data minimization, purpose limitation, and security by design.

1) Data controller and processor roles

HandWiz is the sole controller and processor for personal account data described below. For Poker Game Data, we act as controller for product operation and training of our own systems, and may use third-party processors under data processing terms.

2) Personal data category A: Poker Game Data

Poker Game Data includes table screenshots, game-state details, betting and hand context, and technical metadata needed to analyze poker situations.

We may share Poker Game Data with model and inference providers to power analysis features. Providers may include:

• Google
• Anthropic
• OpenAI
• Microsoft
• Amazon
• NVIDIA
• Meta
• Mistral AI
• Cohere
• Moonshot AI
• DeepSeek
• xAI
• Hugging Face
• Together AI
• Fireworks AI
• Replicate
• Groq
• Cerebras
• Cloudflare
• Modal
• RunPod
• Baseten

This data is used to deliver the service and to train and improve our own systems and models.

3) Personal data category B: Personal account data

Personal account data includes your name, email address, account credentials, authentication events, subscription status, and billing-related records.

• We do not share this category with third parties for analytics, marketing, or ad targeting.
• We do not sell this data.
• We do not use this data for advertising purposes.

If you choose SSO login/signup, your selected SSO provider (for example Google or Apple) will naturally see that you used its authentication service to access HandWiz.

4) Legal bases (GDPR)

• Contract performance: to provide requested account and poker analysis services.
• Legitimate interests: to secure, maintain, and improve service quality and reliability.
• Consent: where we request it for specific processing operations.
• Legal obligations: where retention or disclosure is required by law.

5) Retention

We keep personal data only as long as necessary for the purposes above, then delete or anonymize it. Account and billing records may be retained longer when legally required.

6) Your GDPR rights

You may request access, correction, deletion, restriction, portability, or objection to processing, and may lodge a complaint with your supervisory authority.

7) Security

We use technical and organizational measures designed to protect confidentiality, integrity, and availability of your data.

8) Contact

For privacy requests, contact us via our official support channel listed in the product.