English
Log in

Last updated June 2026

Privacy Policy

The Four Control Pillars ("the app", "the service") is operated by Ludosati, S.L. ("Ludosati", "we", "us"), the data controller. We built the app to keep your training private. This policy explains what personal data we process, why, on what legal basis, who processes it for us, how long we keep it, and the rights you have. For our full company details, see the Legal Notice.

Our privacy promise

  • We never ask for your real name or a username — you can sign up with any email, including a throwaway address.
  • We never sell your data, and we never use it for advertising.
  • Your training data is stored privately, encrypted at rest, and isolated to your account.

What we collect

  • Account data — the email and password you sign up with. The password is stored only as a secure hash; we cannot read it.
  • Consents — a record that you confirmed you are 18+ and accepted the Disclaimer, with the document version and timestamp.
  • Purchase data — that you bought lifetime access, and when. Card and payment details are handled entirely by our payment provider (Paddle); we never see or store them.
  • Your training data — course progress, porn-free day entries, session-duration entries, personal notes, and favourited techniques. This is the private content the app exists to track, and some of it relates to your intimate well-being (see "Sensitive data" below).
  • Support data — if you submit a question through the app, we store it with your email so we can reply, and it is sent to our support inbox. AI assistant conversations are not stored (see "AI assistant" below).
  • Technical data — anonymous, aggregated usage events and error reports used to keep the app working. These are not tied to your identity.

Sensitive data

Some of what you choose to log — porn-free days, how long sessions last — can relate to your sexual well-being, which the GDPR treats as a special category of data. We process it only because you ask us to, to provide the tracking features you bought, on the basis of your explicit consent and our contract with you. It stays private to your account, is encrypted at rest, and is deleted when you delete your account. You can stop entering it, or delete it, at any time.

Why we use it (legal bases)

  • To provide the service you bought — performance of a contract.
  • To record your age and disclaimer confirmation, and to process the intimate-well-being data above — your consent (and, for the sensitive data, explicit consent).
  • To keep the app secure, prevent abuse, and fix errors — our legitimate interest in a reliable, safe product.
  • To meet legal duties such as tax and accounting records — legal obligation.

You can withdraw consent at any time; this will not affect processing already carried out.

Who processes your data

We use a small set of trusted providers ("processors") who handle data only on our instructions:

  • Supabase — database and authentication hosting (your account and training data).
  • Paddle — payment processing and Merchant of Record for the purchase (also an independent controller of payment data — see below).
  • Vercel — application hosting and content delivery.
  • Resend — sending account emails (sign-up code, password reset) and delivering your support messages to us.
  • DeepSeek — powers the optional AI assistant. Only your message text and our course context are sent — never your account identifiers. Processing takes place outside the EU.
  • Sentry — error monitoring, with personal data scrubbed before it is sent.
  • TelemetryDeck — privacy-first, anonymised product analytics (no personal identifiers, no cookies).

Paddle as Merchant of Record. Because Paddle is the legal seller of the purchase, it is an independent data controller for the payment and acts under its own privacy policy — including keeping invoice and tax records as the law requires.

International transfers

Some providers process data outside the European Economic Area (EEA) — notably DeepSeek (outside the EU) and US-based hosting and email providers. Where we transfer personal data outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs) or an adequacy decision. For the AI assistant, we further limit the risk by sending only non-identifying message content.

How long we keep it

We keep your account and training data for as long as your account exists. When you delete your account, all of it is permanently removed (see "Your rights"). Consent records are kept as proof of compliance, and limited purchase or tax records may be retained by Paddle and by us where the law requires it. Routine backups rotate out over time.

Cookies & local storage

We deliberately keep this minimal, which is why you do not see a cookie banner:

  • Strictly-necessary cookie — a secure session cookie that keeps you logged in. It is required for the service, so it is exempt from consent.
  • Local storage / offline cache — we store your preferences and a private, on-device copy of your data so the app is fast and readable offline. This stays on your device.
  • Analytics — our analytics (TelemetryDeck) is cookieless and anonymised, so it needs no consent.
  • We use no advertising or third-party tracking cookies.

AI assistant

The optional in-app AI assistant sends your message text and our course context to DeepSeek to generate a reply. We do not send your account identifiers, and we do not store the conversation. The assistant gives general educational information only and is not medical advice — see the Disclaimer.

Automated decisions

We do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.

How we protect your data

Data is encrypted in transit (TLS) and at rest (AES-256); passwords and any optional passcode are stored only as hashes; and every account's data is isolated from every other account at the database level.

Your rights & how to use them

You can permanently delete your account and all of its data at any time from Settings → Danger zone inside the app.

For any other data-protection right — access, a copy of your data (portability), correction, restriction, objection, or to withdraw consent — or if you can no longer sign in, contact us and we will respond within one month. You also have the right to lodge a complaint with your data-protection authority; in Spain this is the Agencia Española de Protección de Datos (AEPD)aepd.es.

Children

The service is for adults only (18+). We do not knowingly process data from anyone under 18.

Changes

We may update this policy; material changes will be posted here with a new "updated" date.