Privacy Policy

Last updated: 21 March 2026

1. Who we are

Falcon App (“Falcon”, “we”, “us”, “our”) is built by Kingfisher Labs Ltd, a company registered in England and Wales. Our service is available at falconapp.co.uk. We are the data controller for personal data processed through this service.

We take your privacy seriously and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What data we collect

We collect the following personal data:

  • Account data: Your email address (provided via your login provider)
  • Usage data: Titles you mark as watched, rejected, or add to watchlists
  • Ratings: Star ratings you give to titles (1–5)
  • Provider preferences: Which streaming services you select
  • Billing data: Your subscription status and Stripe customer ID (no card details stored by us)
  • Technical data: IP address at time of account creation (for policy acceptance record)

3. How we use your data

  • To provide and personalise the Falcon service
  • To manage your subscription and process payments via Stripe
  • To authenticate you
  • To improve our recommendation algorithms (using your aggregated, pseudonymised usage data)
  • To comply with our legal obligations

4. Legal basis for processing

  • Contract performance: We process your data to provide the service you signed up for
  • Legitimate interests: Improving our service, fraud prevention, security
  • Legal obligation: Maintaining accurate records for tax and financial compliance

5. Data sharing

We share your data only with:

  • Amazon Web Services: Cloud infrastructure and Cognito authentication (AWS eu-west-2 region)
  • Stripe: Payment processing (Stripe processes card data; we store only your customer ID)

We do not sell your data or share it with advertisers.

6. Data retention

We retain your data for as long as your account is active. When you delete your account, all personal data is permanently and immediately deleted from our systems, except where we are legally required to retain it (e.g., financial records for up to 7 years).

7. Your rights under UK GDPR

You have the following rights:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Correct inaccurate personal data
  • Right to erasure (Article 17): Delete your account and all associated data at any time via Account Settings
  • Right to restriction: Ask us to pause processing your data in certain circumstances
  • Right to portability: Receive your data in a machine-readable format
  • Right to object: Object to processing based on legitimate interests

To exercise any right, contact us at hello@kingfisherlabs.co.uk. You may also lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

We use only essential cookies for authentication and session management. No tracking or advertising cookies are used. See our Cookie Policy for details.

9. Security

We implement appropriate technical and organisational measures to protect your personal data, including TLS encryption, signed HttpOnly cookies, and role-based access controls.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by a prominent notice on our website. The “Last updated” date above indicates when this policy was last revised.

11. Contact

For privacy-related queries, contact us at privacy@falconapp.co.uk.