Privacy Policy

Last updated: 23 April 2026

smartPick is an informational app that surfaces publicly available UK National Lottery scratchcard data so that buyers can make informed choices. This policy explains what data smartPick handles, how we use it, and your rights under UK GDPR.

1. Data we collect when you create an account

Account creation is optional. If you choose to sign in or sign up, we store the following in our database:

• An internal opaque user identifier (a UUID generated by smartPick) — this is not your Apple, Google, or email provider ID.
• Your email address. If you sign in with Apple you may share a private-relay alias (@privaterelay.appleid.com) rather than your real address. Apple users may also withhold their email entirely.
• The authentication provider you used (email, apple, or google) and the provider's unique identifier for your account.
• Whether your email has been verified by the authentication provider.
• The timestamps of your account creation, last update, and most recent sign-in.
• An optional display name, only if you choose to set one.
• User preferences (currently unused; reserved for future personalisation features).

2. Data stored locally on your device

Whether you sign in or browse as a guest, the app stores the following on your device only — it never leaves your device and is not transmitted to any server:

• Age verification status (whether you confirmed you are 18+)
• Display preferences (hide-dead-cards toggle, onboarding status)
• Favourite card selections
• App open timestamps (for the responsible-gambling cooling-off feature)
• Cached scratchcard data for offline viewing
• If you are signed in: authentication tokens stored in the iOS Keychain via expo-secure-store. Tokens are cleared when you sign out or delete your account.

3. Request logs

When your device contacts our backend API, our API gateway records technical metadata about each request. This is standard operational logging and is used for security monitoring, abuse prevention, and troubleshooting. The logged fields are:

• Your IP address at the time of the request
• A unique request identifier
• The timestamp of the request
• The HTTP method and route called (for example, GET /v1/cards)
• The HTTP response status and response size
• The time taken to process the request

We do not log request bodies, query parameters, authentication tokens, or your account identifier in these access logs. The logs are retained in AWS CloudWatch for 90 days and then automatically deleted. They are not used for marketing, profiling, or analytics.

4. What we do not collect

• No usage analytics or tracking
• No advertising identifiers
• No cross-app tracking
• No location data
• No contacts
• No crash reporting beyond the request logs described in section 3

5. Sub-processors

• AWS (processor, acting under our instruction) — Cognito (email/password and Google authentication), Lambda, API Gateway, DynamoDB (transient replay-protection nonces), Secrets Manager, CloudWatch, all in the eu-west-2 (London) region. See AWS Privacy Notice.
• Neon (processor, acting under our instruction) — serverless PostgreSQL database hosting user accounts and app data. See Neon Privacy Policy.
• Apple (independent controller when you sign in with Apple) — see Apple Privacy Policy.
• Google (independent controller when you sign in with Google) — see Google Privacy Policy.

6. Data residency

All account data and request logs are stored in AWS eu-west-2 (London) and Neon's EU region. We do not transfer your data outside of the UK or EEA.

7. Your rights under UK GDPR

• Access, portability, rectification — contact us via the app's App Store listing. We respond within 30 days.
• Erasure — open the app, go to Settings → Delete Account. Deletion is synchronous; under normal network conditions you see the result within seconds. All locally stored preferences can be additionally cleared by uninstalling the app.

If you never created an account, there is no server-side personal data to access, correct, or delete.

8. Apple private-relay notice

If you sign in with Apple using private relay, you are responsible for maintaining your relay forwarding in your Apple ID settings. We do not receive a fallback email address and cannot restore the relay if you disable it.

9. Children

smartPick is restricted to users aged 18 and over. The app includes an age-verification gate that must be completed before access is granted.

10. Changes

We may update this policy from time to time. Changes will be reflected by updating the date at the top of this page.

11. Contact

For questions about this privacy policy, please contact us via the app's App Store listing.

12. Related documents

See also the smartPick Terms of Use for the rules governing your use of the app.

smartPick is not affiliated with, endorsed by, or connected to The National Lottery or Allwyn Entertainment.