Company Registration Number: 16793056
Registered Address: 124 City Road, London, United Kingdom, EC1V 2NX
Contact: contact@uplyva.com
Effective Date: [TO BE CONFIRMED]
Last Updated: [TO BE CONFIRMED]
This Privacy Policy explains how Uplyva Limited ("we", "us", "our") collects, uses, stores, and protects your personal data when you use the Chore mobile application ("Chore", "the App"). It also explains your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We are registered with the Information Commissioner's Office (ICO) as a data controller. If you have any questions about this policy or how we handle your data, please contact us at contact@uplyva.com.
Please read this policy carefully before using Chore. By creating an account, you confirm that you have read and understood this policy.
Uplyva Limited is the data controller responsible for your personal data. We are a company registered in England and Wales under company number 16793056, with our registered address at 124 City Road, London, United Kingdom, EC1V 2NX.
We do not have a Data Protection Officer (DPO) as we do not meet the thresholds that require mandatory appointment of one under UK GDPR Article 37. For all data protection enquiries, please contact us directly at contact@uplyva.com.
Chore is strictly for users aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18. If you are under 18, you must not use Chore or provide any personal information to us.
If we become aware that a user is under 18, we will immediately suspend their account and delete their personal data. If you believe a child under 18 has created an account, please contact us at contact@uplyva.com.
| Data | Purpose |
|---|---|
| First and last name | To create and display your profile |
| Email address | For account authentication and communications |
| Profile photograph | To display on your profile (optional) |
| Biography / about me | To display on your profile (optional) |
| Bank account details (sort code and account number) | Collected and held by Stripe only — we never see or store this |
| Date of birth, address, phone number for identity verification | Collected and held by Stripe only — we never see or store this |
| Data | Purpose |
|---|---|
| Date of account creation | To detect bots and displayed on your profile to build trust. |
| Chores you post | To display to users in your communities |
| Chore requests and acceptances | To manage the chore marketplace |
| Messages between users | To facilitate communication — encrypted using AES-256-GCM |
| Reviews you write and receive | To build trust and reputation on the platform |
| Communities you create or join | To show relevant chores in your area |
| Approximate location (rounded to ~10km) | To suggest nearby communities at creation time only — never stored precisely |
| Payment transaction records (amounts, dates, and Stripe payment identifiers) | For financial record keeping and payment processing. |
| Reports you submit about other users (including the category of report, details provided, and current status as well as the identity of the reported user) | For platform safety and moderation |
| FCM (push notification) token | To send you push notifications. Push notification content uses generic language and does not include other users' personal names, protecting both your privacy and that of other users |
| Notification information (body, date created, related data, recipient ID, title, is read) | To display notifications in the app notifications menu |
| Badges earned | To display achievements on your profile |
| Number of chores completed as a helper | To display an accurate activity count on your profile |
| Terms of Service, Community Guidelines, and Privacy Policy acceptance records (version accepted and date of acceptance) | To maintain a record of your agreement to our Terms of Service, Community Guidelines, and Privacy Policy, and Community Guidelines, as required by UK GDPR |
| Account moderation records (including warnings issued, warning acknowledgement status, suspension status, and suspension reason) | For platform safety, enforcement of community guidelines, and to protect other users. These records are accessible only to Uplyva platform administrators and are not visible to other users |
| Stripe onboarding status | To determine whether you have completed Stripe identity verification and are eligible to receive payments |
| Data | Purpose |
|---|---|
| Device type and operating system | To deliver the App correctly via Apple services |
| IP address | Collected by Firebase as part of standard infrastructure operation |
| App usage data | Stored by Firebase infrastructure — we do not use analytics tools |
For the avoidance of doubt, we do not collect or have access to the following:
Under UK GDPR, we must have a lawful basis for processing your personal data. The following table sets out how we use your data and the lawful basis we rely on for each purpose.
| Purpose | Lawful Basis |
|---|---|
| Creating and managing your account | Contract (Article 6(1)(b)) — necessary to provide the service |
| Displaying your profile to other users | Contract (Article 6(1)(b)) |
| Facilitating chore posting, requesting, and completion | Contract (Article 6(1)(b)) |
| Processing payments via Stripe | Contract (Article 6(1)(b)) |
| Sending push notifications about chores, messages, and payments | Consent (Article 6(1)(a)) — you are asked for permission when you install the App |
| Sending push notifications about warnings and bans | Legitimate interests (Article 6(1)(f)) — necessary to inform you of account status |
| Suggesting nearby communities using approximate location | Legitimate interests (Article 6(1)(f)) — to provide a geographically relevant service |
| Moderating the platform and enforcing community guidelines | Legitimate interests (Article 6(1)(f)) — to maintain a safe and trustworthy platform |
| Retaining your email address for 3 months following account suspension | Legitimate interests (Article 6(1)(f)) — to enforce suspensions and prevent ban circumvention |
| Retaining anonymised payment transaction records | Legal obligation (Article 6(1)(c)) — HMRC financial record keeping requirements under the Companies Act 2006 |
| Responding to data subject requests and appeals | Legal obligation (Article 6(1)(c)) |
| Maintaining a record of chores completed as a helper | Contract (Article 6(1)(b)) |
| Recording your acceptance of the Terms of Service and Privacy Policy | Legal obligation (Article 6(1)(c)) — to maintain evidence of informed consent as required by UK GDPR Article 7 |
| Recording and enforcing warnings and account suspensions | Legitimate interests (Article 6(1)(f)) — to protect other users and maintain a safe platform |
When you create a community, we request access to your device's location. Your precise coordinates are never stored. Before storage, your location is rounded to approximately 10 kilometres so that no exact address or property can be identified from the stored data. This rounded coordinate is stored with the community record solely to enable other users to discover communities near them.
Location access is required to create a community. If you deny location permission, you will not be able to create communities but you can still browse and join existing communities by searching.
Where available, a human-readable location name (such as a town or area name) is also stored alongside the rounded coordinates to help users identify communities near them. This is derived from the approximate location and does not identify a precise address.
We never track your location passively or in the background. Location is only accessed at the moment you create a community.
All messages sent through Chore between users are encrypted using AES-256-GCM encryption. This means messages are stored in an encrypted format and cannot be read by Uplyva staff or accessed through our systems in plain text. We do not monitor or read private messages except where required by law or in response to a valid legal request.
All payment processing on Chore is handled by Stripe, Inc. ("Stripe"). When you set up a Stripe account to receive payments, you are entering into a direct relationship with Stripe and are subject to Stripe's Privacy Policy (available at stripe.com/gb/privacy) and Terms of Service.
We never see, store, or have access to your bank account details, card details, sort code, account number, or any sensitive financial information. The only payment-related data we hold is:
In normal circumstances, your Stripe account identifier is deleted from our database when you delete your Chore account. Your Stripe account itself is unaffected and remains accessible to you directly at stripe.com.
Where your account has been suspended for violating our community guidelines, your Stripe account identifier is retained for the duration of the suspension period (up to 3 months from the date of suspension). This retention serves two purposes — it allows you to continue accessing your Stripe account through the App to manage and withdraw any outstanding earnings during the suspension period, and it forms part of the limited data we retain to enforce the suspension under our legitimate interests basis (Article 6(1)(f) UK GDPR). After the 3 month suspension period has ended, your Stripe account identifier is permanently deleted along with all other remaining personal data.
If you request deletion of your personal data during a suspension period, we will delete all other personal data as described in Section 14, but your Stripe account identifier will be retained until the end of the suspension period for the reasons described above. You will be informed of this at the time of your request.
Your Stripe account belongs to you personally and is independent of Chore. If you delete your Chore account, your Stripe account remains accessible to you directly at stripe.com. If you wish to reconnect a previous Stripe account to a new Chore account, please contact us at contact@uplyva.com.
We have accepted Stripe's Data Processing Agreement as required for businesses using Stripe's services in the UK.
We use the following third-party services to operate Chore. Each of these services acts as a data processor on our behalf under a Data Processing Agreement, except where noted.
We use the following Firebase services:
Data processed through Firebase is stored and processed across two regions. Your Firestore database, Storage, and Authentication data is stored in the eur3 multi-region (European Union). Your Cloud Functions server-side processing runs in the europe-west2 (London, United Kingdom) region. Google is certified under the UK International Data Transfer Agreement (IDTA) framework. We have accepted Google's Data Processing Agreement.
For more information, see Google's Privacy Policy at policies.google.com/privacy.
Stripe handles all payment processing, identity verification (KYC), and payouts. Stripe is an independent data controller for the data it collects during onboarding and payment processing. We have accepted Stripe's Data Processing Agreement.
For more information, see Stripe's Privacy Policy at stripe.com/gb/privacy.
If you choose to sign in using Sign in with Apple, Apple will share limited information (such as your name and an email address) with us to create your account. Apple is an independent data controller for data it processes during authentication. For more information, see Apple's Privacy Policy at apple.com/uk/legal/privacy.
If you choose to sign in using Sign in with Google, Google will share limited information (such as your name and email address) with us to create your account. For more information, see Google's Privacy Policy at policies.google.com/privacy.
We retain your personal data only for as long as necessary for the purposes set out in this policy.
| Data | Retention Period |
|---|---|
| Account data (name, email, profile photo, biography) | Retained while your account is active. Deleted upon account deletion request. |
| Chores you posted | Deleted when you delete your account. |
| Chores where you were the helper | Your identity as the helper is removed and the chore is reset to its original status. |
| Messages | Deleted when you delete your account. |
| Reviews you wrote | Anonymised (your identity as reviewer is removed) when you delete your account — review content may remain visible to the recipient. |
| Reviews you received | Deleted when you delete your account. |
| Communities you created | Anonymised (creator reference removed) — communities persist for other members. |
| Notification history | Deleted when you delete your account. |
| Reports you submitted | Deleted when you delete your account. |
| FCM token | Deleted when you delete your account. |
| Payment transaction records | Anonymised and retained for 6 years after the end of the accounting period in which the transaction occurred, to comply with HMRC requirements. |
| Email address and Stripe account identifier following account suspension | Retained for 3 months from the date of suspension to enforce the ban and prevent circumvention and provide continued access to your Stripe account. Deleted after 3 months. |
| Stripe account identifier | Deleted when you delete your account (in normal circumstances). See above for retention during account suspension. Your Stripe account itself is unaffected in all cases. |
You have the following rights regarding your personal data:
Right of access (Article 15) — You have the right to request a copy of the personal data we hold about you. To make a subject access request, email contact@uplyva.com.
Right to rectification (Article 16) — You have the right to request correction of inaccurate or incomplete personal data. You can update most of your information directly in the App via your profile settings.
Right to erasure (Article 17) — You have the right to request deletion of your personal data, subject to our legal retention obligations. You can delete your account directly in the App via Settings → Delete Account. If your account has been suspended, you cannot delete your account in-App — please contact contact@uplyva.com to request data deletion. We will process your request within 30 days.
Right to restriction of processing (Article 18) — You have the right to request that we restrict processing of your personal data in certain circumstances. To exercise this right, contact us at contact@uplyva.com. We will respond to your request within 30 days.
Right to data portability (Article 20) — You have the right to receive your personal data in a structured, commonly used, machine-readable format. To request a copy of your data, email contact@uplyva.com.
Right to object (Article 21) — You have the right to object to processing based on legitimate interests. Where we rely on legitimate interests, you may object and we will consider whether our interests override your rights. To exercise this right, contact us at contact@uplyva.com. We will respond to your request within 30 days.
Right to withdraw consent — Where we rely on consent as our lawful basis (such as push notifications), you can withdraw consent at any time by adjusting your device notification settings.
Right to lodge a complaint — If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.
We will respond to all data rights requests within 30 days. In complex cases we may extend this by a further two months and will inform you if this is necessary.
We take the security of your personal data seriously and have implemented the following technical and organisational measures:
Despite these measures, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security of your data.
If we become aware of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and affected users without undue delay as required by UK GDPR Article 33.
Your data is processed primarily within the United Kingdom and the European Economic Area (EEA). Your Firestore database and Storage data is held in Google Firebase's eur3 multi-region (European Union). All server-side processing via Cloud Functions runs in Google Firebase's europe-west2 region (London, United Kingdom), meaning your data is processed within the UK. In some circumstances, data may be transferred to servers in the United States where Google and Stripe operate global infrastructure. All international transfers are conducted in accordance with UK GDPR requirements, using appropriate safeguards including the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses.
If your account is suspended for violating our community guidelines, we retain your email address and Stripe account identifier for a period of 3 months from the date of suspension. This retention is based on our legitimate interests under Article 6(1)(f) UK GDPR — specifically to enforce the suspension and prevent you from immediately re-registering to circumvent the ban.
During this period, you may request deletion of all other personal data (your profile, messages, chores, and reviews) by contacting contact@uplyva.com. We will retain your email address and Stripe account identifier until the end of the suspension period as described above. After 3 months, your email address, Stripe account identifier, and all remaining data will be permanently deleted.
Suspension does not affect your Stripe account or your ability to withdraw outstanding earnings.
Chore is not intended for and must not be used by anyone under the age of 18. We do not knowingly collect personal data from children under 18. If we discover that a child under 18 has provided us with personal data, we will immediately delete that data and close the account.
If you are a parent or guardian and believe your child has registered on Chore, please contact us immediately at contact@uplyva.com.
Chore does not use any cookies or tracking. The website of Uplyva Limited, uplyva.com, does not use cookies or tracking. The website has no analytics incorporated.
Chore does not use automated decision-making or profiling.
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes to this policy, we will notify you through the App and require you to review and accept the updated policy before continuing to use Chore.
We encourage you to review this policy periodically.
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:
Uplyva Limited 124 City Road London United Kingdom EC1V 2NX
Email: contact@uplyva.com
Website: uplyva.com
For complaints, you may also contact the Information Commissioner's Office: ICO: ico.org.uk | 0303 123 1113
This Privacy Policy is governed by the laws of England and Wales.