Privacy Policy

Last updated: March 2026

This Privacy Policy explains how BestSettingsFor.com (“we”, “us”), operated by Gagandeep Malhotra (United Kingdom), collects, uses, and shares information when you use our Service. It applies to all users worldwide and complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

The data controller responsible for your personal data is Gagandeep Malhotra. For privacy-related enquiries, contact us via our support page.

2. Information We Collect

Account information: When you register with an email address and password, we collect your email address, chosen username (handle), and a securely hashed password. If you sign in with Google, we receive only your Google account email address — we do not store your Google profile name or photo.

Profile information: Avatar colour preference and any social media handles (e.g. GitHub, YouTube) you voluntarily add to your profile.

User-generated content: Presets, comments, votes, and bookmarks you create on the platform.

Technical data: IP addresses, used solely for security and rate limiting purposes and not retained beyond that purpose. Browser user-agent strings, captured only when you submit a support request.

3. Lawful Basis for Processing

Under UK GDPR, we process your personal data on the following lawful bases:

  • Contract performance — processing necessary to provide your account and the Service (e.g. storing your email to send verification and password reset emails)
  • Legitimate interests — security, fraud prevention, and rate limiting using IP addresses; delivering in-app notifications for activity related to your content
  • Consent — advertising cookies set by Google AdSense (you may withdraw consent at any time — see Section 5)

4. How We Use Your Information

  • To create and manage your account and provide the Service
  • To send transactional emails (email verification, password reset)
  • To deliver in-app notifications (mentions, achievement unlocks)
  • To enforce rate limits and prevent abuse
  • To respond to support requests
  • To display advertising via Google AdSense

We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.

5. Third-Party Services

We share data only with service providers strictly necessary to operate the Service. Each acts as a data processor on our behalf:

  • Google — “Sign in with Google” authentication and advertising (Google AdSense)
  • Cloudflare — bot and abuse prevention on sign-up and contact forms
  • Email delivery provider — transactional emails (verification, password reset, support)
  • Cloud infrastructure provider — hosting and content delivery

We do not sell your personal data to any third party.

6. Cookies & Tracking

Session cookies: We use a secure, HTTP-only session cookie strictly necessary to keep you logged in. This cookie contains no personally identifiable information.

Advertising cookies: Google AdSense sets cookies to serve personalised ads based on your browsing history. You can opt out of personalised ads via Google's Ad Settings.

7. Data Retention

Account data is retained until you delete your account. Deleted presets and comments are anonymised rather than immediately purged, to preserve the integrity of community discussions, and are permanently removed by a scheduled automated process. Unverified accounts that have not completed email verification are automatically deleted after 7 days.

8. Your Rights (UK GDPR)

Under UK GDPR you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — correct inaccurate or incomplete personal data
  • Erasure — request deletion of your personal data (“right to be forgotten”)
  • Restriction — request that we limit how we process your data in certain circumstances
  • Portability — receive your data in a structured, commonly used format
  • Object — object to processing based on legitimate interests
  • Withdraw consent — withdraw consent for advertising cookies at any time

You can exercise most of these rights directly from the Settings page (account deletion, profile updates). For other requests, contact us via our support page.

You also have the right to lodge a complaint with the UK's supervisory authority, the Information Commissioner's Office (ICO).

9. Children's Privacy

BestSettingsFor.com is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

10. International Transfers

Some of our third-party service providers operate outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements (such as adequacy decisions or standard contractual clauses).

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the “Last updated” date at the top of this page when changes are made. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. Contact

For any privacy-related questions or to exercise your rights, contact us via our support page.