Privacy Policy

YOLO Corp

Last updated: December 2025

This privacy policy (the "Policy") explains how Matthieu Jacquot, a French entreprise individuelle, whose registered office is located at 11 rue Ducouedic, 29200 Brest (France), registered under SIREN number 750458721 ("Matthieu Jacquot," "we," "us," or "our"), collects, uses, and protects your personal data when you use the YOLO Corp platform (the "Service").

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and applicable French data protection laws.

Data Controller: Matthieu Jacquot, 11 rue Ducouedic, 29200 Brest, France.

2. Data We Collect

2.1 Data from GitHub Authentication

When you sign in using GitHub, we collect:

  • Email address
  • GitHub username
  • GitHub ID

We do not collect your GitHub password. Authentication is handled securely through GitHub's OAuth system.

2.2 Data We Generate

Through your use of the Service, we collect:

  • Challenge progress (last passed level for each challenge)
  • Subscription status (for premium users)

2.3 Data We Do NOT Collect

  • Your code: All tests run locally on your machine. We never see, access, or store your code.
  • Payment information: Payments are processed entirely by Stripe. We do not store your credit card or bank details.

3. How We Use Your Data

We use your personal data to:

  • Authenticate you and provide access to the Service
  • Track your progress through challenges
  • Manage your subscription (if applicable)
  • Communicate with you about your account or the Service
  • Improve the Service

4. Legal Basis for Processing

Under GDPR, we process your data based on:

  • Contract performance: Processing necessary to provide the Service you signed up for
  • Legitimate interests: Improving our Service and ensuring its security
  • Consent: Where required, such as for optional communications

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe: For payment processing (premium subscriptions). Stripe's privacy policy applies to payment data.
  • GitHub: For authentication purposes. GitHub's privacy policy applies to the authentication process.
  • Discord: If you access the Discord server, Discord's privacy policy applies to your activity there.

We may also disclose data if required by law or to protect our rights.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or legitimate business purposes.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure.

8. Your Rights Under GDPR

As a user in the EU, you have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request that we limit how we use your data
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us using the details in Section 11.

9. International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA) by our service providers (GitHub, Stripe, Discord). These transfers are protected by appropriate safeguards such as Standard Contractual Clauses.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this document. We encourage you to review this policy periodically.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us through the platform or via our Discord server.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the French data protection authority (CNIL) or another supervisory authority in the EU.