MoreDAW logo

MoreDAW legal

Data and Compliance Policy

This policy gives a practical overview of how MoreDAW handles platform data, security controls, retention, providers, and compliance requests.

Last updated: 15 June 2026

Contact and complaints

Questions about this notice can be sent to moredawapp@gmail.com. If you are in the UK, you also have the right to complain to the Information Commissioner's Office if you believe your personal information has been handled unlawfully.

Purpose

This policy summarizes how MoreDAW manages operational data, security, retention, vendors, and compliance responsibilities across the platform.

Data Categories

  • Identity and account data, including email address, username, artist name, profile settings, and authentication records.
  • Community data, including posts, replies, likes, ratings, votes, leaderboard entries, reward records, and moderation actions.
  • Uploaded media, including audio files, avatars, cover art, filenames, file metadata, and storage references.
  • Payment records, subscription status, checkout identifiers, webhook events, invoices, and refund or support records.
  • Technical and security data, including logs, IP addresses, device data, browser data, and abuse-prevention signals.
  • Email operations data, including transactional message records, queue status, delivery events, and unsubscribe or suppression records.

Compliance Principles

  • Collect only data that is useful for running, securing, improving, or legally administering MoreDAW.
  • Explain important data uses through privacy, cookie, and checkout notices.
  • Use role-appropriate access controls for systems that contain user or payment-related data.
  • Review provider access and keep third-party processing limited to clear operational purposes.
  • Maintain reasonable procedures for handling user privacy requests, security incidents, and data deletion requests.

Security Controls

  • Use managed authentication, database, payment, hosting, email, and storage providers with security controls.
  • Restrict administrative access to people and systems that need it.
  • Use HTTPS and secure request handling in production.
  • Validate uploads and limit unsafe file types where platform controls allow.
  • Monitor errors, webhook events, authentication flows, and unusual platform activity.

Retention Approach

MoreDAW keeps data for as long as it is needed to provide the service, preserve community context, complete payment and reward records, meet tax or legal requirements, resolve disputes, prevent abuse, and maintain backups. Where possible, data is deleted, anonymized, or minimized when it is no longer needed.

Provider Oversight

MoreDAW may use providers for hosting, authentication, database storage, object storage, payments, email, webhooks, analytics or diagnostics, and security. Providers should be reviewed for their purpose, data access, security posture, and privacy terms before use in production.

Payments

Payment card details should be collected and processed by a payment provider rather than stored directly by MoreDAW. MoreDAW may store payment status, checkout references, subscription identifiers, invoices, and related support records.

Incident Response

  • Investigate suspected security or privacy incidents promptly.
  • Contain the issue and preserve relevant logs where appropriate.
  • Assess affected data, users, legal notification duties, and provider responsibilities.
  • Notify affected users, regulators, or partners where required by law or contract.
  • Record lessons learned and improve controls after material incidents.

User Requests

Users can contact moredawapp@gmail.com to request access, correction, deletion, export, or restriction of personal data where applicable. Requests should be verified before disclosure or account-level action.

Review Cycle

This policy should be reviewed when MoreDAW adds major providers, changes payment or cookie systems, launches new reward mechanics, expands into new jurisdictions, or materially changes how user data is collected or shared.