Spare Tokens Limited

Legal

Privacy Policy

Last updated: 24 June 2026 · Effective: 24 June 2026

Spare Tokens is a tiny studio, and our approach to privacy is just as small: collect as little as possible, be honest about it, and never sell or trade your data. This policy explains, in plain terms, what that means for our website and our apps.

The short version. This website uses no cookies, no analytics, no advertising networks and no third-party trackers. We don't build marketing profiles, and we never sell personal data. If you email us, we use your message only to reply.

Who we are

This site and our apps are operated by Spare Tokens Limited, a company registered in England & Wales. We are the data controller for the personal data described in this policy.

For any privacy question, or to exercise the rights described below, email us at hello@sparetokens.ltd. We read every message ourselves.

What this policy covers

This policy applies to this website (sparetokens.ltd) and to the apps we publish on the App Store and Google Play.

Where an app handles personal data, that handling is summarised in the app's store privacy label and, where relevant, in an app-specific privacy policy linked from its store listing. An app-specific policy adds detail for that app; it does not weaken the commitments made here.

This website

The site is a set of static pages. It is deliberately simple, and that simplicity is the point:

  • No cookies. We don't set cookies or use similar storage to identify or follow you.
  • No analytics. We don't run any analytics or measurement service — first-party or third-party.
  • No advertising. There are no ad networks and no advertising SDKs anywhere on the site.
  • No third-party trackers. We don't embed pixels, social widgets or fingerprinting scripts.
  • No marketing profiles. We don't build or buy profiles about visitors, and we never sell personal data.

Hosting and server logs

The site is hosted and delivered through Cloudflare. As part of serving and protecting any website, Cloudflare processes standard server and edge logs — typically your IP address, the requested URL, your browser's user-agent string and a timestamp. This is used transiently to deliver pages, keep the site available and guard against abuse and attacks.

In this respect Cloudflare acts as our processor, handling this data on our behalf and under our instructions. We don't use these logs to track or profile individuals, and they are not combined with any marketing data. The lawful basis for this limited processing is our legitimate interest in operating a secure, reliable website (UK GDPR Article 6(1)(f)). For more on how Cloudflare handles data as a processor, see Cloudflare's own privacy documentation.

Our apps

We design apps around data minimisation: we try not to collect data we don't need, and we favour keeping data on your device wherever we can. When an app does collect or process personal data, what it collects, why, and how long it is kept is described in that app's store privacy label and, where relevant, its in-app or store-linked privacy policy.

As of 24 June 2026, we have no published apps. We'll update this policy, and provide the relevant app-specific details, when our first app ships.

If you email us

When you contact us at hello@sparetokens.ltd, we receive your email address, your message, and anything you choose to include. We use this only to read and reply to your message and to keep a record of the conversation in case you write again.

The lawful basis is our legitimate interest in responding to people who get in touch (UK GDPR Article 6(1)(f)). We keep correspondence only as long as it's useful for support and our records, and we don't add you to any marketing list.

Your rights under UK GDPR

If we hold personal data about you, you have the right to:

  • Access — ask for a copy of the personal data we hold about you.
  • Rectification — ask us to correct data that is inaccurate or incomplete.
  • Erasure — ask us to delete your data where there's no good reason for us to keep it.
  • Objection — object to our processing that relies on legitimate interests.
  • Portability — receive certain data in a portable format, where it applies.
  • Restriction — ask us to limit how we use your data while a query is resolved.

To exercise any of these, email hello@sparetokens.ltd. We won't charge you, and we'll respond within the time UK law allows (normally one month).

If you're unhappy with how we've handled your data, you can complain to the UK supervisory authority, the Information Commissioner's Office (ICO), at ico.org.uk. We'd appreciate the chance to put things right first, so please do contact us as well.

Children's privacy

Our website and apps are not directed at children, and we don't knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

International transfers

We're based in the UK. Some of the services we rely on, such as our hosting provider, operate globally, so data may be processed on servers outside the UK. Where that happens, we rely on providers that offer appropriate safeguards for international transfers as required by UK data protection law.

Changes to this policy

If we change how we handle data — for example, when we publish our first app — we'll update this page and revise the "Last updated" date at the top. Material changes will be made clear here. This is the current, effective version as of 24 June 2026.

Contact

Questions about this policy or your data? Email hello@sparetokens.ltd — Spare Tokens Limited, registered in England & Wales.