Privacy Policy
Status: Public draft
Last updated: 2026-03-03
Application: ClubSy
1. Data controller
- Controller entity/person: [FILL_COMPANY_NAME]
- Privacy/legal contact: [FILL_PRIVACY_EMAIL]
2. Data we may process
Depending on app usage, we may process:
- Account data: name, email, user identifiers.
- Profile data: avatar/photo, language, preferences.
- Operational data: clubs, teams, events, attendance, invitations.
- Technical data: device information, error logs, technical metrics.
- Location data (if applicable and permission-based): for geo-enabled features.
3. Processing purposes
- Provide and maintain the service.
- Manage authentication, security, and fraud prevention.
- Enable user/club-requested functionality.
- Improve product performance and user experience.
- Comply with legal obligations.
4. Legal bases (if GDPR applies)
Processing may rely on:
- Contract performance.
- User consent (where required).
- Legitimate interests (security, improvement, operations).
- Legal obligation.
5. Data retention
We keep data only as long as needed for the purposes above and legal obligations, or until valid deletion requests when applicable.
6. Sharing and processors
We may rely on technology providers for infrastructure, authentication, storage, and notifications under appropriate data processing agreements.
7. International transfers
If international data transfers occur, appropriate safeguards are applied under applicable law.
8. User rights
Where applicable, you may exercise:
- Access
- Rectification
- Erasure
- Objection
- Restriction of processing
- Data portability
To exercise rights: [FILL_PRIVACY_EMAIL]
9. Children
[FILL_CHILDREN_POLICY]
10. Security
We apply reasonable security measures to protect personal data against loss, unauthorized access, or alteration.
11. Changes to this policy
We may update this policy for legal or operational reasons. The current version will include the latest update date.
- Privacy: [FILL_PRIVACY_EMAIL]
- Postal address (if applicable): [FILL_POSTAL_ADDRESS]
Note
This template requires legal review for jurisdictional alignment (for example GDPR/LOPDGDD or other applicable regulations).