Privacy Policy of Teamfy

1. Data Controller

Tom Ottelé Luxembourg Email: tom@teamfy.app In the future, a legal entity (company) may be established to act as the data controller. This Privacy Policy will be updated accordingly.

2. Information We Collect

Depending on your subscription and role within a team, we may collect the following personal data:

• Email address
• Role of the user
• First name and last name
• Device information
• Profile picture
• Club logo
• Birthday
• Nationality
• Height
• Weight
• Mobile number
• Telephone number
• Emergency contact
• Preferred foot
• Shirt number
• Position on the field

We may also collect:

• Presence and absence history for events
• Individual game and training statistics
• Messages exchanged in-app
• Pages and screens viewed
• Links clicked
• IP address, browser and device types, application version

Other non-mandatory, non-standardized data may be collected and stored. The nature of this data may be freely determined by a Coach or Administrator of the Organization the User is part of (e.g., jersey size, mailing address). This data is not visible outside the Organization's team space and is used solely for internal team management and communication. Data is collected via user input, login methods (Email, Google Sign-In, Apple Sign-In), Firebase, and app usage.

3. Purpose of Data Collection

Your data is collected and processed for the following purposes:

• To create and manage your account
• To allow team management and role-specific features
• To send relevant push notifications
• To manage subscriptions and access rights
• To enhance team organisation and performance tracking
• To improve user experience and resolve technical issues
• To detect and prevent fraudulent or abusive activity

4. Legal Basis

We process your personal data based on:

• Your consent (Art. 6(1)(a) GDPR)
• Contractual necessity (Art. 6(1)(b) GDPR)
• Legitimate interest (Art. 6(1)(f) GDPR) for maintaining app functionality, analytics, and fraud prevention

5. Children's Data

If a user creates an account on behalf of a minor, they confirm they hold parental or legal authority. All data collected for minors is managed in compliance with applicable laws. Legal guardians must ensure they have proper consent.

6. Data Storage and Security

All personal data is securely stored in Firebase (Google Cloud) with encryption and controlled access.

• Anonymisation is used for historical team data (e.g., names in infraction lists)
• Passwords and sensitive fields are encrypted

Although no system is 100% secure, we implement strong technical and organisational measures to protect your data. To improve personal data protection, users should never share their password. If you believe your password is compromised, change it immediately. We encourage secure, unique passwords and logging out after each session.

7. Sharing of Data

Your personal data may be shared with (non-exhaustive list):

• Firebase (authentication, messaging, storage)
• Google Analytics / Firebase Analytics (usage tracking in future)
• Stripe (planned for payment processing)

We do not sell or rent your personal data. Anonymised, aggregated usage data may be used for product development and insights.

8. Payment Information

We do not store payment details. Subscription payments are securely handled via Stripe or, in the future, Apple and Google in-app payments. For each payment, the processing provider's privacy policy applies.

9. Cookies and Tracking Technologies

We may use cookies and tracking tools in the future to:

• Enable core functionality (authentication, language settings)
• Analyse usage for service improvement
• Personalise the app experience
• Serve third-party advertisements

Essential cookies: Required for the platform to function. You may disable them in your browser, but the app's performance may be degraded. Functional cookies: Allow for a customised user experience. Analytical cookies: Measure use and performance via anonymised analytics. Advertising cookies: Show third-party content and ads that link to external sites. Teamfy cannot control or be responsible for third-party privacy practices. When clicking third-party links, we recommend reviewing their privacy policies.

10. Communication and Marketing

With your consent, we may send:

• Product updates
• Feedback surveys
• Partner promotions or relevant offers

You can opt out at any time using unsubscribe links or via the app.

11. Sponsorship or Partner Campaigns

If you participate in a contest or campaign (e.g., sponsored by a third-party), we may collect your name and contact information with your consent for communication and follow-up.

12. Data from Other Users

Administrators may submit personal data about team members (e.g., pre-filling names, emails, phone numbers). Users have the right to access, correct, or delete this information at any time.

13. Data Retention

• Account data is retained for a maximum of 3 years from the last activity
• You may request deletion or access anytime
• We may contact you before that period ends to confirm whether you wish to maintain your data

14. Your Rights (GDPR)

You have the right to:

• Access your personal data
• Correct or update your data
• Delete your account and data
• Restrict or object to data processing
• Data portability (machine-readable copy)
• Withdraw consent at any time
• Define data handling after your death (Art. 85 GDPR)

To exercise your rights, email: tom@teamfy.app You may also file a complaint with the Luxembourg Data Protection Authority (CNPD): https://cnpd.public.lu

15. Changes to this Policy

We reserve the right to update this policy. You will be notified via email or in-app message if we make material changes. Continued use of the app means acceptance of the new terms.

16. Governing Law

This Privacy Policy is governed by the laws of Luxembourg.

17. Contact

If you have any questions or requests, contact: Email: tom@teamfy.app