Privacy Policy

Last updated: March 11, 2026

1. Controller

The controller responsible for the processing of personal data in connection with this app and website is:

Florian Dulzky
St. Margarethen an der Raab 406
8321 St. Margarethen an der Raab, Austria
Email: support@slamify.app

2. Data We Collect

When you use Slamify, we collect the following data:

  • Account data — your email address, display name, and username, provided when you register via email or a social login provider (Google, Apple). Authentication is handled by Clerk.
  • Profile picture — if you upload a profile photo, it is stored on Amazon S3.
  • Match data — match results, scores, opponents, and timestamps that you enter in the app.
  • ELO and ranking data — your calculated ELO rating and ranking positions across global, national, city, and club leaderboards.
  • Location data (optional) — if you join a club or city league, your geographic region is stored to power local leaderboards. We do not track your real-time GPS location.
  • Push notification tokens — if you grant permission, a device token is stored to send you match verification alerts.
  • Usage data — standard server logs (IP address, request timestamps, user agent) for security and debugging purposes.
  • Analytics data — in-app events (e.g. challenges viewed, matches reported) collected via PostHog to help us understand how the app is used and improve it. This data is associated with your internal user ID. You can opt out at any time in the app under Profile → Privacy.

3. Purpose and Legal Basis

We process your data to:

  • Provide the app's core functionality (match tracking, ELO calculation, leaderboards) — Art. 6(1)(b) GDPR (performance of a contract).
  • Send push notifications for match confirmations and challenges — Art. 6(1)(a) GDPR (consent).
  • Analyse app usage to improve features and fix issues — Art. 6(1)(f) GDPR (legitimate interest). You can opt out at any time.
  • Maintain security and prevent fraud — Art. 6(1)(f) GDPR (legitimate interest).
  • Comply with legal obligations — Art. 6(1)(c) GDPR.

4. Third-Party Services

We use the following third-party services that may process your data:

  • Clerk (authentication) — handles account creation and sign-in. Privacy policy: clerk.com/legal/privacy.
  • Amazon Web Services (S3) — stores profile images. Privacy policy: aws.amazon.com/privacy.
  • Expo / Expo Push — delivers push notifications to iOS and Android devices.
  • Apple Push Notification Service (APNs) / Google Firebase Cloud Messaging (FCM) — platform-level push delivery.
  • PostHog (product analytics) — collects in-app events to help us understand usage patterns. Data is stored on PostHog's EU servers (eu.posthog.com). Privacy policy: posthog.com/privacy. You can opt out in the app under Profile → Privacy.

5. Data Retention

Your data is retained for as long as your account is active. You may request the deletion of your account and all associated data at any time by contacting us at support@slamify.app.

Server logs are deleted after 30 days.

6. Your Rights

Under the GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — request deletion of your data ("right to be forgotten").
  • Portability — receive your data in a machine-readable format.
  • Objection — object to processing based on legitimate interest.
  • Withdraw consent — withdraw consent for push notifications at any time via your device settings.
  • Opt out of analytics — disable in-app analytics tracking at any time via Profile → Privacy in the app.

7. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. The competent authority is determined by your country of residence. For Germany, this is the relevant state data protection authority (Landesdatenschutzbehörde).

8. Contact

For any privacy-related requests, please contact: support@slamify.app