Privacy Policy

Privacy Policy

Last updated: 6 May 2026 Effective from: 6 May 2026

At Sportspoule, we value your privacy. In this privacy policy, we explain in clear language which personal data we process, why we do it, how long we keep it, and which rights you have.

This policy applies to the Sportspoule app for iOS and Android, to www.sportspoule.com, and to the web app at app.sportspoule.com.

1. Who is responsible for your data

Sportspoule Pikeursbaan 15AH 7411 GT Deventer, Netherlands

Chamber of Commerce: 82395071 VAT: NL862451784B01

For questions or requests about privacy, you can email us at info@sportspoule.com.

We have not appointed a Data Protection Officer (DPO) because that is not legally required for our size and activities.

2. Which data we process

Depending on what you do with Sportspoule, we process the following categories of data.

2.1 Account data

  • Name

    • Email address

      • Password (stored encrypted, we cannot view it)

        • Profile photo (only if you set one)

          • Preferred language and country

          • Date of registration and last login

          • Social login IDs (Apple, Google, Facebook), only if you log in via one of those providers

2.2 Game data

  • Predictions you make in the app

    • Points and placement in pools

      • Favorite teams and answers to bonus questions

        • Pools in which you participate or that you have created

          • Membership of groups and any admin role

2.3 Device and usage data

  • IP address (from which we infer the country)

    • Device type, OS version and language

      • Push notification tokens (Firebase Cloud Messaging on Android/web, Apple Push Notification Service on iOS)

        • Live Activity tokens for the iOS lock screen

          • Anonymized behavior in the app (such as which screens you visit) — only after your consent

          • Crash reports if the app crashes

2.4 Payment data (only with a paid plan)

  • Billing details: name, address, postal code, city and country

    • VAT number (only for a business pool)

      • Amount, date and payment method

        • A reference to your payment with Stripe or Mollie

          • The card type and the last four digits

We never store your full credit card number or bank account number. That data is processed directly by Stripe or Mollie on their secure infrastructure.

2.5 Communication

  • Emails you send us or messages via our chat support

    • Whether you indicated that you want to receive mailings

2.6 Special personal data

We intentionally do not process special personal data (such as health, ethnicity, or religion). Do not provide it voluntarily via chat or in your profile either.

2.7 Access by pool administrators

If you participate in a pool, the administrator of that pool can view your email address via the admin panel. This is intended to make communication within the pool possible, such as inviting participants or sending messages about the pool. The administrator is required to treat this email address confidentially and may not use it for other purposes. Note: if you have logged in via Apple and chose to hide your email address, your real email address is not visible to the administrator.

3. What we use your data for (and on what legal basis)

Providing a Sportspoule account: for that, we process account and login data. Legal basis under the GDPR: performance of the contract.

Making predictions, points and rankings possible: for that, we process game data. Legal basis: performance of the contract.

Sending push notifications (goals, reminders, points received): for that, we process push tokens and notification preferences. Legal basis: performance of the contract; you can turn off each type of notification yourself.

Handling payments and creating invoices: for that, we process billing and payment data. Legal basis: performance of the contract.

Complying with our record-keeping obligation: for that, we process billing and payment data. Legal basis: legal obligation.

Providing customer support: for that, we process communication and account data. Legal basis: legitimate interest.

Fixing app errors: for that, we process crash and error reports. Legal basis: legitimate interest.

Improving the app through usage analysis: for that, we process anonymized app behavior. Legal basis: consent.

Preventing abuse and fraud: for that, we process log data and your IP address. Legal basis: legitimate interest.

Helping and reaching pool organizers (Sportspoule Business): for that, we process name, email and pool information. Legal basis: legitimate interest.

Sending important product updates or announcements: for that, we process your email address. Legal basis: legitimate interest.

We do not send you unsolicited commercial mailings.

4. How long we keep your data

We do not keep your data longer than necessary.

Active account: we keep this as long as you use it.

Inactive account (no login or use): up to 5 years; after that we automatically anonymize the account.

Predictions and game history: stored linked to your account.

Request logs (URLs and methods): 12 months.

App usage events: up to 36 months; after 24 months no longer linked to your account.

Crash and error reports (Sentry): Sentry's standard retention period, maximum 90 days.

Invoices and payment data: 7 years (legal tax retention requirement).

Support conversations (Crisp): up to 24 months after the last contact.

CRM data of pool organizers (HubSpot): standard HubSpot retention; we delete you proactively on request.

Encrypted backups: rotating, maximum 30 days.

If you delete your account via Profile → Delete account, we immediately anonymize your profile: your name, email address and profile photo are deleted or replaced with an unrecognizable placeholder. Your predictions remain anonymously in the pool rankings, because otherwise the final ranking of fellow participants could no longer be correct.

5. Who we share data with

We only share your data with parties we need in order to make Sportspoule work. We have a data processing agreement with all of these parties.

Hosting and infrastructure

  • Hetzner (Germany) — hosting of our servers and database

    • Amazon Web Services (Frankfurt, Germany) — encrypted backups

Payments and invoicing

  • Stripe — processing of credit card and SEPA payments

    • Mollie — processing of iDEAL and other payment methods

      • Moneybird — invoicing and accounting

Notifications and email

  • Firebase Cloud Messaging (Google) — push notifications on Android and web

    • Apple Push Notification Service — push notifications and Live Activities on iOS

      • Resend — sending transactional emails (welcome, password reset, invoice, and similar)

Sports data

  • SportMonks — matches, results and player data. We only retrieve data; we do not share personal data with SportMonks.

Analytics and error reporting

  • Sentry — crash and error reports

    • Microsoft Clarity — anonymized analysis of app usage, only after your explicit consent

Login

  • Apple, Google and Facebook — only if you log in via one of these providers

Customer contact (business)

  • HubSpot — only for people who organize a pool or contact us via Sportspoule Business

    • Crisp — chat support on the website and in the app

Government and supervision

  • We only share data with the Tax Authorities, the judiciary, or other authorities when we are legally required to do so.

We never sell your data to third parties.

6. Transfers outside the European Economic Area

Our servers and most sub-processors are in the EU. Some of the services mentioned above (such as Stripe, Sentry, HubSpot, Microsoft Clarity, Firebase, Apple and Google) process data partly in the United States. The following apply to those transfers:

  • the European Commission's standard contractual clauses (SCCs)

    • additional technical measures such as encryption

      • where applicable, the EU-US Data Privacy Framework

7. Security

We take appropriate technical and organizational measures to protect your data, including:

  • Encrypted connections (TLS/HTTPS) everywhere

    • Irreversibly encrypted passwords

      • Access restrictions for employees to only what they need

        • Encrypted backups

          • Logging and monitoring of suspicious activity

Do you think something is wrong? Then email info@sportspoule.com as soon as possible.

8. Cookies and similar technologies

On our website and in the web app, we use three kinds of cookies and local storage.

Functional (always active)

These are needed for Sportspoule to work — for example, to remember your login session or store your chosen language. We do not ask for consent for these because we need them to provide the service.

Analytics (only after consent)

We use Microsoft Clarity to see anonymously how people use Sportspoule, so we can improve the app. We only turn this on after you have given consent for it. You can withdraw this consent at any time via Profile → Settings → Privacy.

Sub-processor cookies

Stripe and Mollie may place their own cookies during a payment to prevent fraud.

We do not place third-party advertising or tracking cookies.

9. Automated decision-making

We do not make decisions based solely on automated processing that have legal effects for you or affect you in a similarly significant way.

10. Minors

Sportspoule is intended for users aged 16 years and older. If you are younger than 16, you need permission from a parent or guardian. Do you think we processed data of a minor without that permission? Email us via info@sportspoule.com and we will delete that data.

11. Your rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access — you may request a copy of what we have about you

    • Rectification — correct inaccurate data

      • Erasure — request that we delete your data

        • Restriction — limit how we use your data

          • Objection — object to processing based on legitimate interest

          • Portability — receive your data in a readable file

          • Withdraw consent — if we do something based on consent

The easiest ways to exercise these rights:

  1. Edit your profile, language and notification preferences in the app under Profile → Settings.

  2. Delete your account via Profile → Delete account. We will then anonymize your data immediately.

  3. Email info@sportspoule.com for anything you cannot arrange yourself in the app.

We respond within four weeks. We may ask you to verify your identity — for example by logging in to your account or confirming a verification email. We do not ask for a copy of your identity document.

12. Submit a complaint

Do you think we do not handle your data carefully? Then contact us first via info@sportspoule.com — we will be happy to resolve it.

If you cannot resolve it with us, you can file a complaint with the Dutch Data Protection Authority via autoriteitpersoonsgegevens.nl.

13. Changes

We may amend this privacy policy. The most recent version is always on this page. In the event of major changes, we will send you a message in the app or an email.

Gratis WK Poule

WK Bedrijfspoule

Sportspoule Business ⋅ 50% discount

View all plans

Sportspoule Business ⋅ 50% discount

View all plans

Sportspoule Business ⋅ 50% discount

View all plans