Privacy Policy for Boardgame Meetup

Effective date: March 10, 2026
Last updated: March 10, 2026

1. Data Controller

The controller of the personal data processed in connection with the use of Boardgame Meetup is:

Artur Morawski
e-mail: [email protected]

For all privacy, personal data protection, or user rights requests, you can contact the controller at: [email protected].

2. Scope of this Policy

This Privacy Policy explains what data is processed when you use Boardgame Meetup, for what purposes, on what legal basis, how long it is retained, and what rights users have.

Boardgame Meetup is an app for organizing and managing board game meetups, including:

• creating and managing events,
• joining events,
• confirming attendance,
• suggesting games,
• voting,
• assigning users to tables or game sessions.

3. What Data We Process

Depending on how you use the app, we may process the following data.

3.1. Account and Sign-In Data

We may process:

• your name, display name, or profile name,
• your email address,
• your unique user identifier,
• your profile photo, if provided by the sign-in provider,
• information about your sign-in method.

The app uses Google Sign-In and Sign in with Apple, as well as Firebase Authentication and authentication interfaces based on FirebaseUI where applicable.

3.2. In-App Activity Data

We may process:

• event registration information,
• attendance or confirmation status,
• game suggestions submitted by the user,
• votes cast by the user,
• table, group, or session assignments,
• history of organizational activity within the app.

3.3. Technical and Analytics Data

We may process technical and statistical data related to your use of the app, including:

• device or app technical identifiers,
• data about interactions with the app,
• information about feature usage,
• diagnostic and analytics data.

The app uses Google Analytics for Firebase to measure app usage and user engagement.

3.4. Data Stored Through Backend Services

App data may be stored in:

• Cloud Firestore,
• Firebase Storage / Cloud Storage for Firebase.

4. Purposes of Processing

We process data for the following purposes:

• creating and managing user accounts,
• enabling sign-in and authentication,
• providing the core functionality of the app related to board game meetups,
• syncing data across devices,
• storing user content and uploaded files,
• improving app performance and user experience,
• maintaining security, detecting abuse, and preventing unauthorized access,
• contacting users when necessary regarding the operation of the app,
• complying with legal obligations and establishing, exercising, or defending legal claims.

5. Legal Bases for Processing

Where the GDPR applies, we process personal data on the following legal bases:

• Article 6(1)(b) GDPR – when processing is necessary to provide the services available in the app,
• Article 6(1)(c) GDPR – when processing is necessary to comply with legal obligations,
• Article 6(1)(f) GDPR – when processing is necessary for the legitimate interests of the controller, such as security, app development, support handling, and legal defense,
• Article 6(1)(a) GDPR – where consent is the applicable legal basis in a specific case.

6. Whether Providing Data Is Mandatory

Providing some data is voluntary, but it may be necessary to use the app’s features. Without the data required to create and maintain an account, it will not be possible to sign in, join events, vote, or use the app’s social and organizational features.

7. Recipients of Data

Data may be disclosed to entities that support the operation of the app, in particular providers of technical infrastructure and analytics tools.

In particular, the app may use:

• Firebase Authentication,
• Cloud Firestore,
• Firebase Storage / Cloud Storage for Firebase,
• Google Sign-In,
• Sign in with Apple,
• FirebaseUI or another Firebase-based authentication interface layer, if used,
• Google Analytics for Firebase.

We do not sell users’ personal data.

8. Data Storage Location and International Transfers

Data may be processed and stored using the infrastructure of the technology providers used to operate the app, including Google Firebase and Google Cloud.

If data is transferred outside the European Economic Area, appropriate legal safeguards are applied in accordance with applicable law and the relevant provider terms.

9. Data Retention Period

We retain data for as long as necessary to fulfill the purposes for which it was collected, and afterward for the period required by law or necessary to establish, exercise, or defend legal claims.

As a general rule:

• account data is retained until the account is deleted or the service is discontinued,
• event-related and activity data is retained for as long as necessary for the operation of the app and to preserve organizational history,
• analytics and technical data is retained for a period justified by analytics, security, and app maintenance purposes,
• correspondence is retained for as long as necessary to handle the matter and, where applicable, defend legal claims.

10. Data Security

We apply appropriate technical and organizational measures to protect data against loss, destruction, unauthorized disclosure, or unauthorized access.

Firebase provides security mechanisms, including access control and security rules for app data.

11. User Rights

To the extent provided by applicable law, users have the right to:

• access their data,
• rectify their data,
• erase their data,
• restrict processing,
• data portability,
• object to processing based on legitimate interests,
• withdraw consent where processing is based on consent,
• lodge a complaint with the competent supervisory authority.

To exercise your rights, contact: [email protected].

12. Account and Data Deletion

If a user has created an account in the app, they may request deletion of the account together with associated data, except for data that must be retained for legal, security, or claims-related reasons.

A request for account deletion may be submitted:

• through the in-app account deletion feature, if available,
• or by contacting: [email protected].

13. Children’s Data

The app is not directed to children unless explicitly stated otherwise in the app description. If we determine that data has been provided by a person who was not authorized to do so under applicable law, we may delete such data.

14. Changes to this Privacy Policy

This Privacy Policy may be updated from time to time, in particular if the app’s functionality changes, legal requirements change, or service providers change.

The current version of the Privacy Policy will be made available within the app or on the website associated with the app.

15. Contact

For all matters related to privacy and personal data protection, please contact:

Artur Morawski
[email protected]