Privacy Policy

Privacy Policy

This Privacy Policy explains how ARSoftware UG (haftungsbeschraenkt) collects and uses personal data when you use the mobile application bets (the "App").

We are the data controller under the EU General Data Protection Regulation (GDPR).

Our contact details:

ARSoftware UG (haftungsbeschraenkt)

Johannisweg 3, 84030 Ergolding, Germany

Email: contact@arsoftware.tech

1. Data we collect

We only collect the minimum personal data necessary to create and manage your account and allow you to use the App.

1.1 Account data

When you register or log in, we process:

• Email address (or other login identifier, depending on your chosen method)
• Authentication data (such as a hashed password or third-party auth token)

This data is required to:

• Create and manage your user account
• Authenticate you when you log in
• Secure your account against unauthorized access

1.2 Usage data inside the app

Within the App, you can create and join groups, bets, and challenges. These may include:

• Group names and descriptions
• Bet/challenge titles, descriptions, stakes, and outcomes
• Usernames or display names of participants

This information is linked to your account so the App can function (e.g., show your groups, bets, and stats to you and your group members). We do not use this content for advertising, profiling, or resale.

2. How we use your data

We use your personal data only for the following purposes:

• To provide, operate, and maintain the App
• To authenticate you and manage your account
• To allow you to create and join groups, bets, and challenges
• To ensure the security and integrity of the service
• To comply with legal obligations (e.g., responding to lawful requests from authorities)

We do not:

• Use your data for targeted advertising
• Sell or rent your data to third parties
• Profile you for marketing purposes

3. Legal basis (GDPR)

We process your personal data based on the following legal grounds under the GDPR:

• Article 6(1)(b) GDPR - Contract performance: Processing is necessary to provide the App and its features to you.
• Article 6(1)(c) GDPR - Legal obligation: We may process certain data to comply with legal obligations.
• Article 6(1)(f) GDPR - Legitimate interests: For security, fraud prevention, and improving the stability of our service, where our interests are not overridden by your rights.

4. Use of Supabase

We use Supabase as our backend and authentication service provider.

Supabase processes personal data (such as your email and authentication data) on our behalf as a data processor. We have a data processing agreement (DPA) in place with Supabase, and Supabase is contractually obliged to process your data only according to our instructions and in compliance with applicable data protection laws.

For more information on Supabase's data handling, please refer to Supabase's own privacy documentation on their website.

5. Data sharing and recipients

We only share your personal data with:

• Service providers (processors): Primarily Supabase, to provide hosting, storage, and authentication.

These service providers:

• Are bound by contracts and data processing agreements
• May not use your data for their own purposes
• Must implement appropriate security measures

We may also disclose data if required by law or a valid legal request from public authorities.

We do not share your data with advertisers or data brokers.

6. International data transfers

Depending on where Supabase's servers and infrastructure are located, your data may be transferred to and processed in countries outside the European Union (EU)/European Economic Area (EEA).

In such cases, we ensure that appropriate safeguards are in place, such as:

• An adequacy decision by the European Commission, or
• Standard Contractual Clauses (SCCs) approved by the European Commission, or
• Other appropriate safeguards under GDPR.

You can contact us for more information about the safeguards in place.

7. Data retention

We store your personal data only as long as necessary for the purposes described in this policy:

• Account data: kept for as long as your account is active.
• Group and bet/challenge data: kept as long as your account and the relevant content remain in the App.

If you delete your account, we will:

• Delete or anonymize your personal data within a reasonable period, unless we are legally required to retain certain information (e.g., for compliance or dispute resolution).

8. Your rights under GDPR

As a data subject under GDPR, you have the following rights:

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Request correction of inaccurate or incomplete data.
• Right to erasure: Request deletion of your personal data, where legally possible.
• Right to restriction of processing: Request that we limit the processing of your data in certain circumstances.
• Right to data portability: Receive your personal data in a structured, commonly used, and machine-readable format, where processing is based on consent or contract and carried out by automated means.
• Right to object: Object to processing based on our legitimate interests.
• Right to withdraw consent: If we ever rely on consent, you can withdraw it at any time (without affecting the lawfulness of prior processing).

To exercise your rights, contact us at: contact@arsoftware.tech.

You also have the right to lodge a complaint with your local supervisory authority. In Germany, this is typically the data protection authority of your federal state (Land).

9. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration.

However, no method of transmission or storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Children's privacy

Our App is not intended for children under 18 years of age. We do not knowingly collect personal data from children below this age.

If you believe a child has provided us with personal data, please contact us so that we can delete such data where required by law.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top indicates the latest version.

If we make significant changes, we may inform you via the App or by email where appropriate.

12. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at: