Last updated: 23 March 2026
This Privacy Policy explains how SWIPS (“we”, “us”, “our”) collects and processes personal data when you use our web application and website.
We provide this notice to meet the transparency requirements of Articles 12–14 GDPR. It tells you who controls your data, what we collect, why we use it, who we share it with, how long we keep it, and how you can exercise your rights (including deletion).
1) Who is the Controller and how to contact us
Controller: SWIPS s. r. o. Registered address: Bajkalská 14083/2F, Bratislava - mestská časť Nové Mesto, 831 04 Email (privacy & support): [email protected]
If we appoint a Data Protection Officer (DPO), we will add their contact details here.
2) What data we collect
We collect the following categories of data, depending on how you use SWIPS:
- Account & profile: name, email address, hashed password, organization/club (if applicable), country and language, optional profile photo.
- Tournament data: registrations, pairings, results, ratings/standings, clubs/teams, communications between organizers and players.
- Facebook Login data (if you sign in with Facebook): your name, email address (if granted by you), and an app‑scoped Facebook user ID used to authenticate you. We do not post to Facebook on your behalf. (See Section 6.)
- Device & usage data: IP address, browser type/version, pages visited, timestamps, log data, and cookie/SDK events (see Section 7).
- Support communications: messages you send us (e.g., help requests, feedback, abuse reports).
Where we obtain data from third parties (for example, an organizer registers you for a tournament), we provide the information required by GDPR Article 14.
3) Purposes and legal bases
We process personal data for:
- Providing and improving the service (create/manage accounts, run tournaments, compute ratings, display standings, deliver customer support) — Art. 6(1)(b) GDPR (contract).
- Security and service integrity (fraud and abuse prevention, logs, incident response) — Art. 6(1)(f) GDPR (legitimate interests) balanced against your rights.
- Service communications (important updates, policy changes) — Art. 6(1)(b) or 6(1)(f).
- Direct marketing (optional) — only with your consent (Art. 6(1)(a)); you can withdraw at any time.
- Legal obligations (tax/accounting, responding to lawful requests) — Art. 6(1)(c).
We disclose these purposes and legal bases as required by GDPR Article 13(1)(c).
4) Sharing and international transfers
We use vetted processors (e.g., hosting, email delivery, analytics, support tooling, payments). We ensure appropriate contractual safeguards. If personal data is transferred outside the EEA, we rely on adequacy decisions or Standard Contractual Clauses plus supplementary measures as needed; details are available on request. (Disclosure per GDPR Articles 13–14.)
5) Retention
We retain personal data only as long as necessary for the purposes above. Typically this is the life of your account plus a short period to close out operations and backups. Tournament results and leaderboards may be anonymized/irreversibly aggregated for historical statistics. We may retain minimal data where required by law or to establish/defend legal claims. This retention disclosure is provided under GDPR Article 13(2)(a).
6) Facebook Login
If you choose “Continue with Facebook”, we receive limited account details from Meta (name, email if granted, and an app‑scoped user ID) to authenticate you. Your use of Facebook is subject to Meta’s terms and policies. Facebook requires apps using Facebook Login to provide a public Privacy Policy URL and clear data‑deletion instructions; this policy fulfills that requirement.
You can disconnect SWIPS from your Facebook account at any time within your Facebook Settings → Apps and Websites; doing so stops future sharing from Facebook to SWIPS. Disconnecting does not automatically erase data previously stored in SWIPS — to delete that data, please follow Section 9.
7) Cookies & similar technologies
We use cookies and similar technologies to keep you logged in, remember preferences, secure the service, and understand product usage. Non‑essential cookies/SDKs are not set until you consent. You can accept or reject non‑essential cookies and change your choice at any time via our cookie controls. This reflects EU rules under the ePrivacy Directive and GDPR (consent must be freely given, specific, informed and unambiguous; equal prominence for accept/reject).
8) Your rights
Subject to conditions and exceptions in the GDPR, you have the right to access, rectify, erase (“right to be forgotten”), restrict or object to processing, and data portability; you may also withdraw consent at any time (for example, for marketing or analytics). See Articles 15–21 GDPR, including Article 17 on erasure.
You also have the right to lodge a complaint with your EU data protection authority. Guidance from the European Commission explains what information must be provided and how complaints work.
9) How to request deletion of your data (right to erasure)
You may request deletion of your SWIPS account and personal data at any time by emailing [email protected] from the email address linked to your account with the subject “Data deletion request” (or “Facebook Data Deletion Request” if you used Facebook Login). We may ask for information to verify your identity.
We will erase your personal data without undue delay and within one month, unless retention is required by law (e.g., fraud prevention, bookkeeping, or establishing/defending legal claims). If the request is complex, we may extend the period by up to two months and will inform you. This implements the GDPR right to erasure and the timing rules for responses to rights requests. Note for Facebook Login users: Removing SWIPS from your Facebook Apps and Websites list stops future data sharing. To delete data already stored by SWIPS, please email us as above.
10) Security
We implement appropriate technical and organizational measures (encryption in transit, access controls, auditing, monitoring). No online service is 100% secure, but we continually review and improve our safeguards.
11) Changes to this policy
If we change this policy, we will post updates here and update the “Last updated” date. For material changes, we may also notify you by email or prominent in‑product notice.