Privacy Policy

Privacy Policy

Last updated: 24 November 2025

1. Information We Collect

We collect the following types of personal data to provide and secure access to our community platform:

  • Name — visible to all users.
  • Any contact information (such as email address, phone number, or social handle) — visible only to admins and organizers.
  • Profile image — visible to all users.
  • Activity information such as session participation, comments, requests, and notification settings.
  • Technical data such as IP address and browser user agent, collected only for security and spam prevention during self-initiated join requests.

We do not collect unnecessary or hidden personal data. For organizer-invited users, no technical data (IP or user agent) is recorded.

2. How We Use Your Information

We use your data to operate and improve the platform, manage game sessions, send notifications and reminders, verify your identity, and ensure security. Technical data (IP and user agent) is used exclusively for fraud detection, abuse prevention, and debugging purposes.

3. Legal Basis (GDPR)

We process data under the following lawful bases:

  • Consent — when you request to join or subscribe to notifications.
  • Legitimate interest — to maintain platform security and prevent abuse.
  • Contractual necessity — to provide access to registered members and operate the service.

4. Who Can See Your Information

  • Visible to all users: name, profile photo, participation status.
  • Visible to admins and organizers: email address, activity logs, and join/invite status.
  • Not shared externally: your personal data is never sold, shared, or used for marketing or third-party analytics.

5. Data Retention

Your information is kept as long as you are part of the community. When you delete your account, all related personal data is permanently removed from our systems, except where retention is required by law or for legitimate administrative reasons (e.g., abuse prevention logs, kept up to 90 days).

6. Security Measures

We use Laravel framework security features, AWS EC2 hosting protections, encrypted storage, HTTPS, and strict access controls. Only authorized admins and organizers can view sensitive information. While no system can guarantee absolute security, we follow current best practices to safeguard your data against unauthorized access or misuse.

7. Your Rights

You have the right to access, correct, delete, or export your personal data at any time. You may also withdraw consent or edit your notification preferences in your account settings. To exercise these rights, contact us at iasi.boardgames@gmail.com.

8. Cookies

We use only essential cookies required for login sessions, authentication, and security. No advertising, analytics, or third-party tracking cookies are used on this site.

9. Contact Us

If you have questions or requests regarding your personal data or this policy, contact us at iasi.boardgames@gmail.com.