The party responsible for data processing is:
JUGAD UG (haftungsbeschränkt)
Ludwigstr. 12B, 04315 Leipzig, Germany
Represented by its Managing Director Julian Haluska
Email: support@jugad.app
Contact for data protection matters: Julian Haluska, support@jugad.app
This privacy policy applies to our website jugad.eu, our web app play.jugad.app and our native apps for iOS and Android (together, "our Services"). It informs you about the nature, scope and purpose of the processing of personal data as well as your rights.
We process personal data on the basis of the GDPR, in particular:
We state the applicable basis for each processing activity below.
To provide our Services we use carefully selected service providers that process data exclusively on our behalf and in accordance with our instructions (processing on our behalf under Art. 28 GDPR). Processing primarily takes place on servers located in Germany or the European Union. Where, in individual cases, a transfer to a third country occurs, Section 17 applies.
When you access our Services, technically necessary data transmitted by your browser or device is processed: IP address, date and time, amount of data transferred, browser type and version, operating system, referrer URL and the resource requested.
We use technically necessary cookies and comparable technologies (e.g. localStorage) that are required for operation – in particular a session/login cookie, a cookie to protect against cross-site requests, and the storage of your language setting.
For reach measurement, see Section 16 (Matomo).
To use our Services you can create a user account. Depending on the function, we process:
Note on minors: Our Services are intended for persons aged 16 or older. Persons under 16 may not use our Services.
To organise and participate in games, to manage and book pitches and to run tournaments, we process the data required for this (including participations, game/booking times, pitch and location details, team and registration data, payment and billing data).
Payments are processed via Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Depending on the payment method, this includes, among other things, the cardholder's name, payment data (e.g. credit card data, CVC), bank details and the time and amount of the transaction. You enter the payment data directly with Stripe; we ourselves do not store any complete payment-instrument data.
Organisers, pitch landlords and event hosts can receive payments via Stripe Connect. For this, Stripe additionally processes identity, address and account data as well as identity-verification (KYC) information. We only store an account identifier and the activation status.
Uploaded profile pictures and pitch photos as well as generated documents (e.g. contract PDFs) are stored with a cloud storage provider with servers located in the EU (Frankfurt region).
To display maps and for location search, we use service providers with servers located in the EU. When a map is loaded, your IP address is necessarily transmitted to the map service for technical reasons; to determine addresses from location coordinates, the coordinates are transmitted to a geocoding service.
Alternatively, you can sign in using accounts from Google, Apple or Facebook. In doing so, we receive a unique user identifier, your email address and, where applicable, your name from the respective provider. Processing by the respective provider is governed by its privacy policy.
Push notifications: With your consent, we send push notifications (e.g. reminders, payment and tournament notices). For this, a device-related push token (of your smartphone or browser) is processed via Firebase Cloud Messaging (Google). No web analytics via Firebase/Google Analytics takes place.
Email: To send account, transactional and – only with consent – marketing emails, we process your email address and the respective message content. We handle the dispatch via an email delivery service provider with servers located in the EU.
Within our Services, users can communicate via direct messages and comments; in doing so, we process the content, the participants and the time.
In connection with contracts and tournament registrations, we process the data required for this (including name, address, email, phone number, billing and, where applicable, company data, signature and payment data) and generate contract documents.
We use the open-source web analytics tool Matomo, which we self-host. No cookies are set and the IP address is anonymised. We record, among other things, pages visited, time, approximate origin (region), platform/system and the delivery of advertising impressions (e.g. number of impressions). The evaluation is carried out exclusively in aggregated, anonymised form; no individual person is identified and no merging with your user account takes place.
Some of the services we use are operated by companies headquartered in, or with a parent company in, the USA (in particular Google, Apple and Meta). This may result in a transfer of personal data to the USA.
Where the providers are certified under the EU-US Data Privacy Framework, an adequacy decision of the EU Commission exists (Art. 45 GDPR). Otherwise, we base transfers on the EU Commission's Standard Contractual Clauses (Art. 46 GDPR) and additional safeguards. Despite these guarantees, a level of data protection comparable to that of the EU cannot be guaranteed in every case.
We process and store personal data only for as long as is necessary for the respective purposes:
Where statutory retention obligations exist, we restrict processing instead of deleting the data.
We take appropriate technical and organisational measures to protect your data against loss, misuse and unauthorised access (including transport encryption). Our measures are continuously adapted.
You have the right to:
You can withdraw any consent given at any time with effect for the future. To exercise your rights, a message to support@jugad.app is sufficient.
You have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement. The authority responsible for us is the Saxon Commissioner for Data Protection and Transparency (Sächsische Datenschutz- und Transparenzbeauftragte), Devrientstraße 5, 01067 Dresden, Germany (www.datenschutz.sachsen.de).
This privacy policy is currently valid. As our Services develop or legal requirements change, it may become necessary to amend it. The version published here applies in each case.