Privacy Policy
This privacy policy explains what data is collected when using our mobile application and other services (collectively the "Services"), for what purposes it is used, and what rights you have as a data subject.
1. General Information
We process personal data exclusively within the framework of applicable data protection laws (particularly GDPR and BDSG). This declaration informs about which data is collected when using our mobile application and other services (together the "Services"), for what purposes they are used, and what rights you have as a data subject.
By using our Services, you agree to this privacy policy. We reserve the right to adapt this privacy policy at any time. We will inform you of changes via email and in the app. Physicli offers users the opportunity to explore, record, and rate sports venues.
2. Data Collection and Data Use
We collect and process personal data only to the extent necessary for the provision and improvement of our Services.
Location Data
When using the app, your current location is captured after your consent. This serves to show you sports venues ("Venues") near you. Location data is only used temporarily and is not permanently stored.
Registration Data
If you want to interact with other users or publish your own content in the app, registration is required. We store your email address, your chosen username, and an encrypted password. This data serves for identification, management of your user account, and communication with you.
Images and Content
As a registered user, you can upload images to existing or new sports venues. This content is reviewed by us and may subsequently be publicly visible. Please ensure that you do not upload images showing people without their consent.
Usage Data and Technical Information
To analyze and improve our Services, we collect information about app usage, such as pages visited, click behavior, or device types used. This data is processed anonymously and is not linked to your person.
3. Legal Basis for Processing
The processing of your personal data is based on the General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG). The following legal bases apply:
Art. 6 para. 1 lit. a DSGVO (Consent):
When you expressly give us your consent to process certain data, e.g., for location sharing.
Art. 6 para. 1 lit. b DSGVO (Contract Performance):
Registration is required to use our Services. The data processed thereby (e.g., email, password, username) is necessary for contract performance.
Art. 6 para. 1 lit. f DSGVO (Legitimate Interest):
We have a legitimate interest in the secure, trouble-free, and efficient provision of our app. For this purpose, we process, for example, usage data to improve the app or for abuse detection.
If we process your data based on consent, you can revoke this at any time with effect for the future.
4. Sharing Data with Third Parties
Personal data is only shared with third parties if this is necessary to fulfill our contractual obligations, based on your consent, or due to legal obligations.
To provide our Services, we use the following external service providers (processors according to Art. 28 DSGVO):
Amazon Web Services (AWS)
We use AWS to provide our server infrastructure. This includes in particular the processing of location data, images, usage data, and system logs. The servers are located exclusively in data centers within the European Union. A data processing agreement according to Art. 28 DSGVO exists with AWS.
Supabase
Supabase is used exclusively for storing app data in a database. This includes, for example, information about user accounts, venues, and interactions. The data is stored on servers within the EU. A data processing agreement has also been concluded with Supabase.
No further sharing of your data to other third parties takes place, unless we are legally obligated to do so or you have expressly consented.
5. Data Storage and Deletion
We store personal data only as long as it is necessary for the purposes for which it was collected, or as long as legal retention periods exist.
User Accounts
Data that you provide as part of a user account (e.g., email, username) is stored as long as the account is active. When you delete your account, your personal data will be deleted immediately and completely, unless legal retention obligations prevent this.
Location Data
Location data is only processed temporarily for the current usage session and is not permanently stored.
Images and Content
Uploaded images and posts remain publicly visible until you delete them yourself or remove your account. Upon account deletion, your content will also be deleted, unless it has been anonymized or technically decoupled.
Log and Usage Data
Anonymous usage data and technical logs (e.g., for system stability or abuse detection) may be stored for a limited period. This data does not allow conclusions about your person and is regularly deleted or anonymized.
You have the right to request deletion of your personal data at any time (see Section 6).
6. User Rights
As a data subject, you have various rights under the DSGVO regarding your personal data.
Right of Access (Art. 15 DSGVO)
You have the right to request information about what personal data we process about you and for what purposes.
Right to Rectification (Art. 16 DSGVO)
You can have incorrect or incomplete data corrected at any time.
Right to Erasure (Art. 17 DSGVO)
You have the right to request deletion of your personal data, provided no legal retention obligations prevent this.
Right to Restriction of Processing (Art. 18 DSGVO)
Under certain conditions, you can request restriction of processing of your data.
Right to Data Portability (Art. 20 DSGVO)
You have the right to receive your data in a structured, common, and machine-readable format and to transmit it to another controller.
Right to Object (Art. 21 DSGVO)
You can object to the processing of your personal data at any time for reasons arising from your particular situation.
Withdrawal of Consent (Art. 7 para. 3 DSGVO)
If the processing of your data is based on your consent, you can withdraw this consent at any time with effect for the future.
7. Data Security
We take appropriate technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, or disclosure.
Data transmission between your app and our servers is encrypted using TLS (Transport Layer Security). Access to personal data is restricted to authorized persons and is regularly monitored. Passwords are stored exclusively in encrypted form and are not visible to us in plain text. Our server infrastructure is regularly updated, monitored, and protected by security measures against unauthorized access.
Despite all measures, data transmission on the Internet may have security gaps, so complete protection cannot be guaranteed.
8. Tracking Technologies
Anonymous technical diagnostic data may be processed to improve the stability and security of the app.
Should tracking technologies be integrated in the future, we will inform you in advance and obtain your express consent.
9. Changes to the Privacy Policy
We reserve the right to adapt this privacy policy as needed to align it with technical developments or legal requirements.
In case of significant changes, we will inform you in the app and via email. The current version is always available in the app.
10. Responsible person and Contact
Pascal Hofmann
Deutschland
Effective date: September 1st, 2025