Joga Privacy Policy
This Privacy Policy is a development draft for the Joga mobile application and related services. It is provided so the app can be tested with real legal links during development. Final legal review, controller details, retention periods, and vendor details are required before production launch.
1. Who controls your data
The final legal entity responsible for Joga will be inserted before production launch. In this draft, "Joga", "we", "us", and "our" refer to the operator of the Joga service.
2. Information we collect
Depending on the features you use, Joga may collect:
- account details, such as name, email address, phone number, and login method;
- profile details, such as player preferences, city, position, skill level, and profile photo if enabled;
- authentication data, such as session records, email verification state, and Google or Apple account identifiers when social login is used;
- game and booking activity, such as games you create, join, request, cancel, or attend;
- messages, support requests, and communication preferences if those features are enabled;
- device and app data, such as app version, platform, diagnostics, crash reports, security events, and approximate technical metadata;
- payment or wallet information when paid features, credits, or wallet features are enabled.
3. How we use information
We use information to:
- create and secure accounts;
- provide login, registration, email verification, password recovery, and social login;
- show available games, support joining and organizing games, and manage participation;
- operate support, safety, anti-abuse, and fraud-prevention features;
- send service messages, legal notices, and transactional notifications;
- measure reliability, diagnose defects, and improve the service;
- comply with legal, accounting, tax, security, and dispute-resolution obligations.
4. Legal bases
The final legal bases must be confirmed before production launch. Expected bases include performance of a contract for account and game features, legitimate interests for security and reliability, consent where required for optional processing, and legal obligation where records must be kept.
5. Sharing information
We may share information with:
- venues, organizers, or players where needed to run games or bookings;
- service providers for hosting, database, email, notifications, analytics, crash reporting, payments, and support;
- identity providers such as Google or Apple when you choose social login;
- professional advisers, authorities, or other parties where required by law or to protect rights and safety.
A production version must include the relevant provider categories and any legally required transfer safeguards.
6. Retention
We keep personal data only as long as needed for the purposes described in this Policy, including account operation, security, legal obligations, dispute resolution, and audit evidence. Production retention periods must be finalized by Product and Legal before launch.
7. Security
We use technical and organizational measures intended to protect personal data, including access controls, transport security, environment separation, audit controls, and no-secret logging rules. No system can be guaranteed to be completely secure.
8. Your rights
Depending on the law that applies to you, you may have rights to access, correct, delete, restrict, object to processing, receive a copy of your data, withdraw consent, or complain to a supervisory authority. Production support channels and identity-verification procedures must be added before launch.
9. Children
Joga is not intended for users who cannot legally use the service or provide required consent under applicable law. If a parent or guardian believes a child provided personal data without required permission, they should contact us through the production support channel when available.
10. International transfers
Joga may use providers located in different countries. Production launch requires confirming provider locations and transfer safeguards, such as contractual protections where required.
11. Changes to this Policy
We may update this Policy. Non-material changes may be published with a notice. If we plan to use personal data for a new purpose or make a materially more permissive change, we will provide appropriate notice before the new processing starts and will request consent where consent is required.
12. Contact
Production contact details, company details, and data protection contact information must be added before public launch.