← Tibidi

Privacy Policy

Last updated: [DATE]

This policy explains how Tibidi (“we”) handles your personal data. Controller: [YOUR NAME / COMPANY], [ADDRESS], [EMAIL].

Data we collect

Account: your email address. Profile (optional): name, city, preferred language, and personalization answers (age range, living situation, children, pets, activity and energy preferences, interests). Activity: challenges you complete, your notes and photos, discovery answers, pack progress, and groups you join (your name is visible to other members of your groups). Technical: our hosting providers process server logs and IP addresses to operate and secure the service.

Why we use it (legal basis)

To provide the service you signed up for (Art. 6(1)(b) GDPR — contract): authentication, assigning and tracking challenges, groups. For optional personalization and recommendations we rely on your consent (Art. 6(1)(a)), which you can withdraw at any time by clearing those fields. We do not sell your data or use it for advertising.

Cookies

We use only strictly necessary and functional cookies: a login/session cookie (required to keep you signed in) and a language-preference cookie. We do not use analytics, advertising, or tracking cookies, so no cookie consent banner is required. If this changes, we will ask for your consent first.

Processors & hosting

We use Supabase (database, authentication, file storage) and Vercel (application hosting). These providers process data on our behalf under data processing agreements. Where data is transferred outside the EU/EEA, appropriate safeguards (e.g. Standard Contractual Clauses) apply.

Retention

We keep your data while your account is active. When you delete your account, your profile, challenges, notes, photos, group memberships and related data are permanently removed.

Your rights

Under the GDPR you can access, correct, export, restrict, or object to the processing of your data, and erase it. You can delete your account and all associated data yourself from Profile → Delete account. To exercise other rights, contact [EMAIL]. You also have the right to lodge a complaint with your data protection authority.

Contact

[YOUR NAME / COMPANY], [ADDRESS], [EMAIL].

Tibidi