Privacy policy

GoPlay.no is currently operated by Team Ballespark Forening as the controller for the personal data described on this page.

Before public launch, this page should be updated with the final legal entity name, organization number, and direct privacy contact details used for GDPR requests.

Account and profile data such as your display name, username, email address, phone number when provided, profile image, age when provided, and linked login providers.

Participation data such as hosted events, joins, waitlist actions, comments, mentions, messages, notifications, and no-show or attendance actions needed to keep the roster accurate.

Technical and session data such as browser sessions, timestamps, device-facing request logs, and security signals used to keep the service working and to prevent misuse.

To create and maintain your GoPlay.no identity, keep you signed in, and let you host, discover, join, and manage games.

To operate reliability-critical product features such as rosters, approvals, cancellations, reminders, comments, direct messages, and account security.

To improve the service, investigate misuse, comply with legal obligations, and protect other players, hosts, and GoPlay.no itself.

GoPlay.no normally relies on contract and pre-contract steps when we use your data to provide the service you ask for, such as creating an account, joining a game, or sending operational notifications.

We also rely on legitimate interests for service security, abuse prevention, core product analytics, and reliability operations, provided those interests are not overridden by your rights and freedoms.

If GoPlay.no later adds optional marketing or optional non-essential tracking, those uses should rely on consent where GDPR requires it.

GoPlay.no may share personal data with service providers that help run hosting, databases, login providers, email delivery, customer support, and other operational systems.

GoPlay.no does not currently position itself as a data broker, and the MVP should not sell personal data.

If a provider processes data outside the EEA, GoPlay.no should use an appropriate GDPR transfer safeguard before that processing goes live.

Active account data is kept for as long as needed to operate the service and maintain event, roster, and account integrity.

If you request account deletion from settings, GoPlay.no starts a 7-day hold. During that period you can cancel the request. After the window expires, the account and related live-product records are permanently removed by the application cleanup flow.

Some records may need to be retained longer where the law requires it or where they are necessary to establish, exercise, or defend legal claims.

You can request access to your data, ask for correction, request erasure, request restriction, object where GDPR allows it, and ask for data portability where applicable.

You can also complain to the Norwegian Data Protection Authority, Datatilsynet, if you believe your personal data has been handled unlawfully.

GoPlay.no does not intend to make solely automated decisions with legal or similarly significant effects on users as part of the MVP account flow.