Privacy Policy – Larp Radar
Last update: June 7, 2025
Data Controller (Titolare del trattamento):
Larp Radar S.r.l.
VIALE C. MANCINI 2/C - 47841 - CATTOLICA (RN), Italy
📧 [email protected]
Larp Radar (“we”, “our”, “us”) respects your privacy. This Privacy Policy explains how we collect, use, share and protect information when you use our mobile application (Android/iOS) and our website larp-radar.com (“Services”).
1) Information We Collect
We may collect the following categories of information:
- Account Information – name, email address, and credentials when you create an account or log in (including via Google SSO); access/refresh tokens are stored securely in the app.
- Location Data – approximate or precise location (only with your permission) to show nearby events and features on the map.
- Device & Technical Data – device model, operating system, IP address, app version, crash/diagnostic logs and performance data (used to maintain service stability and security).
- Push Notification Token – a device token used to deliver notifications you opt into (e.g., reminders or updates about events).
- User Content – content you submit (e.g., feedback, bug reports, organizer requests), and your preferences within the app.
- Payment Data – payments are processed by third-party providers; we do not store full card details. We may retain limited details (e.g., transaction IDs, masked card numbers) for receipts, accounting and dispute management.
- Cookies & Similar Technologies (Web) – strictly necessary cookies for site operation and preferences; we do not use third-party advertising cookies.
- Messaging Data – direct and group chat messages you send, delivery/read metadata, messaging privacy preferences (who can contact you), block lists, and optional organizer identity used in chats. Messages are visible only to conversation participants, not on public profiles.
2) How We Use Information
- Provide, maintain and improve the Services (e.g., event discovery, maps, profiles).
- Personalize your experience (e.g., show nearby events based on your location consent).
-
Communicate with you:
- Necessary communications – support responses, service announcements, security alerts.
- Optional communications – news and promotions, sent only if you opt-in; you can opt-out at any time.
- Ensure security, prevent fraud and abuse, and comply with legal obligations.
3) Legal Bases (GDPR)
- Performance of a contract – to provide requested Services (account, discovery, profiles).
- Consent – for optional features such as precise location and push notifications. You can withdraw consent at any time in your device/app settings.
- Legitimate interests – to maintain security, prevent abuse, improve functionality and analyze usage in aggregated form, balanced with your rights.
- Legal obligations – where processing is required by law (e.g., tax/accounting for payments).
4) Sharing of Information
We do not sell or rent your personal data, and we do not use third-party advertising SDKs.
We share data only with:
- Service providers (hosting, push notifications, mapping, payments) who process data on our behalf under contract.
- Authorities when required by law or to protect our rights and users’ safety.
- Business transfers (e.g., merger or acquisition), where your data may be part of the transferred assets. We will notify you of such changes and, where required, offer the option to delete your account before the transfer.
5) Data Retention & Deletion
- We retain personal data only for as long as necessary for the purposes above, unless longer retention is required by law.
- Examples:
- Account data → deleted within 30 days of account deletion.
- Technical logs → normally retained up to 90 days.
- Payment records → retained as required by tax and accounting laws.
- Push notification tokens – retained as long as the user keeps notifications enabled or until the account is deleted.
- Location data – used solely to display nearby events; precise location is not stored on a long-term basis.
- Messages – kept while your account is active so other participants can read conversation history. When you delete your account, your identity is removed from past messages (shown as a deleted account); message text may remain visible to other participants.
-
You can request account and data deletion at any time:
- In-app: Settings → Delete Account (if available), or
- By contacting us at [email protected].
We will complete deletion within a reasonable timeframe (normally within 30 days), except where retention is legally required.
6) Your Rights
Depending on your location (e.g., EU/EEA), you may have the right to access, correct, delete, restrict or object to processing, receive a copy of your data (portability), and withdraw consent without affecting prior processing. You can also lodge a complaint with your supervisory authority. Requests can be sent to [email protected]; we normally respond within 30 days.
7) Controls & Preferences
- Location – manage permission in your device settings; some features may be limited without it.
- Notifications – enable/disable in your device settings or within the app’s preferences.
- Messaging – control who can start a chat from your profile or organizer page, block users, and mute conversations where available.
- Cookies (Web) – you can disable non-essential cookies (if presented) and control browser settings.
8) Security
We use appropriate technical and organizational measures to protect personal data, including transport encryption (HTTPS), secure token storage on device, and restricted access to servers. If we become aware of a data breach likely to affect your rights, we will notify you and the competent authority as required by law.
9) Children’s Privacy
The Services are intended for users aged 16+ (or the age required in your jurisdiction). We do not knowingly collect data from children without appropriate consent. If you believe a child has provided data, please contact us so we can delete it.
10) International Data Transfers
We may transfer data outside your country of residence (e.g., to service providers in the EU or United States). Where data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms. You may request details of these safeguards by contacting us.
11) Changes to this Policy
We may update this Privacy Policy from time to time. Significant changes will be notified in the app and/or on the website. Where required, we will request your consent again before applying changes.
For questions or to exercise your rights, contact: [email protected].
Postal address: Larp Radar S.r.l., VIALE C. MANCINI 2/C - 47841 - CATTOLICA (RN) Italy.
If required under GDPR: DPO and/or EU Representative contact details will be provided on request or in your account area.
13) Supervisory Authority
You have the right to lodge a complaint with a supervisory authority. In Italy: Garante per la protezione dei dati personali – Piazza Venezia 11, 00187 Roma, Italy – garanteprivacy.it.
14) Mandatory vs Optional Data
Some data are necessary to create and manage your account and to provide core Services (e.g., email address). Other data are optional and processed only with your consent (e.g., precise location, push notifications). If you do not provide mandatory data, we may be unable to provide the Services.
15) Sources of Data
We collect data directly from you and, where you choose to use third-party sign-in (e.g., Google SSO), we receive basic profile data from the provider (e.g., name, email) according to the provider’s terms and your settings.
16) Automated Decision-Making
We do not carry out decisions based solely on automated processing that produce legal effects concerning you or similarly significantly affect you. We do not perform profiling for marketing purposes.
17) Main Processors & International Transfers
Examples of processors may include: cloud hosting, payments, mapping and push notification services. Where data is transferred outside the EEA/UK, we use safeguards such as Standard Contractual Clauses (SCCs). You can request an up-to-date list of key processors and transfer safeguards at [email protected].