Aller au contenu principal
Back to home

Privacy Policy

Last update: March 2026 — Beta MVP version

1. Introduction

This privacy policy describes how GoSportNow collects, uses, and protects the personal data of users of its mobile application and its website gosportnow.fr. It complies with the General Data Protection Regulation (GDPR — EU 2016/679) and the French Data Protection Act.

2. Data Controller

The data controller and Data Protection Officer (DPO) is Ludovic Fremaut — GoSportNow.

Email: contact@gosportnow.fr

GoSportNow is a collaborative project co-developed by Ludovic Fremaut, Nicolas Herisson, and Anthony Marcelin.

3. Data collected

Some data may also be used for internal statistics and monitoring purposes (Dashboard).

  • Account data: email, username, age, photo, sports preferences
  • Technical data: IP address, unique identifier, device, OS, language, connection logs
  • Geolocation data: to suggest nearby activities (disabled by default, enabled only with explicit consent)
  • Chat data: messages exchanged as part of activities (ephemeral on the user side, retained for security)

4. Purposes of processing

  • Provide and manage the main features of GoSportNow
  • Create and manage user accounts
  • Enable matchmaking between activity participants and organizers
  • Ensure security and moderation of exchanges
  • Process reports and legal requests
  • Perform internal statistical analysis (monitoring, performance) via Umami, an anonymous analytics tool that collects no personal data and uses no cookies

5. Legal basis for processing

  • Performance of the contract (Terms of Use) between the user and GoSportNow
  • GoSportNow's legitimate interest in ensuring the security and proper functioning of the service
  • The explicit consent of the user for geolocation, notifications, and future marketing communications

6. Hosting and data storage

Data is hosted exclusively in France:

Application and database: servers hosted by OVH (Roubaix, France), secured by SSL encryption and SSH authentication

Website: self-hosted on a secure personal server belonging to the GoSportNow team

No data transfer is carried out outside the European Union.

7. Retention periods

  • Account data: for the duration of use (1 year after deletion — technical backup)
  • Chat data: maximum 12 months from their creation
  • Technical logs: 6 months
  • Data deleted upon request: permanent deletion within 30 days
  • Anonymized data for statistical purposes: kept indefinitely

8. Data security

In the event of a personal data breach, GoSportNow will notify the CNIL within 72 hours and inform the users concerned in accordance with Article 33 of the GDPR.

  • SSL/TLS encryption for data exchanges
  • Hashed and secured passwords
  • Restricted access to servers only to authorized members
  • Automatic and secure backups
  • Regular monitoring and maintenance of systems

9. User rights

In accordance with the GDPR, each user has the following rights:

  • Right of access, rectification, deletion, and portability
  • Right to object and to restrict processing
  • Right to withdraw consent at any time

10. Subcontractors and third-party services

All subcontractors are subject to a processing agreement complying with Article 28 of the GDPR.

  • OVH — application hosting
  • Google — authentication
  • Apple — secure login
  • Strava — future integration (OAuth2)
  • Umami — anonymized statistics (no personal data, no cookies)

11. Updates

This policy may be modified depending on the legal, technical, or functional developments of GoSportNow. Users will be informed of any significant updates via the website or application.

Contact

Email: contact@gosportnow.fr