Privacy Policy
Last updated: March 2026
1. Controller
Furiba Oy
Business ID: 3617789-5
Email: privacy@furiba.app
2. What data we collect
| Data | Purpose | Retention |
|---|---|---|
| Email, display name | Account & login | Until deletion |
| Password | Authentication (bcrypt hash only) | Until deletion |
| PDGA number | Division verification | Until deletion |
| Tournament scores | Core service | Indefinite (public record) |
| Feedback | Product improvement | 2 years |
3. Data location
All personal data is stored within the European Union (Azure Sweden Central region). Data does not leave the EU/EEA.
4. Data sharing
We share data with tournament directors (your name, division, registration status) and other players (name and scores during tournament play). We use Stripe for payments -we never see or store your card number. We do not sell data to third parties.
5. Your rights (GDPR)
- Access -Settings → Export Data
- Correct -edit your profile anytime
- Delete -Settings → Delete Account (30-day grace period)
- Port -export as JSON
- Object -email privacy@furiba.app
6. Security
Passwords are bcrypt-hashed (cost 12). All connections use TLS 1.3. Tokens are SHA-256 hashed. Rate limiting protects against brute force. Infrastructure uses Azure managed encryption at rest.
7. Cookies & local storage
We use browser localStorage for authentication tokens, language preference, and UI settings. We do not use tracking cookies, analytics scripts, or advertising technology.
8. Contact
Email: privacy@furiba.app
Data Protection Authority: tietosuoja.fi