iiCaptain

Privacy Policy for iiCaptain

Last Updated: January 13, 2026

Welcome to iiCaptain ("we," "us," or "our"). We are committed to protecting your privacy and complying with applicable data protection regulations, including the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application (the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. For significant changes, we will notify you via email or through a prominent notice on our Service. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

1. Data Controller

iiCaptain is the data controller responsible for your personal data. If you have any questions about how we handle your data, you can contact us at iicaptain@rthw.nl.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the Service depends on the content and materials you use, and includes:

  • Personal Data: Personally identifiable information, such as your name, email address, and password, that you voluntarily give to us when you register for an account. You are under no obligation to provide us with personal information of any kind, however your refusal to do so may prevent you from using certain features of the Service.
  • Team Data: Information you provide about your team, such as team name, member names and emails, match schedules, training details, attendance records, match results, and messages. This includes any content you generate and upload to the service.
  • Derivative Data: Information our servers automatically collect when you access the Service, such as your IP address, your browser type, your operating system, your access times, and the pages you have viewed directly before and after accessing the Service. This data is used for security and operational purposes.
  • Data From Firebase: Our Service is hosted on Firebase, a Google platform. As such, Firebase may collect data about your use of the Service in accordance with their own privacy policy. We use Firebase for database hosting, authentication, and other backend services. Firebase servers are located within the European Union.

3. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

  • Contract: Processing is necessary for the performance of our contract with you (providing the Service).
  • Legitimate Interests: Processing is necessary for our legitimate interests, such as improving the Service, ensuring security, and preventing fraud.
  • Consent: Where you have given us explicit consent to process your data for specific purposes.
  • Legal Obligation: Processing is necessary to comply with legal obligations.

4. Use of Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Service to:

  • Create and manage your account and team.
  • Provide the core functionality of the app, such as scheduling, member management, and communication.
  • Email you regarding your account, service updates, or password resets.
  • Send you notifications about upcoming matches, trainings, and events (if enabled).
  • Monitor and analyze usage and trends to improve your experience with the application.
  • Enhance the security of our application and prevent fraudulent activity.
  • Respond to user inquiries and support tickets.
  • Compile anonymous statistical data and analysis for internal use.

5. Cookies and Tracking Technologies

We use essential cookies that are necessary for the Service to function properly. These include authentication cookies to keep you logged in and security cookies to protect against unauthorized access. We do not use cookies for advertising or tracking purposes.

Firebase may use cookies for authentication and analytics purposes. For more information, please refer to Google's Privacy Policy.

6. Disclosure of Your Information

We do not sell, trade, or rent your personal information to others. We may share information we have collected about you in certain situations:

  • By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.
  • With Team Members: Your name and attendance status are visible to other members of your team within the application as part of its core functionality. Team administrators may have access to additional information such as email addresses.
  • Third-Party Service Providers: We use Firebase (a Google service) for database hosting, authentication, and other backend services. Your data is stored on Firebase servers located in the European Union and is subject to their privacy policy. We may also use email service providers to send transactional emails.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

  • Account Data: Retained for as long as your account is active. Upon account deletion, your personal data will be deleted within 30 days.
  • Team Data: Retained for as long as the team exists. When a team is deleted, all associated data is removed within 30 days.
  • Backup Data: May be retained in encrypted backups for up to 90 days after deletion for disaster recovery purposes.

8. Data Security

We use administrative, technical, and physical security measures to help protect your personal information. This includes:

  • Encryption of data in transit using TLS/SSL.
  • Secure password hashing.
  • Using the robust security features provided by Firebase.
  • Regular security audits and updates.

While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable. In the event of a data breach that affects your personal data, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.

9. International Data Transfers

Your data is primarily stored on Firebase servers within the European Union. In the event that data needs to be transferred outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Policy for Children

The Service is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16 years of age. If you are under 16, please do not register for an account or submit any personal data to us. If you believe that a child under 16 has provided us with personal data, please contact us immediately at iicaptain@rthw.nl, and we will take steps to delete such information.

11. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"): You can request that we delete your personal data under certain circumstances.
  • Right to Restriction of Processing: You can request that we limit how we use your data.
  • Right to Data Portability: You can request to receive your personal data in a structured, commonly used, machine-readable format.
  • Right to Object: You can object to our processing of your personal data based on legitimate interests.
  • Right to Withdraw Consent: Where we process data based on consent, you can withdraw that consent at any time.

To exercise any of these rights, please contact us at iicaptain@rthw.nl. We will respond to your request within 30 days. You also have the right to lodge a complaint with a supervisory authority if you believe your rights have been violated.

12. Contact Us

If you have questions or comments about this Privacy Policy, please contact us at:

  • Email: iicaptain@rthw.nl