Back

Privacy Policy

Last updated: April 21, 2026

1. Introduction

At CLOUT Tracker we are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and all applicable privacy laws.

This Privacy Policy describes what data we collect, how we use it, with whom we share it and what rights you have over your information.

2. Data Controller

Data Controller:

CLOUT WEB SERVICES

🌐 clouttracker.app

Contact email: cloutwebservices@gmail.com

3. Data We Collect

We only collect data that is strictly necessary to provide the service:

Account Data

  • Display name
  • Email address
  • Profile photo (optional)
  • Authentication provider (Google / email)

Activity Data

  • Sport type and duration
  • Date and time of each session
  • Perceived intensity
  • Optional notes

Usage Data

  • Pages visited within the app
  • Features used
  • General device type (desktop / mobile)
  • Anonymised error logs

Device permissions and related data

  • Microphone: only used when you explicitly choose to record audio or voice notes in the app. Audio is processed to support transcription or voice input features and is not activated in the background without a clear user action.
  • Camera: only used when you choose to take a photo from within the app, for example to attach images or update profile or activity content.
  • Photos and image files: the app may access your photo library only when you manually select an image. We do not scan or browse your full photo library.
  • Push notifications: used for relevant account, activity, invitation or product alerts, always subject to the permission settings of your device.
  • Advertising and measurement: the app may display ads and use advertising identifiers, performance metrics and aggregated events to measure results, frequency and the operation of campaigns and banners.

Cookies

  • Essential cookies: required for authentication and session management.
  • Analytics cookies: used to understand how the app is used (anonymised data only).

4. Purpose & Legal Basis

We process your data for the following purposes:

  • Service delivery: provide the sports-tracking platform, leaderboards and group features.
  • Performance analysis: calculate scores, medals and progression within leagues.
  • AI recommendations: generate personalised insights via Google Gemini API.
  • Security & fraud prevention: detect unusual activity and protect users' accounts.
  • Service improvement: analyse anonymised usage patterns to improve the product.

5. Data Retention

  • Active account: data is retained for as long as you have an active account.
  • Account deletion: personal data is deleted within 30 days of account deletion.
  • Audit logs: retained for up to 1 year for security and legal compliance.

6. Data Sharing

We do not sell your data. We may share it only with trusted providers strictly necessary to operate the service:

  • Firebase (Google): authentication, database and file storage.
  • Google Gemini API: AI-powered analysis of sports activities (anonymised prompts).
  • Google Cloud Run: application hosting infrastructure.
  • Google AdMob and advertising providers: to display ads, reduce ad fraud, measure impressions and performance, and manage advertising identifiers where applicable.
  • Firebase Cloud Messaging: to deliver push notifications to the device when the user has granted that permission.

All providers are GDPR-compliant and are bound by data processing agreements (DPAs).

Mobile permissions and user control

You can grant, deny or revoke microphone, camera, photos and notification permissions at any time from your device settings. If you disable any of these permissions, some app features may stop working, but the rest of the service will continue to operate where possible.

7. Your Rights

Under GDPR you have the following rights regarding your personal data:

Right of Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can update or correct inaccurate data at any time from your profile settings.

Right to Erasure

You can delete your account and all associated data from the app settings.

Right to Object

You can object to processing based on our legitimate interests.

Right to Data Portability

You can request your data in a structured, machine-readable format.

How to exercise your rights

Send us an email at cloutwebservices@gmail.com

We will respond within 30 days as required by GDPR.

8. Data Retention Schedule

  • Account: retained while active; deleted within 30 days of account closure.
  • Activity logs: retained for the lifetime of the account.
  • Audit logs: retained for up to 1 year for security purposes.
  • After deletion: anonymised statistical data may be retained indefinitely.

9. Security Measures

We implement technical and organisational measures to protect your data:

  • End-to-end HTTPS encryption
  • Firebase Authentication with multi-provider support
  • Firestore security rules with role-based access control
  • Progressive rate limiting against DDoS attacks
  • Strict Content Security Policy (CSP) headers

10. Minors

CLOUT Tracker is not directed at children under 16 years of age.

If we become aware that a minor has provided personal data without parental consent, we will delete it immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notice. Continued use of the service after changes are posted constitutes acceptance of the updated policy.

Last updated: April 21, 2026

12. Contact & Complaints

For any privacy-related queries or to exercise your rights, please contact us:

📧 Email: cloutwebservices@gmail.com

You also have the right to lodge a complaint with your national data protection authority. In Spain: Agencia Española de Protección de Datos (AEPD):

🌐 www.aepd.es

View Terms & Conditions →Back to App