MatchNotes
Sign inSign up

Privacy Policy

1. Controller

Jakob Drabant
c/o Online-Impressum #8242
Europaring 90
53757 St Augustin
E-Mail: contact@matchnotes.app

2. Data Collected and Purpose

We collect the following personal data:

  • E-mail address and password (hashed): For creating and managing your account (Art. 6 para. 1 lit. b GDPR — contract performance).
  • Riot account data (PUUID, Riot ID, region): For linking your League of Legends account and retrieving your match data via the Riot Games API (Art. 6 para. 1 lit. b GDPR).
  • Match data: Game statistics, champions, KDA, queue type — automatically retrieved via the Riot Games API and stored in our database (Art. 6 para. 1 lit. b GDPR).
  • Journal notes and goals: Text freely entered by you for game analysis. This data remains exclusively in your account (Art. 6 para. 1 lit. b GDPR).
  • OAuth login (Google / Discord): When using Google or Discord to log in, we collect your name and e-mail address from the respective provider (Art. 6 para. 1 lit. b GDPR). The privacy policies of Google and Discord apply to their respective data processing.

3. Hosting and Infrastructure

MatchNotes is hosted on Vercel Inc. (Rego Park, New York, USA). When you access the website, server logs (IP address, browser type, timestamp) are automatically recorded. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in stable operation). Vercel is certified under the EU-U.S. Data Privacy Framework. Further information: https://vercel.com/legal/privacy-policy.

4. Third-Party Services

Riot Games API

To retrieve your match data we use the Riot Games API. Your PUUID and match IDs are transmitted to Riot. The Riot Games privacy policy applies.

Sentry

We use Sentry (Functional Software Inc., USA) for error tracking. When application errors occur, technical data (stack trace, browser, OS) is transmitted — no personal content such as notes or passwords. Legal basis: Art. 6 para. 1 lit. f GDPR. Further information: https://sentry.io/privacy/.

PostHog

We use PostHog (EU servers) for product analytics. Anonymised usage data (page views, feature usage) is collected — no personal content. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in product improvement). Further information: https://posthog.com/privacy.

Resend

For sending password-reset e-mails we use Resend. Your e-mail address is transmitted to Resend for this purpose. Legal basis: Art. 6 para. 1 lit. b GDPR. Further information: https://resend.com/legal/privacy-policy.

5. Cookies and Sessions

We use only technically necessary session cookies for authentication. No tracking or advertising cookies are used. Legal basis: Art. 6 para. 1 lit. b GDPR.

6. Retention Period

Your data is stored for as long as your account is active. After account deletion, all personal data will be deleted within 30 days. Server logs are deleted after no more than 30 days.

7. Your Rights

Under the GDPR you have the following rights:

  • Access to stored data (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure of your data ("right to be forgotten", Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection to processing (Art. 21 GDPR)
  • Complaint to a supervisory authority (Art. 77 GDPR)

To exercise your rights, please contact: contact@matchnotes.app

8. Riot Games Notice

MatchNotes isn't endorsed by Riot Games and doesn't reflect the views or opinions of Riot Games or anyone officially involved in producing or managing Riot Games properties. Riot Games and all associated properties are trademarks or registered trademarks of Riot Games, Inc.