Privacy Policy

Effective date: 28 May 2026 · Last updated: 28 May 2026

1. Who we are

Clubble LLC (“Clubble”, “we”, “us”, “our”) operates the Clubble mobile app, website and related services (the “Platform”). We are incorporated and licensed in Sharjah Media City (licence no. 2539056.01). Contact: privacy@clubble.ae.

2. Scope and applicable law

This Policy explains what personal data we collect, how and why we use it, who we share it with, how long we keep it, and your rights under the UAE Personal Data Protection Law (PDPL) and its Executive Regulations.

3. Our roles (controller vs processor)

Controller (Clubble). Account, billing metadata from app stores, security, moderation, analytics and logs.

Processor (Clubble) for clubs. For club-uploaded media (photos and videos) and personal data contained within it, the club is the data controller and Clubble acts as its data processor by hosting and displaying content on the club’s instructions. The exception is when we remove or restrict content for safety or moderation, in which case we act as an independent controller for that limited purpose.

Clubs using the Platform accept the data-processing terms in our Terms & Conditions (§9A).

4. What we collect

We aim to collect the minimum necessary:

• Account and identity data. Name, email, phone number, password hash, user role (parent, minor, club, admin).
• Club profile data. Club name, logo, sport, emirate, Nominated Contact Methods (email, WhatsApp, Instagram), licence details (number, issuer, expiry), coach biography text the club provides.
• Media. Photos and videos that clubs upload to their profiles (may include faces, uniforms, locations).
• Declaration logs (no consent files by default). Timestamped records that a club declared (i) up-to-date coach checks and training, and (ii) parent or guardian consent exists for any identifiable minor in media, including promotional placements; plus the device, IP and user ID of the declarant.
• Reports and moderation data. Details you submit via the Report button or email (who is in the image, why you reported, your contact), our review notes, decision and timestamps.
• Device and usage data. Device identifiers, IP address, OS and app version, general location (city or region), crash and diagnostic logs, screens viewed and interactions. Used to secure and improve the Platform.
• Purchases and billing metadata. Plan type (Free, Essential or Featured; annual), renewal status and receipts as provided by the Apple App Store or Google Play. We do not store full card numbers.
• Optional child data. A child’s age group if a parent or guardian chooses to provide it in their account.

5. Sources of data

• You, when creating an account, using the app or filing a report.
• Clubs, when setting up profiles and uploading media.
• Your device, for diagnostics and usage.
• Apple App Store and Google Play, for subscription metadata.

6. Why we use data (PDPL legal bases)

We process personal data where one or more bases apply:

• Contract. To provide accounts, listings, purchases and support.
• Consent. For optional items such as marketing or child age group. You can withdraw consent at any time.
• Legal obligation. To comply with UAE law, including child safeguarding and responding to lawful requests.
• Legitimate interests. Platform security, fraud prevention, service improvement, and ensuring reported content is handled promptly and fairly, balanced against your rights.

7. How we use data

• Create and manage user and club accounts; display club profiles and media.
• Record club self-declarations for coach compliance and parental consent (no consent files by default).
• Run reporting and takedown workflows (acknowledge, review, action, appeal) and keep audit trails.
• Operate subscriptions via app-store SDKs and maintain entitlement status.
• Secure the Platform, diagnose issues, prevent abuse and improve performance.
• Send essential service emails and notifications (receipts, plan changes, policy updates).

8. Children’s privacy and safeguarding

• The Platform does not provide in-app messaging. Minors may browse under a parent or guardian’s supervision but must not contact clubs directly. Only a parent or guardian may use the listed Nominated Contact Methods.
• Clubs may upload media showing minors only where they have obtained verifiable parent or guardian consent off-platform and have made the required declaration in the upload flow.
• Parents and guardians may withdraw consent at any time. See §10 Reporting and takedown and §13 Your rights.

9. Sharing your data

We do not sell personal data. We share it only as needed:

• Service providers (processors). Firebase (Google Cloud) for authentication, database, file storage, logging and crash reports. Where used, a transactional email provider.
• App stores. Apple and Google receive purchase and renewal data and handle payments. Their privacy policies apply to store accounts.
• Legal and safety. Competent authorities when required by law or to protect users, especially minors.
• Other users. Information you choose to publish on your club profile (name, logo, media, contact methods) is visible to other users.

10. Reporting and takedown (photos and videos)

Any user can flag a photo or video in the app for removal at any time. If you see your child, or yourself, in media without consent:

• Use the in-app Report button on the item, or email report@clubble.ae.
• We send an automated receipt within 1 hour (report ID).
• Child-safety reports are reviewed within 24 hours; other reports within 72 hours.
• Outcomes: removal, restrict and verify (temporarily hidden while we ask the club for proof), or retain (with a brief explanation).
• Clubs must produce proof of consent on request (24 hours for child-safety, 72 hours otherwise) or face suspension or removal under the Terms.
• We keep an audit log of the report and outcome for five (5) years.

11. International transfers

We primarily host on Firebase (Google Cloud) in regions selected to minimise distance from the UAE (for example Mumbai or Frankfurt). Where data is transferred internationally, we apply appropriate safeguards (contractual terms with processors, security measures). You can request details at privacy@clubble.ae.

12. Security

• Encryption in transit (TLS 1.2+) and at rest (AES-256).
• Role-based access, least-privilege and access logging.
• Sensitive screens may block screenshots or recordings where technically feasible.
• Regular reviews of access and staff training.

13. Your rights (PDPL)

You may access your data and request a copy, correct inaccuracies, delete your data (subject to lawful retention), port your data (machine-readable format), object to processing in certain cases, and withdraw consent (where processing relies on consent).

How to exercise. Use the in-app “Privacy Request” form or email privacy@clubble.ae. We may verify your identity (for example a one-time code). We aim to acknowledge within 3 business days, delete or correct within 15 business days, and export within 20 business days. You may also complain to the UAE Data Office.

14. Retention

• Accounts and club profiles: while your account is active and up to 6 years after closure (tax and dispute defence).
• Declaration logs and moderation records: while related media or profile is live, and for at least 2 years after removal or closure.
• System logs and diagnostics: typically 12 to 24 months unless needed longer for security.

When retention ends, we delete or anonymise data.

15. Cookies, SDKs and app permissions

• Web cookies and local storage: essential (login and security) and limited analytics if enabled.
• Mobile SDKs: Firebase Auth, Database, Storage and Crashlytics, plus app-store billing SDKs.
• Permissions: camera, photos and media library (when you upload), notifications (service messages), approximate location (if you allow, to improve search). You can change permissions in your device settings.

16. Payments

All purchases are processed by the Apple App Store (iOS) or Google Play (Android). We receive subscription status and limited purchase metadata from the store. We do not store payment card details. For refunds or cancellations, use your store account settings.

17. Third-party links

Club profiles may list external links, for example WhatsApp or Instagram. Those services are governed by their own privacy policies. We are not responsible for their practices.

18. Changes to this policy

We may update this Policy from time to time. If changes are material, we will notify you by email or in-app at least 14 days before they take effect. The “Last updated” date shows the latest version.

19. Contact

Data protection: privacy@clubble.ae
Reports (photos and videos): report@clubble.ae
General: support@clubble.ae

Clubble LLC, Sharjah Media City, PO Box 839, Sharjah, United Arab Emirates

App Store and Google Play at-a-glance summary

• Data collected. Account and identity, club profile info, media uploaded by clubs, declaration logs, device and usage, subscription status from app stores, report submissions.
• Purposes. Provide and secure the service; display club profiles and media; handle reports and takedowns; manage subscriptions; improve reliability.
• Data linked to the user. Account and identity, device and usage (for security), report submissions, subscription status.
• Sharing. Service providers (Firebase), app stores (Apple and Google), authorities if legally required. No sale of data.
• Security. Encryption in transit and at rest; role-based access; audit logging.
• Retention and deletion. See §§14 and 13 (you can request deletion or export).
• Children. Browsing allowed under guardian supervision; no direct contact with clubs by minors; clubs must have guardian consent for minor media and declare it at upload.