Tournify ensures compliance with the General Data Protection Regulation (GDPR). We invite you to read our Terms of Use and Privacy Policy to learn more about how we protect your data.
You can use our tournament software without ever storing personal information about individual participants. However, if you choose to add personal data (e.g., names or contact details of referees, players, or staff), Tournify acts as a data processor (or sub-processor) in terms of the GDPR. In such cases, you are always the data controller and retain full ownership of the data. Tournify will process this information solely on your instructions and for no other purpose. For more details, see “Appendix 1: Processing Personal Data” in our Terms of Use, which serves as our Data Processing Agreement (DPA).
Tournify may process data in countries both within and outside the European Union, in accordance with applicable laws and regulations. Google Firebase, which powers our authentication, storage, and database services, is hosted in the United States. Firebase has established clear policies for data processing and security that comply with European regulations. It also complies with the EU-U.S. Data Privacy Framework (DPF), ensuring appropriate protection for personal data transferred from the EU. Firebase is certified under major privacy and security standards. Additionally, the core Firebase services used by Tournify have successfully completed ISO 27001, ISO 27017, and ISO 27018 evaluations, and are SOC 1, SOC 2, and SOC 3 compliant.