Privacy policy
Last updated: 12 June 2025
Flashscore Outreach (“the service”) is operated by Netbase Media Kft. (“we”, “us”, “our”).
We respect your privacy and comply with:
- EU GDPR 2016/679 and the UK GDPR
- California CCPA / CPRA and other U.S. state privacy laws entering into force in 2025 (Delaware, Iowa, Nebraska, New Hampshire, New Jersey, Tennessee, Indiana, Minnesota) [1] [2]
- Brazil LGPD, and other applicable laws
From 12 September 2025 we will also meet the transparency and data-sharing duties introduced by the EU Data Act where they apply to our service [3].
1. Who is the data controller
Company reg. no. 13-09-203379
Registered address: Nagy Sándor utca 46, 2141 Csömör, Hungary
E-mail: [email protected]
Our EU representative and data-protection officer:
DPO Services Kft., [email protected]
2. Personal data we collect
| Category | Examples | Source |
|---|---|---|
| Account data | name, e-mail, password hash | you |
| Contact data you upload | journalists' e-mails, names, job titles, outlets | you |
| Usage data | IP address, device type, pages viewed, actions | collected automatically |
| Cookies | auth tokens, analytics cookies | browser |
| Support data | messages, attachments | you |
We do not knowingly collect data from children under 13.
3. Legal bases (GDPR art. 6)
| Purpose | Legal basis |
|---|---|
| Provide and secure the service | contract performance |
| Sync contacts to Mailgun | legitimate interest (efficient e-mail delivery) |
| Analytics & error-logging | legitimate interest (service quality) |
| Marketing e-mails about new features | consent (you can opt-out any time) |
| Compliance with requests from regulators, tax or law-enforcement | legal obligation |
4. How we use your data
- run, maintain and improve Flashscore Outreach
- authenticate users and prevent fraud
- store and sync your contact lists with Mailgun
- provide support and send system notices
- generate anonymised statistics
We never sell personal data.
5. Sharing & international transfers
| Recipient | Role | Safeguard |
|---|---|---|
| Mailgun Technologies LLC (USA) | cloud e-mail service | Standard Contractual Clauses + EU-U.S. Data Privacy Framework |
| Sentry (EU) | error logging | SCCs |
A full list of sub-processors is kept here and updated at least 30 days before any change.
6. Cookies
| Type | Name | Expiry | Purpose |
|---|---|---|---|
| strictly necessary | session_id | 7 days | keep you logged in |
| analytics | _pk_* | 13 months | anonymous usage stats |
You can refuse non-essential cookies via the banner or your browser settings.
7. Data retention
- Account & billing data — kept for the life of the account + 6 years (tax rules)
- Uploaded contact data — kept until you delete the list or 90 days after account closure
- Logs — 30 days, unless needed for security investigations
- Back-ups — encrypted, 35-day rolling window
8. Your rights
- access, rectification, erasure, restriction, portability and objection (GDPR Art. 15-21)
- withdraw consent where processing relies on consent
- opt-out of "sale" or "sharing" of personal data (CPRA, other U.S. laws)
- appeal any denial of your request within 30 days
- lodge a complaint with your supervisory authority (in Hungary: NAIH)
Submit requests at [email protected] or from Settings → Privacy in the app.
9. Security
- ISO 27001-hosted servers (EU)
- TLS 1.3 in transit, AES-256 at rest
- MFA required for all admin accounts
- quarterly penetration tests
No method of transmission is 100% secure; therefore we cannot guarantee absolute security.
10. Changes
We post any material change here at least 14 days before it takes effect and e-mail account owners if legally required.
Last reviewed: 12 June 2025