Skip to main content

Privacy Policy

Information about how we process your personal data on the website and mobile applications, in accordance with the GDPR and the LOPDGDD.

⚠️ Automatic translation notice

This document has been automatically translated for informational purposes. By continuing to use MakeClub, you acknowledge that the legally binding version of these terms is the original Spanish version. If you have questions or need clarification, please contact us at info@makeclub.app

1. Data controller

In accordance with Regulation (EU) 2016/679 General Data Protection Regulation (GDPR) and Organic Law 3/2018 on the Protection of Personal Data and guarantee of digital rights (LOPDGDD), the controller of your personal data is:

  • Company name: MAKE CLUB APP SPORT S.L.
  • Tax ID: B01707116
  • Registered office: Avenida Extremadura Nº29, Arroyo de San Serván (Badajoz)
  • Privacy / DPO contact: legal@makeclub.app

2. Data we collect

2.1. Data provided directly by the user

  • First and last name or username.
  • Email address.
  • Profile photo (optional).
  • Published content (reviews, images, marked locations).

2.2. Data collected automatically

  • Geolocation data (with explicit consent; accuracy varies depending on the device and settings).
  • IP address and device data.
  • Platform usage data (visited screens, interactions, sessions).
  • Activity logs (stored for a maximum of 12 months).
  • Authentication tokens managed through Auth0.

2.3. Special categories of data

MakeClub does not intentionally collect special category data (ethnic origin, political opinions, health data, etc.). If the user voluntarily includes this type of information in their profile or published content, they do so under their sole responsibility.

3. Purposes and legal basis for processing

  • Provision of the service and account management: performance of the contract (art. 6.1.b GDPR).
  • Displaying content and results on the map (by proximity, activity, popularity and relevance): performance of the contract (art. 6.1.b GDPR).
  • Geolocation: explicit consent (art. 6.1.a GDPR). Revocable at any time from the device settings.
  • Usage analysis and improvement of the Platform: legitimate interest (art. 6.1.f GDPR).
  • Transactional communications: performance of the contract (art. 6.1.b GDPR). No consent is required.
  • Commercial or promotional communications: explicit consent (art. 6.1.a GDPR). Revocable at any time.
  • Security, internal auditing and abuse detection through logs: legitimate interest (art. 6.1.f GDPR).
  • Compliance with legal obligations: legal obligation (art. 6.1.c GDPR).

4. Data retention

While the account remains active, personal data will be retained for the provision of the service. After the account is deleted, personal data will be erased within a maximum period of 30 days, except for data that must be retained due to legal obligations (for example, tax data for 5 years).

Activity logs are retained for a maximum period of 12 months.

Anonymized content may be retained indefinitely, as it does not constitute personal data.

5. Recipients and international transfers

For the provision of the service, we share data with the following providers:

  • Auth0 (Okta, Inc.) — Authentication. Transfer to the U.S. covered by Standard Contractual Clauses (SCCs).
  • Microsoft Azure — Cloud infrastructure (EU region by default).
  • Cloudflare — Network protection and proxy.

MakeClub does not sell or share personal data with third parties for commercial purposes.

6. Minors

MakeClub does not collect data from minors under 16 without the verifiable consent of their parents or legal guardians. If we detect that data from a minor has been collected without such consent, we will proceed with its immediate deletion. You can contact us at legal@makeclub.app.

7. Your rights

You may exercise the following rights by sending an email to legal@makeclub.app together with a copy of your identity document:

  • Access: know what personal data we process about you.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten"): request the deletion of your data.
  • Objection: object to processing in certain circumstances.
  • Restriction: request restriction of processing.
  • Portability: receive your data in a structured, commonly used format.
  • Withdrawal of consent: revoke any consent previously granted.

You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD): www.aepd.es.

8. Security and auditing

MakeClub applies appropriate technical and organizational measures to protect your personal data:

  • TLS encryption in transit.
  • Encryption at rest.
  • Role-based access control.
  • Internal audit logs.
  • Regular security reviews.

Access to data is limited to strictly necessary staff, subject to confidentiality obligations. Audit logs are retained for a maximum of 12 months.

9. Cookie Policy

The MakeClub mobile app does not use traditional cookies. The website may use technical (essential) cookies and analytical cookies (with prior consent through a banner in accordance with the LSSI-CE and the AEPD guidelines). You can manage your cookie preferences from the link available in the footer.

For more information, please see our Cookie Policy.

10. Changes to this Policy

MakeClub reserves the right to update this Privacy Policy at any time. Changes will be notified through the platform or by email. The current version will always be available at makeclub.app/en/privacy.

Last updated: April 1, 2026.