Skip to content

Legal

Privacy Policy

How we collect, use, and protect your data.

Effective Date: 2026-07-03

Introduction

InMatch is a football match analysis and social application operated by MAVEIC LLC (“we,” “our,” “us”). This Privacy Policy explains how we collect, use, share, and protect your information when you use the InMatch mobile application on iOS and Android. By using the app you agree to the practices described here.

Information We Collect

We collect the following categories of information:

  • Account data: your email address, a password (stored only as a salted hash), and a public username. If you sign in with Apple or Google, we receive your email and name from that provider.
  • Profile data (all optional): display name, biography, profile photo, favourite team, country, position, and shirt number.
  • User-generated content: comments, match analyses, “moments” (including photos and videos you upload), line-up predictions, and ratings — visible to other users together with your username and photo.
  • Safety data: reports you submit and users you block, used for moderation.
  • Usage & analytics data: features used, screens viewed, sessions, and interactions (via Firebase Analytics).
  • Session replay & interaction analytics: via Microsoft Clarity we capture aggregated interactions (taps, scrolls, navigation) and de-identified screen recordings/heatmaps to improve usability. Sensitive fields are masked by default and the data is tied to a pseudonymous identifier, not your name or email.
  • Device & technical data: device model, OS version, app version, language/region, and IP address.
  • Push token: a Firebase Cloud Messaging token used to deliver the notifications you enable.
  • Advertising identifier: IDFA (iOS) / Advertising ID (Android), used for advertising — see “Advertising” below.

How We Use Your Information

We use your information to:

  • Provide core features: match data, social interaction, content you and others post, predictions, and notifications.
  • Manage in-app subscriptions and entitlements (processed via RevenueCat and the Apple/Google app stores).
  • Maintain safety: detect abuse, enforce our Community Guidelines, and process reports and blocks.
  • Diagnose crashes (Firebase Crashlytics), measure performance, and improve the app.
  • Serve advertising (see “Advertising”).
  • Send service-related and, where permitted, notification messages.
  • Comply with legal obligations.

Advertising

The app displays ads through Google AdMob to support the free service. AdMob and its partner networks may process your advertising identifier, IP address, approximate (country/city-level) location, device information, and ad-interaction data.

  • Your advertising identifier may be used to track you across apps and websites for advertising.
  • In the EEA, UK and Switzerland a Google-certified consent screen (UMP) is shown, where you can grant, manage, or withdraw consent for personalised advertising at any time in Settings.
  • On iOS 14.5+ Apple’s App Tracking Transparency prompt is shown. If you do not allow tracking, you will see only non-personalised ads and can continue using the app normally.
  • You can reset or disable your advertising identifier in your device settings at any time.

How We Share Information

We do not sell your personal information. We disclose information only:

  • To the service providers listed below, acting as processors on our behalf.
  • To advertising partners (e.g. an advertising identifier). Under some laws — including California’s — this may be considered “sharing” or a “sale”; you can opt out as described under “Advertising.”
  • As public content you choose to post (username, profile, comments, analyses, moments are visible to other users).
  • When required by law, or to protect rights, safety, and to investigate fraud or abuse.

Third-Party Services

We rely on the following processors, each handling data under its own privacy policy:

  • Google Firebase — authentication, Cloud Messaging (push), Crashlytics, and Analytics.
  • Microsoft Clarity — session-replay and heatmap analytics (interaction events and de-identified recordings) to improve usability.
  • Google AdMob — advertising (advertising ID, IP, device and ad-interaction data).
  • Sign in with Apple / Google Sign-In — optional social sign-in (email, name).
  • RevenueCat — subscription management (an app-user identifier and purchase status).
  • Cloudflare R2 — storage and delivery of media (photos/videos) you upload.

Data Retention

We keep personal data only as long as necessary:

  • Account and profile data: while your account is active.
  • On account deletion: personal data is anonymised immediately; uploaded media is removed shortly afterwards; backups are purged on our regular rotation.
  • Public content: retained while posted; on deletion it is dissociated from your identity.
  • Crash diagnostics up to 90 days; server/security logs up to 12 months; session-replay analytics (Microsoft Clarity) per Microsoft's retention policy; purchase records for the period required by tax law.

Account Deletion

You can delete your account at any time in the app at Settings → Delete Account, or via getinmatch.app/legal/account-deletion. When you delete your account:

  • Your personal data is anonymised: email, name, display name, and biography are removed, your password is invalidated, and all sessions are revoked.
  • Uploaded media (profile photo, moment images) is removed.
  • Your username may be kept in anonymised form so that public threads remain coherent; it is no longer linked to identifying information.
  • Some records may be retained where required by law or for fraud prevention.

Your Rights

Depending on where you live, you may have rights under the GDPR (EEA/UK), KVKK Law No. 6698 (Türkiye), and CCPA/CPRA (California) — including access, correction, deletion, portability, and the right to object to or restrict processing or withdraw consent. California residents may opt out of the “sale” or “sharing” of personal information by declining the App Tracking Transparency prompt (iOS), adjusting device ad settings, or contacting us. We will not discriminate against you for exercising your rights.

International Transfers

Your information may be processed in countries other than your own, including the United States (e.g. by Google/Firebase, Microsoft Clarity, AdMob, and RevenueCat). Where we transfer personal data out of the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum.

Children

InMatch is not directed to children. We do not knowingly collect personal data from children under 13. In the EEA, where local law sets a higher digital-consent age (up to 16), users below that age must have a parent or guardian consent on their behalf. If you believe a child has provided us personal data, contact us and we will delete it.

Security

We use physical, electronic, and procedural safeguards — including encrypted transport (HTTPS), hashed passwords, and access controls — to protect your information. No method of transmission or storage is 100% secure, but we work to protect your data.

Changes to This Policy

We may update this Policy from time to time and will post the updated version with a new effective date. Continued use of the app after changes constitutes acceptance.

Contact

For privacy questions or to exercise your rights, contact MAVEIC LLC at [email protected].