← Home

Privacy Policy for the app “Vollholz”

Last updated: 3 May 2026

1. Controller

Christian Klöcker
Stegge, 5b
46325 Borken
Germany

Email: info@vollholz.app

The app is primarily aimed at users in Germany. It may also be used from other EEA countries (e.g. Netherlands, Belgium, France). This policy describes processing under the EU GDPR and, where applicable, the German Federal Data Protection Act (BDSG).

2. What the app does

Vollholz helps bowling-style clubs manage members, evenings, throws, rules, and related data. Clubs may optionally store payment-related details (e.g. PayPal identifier, IBAN, account holder).

3. Personal data we process

3.1 Account and sign-in

• Email/password: email, password (handled by Firebase Authentication; not stored in plain text by us), display name if provided, unique user ID.
• Google sign-in: data provided in the Google sign-in flow (e.g. email, profile details, depending on your account and consent).
• Sign in with Apple: data provided in Apple’s sign-in flow.

3.2 Club and usage data

• Club names, settings, memberships.
• Member names, game/evening data, fines, statistics, and similar content you enter.
• Optional uploaded images (e.g. profile or club images).

3.3 Optional payment/bank details

Voluntary fields such as IBAN, bank name, account holder, PayPal handle, or phone numbers for payment services. Only enter what is necessary and lawful for your club.

3.4 Push notifications

A device token may be stored to send club-related notifications when you use that feature.

3.5 Local storage and technical data

• Data may be cached on the device for performance and offline behaviour.
• Our cloud provider processes technical data (e.g. IP address, timestamps) for operation and security.

As of the date above, the app does not integrate Firebase Analytics or Crashlytics. If that changes, we will update this policy and obtain consent where required.

4. Purposes and legal bases (GDPR)

• Providing the app: Art. 6(1)(b) GDPR.
• Security and abuse prevention: Art. 6(1)(f) GDPR.
• Push notifications: Art. 6(1)(a) and/or (f) GDPR, in line with platform rules and your settings.
• Legal obligations: Art. 6(1)(c) GDPR.

You may object to processing based on legitimate interests where GDPR allows (Art. 21 GDPR).

5. Processors / recipients

We use Google Firebase, including:

• Firebase Authentication
• Cloud Firestore
• Firebase Storage
• Firebase Cloud Messaging
• Cloud Functions (region: europe-west1)

Google may process data as a processor under Firebase / Google Cloud terms. Google and Apple also process data under their own policies when you use Google or Apple sign-in.

6. Transfers outside the EEA

Processing may occur outside the EEA (e.g. USA). We rely on appropriate safeguards under Chapter V GDPR (e.g. Standard Contractual Clauses as implemented in Google’s terms).

7. Retention

For as long as your account exists and clubs retain related data, unless a shorter period is required by law or you exercise erasure rights subject to legal limits.

8. Your rights

Access, rectification, erasure, restriction, portability, and objection to certain processing. You may lodge a complaint with a supervisory authority (Art. 77 GDPR), e.g. in Germany the authority responsible for us or the authority where you live.

9. Security

We use appropriate technical and organisational measures (including encryption in transit and provider access controls). Please protect your device and credentials.

10. Children

The app is not directed at children under 16 (or the applicable age in your country). Contact us if you believe we process a minor’s data without a proper legal basis.

11. Changes

We will update this page and the “Last updated” date when our practices change.

12. Contact

Privacy requests: info@vollholz.app