Last updated: July 2026
Beachmates Privacy Policy
1. Who We Are
Celsior Interactive Ltd ("Beachmates", "we"), a company incorporated in the Republic of Cyprus, registration number HE 489924, registered office at Onisiforou Center, Floor 2, Neofytou Nikolaidi & Theodorou Kolokotroni, Agios Theodoros, 8011 Paphos, Cyprus, is the data controller for personal data processed through the Service. Contact: [email protected]. Given our size, we are not required to and have not appointed a Data Protection Officer; privacy requests should be sent to [email protected].
2. Scope
This Policy explains what personal data we collect, why, on what legal basis, with whom we share it, and your rights, in accordance with the General Data Protection Regulation (GDPR) and applicable Cyprus law. The Service is for users aged 18 or over; we do not knowingly process data of minors.
3. Data We Collect
- Account and profile: name/display name, email, date of birth (for age verification), city, playing level, position, avatar, language preference.
- Gameplay: matches, scores, ratings, tiers, teams, check-ins, slots you create or join, tournament participation.
- Location and presence: approximate or precise location when you enable it, courts you interact with, and your presence status (subject to your visibility settings).
- Social: friends, and the content of messages you send through the Service.
- Payments: transaction records and references. Card details are handled directly by our payment providers; we do not store full card numbers.
- Usage and device: log data, IP address, device and browser information, and interactions with the Service.
- Communications: messages you send us for support.
4. Legal Bases (GDPR Art. 6)
- Performance of a contract: to provide the Service (account, matchmaking, ratings, bookings).
- Consent: precise location, presence sharing, non-essential analytics, marketing. You may withdraw consent at any time.
- Legitimate interests: security, fraud and abuse prevention, improving the Service, enforcing our Terms.
- Legal obligation: accounting, tax and legal compliance.
5. How We Use Data
To operate the Service and its features (matchmaking, ratings, leaderboards, presence, marketplace); to process payments; to ensure safety and moderation; to communicate with you; to improve and secure the Service; and to comply with law.
6. Sharing and Processors
We share data with service providers acting on our behalf, under data-processing agreements:
- Supabase (database, authentication, storage), Cloudflare (hosting, delivery), Polar (first-party payments, merchant of record), Stripe (marketplace payments and Provider KYC), map/tiles provider, analytics provider, email provider.
- Providers (Coaches/Clubs) receive the booking data necessary to deliver a service you purchase.
- Other users can see your public profile, ratings and presence, according to your settings.
- We may disclose data where required by law or to protect rights and safety.
With your explicit consent (Article 6(1)(a) GDPR), we may share or sell your email address to third-party partner companies from any sector, so that they can send you their own marketing offers. These partners process your email address as independent data controllers. You can withdraw this consent at any time from your account settings, without affecting the lawfulness of processing carried out before withdrawal.
7. International Transfers
Where data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or adequacy decisions.
8. Retention
We keep personal data for as long as your account is active and as needed to provide the Service, then delete or anonymise it, except where longer retention is required by law (for example financial and tax records) or to preserve the integrity of competitive records in anonymised form.
9. Your Rights
Subject to law, you have the right to access, rectify, erase, restrict, and object to processing, to data portability, and to withdraw consent. You may exercise these in the app or by contacting [email protected]. You may lodge a complaint with the Office of the Commissioner for Personal Data Protection of Cyprus or your local supervisory authority.
10. Location and Presence Controls
You control whether the app uses your location and whether your presence is visible to others. You can hide your presence ("invisible") at any time. We do not expose the precise real-time location of an individual beyond what presence settings allow.
11. Security
We use technical and organisational measures (including access controls and row-level security) to protect personal data. No system is completely secure; we encourage you to keep your credentials safe.
12. Age
The Service is strictly for users 18 and over. If we learn we hold data of a person under 18, we will delete the account and associated data.
13. Cookies
See our Cookie Policy for details on cookies and local storage.
14. Changes
We may update this Policy and will notify you of material changes and update the date above.
15. Contact
[email protected] · Celsior Interactive Ltd, Onisiforou Center, Floor 2, Neofytou Nikolaidi & Theodorou Kolokotroni, Agios Theodoros, 8011 Paphos, Cyprus.