Privacy Policy – NM PokerApp

Last Updated: Novemeber 21, 2025
Effective Date: Novemeber 21, 2025

PKR AS («we», «us», «our») respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect information when you use NM PokerApp (the «App»).

This policy complies with the General Data Protection Regulation (GDPR) and Norwegian Personal Data Act.

PKR AS
Email: app[a]poker.no
Support: app[a]poker.no

During Registration:

• Email address
• Password (encrypted)
• Full name
• Date of birth

While Using the App:

• Profile picture (if you upload one)
• Fantasy team names and composition
• League names and invite codes (for private leagues)
• Feedback and bug reports

Technical Information:

• Device type and model
• Operating system and version
• App version
• Timezone and language settings
• Unique device ID

Usage Data:

• Time spent in the App
• Search history (players)

Error and Performance Data (via Sentry):

• App crashes and error messages
• Stack traces (technical error information)
• Performance metrics

Google Sign-In:

• Name
• Email address
• Profile picture (if available)

PokerLens API:

• Tournament participation
• Tournament results
• Player statistics

kHoldem API:

• Live tournament data
• Leaderboards
• Results information

We use your personal information for the following purposes:

• Create and manage your account
• Authenticate you during login
• Display tournaments and player statistics
• Manage fantasy leagues and teams
• Send important messages about your account

Legal Basis: Contract performance (GDPR Art. 6(1)(b))

• Analyze usage patterns to improve the App
• Identify and fix bugs
• Develop new features
• Optimize performance

Legal Basis: Legitimate interests (GDPR Art. 6(1)(f))

• Send you service updates
• Respond to your inquiries
• Notify of changes to terms or privacy
• Marketing (only with your consent)

Legal Basis:

• Contract performance for service-related communication
• Consent for marketing (GDPR Art. 6(1)(a))

• Prevent fraud and abuse
• Comply with legal requirements
• Enforce our Terms of Service
• Protect our rights

Legal Basis: Legal obligation (GDPR Art. 6(1)(c)) and legitimate interests

We do NOT share your personal information with third parties for their marketing purposes.

We only share data with:

Supabase (Database and Authentication)

• Location: EU/EEA
• Purpose: Storage of user data and authentication
• Data: All account information, fantasy data
• Privacy Policy: https://supabase.com/privacy

Sentry (Error Tracking)

• Location: USA (with Standard Contractual Clauses)
• Purpose: Monitoring app errors and performance
• Data: Technical data, error messages, session replays
• Privacy Policy: https://sentry.io/privacy/

Render (API Hosting)

• Location: EU
• Purpose: Hosting backend API
• Data: Technical data passing through API
• Privacy Policy: https://render.com/privacy

PokerLens

• Purpose: Fetch tournament data and link player profiles
• Data: Name, tournament results (public information)

kHoldem

• Purpose: Live tournament data
• Data: Only tournament requests (no personal data)

We may share information if necessary to:

• Comply with applicable law or legal processes
• Protect our or others’ rights
• Prevent or investigate possible criminal activity

Your personal information may be transferred to and stored in countries outside the EEA, specifically the USA (Sentry).

For transfers to the USA:

• We use Standard Contractual Clauses approved by the EU Commission
• Our providers are committed to GDPR-equivalent protection levels
• You can request a copy of the safeguards by contacting us

We store your personal information for as long as necessary for the purposes described in this policy:

After these periods, data is:

• Permanently deleted, or
• Anonymized (link to you is removed)

You have the following rights regarding your personal information:

You can request a copy of all personal information we have about you.

You can ask us to correct inaccurate or incomplete information.

You can request that we delete your personal information. You can easily delete your entire account and associated data directly within the App under Settings → Delete Account.

Alternatively, you can request deletion if:

• The information is no longer necessary
• You withdraw consent
• You object to the processing
• The information has been unlawfully processed

Note: We may be obligated to retain certain information (e.g., for accounting requirements).

You can request to receive your personal information in a structured, machine-readable format to transfer to another service.

You can object to processing based on legitimate interests.

You can request that we limit the processing of your information in certain situations.

When processing is based on consent, you can withdraw consent at any time.

How to Exercise Your Rights:

• In the App: Go to Settings → Privacy
• Email: app[a]poker.no
• We will respond within 30 days

We take security seriously and use the following measures:

Technical Security:

• Encryption of data in transit (TLS/SSL)
• Password encryption (bcrypt hashing)
• Secure authentication via Supabase Auth
• Row Level Security (RLS) on database
• Regular security audits

Organizational Measures:

• Access control (only authorized personnel)
• Regular employee training
• Data minimization principles
• Regular backups

Monitoring:

• Real-time error monitoring via Sentry
• Automated security alerts
• Logging of security-relevant events

We only use technically necessary cookies for:

• Authentication (session tokens)
• Preferences (language, settings)

These do not require consent as they are necessary for the service’s function.

We do NOT currently use third-party cookies for analytics or marketing.

Sentry may record your interaction with the App when an error occurs. This:

• Helps us fix bugs
• Automatically masks sensitive information
• Is stored for only 90 days
• Can be disabled in settings

The App is not intended for individuals under 18 years of age. We do not knowingly collect information from anyone under 18. If we discover that we have collected data from a person under 18, we will delete it immediately.

If you believe a person under 18 has provided us with information, please contact us.

We may update this Privacy Policy from time to time. For material changes, we will:

• Notify you via the App or email
• Request new consent if necessary
• Publish the new version with an updated date

We encourage you to read this policy regularly.

For privacy questions or to exercise your rights:
Email: app[a]poker.no
Support: app[a]poker.no
Address: Sogstikollen 1, 1446 Drøbak, Norway

If you believe we are not processing your personal information in accordance with GDPR, you have the right to complain to:

Norwegian Data Protection Authority (Datatilsynet)
P.O. Box 458 Sentrum
0105 Oslo
Phone: +47 22 39 69 00
Email: postkasse[a]datatilsynet.no
Website: www.datatilsynet.no

By using NM PokerApp, you accept this Privacy Policy.