Privacy Policy
Last updated: 18 April 2026.
This privacy policy explains how appfoot.com and the AppFoot platform collect, process, store and protect your personal data. It complies with Regulation (EU) 2016/679 of 27 April 2016 (GDPR) and applicable French law.
1. Data controller
The data controller is AppFoot, publisher of appfoot.com. For any question regarding the protection of your data, contact us at contact@appfoot.com.
2. Data collected and purposes
We collect only the data strictly necessary for each declared purpose.
2.1. Contact form
- Data: first name, last name, email address, phone (optional), profile (club, player, agent, other), subject, message.
- Purpose: handle your request and reply.
- Legal basis: your consent (art. 6.1.a GDPR) and our legitimate interest in responding to enquiries (art. 6.1.f GDPR).
2.2. Security and anti-spam
- Data: IP address, submission timestamp, technical data from Google reCAPTCHA.
- Purpose: prevent abuse and automated submissions.
- Legal basis: legitimate interest in protecting our infrastructure (art. 6.1.f GDPR).
2.3. Technical browsing
- Data: browser type, pages visited, session duration (anonymised).
- Purpose: keep the site running correctly.
- Legal basis: legitimate interest (art. 6.1.f GDPR).
3. Recipients
Your data is strictly for internal use. It is never sold, rented or transferred to third parties for commercial purposes.
Authorised recipients are:
- Authorised AppFoot staff handling your request ;
- Technical processors (hosting provider, Google reCAPTCHA), strictly limited to what their task requires.
4. Transfers outside the European Union
Data is hosted exclusively on servers in the European Union. No regular transfer to a third country takes place. The Google reCAPTCHA service may involve processing by Google LLC (United States); that transfer is covered by the European Commission's Standard Contractual Clauses and the EU-US Data Privacy Framework.
5. Retention periods
| Data category | Retention |
|---|---|
| Contact message | Maximum 3 years after last exchange |
| Technical logs | Maximum 12 months |
| IP address (anti-spam) | 1 hour (sliding window) |
| Cookie consent | 13 months |
6. Security
We implement appropriate technical and organisational measures:
- Encrypted communications (TLS 1.2 minimum);
- Encryption of sensitive data at rest;
- Strict administrator access controls, operation logging;
- Regular backups, stored in the European Union;
- Regular security reviews.
7. Your rights
Under articles 15 to 22 of the GDPR, you have the right to:
- Access — obtain a copy of your data;
- Rectification — correct inaccurate or incomplete data;
- Erasure — request deletion of your data;
- Restriction — request temporary suspension of processing;
- Objection — object to processing based on legitimate interest;
- Portability — receive your data in a structured format;
- Withdraw consent at any time, without retroactive effect on prior lawful processing.
To exercise your rights, write to contact@appfoot.com. We reply within one month. Proof of identity may be requested in case of reasonable doubt.
8. Complaint to the supervisory authority
If, after contacting us, you feel your rights are not being respected, you have the right to lodge a complaint with the CNIL in France: cnil.fr, or with the supervisory authority in your country of residence.
9. Special protection for minors
In accordance with article 8 of the GDPR and French law, minors under 15 cannot consent alone to data processing in online services. Underage player accounts are mandatorily linked to a parent or legal guardian account, which approves access and receives staff communications.
Minors' data benefits from reinforced protection: systematic parental consent, purpose limitation, no profiling, no advertising exposure.
10. Cookies
The use of cookies is described in detail in our cookie policy. No advertising or third-party tracking cookies are placed.
11. Policy updates
AppFoot may update this policy. The latest update date is shown at the top of this page. Significant changes are communicated to active users at least 30 days before they come into effect.
12. Contact
For any question on this policy or on the protection of your personal data, write to contact@appfoot.com.