Privacy Policy

Last updated: March 2, 2026

1. Data Controller

ScoutsLand UG (limited liability)

Rähnitzgasse 20b, 01097 Dresden, Germany

Email: info@scoutsland.com

Managing Director: Egle Neumann

2. General Information on Data Processing

We process personal data exclusively in accordance with legal provisions (particularly GDPR and BDSG).

Personal data is all information relating to an identified or identifiable person (e.g., name, email address, IP address).

3. Types of Data Processed

We process the following types of data in particular:

  • Master data (name, email address, company affiliation)
  • Contract data (subscription, payment status)
  • Usage data (login times, interactions)
  • Technical data (IP address, browser, device, operating system)
  • Payment data (processed via Stripe)
  • Communication data (support requests)

4. Purposes and Legal Bases of Processing

Processing is based on:

  • Art. 6 para. 1 lit. b GDPR (contract fulfillment)
  • Art. 6 para. 1 lit. c GDPR (legal obligations)
  • Art. 6 para. 1 lit. a GDPR (consent, e.g., analytics)
  • Art. 6 para. 1 lit. f GDPR (legitimate interest, e.g., IT security)

5. Our Platforms & Systems

ScoutsLand operates several web applications:

5.1 Backend Infrastructure (scoutsland-service)

Central GraphQL API based on NestJS with MongoDB Atlas. Processing is done for:

  • Account management
  • Authentication
  • Provision of scouting data
  • AI-powered analysis

5.2 Live Scores Platform (scoutsland-live)

React web application with server-side rendering. Collects technical access data to ensure performance and security.

5.3 Scout Panel (scoutsland)

Professional dashboard for scouts, clubs, and agencies. Processes personal account data for contract fulfillment.

5.4 Marketing & Content Hub (scoutsland-landing)

Marketing site with CMS (Sanity). Collects technical data for optimization and performance.

6. Third-Party Service Providers

6.1 Clerk (Authentication)

We use Clerk for secure user authentication.

Data processed:

  • Email address
  • User ID
  • Login information
  • Authentication tokens

Purpose:

  • Secure login
  • Multi-tenant access control
  • Account management

Legal basis: Art. 6 para. 1 lit. b GDPR

Clerk may transfer data to third countries (e.g., USA). Transfer is based on appropriate safeguards (standard contractual clauses).

6.2 Stripe (Payment Processing)

Payments are processed via Stripe.

  • Payment data
  • Billing information
  • IP address
  • Payment status

Stripe is an independent controller for payment data. Stripe's privacy policy applies.

Legal basis: Art. 6 para. 1 lit. b GDPR

6.3 Sportmonks (Football Data)

We obtain live data via the Sportmonks API.

No personal user data is transmitted to Sportmonks. Only match and statistics data is processed.

6.4 Cloudinary (CDN & Media Optimization)

We use Cloudinary for optimized delivery of images and media.

  • IP address
  • Browser type
  • Device information
  • Time of access

Purpose:

  • Performance optimization
  • Reduced loading times
  • Scalable media delivery

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

6.5 Google Analytics

We use Google Analytics to analyze user behavior.

  • Anonymized IP address
  • Browser information
  • Usage behavior
  • Session duration

Google Analytics is only activated after explicit consent.

Legal basis: Art. 6 para. 1 lit. a GDPR

You can withdraw your consent at any time.

6.6 Sentry (Error Monitoring)

We use Sentry for technical monitoring and error analysis.

  • Technical error logs
  • Browser information
  • IP address (possibly truncated)
  • User ID (if logged in)

Purpose:

  • Ensuring system stability
  • Error fixing
  • Performance optimization

Legal basis: Art. 6 para. 1 lit. f GDPR

7. One-Stop-Shop & International Users

For sales to EU private customers below the legal turnover limit, taxation takes place in Germany.

When the threshold is exceeded, processing takes place via the OSS procedure.

8. Cookies

We use:

  • Technically necessary cookies
  • Authentication cookies (Clerk)
  • Analytics cookies (Google Analytics, only with consent)

A cookie banner allows you to manage your consents.

9. Data Security

We implement modern security measures:

  • TLS/HTTPS encryption
  • Role-based access control
  • Serverless infrastructure (Netlify)
  • Monitoring (Sentry)
  • Distributed caching (Redis)
  • Background job processing (Bull Queues)

10. Data Transfer to Third Countries

Some of our service providers (e.g., Stripe, Clerk, Cloudinary, Google, Sentry) may transfer data to third countries.

Transfer only takes place in compliance with legal requirements (standard contractual clauses or adequacy decision).

11. Storage Duration

We store personal data only as long as:

  • It is necessary for contractual purposes
  • Legal retention periods exist
  • Legitimate interests exist

12. Rights of Data Subjects

You have the right to:

  • Information
  • Correction
  • Deletion
  • Restriction
  • Data portability
  • Withdrawal of consent
  • Complaint to a supervisory authority

Please send requests to: info@scoutsland.com

13. Changes to this Privacy Policy

We reserve the right to adapt this privacy policy when our services or legal requirements change.