HeatcheckHeatcheck Privacy Statement
This is the privacy statement of Euphonos BV ("Heatcheck"). If you have any questions about our practices or this Privacy Statement, please contact us at privacy@euphonos.studio.
Last updated: December 16, 2025
Introduction & Key Terms
Heatcheck provides a service that enables users to find the most competitive NBA games to watch. This Privacy Statement describes what happens with your data when you visit our Heatcheck.site website (the "Site") or use our Heatcheck service (the "Service").
In this privacy statement, "personal information" means "personal data" as defined under the EU General Data Production Regulation (GDPR) and other applicable laws. Your use of our Site and Service, and any dispute over privacy, is subject to this Policy and the relevant terms of any other agreement between you and Heatcheck, including the applicable limitations on damages and the resolution of disputes. Those terms are incorporated by reference into this Policy.
Data collection
We process the following personal information which we collected directly from you and others:
Your Account Information.
When you register for the Service, we collect your email address and password. We use your email to register your account. We use a hashed version of the password to authenticate you. We also store your settings in your account to personalise the Service for you, like your favorite teams, and your email preferences. We store this data for as long as you have an account with us. We do this to perform our contract for the Service with you.
Social Media Account Information.
We store the handles (i.e. usernames) of the social media accounts to connect your accounts to the Service. We also store authentication tokens to access the posts of accounts you follow. We share the handles and authentication tokens with your ATProtocol PDS. We store this data as long as you have an account with us. We do this to perform our contract for the Service with you.
Communications Data.
When you register an account with us, we will send you updates via our email service provider Mailgun. We use your email address to send you emails about our Service and, with your consent, our Daily Digests and Notifications. To do this, we will share your email address with Mailgun. The legal basis for sending you emails about our Service is because we have a commercial interest in keeping you informed, or, in the case of Daily Digests and Notifications, because you asked us to do so. We store individual email records sent with Mailgun for 1 day. When you open an email sent through Mailgun, we then collect the timestamp, email client, operating system, version, IP-address and an estimate of your location and timezone. We do this because we have a legitimate interest in understanding how the Service is being used. We store this data for 5 days. When you communicate with us (e.g. by email), for example for support, we may also maintain a record of our communication. We do this to perform our contract for the Service with you. We store this for as long as necessary to provide you with the support.
Payment Data.
When you pay us for the Service, we will share your email address with our merchant, Polar, and upon payment receive a confirmation which we will store. We keep this data for [TODO PLEASE ADD]. We do this to perform our contract for the Service with you.
Website Visits Data.
Heatcheck automatically collects the following information about your use of the Site and Service through cookies, server logs, and other technologies: the domain you visit; your browser type, version and operating system; your IP address; your country of location; the length of time you visit our Site and/or use our Service; the webpages on our Site you visit and when you visit them; and the referring webpage that led you to our Site. We may combine this information with other information that we have collected about you, including, where applicable, your username, name, and other personal information. We share this data with Plausible, a privacy-friendly analytics tool. We do this to better understand how users access and use our Website and Service, because we have a legitimate interest in doing so. We store this data for up to three years.
We may also use the information above to perform troubleshooting of the Site and Service; protect and enforce our legal rights; and prevent and detect fraud and misuse of our Site and Service. We do this because we have a legitimate commercial interest in doing so. We may also use the information above to comply with our legal obligations.
We may retain personal information for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required. In specific circumstances, we may also retain your personal information for longer periods of time corresponding to a statute of limitation, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
Aggregated Information
We may de-identify and aggregate certain personal information we collect such that the information no longer identifies or can be linked to a particular user or an individual data subject ("Aggregated Information"), subject to the terms of any applicable user agreements. We may use this information to improve our Service, analyze usage of our Service, publish market research, and for other marketing, research or statistical purposes, and may disclose such information to third parties for these specific purposes.
Sharing of data
In addition to the recipients mentioned above under TODO, we disclose personal information as set forth below, and where individuals have otherwise consented:
- Service Providers. We may share your information with third party service providers who use this information to perform services for us, such as our hosting provider OVHCloud, our email service provider, our backups provider Backblaze, our auditor, advisors, contractors, and consultants.
- As Legally Required. We may disclose your information if we are required to do so by law (including to law enforcement in the EU and other jurisdictions).
- Protection of Rights. We may disclose information where we believe it necessary to respond to claims asserted against us or, comply with legal process (e.g., subpoenas or warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, and protect the rights, property or safety of Heatcheck, its Users, participants in its open source projects, or others.
Cookies
Heatcheck uses the following cookies and local storage:
| Cookie / Local Storage | Duration | Explanation |
|---|---|---|
| sessionId | 30 days | Used for login during session. |
| sidebar_state | 1 day | Used to determine the initial state of the user's sidebar. |
Cookies and similar technologies like local storage are small files with a unique identifier that are transferred to your browser through our webSite. They allow us to remember users who are logged in, to understand how users navigate through and use the Site, and to display personalized content.
We do not track or enable tracking of individual user activity across multiple sites. For this reason, Heatcheck Site and Service do not respond to browser "do not track" signals or other similar mechanisms.
Security
We have implemented reasonable precautions designed to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee 100% security.
You should take steps to protect against unauthorized access to your passwords, phone, and computer by, among other things, signing off after using a shared computer, choosing robust passwords that nobody else knows or can easily guess, not using a password for more than one site or service, and keeping your log-ins and passwords private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity. We ask you to promptly notify us if you become aware that any information provided by or submitted to our Site or through our Service is lost, stolen, or used without permission at privacy@euphonos.studio.
International Transfers
If you are located within the European Economic Area, the United Kingdom or Switzerland, you should note that our merchant, Polar, stores its data in the United States. This means that when doing a payment, your personal information will be transferred to countries outside these jurisdictions, including the United States where Heatcheck is located. However, we have put in place European Commission approved Standard Contractual Clauses to provide for adequate safeguards to protect personal information transferred outside these jurisdictions. [PLEASE CHECK WHETHER THIS IS THE CASE WITH POLAR]
In addition, if personal information is transferred to other third party service providers located outside these jurisdictions, we will take steps to ensure that your personal information receives the same level of protection as if it remained within these jurisdictions, including by entering into data transfer agreements, using the European Commission approved Standard Contractual Clauses or other safeguards as approved by the European Commission. You have a right to obtain details of the mechanism under which your personal information is transferred outside of the EU by emailing privacy@euphonos.studio.
Children's Privacy
We do not knowingly collect or solicit personal information from anyone under the age of thirteen (13), or knowingly allow such persons to register. If we become aware that we have collected personal information from a child under the relevant age without parental consent, we take steps to delete that information.
Your Rights
Access and Amendment.
If you have registered an account with us and wish to access or update certain personal information contained therein, you may do so online by visiting the "Account" pages in your account. You may also contact our privacy coordinator to access or amend your personal information.
Additional Rights.
Individuals in the European Economic Area (and other jurisdictions where applicable) have additional rights under applicable law:
- to obtain a copy of your personal information together with information about how and on what legal basis that personal information is processed;
- to rectify inaccurate personal information (including to have incomplete personal information completed);
- to erase your personal information (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed);
- to restrict processing of your personal information under certain circumstances;
- to export certain personal information in machine-readable format to a third party (or to you) when we justify our processing on the basis of your consent or the performance of a contract with you and the processing is carried out by automated means;
- to withdraw your consent to our processing of your personal information (where that processing is based on your consent, without affecting the lawfulness of processing based on consent before its withdrawal);
- to obtain, or see a copy of the appropriate safeguards under which your personal information is transferred to a third country or international organization; and
- to object to our use and processing of your personal information that is conducted on the basis of our legitimate interest.
Lodging a Complaint.
You also have the right to lodge a complaint with your local supervisory authority for data protection, or privacy regulator. In the Netherlands, the competent data protection authority is the Autoriteit Persoonsgegevens.
Submitting a Request.
To exercise the above rights or contact us with questions or complaints regarding our treatment of your personal information, contact us at privacy@euphonos.studio. Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will respond to your request within the applicable timeframes set out by law.
California Privacy Rights
California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the types of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to privacy@euphonos.studio. We may ask you to verify your California residency. Contact Us
Changes to the Privacy Statement
This Policy is current as of the effective date set forth above. If we change our privacy policies and procedures, we will post those changes on this page and/or continue to provide access to a copy of the prior version. If we make any changes to this Privacy Statement that materially change how we treat your personal information, we will endeavor to provide you with reasonable notice of such changes, such as via prominent notice on our Site or to your email address of record, and where required by law, we will obtain your consent or give you the opportunity to opt out of such changes.