Back to dashboard

SportGether Admin

Privacy Policy

Last updated: June 12, 2026

SportGether Admin is used by authorized organizers to manage hiking activities, attendance, invite links, uploaded activity images, and operational records. This Privacy Policy explains how information is handled in the admin portal.

1. Information we collect

We may collect administrator account details, member names, attendance status, organizer notes, activity dates and locations, uploaded activity images, invite-link data, login session records, security metadata, and audit records created when administrators manage activities.

2. How we use information

We use information to authenticate administrators, create and update activities, manage attendance, generate public invite links, display activity images, prevent unauthorized access, troubleshoot errors, and maintain an accurate operational history.

3. Public visibility

Some admin-managed information, including activity title, schedule, location, capacity, participant display names, and uploaded activity images, may appear on public activity pages when an activity is shared publicly.

4. Sharing and service providers

Information may be processed by infrastructure used to run SportGether, including the API service, MariaDB database, object storage for images, hosting, logging, backup, security systems, and CDN/script providers used by the admin app. We do not sell administrator or participant information.

5. Cookies and sessions

The admin portal uses essential cookies and session tokens to keep administrators signed in, separate admin access from public access, remember language preferences, and protect security-sensitive actions.

6. Retention

Activity, attendance, image metadata, and audit records are retained while needed for activity management, accountability, troubleshooting, legal compliance, or backup recovery. Session and login-attempt records may be removed or rotated when no longer needed.

7. Administrator responsibilities

Administrators should enter only information needed to manage activities, avoid uploading sensitive or unauthorized images, keep credentials private, and remove or correct participant information when it is no longer appropriate.

8. Security controls

SportGether uses separate admin sessions, server-side authorization checks, password hashing, CSRF protection for mutating actions, database storage, and object storage controls. No system is completely secure, so suspected unauthorized access should be reported promptly.

9. Rights and requests

Depending on applicable law, individuals may request access, correction, deletion, or restriction of personal information. Requests should be sent to the organization or operator responsible for this SportGether deployment.

10. Operator and contact

SportGether Admin is deployed and operated by the organization that controls this site. Production deployments should replace this section with the legal operator name, contact email, address, and applicable privacy contact process.

11. Changes to this policy

This policy may be updated when SportGether changes features, infrastructure, data handling, or legal requirements. The effective date will be updated when material changes are made.