1. Introduction
GameTab ("we," "our," or "us") is a sports group management app developed by Nexavyn (ABN: 21 696 400 476), a sole trader business based in Australia. It helps you organise, join, and participate in local sports games and tournaments. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and what choices you have.
By using GameTab, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the app.
2. Information We Collect
2.1 Account Information
When you register, we collect:
- Full name (first and last name)
- Email address
- Password (stored as a secure hash — never in plain text)
- Username (auto-generated on signup; unique identifier)
2.2 Profile Information (Optional)
After registration, you may optionally provide:
- Phone number
- City, State/Region, and Country (manually entered — not GPS-derived)
- Profile photo (uploaded to secure cloud storage)
- Bio / short description
- Sport interests and skill levels
2.3 Game & Group Activity
When you participate in groups and games, we record:
- Groups you create or join
- Games you register for or create (dates, times, venue name, participant status)
- Your participation status: Confirmed, Waitlisted, or Cancelled
- Game venues (place name, street address, city — text only; no GPS coordinates)
- Tournament participation and scores you submit
2.4 In-App Communications
- Comments you post on group announcements
- Poll votes
- Feedback and support messages you submit within the app
- Direct messages sent between users
- Game chat messages within a game
2.5 Credits & Transactions
- In-app credit balance per group
- Credit transactions (amounts, dates, type, and notes)
- Credit requests sent or received between group members
- Subscription or payment transaction records (where applicable), including amount, currency, type, and reference ID
2.6 Notification & Push Token Data
- Device push notification tokens (to deliver alerts to your device)
- Your notification preferences (per type and per group)
- In-app notification history (type, message, timestamp)
2.7 Device & Session Data
- Device platform (iOS or Android) — used only for targeted push notification delivery
- Session tokens (stored locally on your device; not transmitted to our servers)
3. Device Permissions
GameTab requests the following device permissions. Each is requested only when the relevant feature is used, and you can manage or revoke them at any time from your device Settings.
3.1 Camera
- Why: To take a photo when updating your profile picture
- When asked: Only when you tap "Take Photo" in profile settings
- Data handling: Photo is processed on your device and uploaded to our secure cloud storage. No other camera access occurs.
3.2 Photo Library / Media
- Why: To select a photo for your profile picture or a group's cover image
- When asked: Only when you tap "Choose from Gallery"
- iOS Limited Access: We fully support iOS Limited Photo Access. If you grant limited access, only photos you select are visible to the app.
- Data handling: Selected photo is uploaded to our secure storage. We do not browse or scan your photo library.
3.3 Contacts
- Why: To help you find and invite friends to join GameTab groups via SMS
- When asked: Only when you open the "Invite Friends" screen
- Data accessed: Contact name, phone number, and email address (local only)
3.4 Calendar
- Why: To add game reminders to your calendar so you never miss a match
- When asked: Only when you choose to add a game to your calendar
- Data handling: Events are written to your device calendar only. No calendar data is sent to our servers.
3.5 Push Notifications
- Why: To alert you about new games, player updates, reminders, group announcements, and messages
- When asked: On first app launch after login
- Data handling: A push token is stored in our database linked to your account, and deleted when you log out. You can customise notification types within the app and mute individual groups.
3.6 Location
GameTab does not request or access your GPS location. Game and group venues are entered as text addresses. No location tracking occurs.
4. How We Use Your Information
| Purpose | Data Used |
|---|---|
| Provide and operate the app | Account info, group/game data, activity |
| Authenticate your identity | Email, password, session tokens |
| Show your profile to group members | Name, photo, sport skills, city/country |
| Send notifications | Push tokens, notification preferences |
| Facilitate game scheduling | Game dates, venue, participant lists |
| Track game participation | Registration status, game history |
| Manage in-app credits | Credit balances, transaction history |
| Enable friend invitations | Contacts (local only; never stored by us) |
| Respond to support requests | Feedback messages, email |
| Comply with legal obligations | As required by applicable law |
5. How We Share Your Information
5.1 With Other GameTab Users
The following is visible to other members within shared groups:
- Your name and profile photo
- Your city and country
- Your sport skills and interests
- Your game participation status (Confirmed / Waitlisted)
- Comments you post on announcements
The following is never visible to other users: your email address, phone number, credit balance, password, or device information.
5.2 With Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase (supabase.com) | Database, authentication, file storage | All user and app data |
| Expo / EAS (expo.dev) | Push notification infrastructure | Device push tokens, notification content |
| Apple APNs | iOS push notification delivery | Push token, notification payload |
| Google FCM | Android push notification delivery | Push token, notification payload |
| OpenStreetMap Nominatim | City name autocomplete in profile | City search text only (no user ID) |
We do not sell your personal data. We do not share your data with advertisers or data brokers. We do not use your data for advertising, behavioural profiling, or targeted marketing of any kind.
5.3 Legal Disclosure
We may disclose your information if required by law, court order, or government authority, or to protect the rights, property, or safety of GameTab, our users, or the public.
6. Data Storage and Security
- Database and file storage are hosted by Supabase (PostgreSQL cloud database)
- All data is transmitted over HTTPS/TLS encrypted connections
- Passwords are hashed using Supabase's secure authentication (bcrypt)
- Session tokens are stored locally on your device and auto-refreshed
- Push tokens are deleted immediately when you log out
7. Data Retention
Your data is retained as long as your account is active. When you delete your account, all personal data is permanently deleted. Some content (games, announcements) may be retained in anonymised form to preserve group history for other members.
8. Your Rights and Choices
8.1 Access and Correction
You can view and update your profile at any time within the app (Profile → Edit Profile).
8.2 Notification Preferences
Manage notification types and mute specific groups within the app (Profile → Notification Settings). You can also revoke push notification permission via device Settings.
8.3 Permission Management
- iOS: Settings → Privacy & Security → [Permission] → GameTab
- Android: Settings → Apps → GameTab → Permissions
8.4 Account Deletion
Permanently delete your account from within the app (Profile → Account Settings → Delete Account). Upon deletion, the following is permanently removed:
- Your profile (name, email, phone, photo, bio, location, sport skills)
- All group memberships and roles
- All game participation records
- All credit balances and transaction history
- All push notification tokens
- All in-app notifications and poll votes
- Your authentication credentials (email, password, sessions)
8.5 Data Export / Access Request
To request a copy of your personal data, contact us at support.gametab@nexavyn.com. We will respond within 30 days.
9. Children's Privacy
GameTab is not directed to children under the age of 13 (or under 16 where a higher threshold applies). We do not knowingly collect personal information from children under 13. If you believe your child has provided us with personal information, contact us at support.gametab@nexavyn.com and we will promptly delete it.
10. California Privacy Rights (CCPA)
California residents have the right to know what personal information we collect, request deletion, and opt out of sale (we do not sell personal information). To exercise these rights, contact support.gametab@nexavyn.com.
11. GDPR / EEA Users
If you are in the European Economic Area or United Kingdom, you have rights under GDPR including: access, rectification, erasure, restriction, portability, and the right to object. Our lawful basis for processing is contract performance (to provide the app), legitimate interests (security, fraud prevention), and consent (for optional features). Contact support.gametab@nexavyn.com to exercise your rights.
12. Analytics and Crash Reporting
GameTab does not currently use any third-party analytics or crash reporting services. App logs are written to your device console only and are not transmitted to any server.
If we integrate a third-party analytics or crash reporting tool in a future version, we will update this Privacy Policy before that change is deployed and notify users as described in Section 13.
13. Data Breach Notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours of becoming aware of the breach (where required by GDPR)
- Notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms
- Notify the Australian Information Commissioner where required under the Notifiable Data Breaches (NDB) scheme
Notifications will be sent to the email address associated with your account and/or posted at nexavyn.com/gametab/privacy.
14. Australian Privacy Act
Nexavyn operates in Australia and complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Under Australian privacy law, you have the right to:
- Know what personal information we hold about you
- Access your personal information
- Correct inaccurate, incomplete, or out-of-date information
- Request deletion of your personal information
- Complain about a breach of the APPs
To exercise any of these rights, contact us at support.gametab@nexavyn.com. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
15. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of Australia. Any disputes relating to this policy shall be subject to the jurisdiction of Australian courts.
Where users are located in other jurisdictions (including the EEA, UK, or California), the additional rights described in Sections 10 and 11 also apply.
16. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy at nexavyn.com/gametab/privacy and updating the "Last Updated" date above.
17. Contact Us
For privacy questions, data requests, or to report a concern:
We aim to respond within 30 days.
You can also use the in-app Feedback form: Profile → Help & Feedback