GDPR Register
Record of Processing Activities – GDPR
Data controller: Eurekab (Carlos Kabeya-Waza)
Processing 1 – User accounts
- Data: email address, Firebase UID
- Purpose: authentication and account management
- Legal basis: contract
- Processor: Firebase
- Retention: until account deletion
Processing 2 – QR codes and authorizations
- Data: signed tokens (no personal data)
- Purpose: event access management
- Legal basis: contract
- Retention: duration of the event + technical period
Processing 3 – User communications
- Data: email address
- Purpose: user support and product communication
- Legal basis: legitimate interest
- Channels: info@freeck.io (operated by Eurekab)
- Retention: duration of the user relationship
Processing 4 – Technical logs
- Data: anonymized logs, crash reports
- Purpose: security and stability
- Legal basis: legitimate interest
- Retention: 90 days