Privacy Policy
Last updated: March 22, 2026
Who We Are
The website baseballpredict.com and the Baseball Predict mobile applications for iOS and Android (collectively, the "Service") are operated by Rianon s.r.o., a company registered in the Czech Republic ("we," "our," or "us"). We are the data controller for personal information processed through the Service. For any privacy-related questions or to exercise your rights under applicable data protection law, contact us at [email protected].
Information We Collect
Information You Provide
- Email address — when you subscribe to a premium plan, restore access, or contact us
- Communications you send to us via email or contact forms
- Subscription and purchase information processed through Apple App Store, Google Play Store, or Stripe
Information Collected Automatically
- Usage Data: Pages visited, features used, time spent on the Service, interaction patterns, referring URLs
- Device Information: Device type, operating system, browser type, screen resolution, unique device identifiers
- Approximate Location: Country and region derived from your IP address (we do not collect precise GPS location)
- Cookies and Local Storage: Used to maintain session state, remember preferences, and — with your consent where required — measure usage and run advertising
Cookies and Tracking
We use a small number of cookies and similar technologies. Visitors located in the European Economic Area, the United Kingdom, and Switzerland are shown a consent banner and analytics/advertising cookies are loaded only after explicit consent. Strictly necessary cookies (subscription session, theme preference, smart-banner dismissal) are set without consent because the Service cannot function without them. Full details and a complete cookie list are available in our Cookie Policy.
Payment Processing — Stripe
Website subscriptions are processed by Stripe Payments Europe, Limited (with onward processing by Stripe, Inc. in the United States). When you check out, you are redirected to Stripe's hosted checkout page and provide your payment details directly to Stripe. We do not see, store, or process card numbers, CVC codes, or full bank details on our servers. Stripe shares the following information back with us so we can grant access to your subscription: your email address, an anonymous Stripe customer ID, your subscription ID, plan, status, and billing country. Stripe also acts as our merchant of record for VAT/Sales Tax via Stripe Tax — applicable taxes are calculated and remitted by Stripe.
Stripe processes your data under its own privacy policy: stripe.com/privacy. Where Stripe transfers personal data outside the EEA, the transfer is covered by the Standard Contractual Clauses adopted by the European Commission and Stripe's Data Processing Agreement.
Analytics and Advertising
Where you have consented (or where consent is not required by local law), we use:
- Google Firebase Analytics (Google Ireland Ltd. / Google LLC) — to measure how the Service is used and which features matter most. Firebase collects device type, browser, approximate IP-based location, navigation paths, and anonymous user identifiers.
- Google Ads (conversion tag
AW-16637989745) — to measure the effectiveness of our advertising campaigns.
Both services are provided under Google's Privacy Policy. You can opt out at any time by clicking "Reject" or "Manage cookies" in our cookie banner, or by installing the Google Analytics Opt-out Browser Add-on.
How We Use Your Information
- To provide, maintain, and improve the Service and grant access to paid features
- To process payments, refunds, and subscription management
- To respond to support, billing, and privacy inquiries
- To analyze usage trends and detect fraud or abuse
- To meet our legal and accounting obligations under Czech and EU law
Legal Bases for Processing (EEA / UK)
- Performance of a contract — to deliver the subscription you purchased and manage your account
- Legal obligation — to keep accounting records as required by Czech tax law
- Legitimate interests — to operate, secure, and improve the Service, prevent fraud, and respond to your inquiries
- Consent — for analytics and advertising cookies
Sub-processors
We share data with the following service providers strictly to operate the Service:
- Stripe — payment processing and tax (Ireland / United States)
- Google (Firebase, Ads) — analytics and advertising measurement (Ireland / United States)
- Apple, Google Play — mobile subscription processing
- Cloudflare — content delivery, DDoS protection, IP-based country detection (United States)
- Hosting provider — server infrastructure (European Union)
We do not sell your personal information.
International Transfers
Some of our sub-processors (Stripe, Google, Cloudflare) operate in the United States. When personal data is transferred outside the EEA, the transfer is protected by the EU Standard Contractual Clauses and supplementary measures required under GDPR.
Data Retention
- Active subscriptions: as long as your subscription is active
- Cancelled subscriptions: retained for up to 7 years after the last invoice, as required by Czech accounting law (Act No. 563/1991 Coll. and the Czech VAT Act)
- Stripe webhook event logs: retained for 90 days for reconciliation and fraud investigation
- Support email correspondence: up to 2 years after the last contact
- Analytics data: retained by Google according to its standard retention settings (currently 14 months)
Your Rights (EEA, UK, Switzerland)
If you are located in the EEA, the United Kingdom, or Switzerland, you may:
- Request access to a copy of the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data — see our data deletion request page
- Request restriction of processing or object to processing based on legitimate interests
- Request data portability (a machine-readable copy of data you provided)
- Withdraw consent for analytics and advertising cookies at any time
- Lodge a complaint with your local supervisory authority — for users in the Czech Republic this is the Office for Personal Data Protection (ÚOOÚ)
To exercise any of these rights, email [email protected] or use the deletion request form. We respond within 30 days.
U.S. State Privacy Rights (California, Colorado, Virginia, Connecticut, Utah, Texas, Oregon, Montana, and others)
This section applies to residents of U.S. states that grant consumer privacy rights, including the California Consumer Privacy Act as amended by the CPRA ("CCPA").
Categories of Personal Information We Collect
In the past 12 months we have collected the following CCPA-defined categories:
- Identifiers: email address, IP address, Stripe customer ID, device identifiers
- Commercial information: subscription plan, purchase history, billing country
- Internet/network activity: pages viewed, time on site, referring URL, browser and device type
- Geolocation data (coarse): approximate country and region from IP — we do not collect precise GPS location
- Inferences: aggregated usage patterns from analytics
We do not collect sensitive personal information as defined by the CCPA (e.g., government IDs, precise geolocation, account credentials, race, religion, health), and we do not knowingly collect personal information from minors under 16.
How We Use and Share It
We use the categories above for the business purposes described in "How We Use Your Information" above. We share personal information with the sub-processors listed in the "Sub-processors" section, in each case under written contracts that limit use to the services they provide to us.
"Sale" and "Sharing" Disclosure
We do not sell personal information for money. However, when our advertising and analytics tags (Google Ads, Firebase Analytics) load with your consent, the resulting cookies and identifiers may be considered "sharing for cross-context behavioral advertising" under the CCPA. Specifically, identifiers and internet/network activity may be shared with Google for ad measurement and audience-building. We do not engage in cross-context behavioral advertising for individuals we know to be under 16.
Your U.S. Privacy Rights
- Right to know what personal information we collect, use, and share
- Right to access / portability — receive a copy of personal information we have collected about you in the past 12 months
- Right to delete personal information we have collected — see our data deletion request page
- Right to correct inaccurate personal information
- Right to opt out of sale or sharing — click "Your Privacy Choices" in the footer of any page, or send the Global Privacy Control signal from your browser
- Right to non-discrimination — we will not deny service, charge different prices, or provide a different level of quality because you exercised a privacy right
Global Privacy Control (GPC)
We honor the Global Privacy Control signal sent by your browser. When we detect a GPC signal, we treat it as a request to opt out of sale and sharing for that browser, and we do not load advertising or analytics cookies for that session.
How to Exercise Your U.S. Privacy Rights
Email [email protected] from the address associated with your subscription, or use the deletion form. We will respond within 45 days; we may extend this by an additional 45 days when reasonably necessary, with notice. We may need to verify your identity by confirming the email and Stripe customer ID associated with your subscription. You may use an authorized agent to submit a request on your behalf — the agent must provide written permission and we may contact you to verify.
Shine the Light (California)
California Civil Code § 1798.83 entitles California residents to request information about disclosures of personal information to third parties for those parties' direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.
Security
We use HTTPS for all traffic, store passwords and secrets only in environment variables, and never store full payment card details on our servers (handled by Stripe). No method of transmission over the Internet is fully secure, however, and we cannot guarantee absolute security.
Children's Privacy
The Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be posted on this page with a revised "Last updated" date.
Contact Us
Rianon s.r.o., Czech Republic
Email: [email protected]