• Home
  • / Privacy Policy (GDPR Art. 13)

Privacy Policy (GDPR Art. 13)

Information on the processing of personal data at YouVisible

Summary: This Policy explains how YouVisible processes personal data of users and visitors: what data we collect, for which purposes and legal bases, for how long we keep it, to whom it may be disclosed, and what rights you can exercise.

Controller and contact

Controller: YouVisible, sole trader (self-employed), owner of the YouVisible brand.
Tax ID: [NIF]
Registered address: Illescas-Toledo-España
Legal contact email: legal@youvisible.com

General contact: you can write to us through our contact form available on the platform.

Privacy contact / DPO: contact our Data Protection Officer (DPO) through our contact form, which is the main communication channel.

Data processed

We process different categories of data depending on how you use the platform:

  • Identification and contact: name, surname, email, phone (optional), country/language, role (athlete, club/scout, company, legal guardian).
  • Account and authentication: credentials, tokens, verifications (email/SMS), access logs.
  • Content and activity: videos, images, metadata (title, tags, sport/position), lists, favourites, comments, reports.
  • Interactions and usage: views, clicks, searches, device information, approximate IP, technical events (errors, performance).
  • Communications: in-app messages, support, push/email notifications, marketing preferences.
  • Billing: subscribed plan, payment status, transaction identifiers, billing address. We never store full card numbers.
  • Minors / guardianship: guardian data and evidence of consent/verification when required by law.
  • Cookies and similar technologies: technical (necessary), preference, analytics and, where applicable, advertising cookies (always subject to consent).

Special categories: we avoid processing sensitive data (e.g., health data or ideology). If it becomes strictly necessary, processing will only take place with an appropriate lawful basis and explicit consent where required by law.

We use your data for the following purposes:

  1. Service provision
    Registration, login, profile and role management, upload, transcoding and playback of content; messaging and operational notifications.
    Legal basis: performance of the contract (accepted Terms of Use).

  2. Security and moderation
    Ensuring the integrity of the platform, preventing fraud/abuse, protecting minors, managing reports and legal notices, and enforcing the Community Guidelines.
    Legal bases: legitimate interest and legal obligation where applicable.

  3. Support and quality
    Handling incidents, receiving feedback, fixing bugs and improving the service.
    Legal bases: performance of the contract and legitimate interest.

  4. Non-essential analytics
    Product and usage metrics with aggregated or pseudonymised data to better understand how the platform is used.
    Legal basis: consent through the cookie/consent manager.

  5. Marketing and commercial communications
    Sending email communications, push notifications or in-app messages according to your preferences; basic user segmentation.
    Legal bases: consent (opt-in per channel) or legitimate interest for existing customers, in line with applicable regulations.

  6. Billing and accounting
    Managing payments, preventing payment fraud and complying with tax/accounting obligations.
    Legal bases: performance of the contract and legal obligation.

  7. B2B / Marketplace relationships
    Managing vendor companies, KYC/KYB processes where required, and quality control of services offered by third parties.
    Legal bases: performance of the contract and legal obligation.

  8. Legal defense
    Retention and use of data for the formulation, exercise or defense of judicial or administrative claims.
    Legal basis: legitimate interest (Art. 6(1)(f) GDPR).

Recipients and processors

We may share your data with:

  • Service providers (processors): hosting and CDN (e.g., AWS), video transcoding services, payment gateways, email and support platforms, verification services and analytics tools.
    We sign Data Processing Agreements (DPAs) and require appropriate safeguards. We maintain an updated list of subprocessors in the Privacy Center or supporting documentation.
  • Marketplace companies: when you purchase a service from a vendor, we share only the data necessary to fulfil your order (name, contact details, booking information, etc.). These companies act as Controllers of their own processing.
  • Public authorities: when there is a legal obligation or a valid request, we may disclose data to the relevant authorities.

International transfers

Some providers may be located outside the European Economic Area. In such cases:

  • We verify that the country offers an adequate level of protection according to the European Commission, or
  • We sign Standard Contractual Clauses (SCCs) or other mechanisms recognised by the GDPR, or
  • We apply any other appropriate safeguards required by data protection law.

Detailed information about specific transfers is included in our processor contracts and subprocessor list.

Retention periods

We retain data only as long as necessary to fulfil the purposes described and comply with legal obligations:

  • Account and content: while your account remains active. When you delete your account, we remove access and reasonably delete data, keeping only technical/backup copies and the information legally required.
  • Billing data: Billing data: retained for at least 4 years under Spanish tax regulations and up to 6 years where the Spanish Commercial Code applies.
  • Security and moderation logs: for the time required to investigate incidents, prevent abuse and defend against possible claims.
  • Consents and preferences: for as long as necessary to demonstrate compliance or until you withdraw them.
  • Cookies: according to the lifespan specified in the Cookie Policy, usually not longer than 24 months for preference cookies, unless local law states otherwise.

Once the contractual relationship has ended or erasure has been requested, data may remain blocked for the statutory limitation periods solely for the establishment, exercise or defence of legal claims, in accordance with Spanish data protection law.

Data subject rights

You may exercise the rights provided by the GDPR:

  • Access
  • Rectification
  • Erasure
  • Objection
  • Restriction of processing
  • Data portability
  • Withdrawal of consent (when consent is the lawful basis)

To exercise your rights:

  • Use the platform’s contact form (selecting the privacy/legal option), or
  • Write to our contact form clearly stating your request.

If you are not satisfied with our response, you may lodge a complaint with the Spanish Data Protection Agency (AEPD) or the supervisory authority in your country.

Minors

In Spain, the minimum age to provide valid consent for information society services is 14 years (Art. 7 Spanish Data Protection Act – LOPDGDD). Registration must always be completed by an adult. Where the user is under 14, legal guardian consent is mandatory.

  • The platform applies specific protection measures for minors and requires the involvement of a legal guardian when required by law.
  • We may request reasonable evidence of guardianship or consent to enable certain features (e.g., publishing public content or accessing certain contact channels).
  • The guardian may review and manage the minor’s profile and exercise data protection rights on their behalf.

Cookies and similar technologies

We use cookies and similar technologies to:

  • Ensure the technical operation and security of the service (strictly necessary cookies).
  • Remember your preferences (language, interface settings, etc.).
  • Perform usage analytics with aggregated or pseudonymised data.
  • Where applicable, deliver advertising based on consent.

You can find more detailed information in the Cookie Policy, where you can manage your preferences at any time.

Automated decision-making

If we ever use automated decision-making processes that produce legal effects or significantly affect you (e.g., scoring systems or automated moderation), we will inform you about:

  • The logic involved.
  • The importance and expected consequences of the processing.
  • The ways to request human intervention, express your point of view and challenge the decision.

Changes to this Privacy Policy

We may update this Policy to comply with new legal requirements or to incorporate improvements to the service.

When a change is relevant, we will communicate it in a visible way (for example, through notices on the platform or by email) and, where necessary, we will ask you to renew your consent.

Last review: 09 February 2026