What we collect and why.
Short version: cookieless self-hosted analytics, no third-party scripts, no advertising. The long version is below.
TL;DR
Whatchlive collects only what the app needs: your Keycloak account, your bars and votes in our database, your location coordinates only when you explicitly share them, and cookieless anonymous usage statistics via self-hosted Umami. No cookies, no third-party trackers, no advertising pixels.
Controller
The data controller is the operator per the imprint. For privacy questions or to exercise your rights (GDPR Art. 15–20), reach us by email.
What we collect
When you use Whatchlive, the following data ends up in our systems:
- Account data. First name, last name, email, verification status — managed in our self-hosted Keycloak instance. You can view, change or delete this data at any time under 'My account'.
- Activity data. Your bars (if you're a bar owner), match suggestions (votes), favourites, interested matches. Tied to your Keycloak sub-ID, not to your email.
- Location coordinates. Only when you explicitly share location via the header pin or the 'Bars near you' section. We hold latitude/longitude in the browser session (memory), not in our database. 'Stop sharing' drops the coordinates immediately.
- Browser + usage stats. Cookieless analytics via Umami: visited page, locale, browser/OS from the User-Agent header, hashed IP for coarse country attribution. Plus named events (geo_shared, bar_created, vote_submitted). Never personal content, never form input.
- Email delivery status. For confirmation and notification mails (e.g. vote confirmation to bar owners, account-deletion confirmation) we log delivery status via Brevo. Mail bodies are composed at send time and not retained in our database.
- Operational logs. Service logs on our Kubernetes servers (request timestamp, HTTP status, anonymised after 7 days). They never leave our infrastructure.
What we don't collect: cookies, third-party trackers, advertising pixels, cross-site identifiers, fingerprints. No data ever goes to Google, Meta or any ad partner.
Subprocessors
The following services process data on our behalf:
- Keycloak. Self-hosted on our Swiss Switch Engine infrastructure. Stores accounts, password hashes and sessions. No third party.
- Umami Analytics. Self-hosted at analytics.maram.ch (Switch Engine, Switzerland). Cookieless, anonymised session aggregates. Maximum retention 90 days.
- Sanity CMS. SaaS headless CMS hosted in EU/US for editorial content (footer copy, hero images). Stores no user or activity data.
- Brevo. SaaS transactional-email provider, EU-based. Receives only the minimum needed for each send (recipient email + template variables) and returns delivery status.
- Switch Engine (Cloud). Swiss academic cloud provider — hosts our MongoDB database and S3 object storage (bar photos). Servers in Switzerland.
How long we keep it
Account data stays until you delete your account. Activity data (votes, favourites) gets anonymised or deleted on account deletion per the treatment matrix in our internal DSGVO doc. Analytics get aggregated automatically after 90 days. Operational logs are anonymised after 7 days.
Your rights
You have the right to access (GDPR Art. 15), rectification (Art. 16), erasure (Art. 17) and data portability (Art. 20) at any time. Under 'My account' you can export your data yourself ('Download my data'), edit it, or delete your account entirely — the deletion cascade removes or anonymises all linked data across both services automatically.
Privacy contact
Email contact@whatchlive.com — privacy requests are typically answered within 30 days.
Last updated: