Back to Home
Privacy Policy

Our Privacy Policy

Last updated: April 2026

1. Controller

This Privacy Policy describes how Fan In Line ("we", "us", "our") processes personal data.

Controller:
Fan In Line App
France
Email: contact@maximkuzlin.com

We process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

2. Nature of the Service

Fan In Line provides a digital service that allows users to obtain a virtual queue position near a physical venue.

The service is designed to operate without requiring user registration or directly identifying personal information.

3. Categories of Data Processed

We do not collect directly identifying personal data such as names, email addresses, phone numbers, passwords, or payment details.

However, we process certain technical and usage-related data which may qualify as personal data.

3.1 Identifiers

  • Anonymous Firebase user identifier (UID)
  • Device identifier

The application generates a random device identifier (UUID) on the user's device. This identifier is created locally on first use and stored on the device for reuse.

This identifier is not derived from system-level identifiers (such as iOS IDFV or Android device identifiers) and is not linked to the user's real-world identity.

These identifiers are used solely for service functionality, fraud prevention, and maintaining queue integrity.

3.2 Queue and usage data

  • Selected country, city, venue, and queue line
  • Queue date
  • Assigned queue number
  • Ticket code
  • Ticket status (active / left)
  • Timestamps associated with ticket issuance and lifecycle

3.3 Device and application data

  • Language preferences
  • Consent status (privacy and advertising)
  • Application settings required for functionality

4. Location Data

The application requests access to precise device location in order to verify proximity to a venue.

Location data is processed locally on the device and is used solely to determine eligibility for queue participation.

We do not store, transmit, or persist precise GPS coordinates on our servers as part of normal queue assignment operations.

5. Legal Basis for Processing

We rely on the following legal bases under GDPR:

  • Article 6(1)(b) - performance of a contract
  • Article 6(1)(f) - legitimate interests, including fraud prevention, abuse prevention, and system integrity
  • Article 6(1)(a) - user consent, for advertising and tracking technologies where applicable

6. Purposes of Processing

Personal data is processed strictly for the following purposes:

  • providing and maintaining the queue functionality
  • assigning and managing queue positions
  • preventing abuse, duplication, and manipulation of the system
  • restoring active tickets across sessions
  • operating and improving the service
  • displaying advertising through third-party providers, where consent is given

We do not sell personal data and do not build behavioral or identity-based user profiles.

7. Third-Party Services

We rely on the following third-party providers:

Infrastructure

Google Firebase (Authentication, Firestore, Cloud Functions)

Advertising

Google AdMob

AdMob may process certain technical data, including IP address, device information, advertising identifiers, and interaction data, in accordance with the policies of Google.

7A. Venue and Map Data Sources

The application may display venue-related information derived from:

  • manually curated data
  • publicly available datasets such as Wikidata
  • geographic data from OpenStreetMap

Where required, appropriate attribution to OpenStreetMap is provided within the application interface.

Such data is provided for informational purposes only and may not be complete, accurate, or up to date.

8. Tracking and Advertising

The application uses advertising technologies provided by Google AdMob.

Before any advertising is enabled, the application presents a user consent form in accordance with applicable privacy requirements, including the Google User Messaging Platform (UMP).

Advertising is only requested after the consent status is determined and the application is permitted to request ads. Until such consent is obtained, advertising is not initialized or displayed.

On iOS devices, additional permission may be requested through Apple's App Tracking Transparency (ATT) framework.

Depending on the user's consent choices, advertising may be personalized or non-personalized.

9. Data Sharing

We do not sell or disclose personal data to third parties for independent commercial purposes.

Data may be shared only with service providers strictly necessary for:

  • infrastructure operation (Firebase)
  • advertising delivery and measurement (AdMob)

10. International Processing

Our core infrastructure is hosted within the European Economic Area (EEA).

However, certain third-party services, including Google AdMob, may process data outside the EEA under their own data protection frameworks.

11. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes described in this policy.

  • Queue-related records may be retained for up to approximately 9 days after expiration
  • Anonymous user accounts may be retained for up to approximately 30 days before deletion

Retention is implemented through automated backend processes.

12. User Rights

Under applicable data protection law, users may have rights including access, deletion, restriction, objection, and withdrawal of consent.

Due to the anonymous nature of the service and the absence of directly identifying information, we may not be able to identify a user outside their device.

Users can exercise control over their data by:

  • deleting their anonymous account within the application
  • leaving active queues
  • removing the application from their device

13. Account Deletion

The application provides functionality to delete the anonymous account associated with the device.

Deletion will:

  • remove access to queue participation
  • invalidate the associated ticket

Certain technical records may remain temporarily due to retention and cleanup processes.

14. Security

We implement appropriate technical and organizational measures, including secure communication with backend services.

However, no method of transmission or storage can guarantee absolute security.

15. Children

The service is not intended for users under 16 years of age, in accordance with applicable data protection laws.

16. Changes to this Policy

We may update this Privacy Policy from time to time.

Updates will be published within the application or on the website.

Continued use of the service constitutes acceptance of the updated version.

17. Contact

Email: contact@maximkuzlin.com