Privacy Policy
Last updated: 24 June 2026
This Privacy Policy explains how Ratibly.com ("Ratibly", "we", "us") collects, uses, shares, and protects personal data when you use the Ratibly website, applications, and services (the "Service").
It should be read together with our Terms of Service.
1.Overview
Ratibly is a coordination tool for recurring real-world group activities. To provide it, we process personal data about the people who hold accounts (Organizers and Users) and about the Members whom Organizers manage within their Organizations. We aim to collect only what we need and to be transparent about how it is used.
2.Our role: controller & processor
Under data-protection laws such as the EU and UK GDPR, the responsibility for personal data depends on who decides why and how it is processed:
- We are the controller of account and usage data — the data we collect to create accounts, operate, secure, bill, and improve the Service (for example, your name, email, and login activity).
- We act as a processor for the Member data that an Organizer chooses to collect and manage within their Organization (for example, profile-form responses, participation, and attendance records). In that case the Organizer is the controller: they decide what to collect and why, and they are responsible for having a lawful basis and for informing their Members. We process that data on the Organizer's instructions to provide the Service.
If you are a Member and have questions about how your data is used within a particular group, please contact that group's Organizer, who is the controller of that data.
3.Data we collect
Information you provide
- Account data: name, email address, password (stored hashed) or Google sign-in identifier, and optionally a username, phone number, country, city, and time zone.
- Profile and group data: profile photos and any information collected through Organization or activity forms, which the Organizer defines.
- Participation data: the sessions you join, waitlist and cancellation status, attendance, and operational notes (such as whether an Organizer recorded a Member as having paid).
- Content you upload: images and files you add to the Service.
- Communications: messages you send us, such as support requests, and your interactions with the Gigi assistant.
Information collected automatically
- Usage and device data: log data, IP address, browser and device information, and product-analytics events about how you use the Service.
- Cookies and similar technologies: used to keep you signed in and to understand usage (see section 9).
Billing data
When you subscribe to a paid plan, payment is processed by our Merchant of Record, Polar. We receive subscription status and limited billing details, but we do not collect or store your full card details — those are handled by Polar and its payment processors.
4.How we use data & legal bases
Where the EU/UK GDPR applies, we rely on the following legal bases:
- To provide the Service — create and manage your account, run Organizations, sessions, rankings, and other features (performance of a contract).
- To operate, secure, and improve the Service — analytics, troubleshooting, preventing abuse, and product development (legitimate interests).
- To communicate with you — service emails such as verification, password resets, and invitations (contract and legitimate interests).
- To take payment — manage subscriptions and billing (contract and legal obligation).
- To comply with the law and to establish, exercise, or defend legal claims (legal obligation and legitimate interests).
- With your consent — where we ask for it, for example for certain non-essential cookies. You can withdraw consent at any time.
We do not sell your personal data, and we do not use the content you submit to Gigi to train third-party foundation models.
6.International transfers
We and our service providers may process personal data in countries other than your own. Where we transfer personal data outside the EEA, the UK, or another region with data-protection laws, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum) or an adequacy decision, where applicable.
7.Data retention
We keep personal data for as long as your account is active and as needed to provide the Service, and afterwards only as long as necessary for the purposes described here — for example, to comply with legal, accounting, or reporting obligations, or to resolve disputes. When data is no longer needed, we delete or anonymise it. Member data we process on an Organizer's behalf is retained according to the Organizer's instructions and is deleted or returned when our agreement with them ends, subject to limited backup retention.
8.Your rights
Depending on where you live, you may have the right to access, correct, delete, or receive a copy of your personal data; to object to or restrict certain processing; to withdraw consent; and to lodge a complaint with your local data-protection authority.
To exercise these rights for data we control, contact us at support@ratibly.com. If your request concerns data an Organizer manages about you within their group, we will refer you to, or assist, that Organizer as the controller. We will respond within the time required by applicable law.
10.Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and hashed passwords. No system is completely secure, so we cannot guarantee absolute security; please use a strong, unique password and keep your credentials confidential.
11.Children
The Service is not intended for children below the age of digital consent in their country (generally 16, and at least 13). We do not knowingly collect personal data from such children. If an Organizer collects data about minors through the Service, the Organizer is responsible for obtaining any required parental or guardian consent. If you believe a child has provided us personal data without proper consent, contact us at support@ratibly.com and we will take appropriate steps.
12.Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated version on this page with a new "Last updated" date and, for material changes, provide additional notice (such as email or an in-app notice) where appropriate. Your continued use of the Service after the changes take effect means you acknowledge the updated policy.
13.Contact us
For any privacy questions or requests, contact us at support@ratibly.com.
Data controller: Ratibly.com (contact: support@ratibly.com).