PlaybookFlowPrivacy Policy
Discord

Current version: 2026-03-26

Privacy Policy

PlaybookFlow Privacy Policy

Effective date: 2026-05-11
Last updated: 2026-05-11

This Privacy Policy explains how PlaybookFlow ("we", "us", "our") collects, uses, stores, and protects personal data in connection with the PlaybookFlow website, application, and related services (the "Service").

1. Data Controller

The controller of your personal data is:

SAVDEV Mateusz Sawczuk
Email: contact@playbookflow.com

2. Personal Data We Collect

Depending on how you use the Service, we may collect the following categories of personal data.

a. Account and authentication data

  • Steam ID;
  • Steam display name;
  • Steam profile URL;
  • Steam avatar and other public profile data made available through authentication or the Steam profile;
  • internal PlaybookFlow user ID;
  • legal acknowledgement versions and timestamps.

b. Contact and communication data

  • email address;
  • email verification status;
  • support messages, feedback, and other communications you send to us;
  • operational email delivery metadata, such as delivery status and timestamps.

c. Workspace and team data

  • personal and team workspace identifiers;
  • team names, tags, membership, roles, invites, and ownership data;
  • workspace status, limits, trial status, subscription entitlement status, and related timestamps.

d. User Content

  • tactics, boards, playbooks, notes, labels, demo review materials, utility lineups, and other content you create, upload, save, share, or collaborate on;
  • demo files during upload and parsing;
  • parsed demo data and related metadata;
  • shared link and invite metadata.

e. Billing and subscription data

When paid features are used, we may collect, generate, receive, or store billing-related data, including:

  • billing contact user ID;
  • payer user ID;
  • workspace owner user ID;
  • workspace ID;
  • billing account ID;
  • payment provider customer ID;
  • payment provider subscription ID;
  • external customer ID used to map payment provider records to a PlaybookFlow workspace;
  • subscription status, current period dates, cancellation status, past-due status, and entitlement status;
  • checkout session status and timestamps;
  • webhook event metadata from the payment provider;
  • invoice, receipt, order, refund, or customer portal metadata where needed for support and reconciliation.

We do not store full payment card details. Payment card details are processed by the payment provider and its payment processing infrastructure.

f. Technical and usage data

  • IP address;
  • browser type and version;
  • operating system;
  • device-related technical information;
  • request logs, error logs, security logs, and diagnostics;
  • timestamps and activity logs related to your use of the Service.

3. How We Collect Data

We collect personal data:

  • directly from you;
  • from your Steam login or associated public profile data;
  • automatically through your use of the Service;
  • from communications you send to us;
  • from payment providers, such as Polar, when you start checkout, manage billing, or when subscription lifecycle events are sent to PlaybookFlow.

4. Purposes of Processing

We process personal data for the following purposes:

  • to create and maintain your access to the Service;
  • to authenticate users through Steam;
  • to verify email addresses and send operational messages;
  • to provide core functionality, including saving and displaying tactical content;
  • to operate personal and team workspaces;
  • to provide team trials, paid subscriptions, and paid workspace entitlements;
  • to create checkout sessions and customer portal sessions;
  • to reconcile subscription status with the payment provider;
  • to process webhook events from the payment provider;
  • to provide support, billing support, and account administration;
  • to maintain security and prevent abuse;
  • to debug, monitor, and improve the Service;
  • to comply with legal, tax, accounting, and regulatory obligations where applicable;
  • to establish, exercise, or defend legal claims.

5. Legal Bases for Processing

Where applicable under data protection law, we process personal data on the following bases:

  • performance of a contract or steps taken at your request before entering into a contract;
  • our legitimate interests, including operating, securing, improving, supporting, and administering the Service;
  • your consent, where required, such as for optional communications or non-essential cookies;
  • compliance with legal obligations, including obligations connected with billing, accounting, tax, security, and legal claims.

6. Payment Provider and Merchant of Record

We use Polar for hosted checkout, subscription management, customer portal access, billing events, invoices, receipts, and related payment-provider services.

Polar may act as Merchant of Record or otherwise provide payment, tax, invoice, receipt, subscription, customer portal, refund, fraud prevention, and billing infrastructure services.

When you start checkout or manage billing, you may be redirected to Polar-hosted pages. Polar may collect and process payment details, billing address, tax information, payment method details, and other information required to complete and manage the transaction.

We share or send only the information needed to connect the payment provider record with the correct PlaybookFlow workspace and payer, such as workspace ID, payer user ID, workspace owner user ID, billing account ID, billing email, subscription metadata, and customer metadata.

7. Sharing of Data

We may share personal data with trusted service providers that help us operate the Service, such as providers of:

  • hosting and infrastructure;
  • databases and object storage;
  • email delivery;
  • payment processing, hosted checkout, customer portal, billing, tax, invoice, receipt, and subscription management;
  • security, monitoring, diagnostics, and abuse prevention tools.

We may also disclose data:

  • if required by law;
  • to protect our rights, users, or the integrity of the Service;
  • to investigate abuse, fraud, security incidents, or payment disputes;
  • in connection with a business transfer, merger, acquisition, or reorganization.

We do not sell your personal data.

8. International Transfers

Your personal data may be processed in countries outside your country of residence, depending on the location of our service providers.

Where required, we will use appropriate safeguards for international transfers in accordance with applicable law.

Payment and billing data processed by Polar or its subprocessors may be transferred or processed according to Polar's own terms, privacy documentation, and data processing arrangements.

9. Data Retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including:

  • for the duration of your use of the Service;
  • for as long as needed to provide workspace access and preserve your content;
  • for as long as needed to maintain security, resolve disputes, and enforce agreements;
  • for legal, tax, accounting, or regulatory retention periods where applicable;
  • for as long as needed to support billing, subscription reconciliation, refund requests, chargebacks, or legal claims.

Failed, incomplete, or expired demo uploads may be removed after a limited retention period. Parsed team demo data may also be removed according to product retention rules.

10. Your Rights

Depending on applicable law, you may have the right to:

  • access your personal data;
  • correct inaccurate data;
  • request deletion of your data;
  • restrict processing;
  • object to certain processing;
  • receive your data in a portable format;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with a competent data protection authority.

To exercise your rights, contact us at contact@playbookflow.com.

Some data may need to be retained where required for legal, tax, accounting, billing, security, or dispute-resolution reasons.

11. Whether Providing Data Is Required

Some data is necessary to use the Service. For example:

  • Steam-related identification data is required for Steam-based login and account access;
  • email may be required for team ownership, billing, operational messages, and account recovery;
  • billing-related data is required to start or manage paid subscriptions;
  • workspace and User Content data is required to provide the features you choose to use.

If you do not provide required data, some parts of the Service may not be available.

12. Automated Decision-Making

We do not use personal data to make solely automated decisions that produce legal or similarly significant effects on users.

Payment providers may use automated fraud prevention, payment risk, tax, or compliance systems as part of their payment processing services.

13. Security

We use reasonable technical and organizational measures to protect personal data. However, no system can be guaranteed to be completely secure.

You are responsible for keeping your Steam account, email account, and devices secure.

14. Children

The Service is not directed to children under the age at which they can lawfully use such a service under applicable law. If you believe a child has provided us with personal data inappropriately, contact us.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, billing, operational, or product changes.

The updated version will be published with a new effective date.

16. Contact

If you have questions about this Privacy Policy or your personal data, contact:

SAVDEV Mateusz Sawczuk
Email: contact@playbookflow.com