SocialDancer.org

👤 Who's Behind SocialDancer?

Hi! I'm David Freiholtz and I love dancing and privacy.

I built SocialDancer because I wanted a better way to find dance events. I live in Sweden, and I held the position as GDPR responsible person for multiple years at a big hosting company in Sweden. I personally dislike the attention economy and the surveillance economy, so I promise to treat your data like I'd want mine treated - with respect and care.

Legal Entity: SocialDancer is operated by David Freiholtz, a private person (not a company) based in Sweden.

Data Controller: David Freiholtz is the data controller responsible for your personal data processed through this website.

Jurisdiction: This service operates under Swedish and EU law, including full GDPR compliance.

Business Structure: Personal project operated by an individual, not a registered company

🛡️ Your Privacy Comes First

I actually care about your privacy - it's not just legal talk.

✅ GDPR compliant - I follow all EU privacy laws
✅ No data selling - Your data will NEVER be sold
✅ Minimal collection - I only collect what's needed
✅ You're in control - Delete your account anytime
✅ Transparent - I'll tell you exactly what I do with your data

This Privacy Policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and Swedish data protection laws. We process personal data based on the following legal bases:

Consent: For optional features like AI search and newsletter subscriptions
Contract: To provide the services you've signed up for
Legitimate Interest: For security, fraud prevention, and service improvement

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and regular security assessments.

📊 What Information Do We Collect?

Just the basics to make the site work for you:

📧 Email address - So you can log in
👤 Username - How you want to be known
🌍 Country - Required to show relevant events near you
💃 Dance preferences - Events you like or attend
🔍 Search queries - Saved for misuse prevention and improvement
🍪 Essential cookies - To keep you logged in

Personal Data Categories:

Account Information: Email address, username, encrypted password, optional profile information
Usage Data: IP address, browser type, pages visited, time and date of visits, time spent on pages
Preference Data: Dance style preferences, favorite events, bookmarked content
Communication Data: Messages you send us, feedback, support requests
Third-Party Data: If you sign in with Google, we receive your name and email from your Google account

Cookies: We use essential cookies for authentication and session management. We use functional cookies to remember your preferences. All cookies are first-party only.

🎯 How We Use Your Information

Everything we do with your data is to help you find dances:

🔐 Keep you logged in - So you don't have to sign in every time
📍 Show relevant events - Dance events in your area
🤖 AI-powered search - Smart answers to your dance questions (our only search method)
📧 Important updates only - Account security, major changes
🛠️ Improve the service - Fix bugs, add requested features, prevent misuse

Purposes of Processing:

Service Provision: To create and manage your account, provide access to dance event information, enable event bookmarking and preferences
Communication: To send service-related emails (password resets, security alerts, major updates)
Improvement: To analyze usage patterns, identify bugs, develop new features based on user needs
Misuse Prevention: To detect and prevent spam, abuse, and harmful queries in our AI search system
Legal Compliance: To comply with legal obligations, resolve disputes, enforce our agreements
Security: To detect and prevent fraud, unauthorized access, and other harmful activity

Retention: We retain your account data while your account is active. Usage logs are deleted after 90 days. You can request deletion at any time.

🤝 Who We Share Data With (Spoiler: Very Few!)

I'm transparent about our sub-processors:

🤖 Google Gemini AI - Your search queries (all searches use AI)
They process searches to give you smart answers. We also save queries to prevent misuse and improve our service.
Google's AI Terms | Privacy Policy
☁️ Fly.io - Hosts our servers in Stockholm, Sweden
Your data stays in the EU, protected by GDPR
Fly.io Privacy Policy
🗄️ Supabase - Database hosting in Stockholm, Sweden
Stores your account and event data securely in the EU, fully GDPR compliant
Supabase Privacy Policy

🚫 We NEVER sell your data to anyone. Period.

Data Processors (Sub-processors):

Google LLC (Gemini AI): Processes all search queries (our only search method). Data processing location: Global. Legal basis: Legitimate interest in providing search functionality. Data shared: Search queries only, no personal account information. We also retain search queries for misuse prevention and service improvement.
Fly.io Inc: Infrastructure hosting provider. Data processing location: Stockholm, Sweden (EU). All data is encrypted in transit and at rest. DPA (Data Processing Agreement) in place.
Supabase Inc: Database hosting provider. Data processing location: Stockholm, Sweden (EU). Stores all account data, event information, and user preferences. All data is encrypted in transit and at rest. GDPR compliant with EU data residency.

Other Disclosures: We may disclose your information if required by law, court order, or governmental authority. We will notify you of such disclosures unless legally prohibited.

Business Transfers: In the unlikely event of a merger or acquisition, user data would be transferred to the successor entity, and you would be notified before any transfer occurs.

✊ Your Rights & Control

You're in charge of your data:

👁️ See your data - Download everything we have about you
✏️ Fix mistakes - Update wrong information anytime
🗑️ Delete everything - Remove your account and all data
⏸️ Pause processing - Restrict how we use your data
📦 Take it with you - Export your data in standard format
🚫 Say no - Opt out of optional features anytime

Your GDPR Rights:

Right of Access (Article 15): Request a copy of your personal data we process
Right to Rectification (Article 16): Request correction of inaccurate personal data
Right to Erasure (Article 17): Request deletion of your personal data ('right to be forgotten')
Right to Restriction (Article 18): Request restriction of processing your personal data
Right to Data Portability (Article 20): Receive your data in a structured, commonly used format
Right to Object (Article 21): Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for processing at any time

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days as required by GDPR.

💌 Questions? Let's Talk!

I actually read and reply to emails:

📧 Email me directly:
[email protected]

⏱️ Response time:
Usually within 24 hours (I'm pretty quick!)
Legal maximum is 30 days, but I've never taken that long

🏛️ Want to file a complaint?
First, talk to me - I'll try to fix it!
If still unhappy, contact Swedish IMY:
www.imy.se

Data Protection Contact:

Data Controller: David Freiholtz
Email: [email protected]
Response Time: Within 30 days as per GDPR Article 12(3)

Supervisory Authority:

You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY):
Website: www.imy.se
Address: Box 8114, 104 20 Stockholm, Sweden
Phone: +46 8 657 61 00

🔑 Sign In

Terms of Service and Privacy Policy

📍 Jump to what matters to you: