Privacy Policy
Last updated: March 2026
1. Data Controller
GoRare is operated as an individual enterprise. Contact: [email protected].
2. Data Collected
We collect the following data when you use GoRare:
- Sorare account information (username, avatar, portfolio data) β obtained via Sorare OAuth
- Email address β provided during authentication
- Subscription and payment data β processed by Stripe
- Usage data β pages visited, features used, anonymized analytics via Google Analytics
We never store your Sorare password. Authentication is handled entirely by Sorare's official OAuth system.
3. Purpose of Data Processing
- Provide and maintain your GoRare account
- Sync and display your Sorare portfolio
- Send price alerts and push notifications you have configured
- Process subscription payments
- Improve the service through anonymized usage analytics
4. Legal Basis
- Contract execution β providing the service you subscribed to
- Consent β for push notifications and marketing emails
- Legitimate interest β for service improvement and security
5. Third-Party Services
We share data with the following third-party services, strictly for the purposes described:
- Sorare (sorare.com) β portfolio synchronization via OAuth and GraphQL API
- Stripe (stripe.com) β payment processing (we never store your card details)
- OneSignal (onesignal.com) β push notifications
- Google Analytics β anonymized usage statistics
We never sell your personal data to third parties.
6. Data Retention
Your data is retained for as long as your account is active. If you delete your account, all personal data is removed within 30 days. Anonymized analytics data may be retained indefinitely.
7. Cookies
GoRare uses the following cookies:
- Essential cookies β authentication session, CSRF protection (strictly necessary)
- Analytics cookies β Google Analytics (can be disabled in your browser)
8. Your Rights (GDPR)
Under the General Data Protection Regulation (GDPR), you have the right to:
- Access β request a copy of your personal data
- Rectification β correct inaccurate data
- Erasure β request deletion of your data
- Portability β receive your data in a structured format
- Objection β object to data processing based on legitimate interest
To exercise these rights, contact us at [email protected]. You may also file a complaint with the CNIL (cnil.fr).
9. Data Security
We implement appropriate technical and organizational measures to protect your data, including encrypted connections (HTTPS), secure server infrastructure hosted in Europe, and regular security reviews.
10. Contact
For any questions about this privacy policy, contact us at [email protected].