Legal
Last updated: June 2026
dibsl ("we", "our", or "us") is committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR) and applicable EU privacy laws. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use dibsl.com.
dibsl acts as a data controller for the personal data of event organizers. For participant data collected through events, dibsl acts as a data processor on behalf of the event organizer, who is the data controller.
We collect the following types of information:
Account information (organizers)
Email address and hashed password when you create an account. Legal basis: contract performance (Article 6(1)(b) GDPR).
Participant information
Email address when you register for an event. We generate an anonymous code to identify you in results without exposing your identity to other participants. Legal basis: legitimate interests of the event organizer (Article 6(1)(f) GDPR).
Usage and event data
Click timestamps, reaction times, and event participation data necessary for the operation of the Service. Legal basis: contract performance (Article 6(1)(b) GDPR).
Technical data
Server logs, IP addresses (anonymized), and error logs for security and performance monitoring. Legal basis: legitimate interests (Article 6(1)(f) GDPR).
By design, participants in events are identified only by an anonymous code (e.g. "KX7-449") in public results. Your email address is never shown to other participants or publicly displayed. Only the event organizer can see participant email addresses, and only for events they have created.
We do not sell your personal data. We share data only with the following third-party processors, each bound by GDPR-compliant data processing agreements:
We retain your personal data only as long as necessary:
You may request deletion of your account and all associated data at any time by contacting us at hello@dibsl.com.
If you are in the European Economic Area, you have the following rights under GDPR:
To exercise any of these rights, contact us at hello@dibsl.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.
We use only essential cookies necessary for the operation of the Service:
We do not use tracking, advertising, or analytics cookies. We do not use Google Analytics or any similar tracking services.
Some of our service providers are located outside the European Economic Area (EEA), including in the United States. We ensure that all such transfers are protected by appropriate safeguards, primarily Standard Contractual Clauses (SCCs) approved by the European Commission under Article 46 GDPR.
We implement appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS/TLS), secure authentication via Supabase, bot protection via Cloudflare Turnstile, and access controls limiting who can access personal data. However, no method of transmission over the internet is 100% secure.
The Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately at hello@dibsl.com and we will delete it promptly.
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a prominent notice on the Service at least 30 days before the changes take effect. The date of the last update is shown at the top of this page.
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:
You also have the right to lodge a complaint with your national data protection supervisory authority. In Croatia, this is the Agencija za zaštitu osobnih podataka (AZOP) — azop.hr.