Privacy

Last updated: 2026-05-16

Who runs this site

This service (“eurovisionmaxxing”, the “Service”) is operated by Valeriia Kulynych, a private individual based in the United Kingdom, as a non-commercial fan project. You can contact the operator at contact@eurovisionmaxxing.com.

What we collect

To let you play, the Service stores:

  • Display name and avatar seed you enter when joining a room.
  • Your votes and any “hot takes” you submit, plus the room you submitted them in.
  • A session cookie that lets the Service recognise you as the same person across page loads in the same room.
  • A language preference cookie (NEXT_LOCALE) and a theme preference stored in your browser's local storage. These are strictly functional.
  • Standard server logs (IP address, user agent, request path, timestamps) recorded by our hosting provider for security and abuse prevention.

We do not ask for your real name, email address, phone number, or payment details. We do not use third-party analytics, advertising trackers, or social-media pixels.

Why we collect it

The data above is processed under UK GDPR Article 6(1)(b) (performance of the implicit contract to provide the service you've asked for) and Article 6(1)(f) (legitimate interest in keeping the Service running and abuse-free). The session and locale cookies are strictly necessary and do not require consent.

Who we share it with

The Service relies on a small number of sub-processors to operate. Each is bound by their own terms and security arrangements:

  • Vercel Inc. — hosting, edge compute, request logs.
  • Supabase Inc. — database, realtime broadcast, authentication storage.
  • Cloudflare, Inc. — DNS and CDN for the public domain.

We do not sell, rent, or otherwise share your data with anyone outside this list.

How long we keep it

Rooms and the votes inside them are kept indefinitely so you can revisit past parties. If you want a room or your individual participation deleted, email the address above and we will remove it promptly. Server logs from our hosting providers are retained per their own policies (typically 30 days or less).

Your rights

Under UK GDPR you have the right to access, correct, delete, or restrict processing of your personal data, and to lodge a complaint with the Information Commissioner's Office. Email us to exercise any of these rights.

International transfers

Some of our sub-processors are based in the United States. Where data is transferred outside the UK or EEA, it relies on the relevant Standard Contractual Clauses or the EU-US Data Privacy Framework, as published by each provider.

Changes

If this policy changes, the “Last updated” date above will change with it. Material changes affecting how existing data is processed will be flagged on the home page.