PRIVACY POLICY

INTRODUCTION

HoopsTrackr (hereinafter "We", "Our" or "the Publisher") places paramount importance on the protection of your personal data and respect for your privacy.

This Privacy Policy aims to inform you clearly and transparently about how we collect, use, store and protect your personal data when you use our HoopsTrackR web application (hereinafter "the Application").

By using our Application, you accept the practices described in this Privacy Policy. This policy complements our Terms of Service and our Cookie Policy.

1. DATA CONTROLLER

The controller of personal data processing is:

HoopsTrackr

Email: hello@hoopstrackr.com

2. PERSONAL DATA COLLECTED

In the context of using the HoopsTrackR Application, we collect different categories of personal data:

2.1 Identification data

• First and last name
• Username (nickname)
• Email address
• Phone number (optional)
• Profile photo (optional)
• Date of birth
• Gender

2.2 Sports data

• Age category (U7, U9, U11, U13, U15, U17, U18, U20, Seniors, Veterans)
• Competition level (Departmental, Regional, National, etc.)
• Preferred position (Point Guard, Shooting Guard, Small Forward, Power Forward, Center)
• Dominant hand
• Current team and jersey number

2.3 Performance data

• Match statistics (points, rebounds, assists, steals, blocks, fouls, minutes played, etc.)
• Match results (win/loss, score)
• Match information (date, opponent, location, competition type)
• Personal comments and observations
• Personal goals and badges obtained
• Training data (for Pro and Elite accounts)

2.4 Connection and technical data

• IP address
• Browser type and version
• Operating system
• Connection date and time
• Pages viewed and actions taken

2.5 Payment data (for subscriptions)

• Subscription type subscribed to
• Transaction history and renewal date

Important note: Banking data (card number, cryptogram) is never stored on our servers. It is processed directly by our secure payment provider, compliant with PCI-DSS standards.

2.6 Data from Google authentication

If you choose to connect via Google (OAuth), we receive: name, first name, email address and profile photo (if available). We do not access any other data from your Google account.

3. PROCESSING PURPOSES

Your personal data is collected and processed for the following purposes:

4. DATA RETENTION PERIOD

We retain your personal data only for the duration necessary for the purposes for which it was collected:

Upon expiration of these periods, your data is deleted or anonymized irreversibly.

5. DATA RECIPIENTS

5.1 Internal staff

Only authorized members of our team who need access to your data in the course of their duties have access.

5.2 Subcontractors

We use trusted service providers:

• Supabase: data hosting and authentication
• Stripe: secure payment processing
• Klaviyo: email service for notifications

These subcontractors are contractually bound to respect the confidentiality of your data.

5.3 Sharing at your initiative

If you use the sharing features (social networks, coach, teammates), the shared data will be accessible to the chosen recipients.

5.4 No sale of data

We never sell your personal data to third parties.

6. TRANSFERS OUTSIDE THE EUROPEAN UNION

We prioritize hosting within the European Union. If transfers to third countries are necessary, we ensure that appropriate safeguards are in place (adequacy decision, standard contractual clauses).

7. DATA SECURITY

We implement appropriate technical and organizational measures:

• Encryption: data encrypted in transit (HTTPS/TLS) and at rest
• Secure authentication: hashed passwords, secure OAuth
• Access control: access limited to authorized persons
• Backups: regular and secure backups
• Infrastructure: hosting on Supabase compliant with security standards

In case of a data breach, we will inform you as soon as possible in accordance with our legal obligations.

8. YOUR RIGHTS

In accordance with GDPR and the Data Protection Act, you have the following rights:

8.1 Right of access

Obtain confirmation that data concerning you is being processed and obtain a copy.

8.2 Right of rectification

Request the correction of inaccurate or incomplete data. You can also modify certain information from your "Profile" section.

8.3 Right to erasure

Request the deletion of your personal data when it is no longer necessary, you withdraw your consent, or the processing is unlawful. This right may be limited by legal obligations.

8.4 Right to limitation

Request the limitation of processing of your data in certain cases (dispute over accuracy, objection to deletion).

8.5 Right to portability

Receive your data in a structured and machine-readable format, and transmit it to another controller.

8.6 Right of opposition

Object to processing for legitimate reasons or for commercial prospecting purposes.

8.7 Right to withdraw your consent

Withdraw your consent at any time when processing is based on it.

8.8 Post-mortem directives

Define directives relating to your data after your death.

8.9 How to exercise your rights

• By email: hello@hoopstrackr.com

We will respond within one month, extendable by two months in case of a complex request.

8.10 Complaint to CNIL

You can file a complaint with CNIL: www.cnil.fr

9. COOKIES

The Application uses cookies to ensure its functioning and improve your experience.

To know the details of cookies used, their purpose and how to manage them, please consult our Cookie Policy, accessible from the Application.

10. PROTECTION OF MINORS' DATA

The Application is aimed in particular at young basketball players. We pay particular attention to the protection of minors' data.

Minors under 15:

• Parental consent is required for data processing
• Public sharing features are limited by default

Parents or legal representatives can exercise the rights mentioned in article 8 on behalf of their minor children.

11. MODIFICATIONS

We may modify this Privacy Policy. In case of substantial modification, you will be informed by email or notification. The update date will be updated.