ZenSport

Privacy Policy

How we collect, use, and protect your personal data

Last Updated: January 2026

1. Data Controller

ZenSport SRL ("we", "us", or "our") is the data controller for your account data. For club member data, the respective Club acts as the data controller, and ZenSport acts as a data processor.

Contact Details:

2. Data We Collect

2.1 Account Data

When you create an account, we collect:

  • Name and email address
  • Password (encrypted)
  • Phone number (optional)
  • Profile photo (optional)
  • Language preference

2.2 Club Member Data

Clubs may collect the following about their members:

  • Personal details (name, date of birth, gender)
  • Contact information (email, phone, address)
  • Emergency contact information
  • Medical information (with explicit consent)
  • Team assignments and positions
  • Attendance records
  • Performance statistics
  • Documents and photos

2.3 Usage Data

We automatically collect:

  • IP address and device information
  • Browser type and operating system
  • Pages visited and features used
  • Timestamps and session duration
  • Error logs for troubleshooting

2.4 Payment Data

For subscriptions, we collect:

  • Billing name and address
  • Payment card details (processed by Stripe)
  • Transaction history

3. How We Use Your Data

3.1 To Provide the Service

  • Create and manage your account
  • Enable club management features
  • Process attendance and scheduling
  • Send notifications and reminders
  • Process payments and subscriptions

3.2 To Improve the Service

  • Analyze usage patterns
  • Fix bugs and errors
  • Develop new features
  • Conduct research and analytics

3.3 To Communicate With You

  • Send service updates and notifications
  • Respond to support requests
  • Send promotional communications (with consent)
  • Notify you of policy changes

3.4 Legal and Safety

  • Comply with legal obligations
  • Enforce our Terms of Service
  • Protect against fraud and abuse
  • Respond to legal requests

4. Legal Basis for Processing (Article 6 GDPR)

We process your data based on:

4.1 Contract Performance

Processing necessary to provide our Service and fulfill our contractual obligations to you.

4.2 Consent

Where you have given explicit consent, such as for:

  • Marketing communications
  • Medical information processing
  • Cookies for analytics

4.3 Legitimate Interests

For purposes such as:

  • Improving our Service
  • Security and fraud prevention
  • Business analytics

4.4 Legal Obligations

To comply with applicable laws and regulations.

5. Data Sharing

5.1 With Club Administrators

Club administrators can access member data within their club to manage operations.

5.2 With Service Providers

We share data with trusted third parties who help us operate the Service:

  • Stripe - Payment processing
  • Sentry - Error monitoring
  • AWS/Cloud providers - Data hosting
  • Email service providers - Communication

5.3 Legal Requirements

We may disclose data if required by law, court order, or to protect our legal rights.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity.

5.5 No Sale of Data

We do not sell your personal data to third parties.

6. International Data Transfers

Your data is stored in the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place:

  • EU adequacy decisions
  • Standard contractual clauses
  • Binding corporate rules

7. Data Retention

7.1 Active Accounts

We retain your data as long as your account is active and for a reasonable period thereafter.

7.2 After Termination

  • Account data: Deleted within 30 days of account deletion
  • Backup copies: Purged within 90 days
  • Legal records: Retained as required by law (typically 7 years for financial records)

7.3 Club Member Data

Clubs determine retention periods for their member data in accordance with their own policies and legal obligations.

8. Your Rights (Articles 15-22 GDPR)

You have the right to:

8.1 Access (Article 15)

Request a copy of your personal data and information about how it is processed.

8.2 Rectification (Article 16)

Request correction of inaccurate or incomplete data.

8.3 Erasure (Article 17)

Request deletion of your data ("right to be forgotten") in certain circumstances.

8.4 Restriction (Article 18)

Request restriction of processing in certain circumstances.

8.5 Data Portability (Article 20)

Receive your data in a structured, machine-readable format.

8.6 Object (Article 21)

Object to processing based on legitimate interests or for direct marketing.

8.7 Withdraw Consent

Withdraw consent at any time where processing is based on consent.

8.8 Automated Decision-Making (Article 22)

Not be subject to solely automated decisions that significantly affect you.

9. How to Exercise Your Rights

9.1 In the Application

You can access and manage your data through:

  • Account settings
  • Profile management
  • Data export feature

9.2 Contact Us

Email: privacy@zensport.com

We will respond to your request within 30 days. We may request verification of your identity.

10. Children's Privacy

10.1 Age Requirements

Users must be at least 16 years old to create an account independently.

10.2 Parental Consent

For users under 16, a parent or guardian must provide consent and manage the account.

10.3 Parental Access

Parents have the right to review, modify, or delete their child's personal data.

11. Cookies

We use cookies and similar technologies. For detailed information, please see our Cookie Policy.

12. Security Measures

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit (TLS) and at rest
  • Secure authentication
  • Access controls and logging
  • Regular security assessments
  • Employee training

No method of transmission or storage is 100% secure. If you discover a security vulnerability, please report it to security@zensport.com.

13. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through the Platform. Your continued use after changes take effect constitutes acceptance.

14. Contact and Complaints

14.1 Contact Us

For privacy inquiries:

14.2 Supervisory Authority

You have the right to lodge a complaint with the Romanian Data Protection Authority (ANSPDCP):

If you reside in another EU member state, you may contact your local supervisory authority.

Exercise Your Rights

You have the right to access, correct, delete, or export your personal data. Contact us to exercise your rights.

Contact Us

Cookie Preferences

We use cookies to enhance your experience. You can customize your preferences below.

Learn more in our Privacy Policy

Cookie Preferences

Choose which cookies you allow. Essential cookies are always enabled.

Essential

Required for the website to function. Cannot be disabled.

Always Active

Functional

Remember your preferences like language and theme.

Analytics

Help us understand how you use our service to improve it.

Learn more in our Privacy Policy