SportZentra Privacy Policy

Privacy Policy

1. Introduction

This Privacy Policy explains how **[Company Legal Name]** collects, uses, stores, shares, and protects personal data when individuals use the Platform.

2. Who We Are

Unless otherwise stated, the controller for the data processing described in this Privacy Policy is:

**[Company Legal Name]** **[Company Address]** **[Privacy Email]**

3. Categories of Personal Data

We may collect and process the following categories of personal data:

  • identification data such as name and username,
  • contact data such as email address and phone number,
  • account profile information,
  • booking and attendance data,
  • payment and transaction metadata,
  • membership, pass, credit, or loyalty information,
  • customer support communications,
  • technical and device data,
  • cookie and analytics data,
  • fraud prevention and security-related data.

4. Purposes of Processing

We process personal data for purposes including:

  • account creation and login,
  • booking and reservation management,
  • payment processing and refunds,
  • customer support,
  • platform operation and security,
  • fraud prevention,
  • product improvement and analytics,
  • legal and regulatory compliance,
  • communication of service-related updates.

5. Legal Bases

Where GDPR or similar law applies, we process personal data on one or more of the following legal bases:

  • performance of a contract,
  • compliance with legal obligations,
  • legitimate interests,
  • consent where required.

6. Sharing of Data

We may share personal data with:

  • the Service Provider connected to a booking,
  • payment processors and financial service providers,
  • cloud hosting and infrastructure providers,
  • communication and support vendors,
  • analytics and security vendors,
  • professional advisers,
  • regulators, courts, or authorities where legally required.

We do not sell personal data.

7. Service Provider Data Protection Role

When a User books with a Service Provider, that Service Provider may process the User’s data for its own operational purposes, such as access management, attendance, scheduling, customer support, accounting, or safety administration.

Depending on the relevant processing activity, a Service Provider may act as an independent controller of personal data.

Where we process personal data solely on behalf of a Service Provider, we may act as a processor under a separate contractual arrangement.

8. International Transfers

Where personal data is transferred outside the European Union, EEA, or United Kingdom, we will use appropriate safeguards where required by law, such as:

  • adequacy decisions,
  • standard contractual clauses,
  • other lawful transfer mechanisms.

9. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including operational, legal, tax, accounting, fraud prevention, and dispute resolution purposes.

Indicative retention periods may include:

  • account data: for the lifetime of the account and a reasonable period after closure,
  • booking and transaction data: up to 10 years where required by law or legitimate business need,
  • support requests: up to 24 months,
  • analytics and technical logs: typically up to 12 months unless a shorter or longer period is required.

10. Security

We use appropriate technical and organizational measures designed to protect personal data, including access controls, encryption in transit, logging, backups, and provider due diligence.

No system can guarantee absolute security.

11. User Rights

Subject to applicable law, individuals may have rights to:

  • access personal data,
  • correct inaccurate data,
  • request deletion,
  • restrict processing,
  • object to certain processing,
  • request portability,
  • withdraw consent where processing is based on consent.

Requests may be submitted to:

**[Privacy Email]**

12. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Platform, remember preferences, improve usability, analyze usage, and where applicable support marketing or communications preferences.

See our Cookie Policy for more details.

13. Children

The Platform is not intended for use by children where prohibited by law or where parental/guardian consent is required and has not been obtained.

If you believe personal data has been provided inappropriately by a child, contact us so we can investigate.

14. Changes to This Policy

We may update this Privacy Policy from time to time.

The latest version will be published on the Platform.

15. Contact

For privacy questions or rights requests, contact:

**Sportzentra** **[Company Address]** **[Privacy Email]**