SportZentra Privacy Policy

1. Introduction

This Privacy Policy explains how Sportzentra collects, uses, stores, shares, and protects personal data when individuals use the Platform.

2. Who We Are

Unless otherwise stated, the controller for the data processing described in this Privacy Policy is:

Sportzentra Alfred Kowalke Str. 20, 10315 Berlin privacy@sportzentra.com

3. Categories of Personal Data

We may collect and process the following categories of personal data:

  • identification data such as name and username,
  • contact data such as email address and phone number,
  • account profile information,
  • booking and attendance data,
  • payment and transaction metadata,
  • membership, pass, credit, or loyalty information,
  • customer support communications,
  • technical and device data,
  • cookie and analytics data,
  • fraud prevention and security-related data.

4. Purposes of Processing

We process personal data for purposes including:

  • account creation and login,
  • booking and reservation management,
  • payment processing and refunds,
  • customer support,
  • platform operation and security,
  • fraud prevention,
  • product improvement and analytics,
  • legal and regulatory compliance,
  • communication of service-related updates.

5. Legal Bases

Where GDPR or similar law applies, we process personal data on one or more of the following legal bases:

  • performance of a contract,
  • compliance with legal obligations,
  • legitimate interests,
  • consent where required.

6. Sharing of Data

We may share personal data with:

  • the Service Provider connected to a booking,
  • payment processors and financial service providers,
  • cloud hosting and infrastructure providers,
  • communication and support vendors,
  • analytics and security vendors,
  • professional advisers,
  • regulators, courts, or authorities where legally required.

We do not sell personal data.

7. Service Provider Data Protection Role

When a User books with a Service Provider, that Service Provider may process the User’s data for its own operational purposes, such as access management, attendance, scheduling, customer support, accounting, or safety administration.

Depending on the relevant processing activity, a Service Provider may act as an independent controller of personal data.

Where we process personal data solely on behalf of a Service Provider, we may act as a processor under a separate contractual arrangement.

8. International Transfers

Where personal data is transferred outside the European Union, EEA, or United Kingdom, we will use appropriate safeguards where required by law, such as:

  • adequacy decisions,
  • standard contractual clauses,
  • other lawful transfer mechanisms.

9. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including operational, legal, tax, accounting, fraud prevention, and dispute resolution purposes.

Indicative retention periods may include:

  • account data: for the lifetime of the account and a reasonable period after closure,
  • booking and transaction data: up to 10 years where required by law or legitimate business need,
  • support requests: up to 24 months,
  • analytics and technical logs: typically up to 12 months unless a shorter or longer period is required.

10. Security

We use appropriate technical and organizational measures designed to protect personal data, including access controls, encryption in transit, logging, backups, and provider due diligence.

No system can guarantee absolute security.

11. User Rights

Subject to applicable law, individuals may have rights to:

  • access personal data,
  • correct inaccurate data,
  • request deletion,
  • restrict processing,
  • object to certain processing,
  • request portability,
  • withdraw consent where processing is based on consent.

Requests may be submitted to:

privacy@sportzentra.com

12. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Platform, remember preferences, improve usability, analyze usage, and where applicable support marketing or communications preferences.

See our Cookie Policy for more details.

13. Children

The Platform is not intended for use by children where prohibited by law or where parental/guardian consent is required and has not been obtained.

If you believe personal data has been provided inappropriately by a child, contact us so we can investigate.

14. Anna AI chat

When you use the Anna chat surface on our marketing site to request a demo or contact us, the following applies in addition to the rest of this policy:

  • What it is. Anna is an AI assistant. The conversation is processed by a large language model running on Cloudflare-fronted EU infrastructure (eu-central-1). You will see a short on-surface disclosure to that effect — Article 50 of the EU AI Act.
  • What we collect. The full chat transcript, the structured fields Anna extracts at the end (your name, email, company / club name, sport, country, current setup, and your free-text notes), and lightweight technical metadata (IP-address-derived country, user-agent hash, anon ID for de-duping a single visitor). Special-category data (health, religion, ethnicity, sexual orientation, etc.) is filtered both in input and output and never persisted.
  • What we do with it. The transcript is used to prepare the demo our team runs with you. The structured fields are written into our internal CRM as a "lead" record so we can follow up. We do not feed it back into model training and we do not share it outside the team handling your enquiry.
  • How long we keep it. Up to 90 days from the last message, as part of your enquiry record. After 90 days the transcript is deleted; the structured fields you submitted (name / email / etc.) follow the same retention rules as any other contact submission.
  • Bot protection. We use Cloudflare Turnstile (an invisible challenge) only at submit time, to keep automated systems from polluting our pipeline. No biometric data is collected; the challenge runs locally in your browser.
  • Your rights. Same as the rest of this policy — access, rectification, erasure, restriction, portability, and objection. To act on a transcript specifically, email privacy@sportzentra.com with enough detail to identify the conversation (rough date / your email).
  • Prefer not to use AI? A static form is always one click away from the chat surface (the "Prefer a form?" button in the chat header) and reaches the same team via the same path.

15. Changes to This Policy

We may update this Privacy Policy from time to time.

The latest version will be published on the Platform.

16. Contact

For privacy questions or rights requests, contact:

Sportzentra Alfred Kowalke Str. 20, 10315 Berlin privacy@sportzentra.com