Privacy at Mindbuddy

Privacy at Mindbuddy

Mindbuddy aims to help young athletes with mental training through our digital services. Some of the data collected in our app includes health data, such as whether you've been injured during a competition. Privacy is extremely important to us as a company, and we work hard to build products that we are proud of.

To meet both your and our own expectations, we have written a clearly formulated privacy policy and created some privacy settings that give you full control over how we use your data.

All of our collection and use of personal data is subject to relevant data protection regulations, including the EU's General Data Protection Regulation (GDPR). We consider compliance with these regulations as a minimum, and we will always strive to exceed this baseline when it comes to the ethical and sensible use of your data.

About this Policy

Mindbuddy's privacy policy explains how the information you share with us and the data you store with us is used and protected.

When we talk about "services," we mean our websites and apps, as well as any other websites and activities we do as part of our customer relationship that are covered by this same policy.

Simply put: When you use our services, you share some information with us. We want to be completely transparent about what we know about you, how we use that information, who we share it with, and the choices you have to control, change, and access it.

We have written this privacy policy to:

  • Show what we do to protect and respect your privacy

  • Explain how we collect, use, and store your personal data

  • Provide you with information about your rights

We do our best to explain all of this in an understandable way and keep the information free of complicated legal jargon. If you still have questions, you can contact us at privacy@mindbuddy.com.

Data Collection

Personal Data

When we talk about personal data, we mean information that can be linked to an individual. In the context of this policy, it may include names, addresses, phone numbers, email addresses, etc.

Sometimes we refer to this type of information simply as "data," and in cases where the data has been anonymized, it will be noted (in other words, details that identify you as an individual will have been removed).

How We Collect Data

The data we collect about you depends on which parts of our services you use, whether you use the app or provide data in other contexts. We collect personal data such as:

  • You provide to us, for example, when you register a user account, subscribe to our newsletters, provide product feedback, or contact us with questions

  • Automatically recorded when you use the service, such as when you visit our website or app

  • We receive from other sources, such as when you use a subscription from your club/organization or when you use a service like Vipps or Apple Pay to pay for the service

  • We receive from partners when you come to Mindbuddy through one of our partners

You are not obliged to provide personal data to us, but if you choose not to, we cannot provide our services to you. Some examples of this could be that we cannot store your information if you do not create a user, that we cannot collect payment if we do not have your payment information, or that we cannot respond to inquiries without an email address or phone number.

Quick Reference - Guide to the Data We Collect and Why We Do It

This is a very basic guide to the types of data we collect and why we do it.

Collected Data: Basic contact information
Purpose: To contact you about your account and orders
Collected Data: Your use of our apps and websites
Purpose: To manage your customer relationship, provide good service, assist you, and have the ability to contact you as needed
Collected Data: Technical information about the devices you use
Purpose: To provide you with the best experience for your device
Collected Data: Health data
Purpose: To customize content and training programs, as well as support players in their mental training. For example, in case of injuries.
Collected Data: Your settings and preferences
Purpose: To tailor your experience of our product so that you get the most out of it for your personal priorities
Collected Data: Information used for recruitment
Purpose: To issue rewards to both the person who recruits new customers and to help improve our recruitment program
Collected Data: Cross-referenced data
Purpose: To improve our products and provide you with a personalized and useful experience
Collected Data: Demographic information
Purpose: To help us understand what customers like you want from our service and how we can improve it
Collected Data: Payment information
Purpose: So that we can process your payments
Collected Data: Other data provided with your consent
Purpose: We will always inform you of any other data we collect and use, as well as the purpose of this.

What Do We Collect?

We collect personal data in the following categories:

  • Basic information such as name, email address, phone number, and date of birth. The date of birth is used to ensure that children under 13 do not use the app.

  • Information about your use of the app, including navigation in the app, workouts, goal achievement, match evaluations, and which mental training program you are working on and how far you have progressed.

  • Health data such as training diaries, evaluations from training and competitions, as well as mental challenges and areas you want to improve. This also includes personal goals related to training and mental preparation.

  • Technical information about the devices you use, such as which device and software you use to access our services.

  • Communication with customer support, including calls, emails, and other communication between you and our support team.

  • Information related to recruitment programs, such as details of who has recruited whom, dates, and whether the referral has led to new registrations or purchases in the app.

  • Personal settings and preferences, including weekly goals and how you customize the app to meet your personal needs and wishes.

  • Payment information, which is processed by Apple or Google for in-app purchases, subject to their privacy policies. If you wish to save time, you can store your payment information with these providers, but you can change this at any time in your settings.

  • Any other data collected with your consent. In such cases, when we ask for your consent, you will receive specific information about what data we collect and what it is used for.

We may combine collected data from different services to provide you with a better and more personalized experience, as long as the data is collected for the same purpose.

Personal Data of Children

In line with our terms of service, you must be over 13 years old to create an account with us.

How We Use Data

Providing Services: We process your data to be able to offer you the services in our app. This includes:

  • Creating and managing your personal user account.

  • Offering and customizing digital services such as mental training guidance, evaluations, training programs, and goal setting.

  • Enforcing age restrictions, such as ensuring that users under 13 do not have access to the app.

  • Providing a user-friendly and secure service by customizing the functionality to the devices and software you use.

  • Communicating with you about important updates related to training programs, goal achievement, or other aspects of your use of the app.

  • Offering customer support, troubleshooting, and handling complaints to ensure you get the best possible experience.

  • Managing recruitment programs by tracking referrals and awarding rewards.

Development and Analysis: We process your data to better understand your needs and to improve and develop our services. This includes:

  • Analyzing usage patterns to optimize our services, for example, by looking at how you use the app, training history, and completion of mental training programs.

  • Conducting user surveys and collecting feedback to improve functionality and experience in the app.

  • Performing technical analyses to identify and fix any issues you may encounter.

Customized Experience: To provide you with a personalized experience in the app, we use your data to:

  • Customize training programs and recommendations based on your goals, evaluations, and preferences.

  • Provide you with personalized content, such as specific mental training exercises, based on your challenges and progress.

  • Optimize the user interface to make navigation in the app easier and more relevant for you.

Security and Prevention of Abuse: We process your data to ensure that the service is safe to use, and to detect and prevent misuse or fraud. This includes:

  • Monitoring activity in the app to protect against unauthorized access or use of the service.

  • Taking measures to prevent the service from being used in a way that could harm you or other users.

Compliance with Laws and Regulations: We process personal data to comply with applicable laws and regulations, including age verification and privacy requirements.

Other Purposes with Your Consent: We may process your personal data for other purposes, but only if you have given us your consent. For example, this may be to participate in special surveys or receive newsletters.

Data Protection

How We Store and Protect Your Data

Protecting your data is one of our highest priorities. We have implemented a number of security measures to ensure that your data is handled securely and in accordance with applicable laws. This includes that all data sent over the internet is encrypted, which protects the information from unauthorized access during transmission. In addition, we have technical, physical, and administrative security measures, such as risk assessments, access control, and backups, to protect your data from loss or misuse. We regularly review and update our security procedures to ensure they are in line with the latest technological developments and risks.

Transfers Outside the EU/EEA

We primarily process data in Norway and within the EU/EEA. In some cases, we collaborate with partners outside the EU/EEA, such as OpenAI, to provide specific features in our app. When we do this, we take extra precautions to ensure that your data is handled in accordance with our standards. This includes:

  • Using the EU Commission's standard contracts (standard contractual clauses) to ensure that the data transfer is safe and in compliance with the law.

  • Transferring data to countries that have been approved by the EU Commission as having an adequate level of data protection.

  • We have also ensured that OpenAI does not use data from our app to train its own models, and we have implemented technical and organizational measures to protect the data in these collaborations.

How Long Do We Retain Your Personal Data?

We retain your personal data as long as it is necessary to fulfill our obligations to you, or as required by law. When you delete your account, we will delete all your personal data, except for subscription data, which we may retain so that you can reactivate your account in the future. We will also retain personal data necessary to comply with legal requirements, such as accounting regulations. When there are no longer any legal or business reasons to retain the data, we will delete it. Data that has been anonymized is not subject to these retention requirements and can therefore be retained without time limits.

How We Handle Security Incidents or Breaches

In the event of a security incident or breach of personal data protection, we will notify the relevant data protection authority as soon as possible, and no later than 72 hours after we become aware of it, unless it is unlikely that the breach will negatively affect the rights and freedoms of our users.

Data Sharing

We disclose personal data for the following purposes and partners:

  • Partners and Subcontractors: We share personal data with our technology partners such as Google Firebase, Sentry, and Supabase, who assist us in delivering and improving our services. These partners may access your data solely to perform their services for us. We ensure that there are data processing agreements in place with all our partners to protect data security, and our partners are not allowed to use the data for purposes other than providing the agreed service.

  • In Emergencies: We may share personal data with medical professionals or relevant authorities if we detect that there is an immediate danger to the user's life or health, such as indications of suicide risk. This is done only when strictly necessary to protect the user's safety.

  • Legal Obligations: We may disclose personal data if we are legally required to do so, for example, by a court order or request from the police or other public authorities. This is done in accordance with strictly defined processes to protect your rights and privacy.

  • In Connection with Transactions, Restructuring, or Other Business Changes: For example, as part of a merger, acquisition, sale of Mindbuddy's assets, or transfer of services to another company.

Cookies and Tracking

Background

Currently, we do not use cookies in our app. However, we collect data about usage patterns, click behavior, and other interactions in the app. This information helps us understand how our users utilize the services and provides us with insights that we use to improve and develop the app further. Our goal is to ensure that the app provides the best possible experience for all users.

Why and How?

Here are details on how we use technology to track and analyze app usage:

  • Analysis of Usage and Service Development: We collect and analyze data such as user patterns, which features are used the most, and how users navigate the app. We do this to improve functionality, detect and solve any issues, and to tailor the app to users' needs. The data is also used for capacity planning and to ensure that the app functions optimally.

We do not use cookies or similar technology for targeted marketing, and we do not currently offer the ability to manage cookie preferences because we do not use this technology.

Your Rights

You always have the right to:

  • Know What Information We Have About You This is known as the "right to access." You have the right to know what personal data we process and how we process it. You can see an overview of most of the data we have about you in your Mindbuddy account. If you want access to all your personal data, you can contact us, and we will provide it to you.

  • Correct Any Incorrect Information This is known as the "right to rectification." It is important that the information we have about you is correct. If it is not, you have the right to request that we correct it. You can change or correct most personal data in your Mindbuddy account. If you find any errors that you cannot correct yourself, you can contact us.

  • Change How We Process Your Data This is known as the "right to restrict processing" or "right to object to data processing." You have the right to object to the processing of your personal data that is based on our legitimate interests. You can do this by contacting us directly.

  • Receive Your Data in a Readable Format This is known as the "right to data portability." You have the right to receive the personal data we have about you in a structured, commonly used, and machine-readable format. If you want this type of data, you can contact us.

  • Withdraw Your Consent This is known as the "right to withdraw." You have the right to withdraw your consent to us processing your data in cases where consent is the reason we process it. You can do this in your Mindbuddy app or by contacting us directly.

  • Be Forgotten This is sometimes referred to as the "right to erasure" and means that you can always delete your user data or account with us. We automatically delete personal data when it is no longer needed, but you can also request that we delete your personal data by deleting your user account. In such a case, your personal data will be deleted within 30 days, except for data we are required to retain for other reasons (e.g., to comply with accounting regulations). You can request the closure and deletion of your user account here.

  • Submit a Complaint to Your Local Data Protection Authority If you believe that the way we process personal data does not comply with what we have described here, or that we are violating privacy laws, you can also contact your local data protection authority directly. You can find information on how to contact your local data protection authority on their website.

Changes to This Policy

When you register an account with us, you agree to the content of the policy and take responsibility for familiarizing yourself with it. Our latest privacy policy is always available on our website, and we always provide the date of the last change. We may update our privacy policy when changes are made to legislation or our practices, or when necessary for other reasons. We will share information about any other significant changes, effective from the time and date of such a change.

Questions and Inquiries

Mindbuddy is responsible for the processing of personal data as described in this policy. If you disagree with the way we process your personal data or have any questions, you can email us at privacy@mindbuddy.com.