
PRIVACY POLICY
How we collect, use, and protect your information.
EFFECTIVE 2026-05-03
Your Privacy Matters
Athlos LLC (“we,” “us,” or “Athlos”) operates this website, the Athlos member portal, and the Athlos iOS application (collectively, the “Services”). This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and the choices you have.
By creating an account or otherwise using the Services, you agree to the practices described here.
1. Information We Collect
We collect the following categories of personal data:
- Account information— name, email address, profile photo, and (optionally) phone number. We obtain this directly from you, or from the third-party sign-in provider you choose (Apple, Google, or Facebook).
- Profile information— user type (player / coach), hand preference, and waiver status. Collected during onboarding to personalize your experience.
- Booking and membership data— lessons, cage reservations, team practice bookings, membership tier, cancellations, and refund history.
- Payment information— we use Stripe to process all payments. We do not store your full credit card number on our servers; Stripe handles that securely and provides us only a tokenized reference plus the last four digits and card brand for receipt display.
- Waiver signatures— signed liability waivers are captured in the app and stored securely within our member system. We retain the signed copy and timestamps.
- Messages— the content of direct messages and team group chats you send within the app, along with sender, recipients, and timestamps, so we can deliver them and keep your conversation history.
- Check-in and visit activity— records of when you check in at the facility and related in-app activity, used to run check-in, show facility traffic, and provide your visit history.
- Device and usage data— standard technical information such as IP address, device type, OS version, and authentication session timestamps. Used for security and troubleshooting.
- Push notification token— if you enable notifications, we store your device’s push token to deliver booking, reminder, and message alerts. You can turn this off in your device settings.
2. How We Use Your Information
We use the information we collect to:
- Create and maintain your member account
- Process bookings, memberships, and payments
- Send transactional emails (booking confirmations, receipts, cancellation notices)
- Provide customer support
- Enforce our terms of service and prevent fraudulent activity
- Comply with legal obligations
We do not use your data for advertising, profiling, or sale to third parties.
3. Sign-in Providers (Apple, Google, Facebook)
When you sign in with Apple, Google, or Facebook, we receive a limited set of information from that provider:
- Your name (first and last)
- Your email address (or a private relay address, if you choose)
- Your profile photo URL
- A unique identifier from that provider
We use this data only to create and identify your account. We do not post to your social account, access your friends or contacts, or read any other data from those providers. You can revoke our access at any time from your Apple ID, Google Account, or Facebook account settings.
4. How We Share Your Information
We share your data only with the third-party service providers listed below, and only to the extent necessary to operate the Services:
- Supabase— database, authentication, and file storage hosting
- Stripe— payment processing
- Apple Push Notification service— delivering notifications to your device
- Apple, Google, and Facebook— sign-in providers (only if you choose them)
- Vercel— web hosting infrastructure
We do not sell, rent, or trade your personal data to third parties for marketing purposes. We may disclose information to law enforcement or government agencies when required by valid legal process.
5. Data Retention
We retain your account data for as long as your account is active. If you request account deletion, we permanently remove your personal data within 30 days, except where we are required by law to retain certain records (e.g., financial transaction records held for 7 years for tax compliance).
6. Your Rights and Choices
You have the right to:
- Access the personal data we hold about you
- Correct any inaccurate or incomplete information
- Delete your account and all associated personal data
- Export your data in a portable format
- Withdraw consent for any optional data processing
To exercise any of these rights, email us at contact@athlos.com. We will respond within 30 days.
7. Children's Privacy
The Services are intended for adults 18 years of age or older. Parents and legal guardians may register and manage accounts on behalf of their minor children for the purpose of booking lessons and memberships at our facility. We do not knowingly collect personal information directly from children under 13. If you believe we have inadvertently done so, please contact us at contact@athlos.com and we will delete the information promptly.
8. Security
We implement industry-standard technical and organizational safeguards to protect your personal data, including encryption in transit (HTTPS/TLS), encryption at rest (provided by Supabase and Stripe), and Row-Level Security policies that ensure each user can only access their own data. No method of transmission or storage is 100% secure, but we work continuously to maintain a high standard of protection.
9. International Users
Athlos is operated from the United States. If you access the Services from outside the United States, your data will be transferred to and processed in the United States, where data protection laws may differ from those of your country.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Effective” date at the top of this page and, for material changes, notify you by email or via a notice in the member portal before the change takes effect. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.
11. Text Messaging (SMS)
If you opt in to the Athlos Text Club (for example, through our Text Club sign-up form), we use your mobile phone number solely to send the messages you signed up for — booking confirmations, reminders, account notifications, and (if you opted in) occasional offers.
We will never sell or share your mobile phone number or your text-messaging (SMS) opt-in information with third parties or affiliates for their marketing or promotional purposes. Mobile opt-in data and consent are not shared with any third parties.
The only parties that may handle your mobile number are the service providers that help us operate the messaging program (such as our SMS platform), and only so they can deliver our messages to you on our behalf. They are not permitted to use your information for their own purposes.
Message frequency varies. Message and data rates may apply. You can opt out at any time by replying STOP, and you can get help by replying HELP or contacting us at the details below. Consent to receive text messages is not a condition of any purchase. For the full program terms, see our Terms of Service.
12. Contact Us
If you have any questions about this Privacy Policy or our data practices, contact us at:
Athlos LLC
contact@athlos.com