PRIVACY POLICY

Last updated: April 2026

1. INFORMATION WE COLLECT

We collect information you provide directly:

  • Account Information: Name, email address, gym name, password (encrypted)
  • Fighter Data: Names, records, weight classes, and performance assessments
  • Training Data: Camp schedules, fight bookings, attendance records
  • Payment Information: Processed securely through Stripe (we do not store card details)
  • Usage Data: Feature usage analytics, login times, and activity logs

2. HOW WE USE YOUR INFORMATION

We use collected information to:

  • Provide and maintain the Service
  • Process your subscription payments
  • Send important updates about your account
  • Improve our Service based on usage patterns
  • Provide customer support
  • Detect and prevent fraud or abuse

3. DATA STORAGE AND SECURITY

We take data security seriously:

  • All data is encrypted in transit (TLS/SSL)
  • Passwords are hashed using industry-standard bcrypt
  • Data is stored on secure cloud servers with regular backups
  • Access to production data is restricted to authorized personnel
  • We conduct regular security audits

4. DATA SHARING

We do NOT sell your data. We only share data with:

  • Payment Processors: Stripe for subscription billing
  • Email Services: For transactional emails and notifications
  • Cloud Providers: For hosting and data storage
  • Law Enforcement: When required by law or valid legal process

5. MULTI-TENANT DATA ISOLATION

Your gym's data is logically isolated from other gyms. No gym can access another gym's fighters, assessments, or training data. Only super administrators have cross-gym access for support purposes.

6. YOUR RIGHTS

You have the right to:

  • Access: Request a copy of your data
  • Export: Download your data in PDF or CSV format
  • Correct: Update inaccurate information
  • Delete: Request deletion of your account and data
  • Opt-out: Unsubscribe from marketing communications

7. COOKIES AND TRACKING

We use:

  • Essential Cookies: For authentication and security
  • Analytics: To understand feature usage (no personal tracking)
  • We do NOT use advertising cookies or third-party trackers

8. DATA RETENTION

We retain your data for as long as your account is active. After account deletion, we keep data for 30 days for recovery purposes, then permanently delete it. Aggregated, anonymized analytics data may be retained indefinitely.

9. CHILDREN'S PRIVACY

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a minor has provided us with personal information, please contact us.

10. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. The "Last updated" date at the top indicates when the policy was last revised.

11. CONTACT US

For privacy-related questions or to exercise your rights, contact us at privacy@blackarrowmma.com