GDPR Compliance
Last Updated: December 14, 2025
Important: RacquetSuite is committed to protecting your privacy and complying with
the General Data Protection Regulation (GDPR). This page outlines your rights under GDPR and how we
handle your personal data.
1. Our Commitment to GDPR
The General Data Protection Regulation (GDPR) is a European Union regulation that governs how organizations
handle personal data. Even if you're not in the EU, RacquetSuite applies GDPR principles to all our users
because we believe in strong privacy protection.
2. Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
Right to Access:
- You can request a copy of all personal data we hold about you
- We will provide this data in a structured, commonly used format
- Request via email: privacy@racquetsuite.com
Right to Rectification:
- You can correct inaccurate or incomplete personal data
- Update your information directly in the app settings
- Contact us if you need assistance with corrections
Right to Erasure ("Right to be Forgotten"):
- You can request deletion of your personal data
- Delete your account through app settings or contact us
- We will delete all data within 30 days unless legally required to retain it
Right to Restrict Processing:
- You can limit how we process your data in certain circumstances
- Contact us to discuss processing restrictions
Right to Data Portability:
- You can receive your data in a machine-readable format
- Request a data export via email
- We will provide data in JSON or CSV format
Right to Object:
- You can object to certain types of data processing
- This includes processing for marketing purposes
Right to Withdraw Consent:
- You can withdraw consent for data processing at any time
- Withdrawal does not affect previously lawful processing
3. Lawful Basis for Processing
We process your personal data under the following lawful bases:
- Contractual Necessity: To provide the RacquetSuite service you've signed up for
- Legitimate Interest: To improve our service, prevent fraud, and ensure security
- Consent: For optional features like email notifications (you can opt out anytime)
- Legal Obligation: To comply with applicable laws and regulations
4. Data We Collect
We collect only the data necessary to provide our service:
- Account Data: Email address, name, authentication information
- Business Data: Customer records, racquet information, stringing requests
- Usage Data: How you interact with the app (for improving features)
- Technical Data: Device type, operating system, app version (for support)
5. How We Use Your Data
- Provide and maintain the RacquetSuite service
- Authenticate your account and ensure security
- Store your business data (customers, inventory, requests)
- Provide customer support
- Improve and develop new features
- Send service-related notifications (if you've opted in)
6. Data Sharing and Transfers
We do not sell your personal data. We share data only in these limited circumstances:
- Service Providers: Supabase (hosting), Apple/Google (authentication and payments)
- Legal Requirements: When required by law or to protect rights and safety
- Business Transfers: In the event of a merger or acquisition (users will be notified)
Data may be transferred to and processed in countries outside the European Economic Area.
We ensure appropriate safeguards are in place through:
- Standard Contractual Clauses approved by the European Commission
- Privacy Shield certification (where applicable)
- Vendor agreements requiring GDPR compliance
7. Data Retention
- Active Accounts: Data is retained while your account is active
- Deleted Accounts: Data is permanently deleted within 30 days of account deletion
- Backup Data: May persist in backups for up to 90 days before permanent deletion
- Legal Requirements: Some data may be retained longer if required by law
8. Data Security
We implement appropriate technical and organizational measures to protect your data:
- Encryption in transit (TLS/SSL) and at rest
- Secure authentication with industry-standard protocols
- Regular security audits and updates
- Access controls and monitoring
- Employee training on data protection
9. Children's Privacy
RacquetSuite is not intended for children under 16 (or the age of digital consent in your country).
We do not knowingly collect data from children. If we discover that a child has provided personal
information, we will delete it immediately.
10. Automated Decision-Making
RacquetSuite does not use automated decision-making or profiling that produces legal effects
or similarly significant effects on users.
11. How to Exercise Your Rights
To exercise any of your GDPR rights:
- Email: privacy@racquetsuite.com
- Subject Line: Include "GDPR Request" for faster processing
- Provide: Your registered email and specific request
- Response Time: We will respond within 30 days
12. Complaints
If you believe we have not handled your personal data properly, you have the right to lodge a
complaint with a supervisory authority in your country. We encourage you to contact us first
so we can address your concerns.
13. Data Protection Officer
For questions about data protection or GDPR compliance, contact our privacy team:
Email: privacy@racquetsuite.com
14. Updates to This Policy
We may update this GDPR policy to reflect changes in our practices or legal requirements.
We will notify users of significant changes via email or in-app notification.