Privacy Policy
Last updated: August 29, 2025
Who We Are
Courtio SRL is the data controller for your personal data when you use the Courtio mobile application and website (the "Service").
Address: Bucharest, Romania
Email: [email protected]
Scope
This Policy applies to the Courtio mobile application and related websites. By using the Service, you acknowledge this Policy. If you do not agree, please discontinue use.
Data We Collect
Data you provide
- Account & Identity: phone number (for SMS login), name, optional profile details and avatar.
- Club & Match Activity: reservations, match participation, results, rankings, comments.
- Communications: messages you send to us (support requests, feedback).
Data collected automatically
- Usage & Device: app version, device type, operating system, language, approximate IP-based location, and crash/diagnostic logs.
- Cookies (website): essential cookies for security and session management.
Permissions
- Notifications: to send alerts about bookings, match invites, or updates. You can disable in device settings.
- Camera/Photos (optional): to set your avatar. Only with your consent.
How We Use Your Data
- Provide and improve the Service, including reservations, matches, rankings, and profiles.
- Authenticate users and prevent fraud (e.g., SMS verification).
- Send booking confirmations, reminders, and important Service notices.
- Respond to support requests.
- Analyze usage to improve features and performance.
- Comply with legal obligations.
Legal Bases (GDPR)
- Contract — to provide the Service you request (booking courts, joining matches).
- Legitimate Interests — to keep the Service secure and improve user experience.
- Consent — for optional features (notifications, analytics). You can withdraw consent at any time.
- Legal Obligation — to meet accounting, tax, or regulatory requirements.
Sharing & Processors
We do not sell your personal data. We share it only with:
- Service Providers: companies that help us run the Service (SMS gateway, cloud hosting, analytics) under data processing agreements.
- Payment Providers: to process payments for bookings. Payment details are handled directly by the provider and not stored by us.
- Legal/Compliance: where required by law or to protect our rights.
- Business Transfers: in case of a merger or acquisition, your data may be transferred under the same privacy safeguards.
International Transfers
Your data may be processed outside your country (including outside the EEA/UK). We rely on appropriate safeguards such as Standard Contractual Clauses.
Data Retention
We keep personal data only as long as needed:
- Account data: kept while your account is active; deleted or anonymized after account deletion.
- Booking and match records: retained for operational/legal purposes, then anonymized.
- Support communications: retained for audit purposes, then deleted.
Security
We use encryption in transit, access controls, and logging to protect your data. No method of transmission or storage is 100% secure; we work continuously to improve our protections.
Your Rights
You have the right to access, correct, delete, restrict, or port your data. You can also withdraw consent and lodge a complaint with your local data protection authority.
To exercise your rights, contact us at [email protected].
Children's Privacy
The Service is intended for users aged 16+. We do not knowingly collect personal data from children under the applicable age. If you believe a child has provided us data, please contact us.
Account & Data Deletion
You may request deletion of your account and associated personal data at any time by emailing [email protected]. We will delete or anonymize your data except where retention is required by law.
Changes to This Policy
We may update this Policy to reflect changes to our practices or applicable law. We will post the updated version here and revise the "Last updated" date. For material changes, we may provide additional notice in the app.