S
StopSport
FR

Privacy Policy

Last updated : March 7, 2026

1. Data Controller

The data controller for personal data is FV – Fitness Vendor, publisher of the Stopsport service, reachable at contact@fitness-vendor.com.

2. Platform Role in Data Processing

In the context of using the Stopsport service, club users act as data controllers for the personal data of their members.

The Stopsport platform acts as a technical service provider and data processor within the meaning of applicable data protection regulations.

Clubs are responsible for:

  • the lawfulness of the processing they carry out
  • compliance with their legal obligations towards their members
  • informing members about the use of their data
  • managing data subject rights requests

Stopsport acts solely in accordance with the club’s instructions within the scope of the features offered by the platform.

3. Data Collected

As part of using the Platform, we collect the following data:

Club Managers:

  • Email address and password (authentication)
  • Club name, SIRET number, company name, address
  • IBAN, BIC, and account holder name (payouts)
  • Logo and customization preferences

Members (cancellation requesters):

  • Last name, first name, email address
  • Phone number (optional)
  • Cancellation reason and questionnaire responses
  • Satisfaction score
  • Supporting document (if provided)

4. Purposes of Processing

Data is collected for:

  • Enabling the creation and management of user accounts
  • Processing cancellation requests
  • Collecting and transferring payments
  • Sending email notifications (confirmations, reminders)
  • Generating anonymized statistics for the dashboard

5. Legal Basis for Processing

  • Performance of contract: processing cancellations and payments
  • Legitimate interest: service improvement and statistics
  • Legal obligation: retention of billing data

6. Sub-processors and Transfers

Your data may be processed by the following sub-processors:

  • Supabase (database) — EU
  • Vercel (hosting) — United States, governed by standard contractual clauses
  • Stripe (payments) — EU (Ireland)
  • Brevo (emails) — France / EU
  • API Entreprise (gouv.fr) (SIRET verification at registration) — France, public data
  • Upstash (abuse protection) — EU
  • VirtuaGym (optional integration, member lookup) — Netherlands / United States, activated only at the manager's request

No data is sold to third parties or used for advertising purposes.

7. Data Retention Period

  • Account data: retained as long as the account is active, then deleted within 30 days after account deletion
  • Cancellation data: 3 years after the last activity
  • Billing data: 10 years (legal obligation)
  • Technical logs: 12 months

8. Your Rights

In accordance with the GDPR, you have the following rights:

  • Right of access: obtain a copy of your data
  • Right to rectification: correct inaccurate data
  • Right to erasure: request the deletion of your data
  • Right to portability: receive your data in a structured format
  • Right to object: object to the processing of your data
  • Right to restriction: restrict processing

To exercise your rights, contact us at contact@fitness-vendor.com. We are committed to responding within 30 days.

9. Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication via Supabase Auth
  • Row Level Security (RLS) on the database
  • No banking data stored on our servers (delegated to Stripe)

Organizational Security Measures

Access to personal data is strictly limited to authorized persons and only when necessary for the performance of their duties.

Technical and organizational measures are implemented to ensure the confidentiality, integrity, and availability of personal data processed as part of the service.

Data Breach Notification

In the event of a personal data breach, FV – Fitness Vendor will notify the competent supervisory authority in accordance with applicable regulations.

Where the breach is likely to result in a high risk to the rights and freedoms of the data subjects, they will also be informed without undue delay.

10. Cookies

The Platform uses only essential technical cookies for the operation of the service (authentication session). No advertising or tracking cookies are used.

11. Changes to the Privacy Policy

FV – Fitness Vendor reserves the right to modify this policy at any time. The current version is the one published on the website. Users are encouraged to regularly review this document.

12. Complaints

In the event of a complaint, you may contact the CNIL (French National Commission for Information Technology and Civil Liberties): www.cnil.fr.