Retour à l'accueil

Privacy Policy

Last updated: December 21, 2024

1. Introduction

MySquad is committed to protecting the privacy of its users. This Privacy Policy describes how we collect, use, share, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and French Data Protection laws.

Data Controller

The data controller for your personal data is:
Antoine Conan
210 rue du Faubourg Saint-Denis, 75010 Paris, France
Email: contact@mysquad.me

2. Data Collected

2.1 Identification Data

  • First and last name
  • Email address
  • Phone number (optional)
  • Password (encrypted)
  • Profile photo (optional)

2.2 Connection Data

  • IP address
  • Browser type
  • Operating system
  • Pages visited and viewing duration
  • Date and time of connection

2.3 Booking Data

  • Booking history
  • Classes booked and attended
  • Partner studios viewed
  • Sports activity preferences

2.4 Payment Data

  • Payment information (processed by Stripe, we do not store card numbers)
  • Transaction history
  • Invoices

2.5 External Authentication Data

If you use authentication via Google or another third-party provider:

  • Unique provider identifier
  • First and last name
  • Email address
  • Profile photo (if shared)

3. Purposes of Processing

Your personal data is collected and processed for the following purposes:

3.1 Account Management

  • Creation and management of your user account
  • Authentication and access security
  • Personalization of your experience

Legal basis: Contract performance

3.2 Booking Processing

  • Processing and confirmation of your bookings
  • Transmission of your information to partner studios
  • Sending confirmations and reminders by email
  • Managing cancellations and refunds

Legal basis: Contract performance

3.3 Payments

  • Secure payment processing via Stripe
  • Invoice issuance
  • Fraud prevention

Legal basis: Contract performance and legal obligations

3.4 Communication

  • Sending transactional emails (confirmations, reminders)
  • Responding to your support requests
  • Sending newsletters (with your consent)

Legal basis: Contract performance and consent (newsletters)

3.5 Service Improvement

  • Analysis of platform usage
  • User experience improvement
  • Bug detection and correction

Legal basis: Legitimate interest

3.6 Legal Obligations

  • Compliance with tax and accounting laws
  • Responding to requests from competent authorities
  • Prevention of fraud and money laundering

Legal basis: Legal obligations

4. Data Sharing

4.1 Partner Studios

When you make a booking, we share necessary information with the relevant partner studio:

  • First and last name
  • Email address
  • Phone number (if provided)
  • Booking details

Partner studios agree to use this data only for the purpose of providing the service.

4.2 Service Providers

We work with trusted providers who process your data on our behalf:

  • Stripe: Secure payment processing
  • Supabase: Database hosting (servers in Europe)
  • Vercel: Platform hosting
  • Resend: Transactional email delivery

These providers are selected for their GDPR compliance and security guarantees.

4.3 Legal Authorities

We may disclose your data if required by law or in response to a legitimate request from authorities (police, courts, tax administration).

4.4 No Sale of Data

MySquad never sells your personal data to third parties.

5. Retention Period

Data TypeRetention Period
Active account dataAs long as the account is active
Deleted account data30 days after deletion (then legal archiving if necessary)
Booking history3 years after last activity (accounting obligations)
Invoices10 years (tax obligations)
Connection data13 months maximum
Cookies13 months maximum

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

6.1 Right of Access

You can request a copy of all personal data we hold about you.

6.2 Right to Rectification

You can correct or update your personal data at any time from your account or by contacting us.

6.3 Right to Erasure

You can request deletion of your personal data, unless we must retain it to comply with a legal obligation.

6.4 Right to Restriction of Processing

You can request restriction of processing of your data in certain circumstances.

6.5 Right to Data Portability

You can receive your data in a structured, machine-readable format, or request its transfer to another controller.

6.6 Right to Object

You can object to processing of your data for direct marketing purposes or based on our legitimate interest.

6.7 Withdrawal of Consent

If processing is based on your consent, you can withdraw it at any time (for example, unsubscribing from newsletters).

6.8 Exercising Your Rights

To exercise your rights, contact us at:
Email: contact@mysquad.me
Subject: "GDPR Rights Request"

We will respond within one month. ID verification may be required to verify your identity.

6.9 Right to Lodge a Complaint

If you believe your rights are not being respected, you can file a complaint with the CNIL (French Data Protection Authority):
Commission Nationale de l'Informatique et des Libertés (CNIL)
3 Place de Fontenoy - TSA 80715
75334 PARIS CEDEX 07
Phone: 01 53 73 22 22
https://www.cnil.fr

7. Data Security

MySquad implements technical and organizational measures to protect your data:

  • Encryption of sensitive data (passwords, payments)
  • Secure HTTPS connections
  • Two-factor authentication available
  • Servers hosted in the European Union
  • Regular backups
  • Limited data access by authorized personnel
  • Security incident monitoring and detection

In case of a data breach likely to present a high risk to your rights and freedoms, we will notify you within 72 hours in accordance with the GDPR.

8. Cookies and Similar Technologies

MySquad uses cookies and similar technologies to enhance your experience. For more information, see our Cookie Policy.

9. International Transfers

Your data is primarily stored and processed in the European Union. Some of our providers may be located outside the EU (for example, Vercel in the United States).

In such cases, we ensure that appropriate safeguards are in place:

  • Standard contractual clauses approved by the European Commission
  • Privacy Shield certification (if applicable)
  • Additional security measures (encryption, pseudonymization)

10. Minors

MySquad is intended for persons aged 18 and over. If you are under 18, you must obtain permission from your parents or legal guardians before using the platform.

If we discover that we have collected data from a minor without parental consent, we will delete it immediately.

11. Policy Modifications

We may modify this Privacy Policy to reflect changes in our practices or for legal reasons. The last update date is indicated at the top of this page.

In case of substantial modification, we will notify you by email or via a notification on the platform.

12. Contact

For any questions regarding this Privacy Policy or the processing of your personal data:

Email: contact@mysquad.me
Address: 210 rue du Faubourg Saint-Denis, 75010 Paris, France

Documents Légaux | MySquad