Privacy Policy
Last updated: 7 June 2026
Read in SwedishThis Privacy Policy explains how RNSTRM Solutions AB, Swedish company registration no. 559578-0536, processes your personal data when providing Hoopio Lab. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and Swedish data protection law.
Governing language: This English version is provided for convenience. If the Swedish version and this English version differ, the Swedish version applies to the extent permitted by law.
- 1. Controller
- 2. Personal data we process
- 3. Special category health data
- 4. Purposes and legal bases
- 5. Coach and club features
- 6. Recipients and subprocessors
- 7. International transfers
- 8. Retention
- 9. Security
- 10. Children's data
- 11. Your rights
- 12. Automated decision-making
- 13. Cookies
- 14. Complaints
- 15. Changes
1. Controller
RNSTRM Solutions AB is the controller for personal data processed in Hoopio Lab, except for coach and club features where we may act as processor for a coach or club (see section 5).
RNSTRM Solutions AB
Stjärngatan 37, 195 58 Märsta, Sverige
Privacy contact: privacy@hoopiolab.com
2. Personal data we process
- Account data: email address, name/display name, and login method (email, Apple, or Google).
- Profile and training data: onboarding information such as experience level, goals, age category, available equipment, injuries or limitations, plus training history and progress.
- Team and club data: team membership and training information visible to a coach when you join a team.
- Purchase and subscription data: subscription or licence status. Apple and Stripe handle payments; we do not store card details.
- Technical data and logs: basic operational, debugging, and security logs.
- Support data: information you provide when contacting support.
3. Special category health data
Information you choose to provide about injuries, pain, or other health-related limitations may be special category health data under Article 9 GDPR. We process such data only with your explicit consent, which you give by voluntarily entering the data, and only to adapt your training. You can withdraw consent by deleting the information or your account.
4. Purposes and legal bases
| Purpose | Data categories | Legal basis |
|---|---|---|
| Create and administer your account | Account data | Contract (Art. 6(1)(b)) |
| Provide personal programs and training history | Profile and training data | Contract (Art. 6(1)(b)) |
| Adapt training to injuries or limitations | Health data | Explicit consent (Art. 9(2)(a)) |
| Coach/club follow-up | Team and training data | Processor role for the coach/club (see section 5) |
| Manage purchases, subscriptions, and licences | Purchase and subscription data | Contract (Art. 6(1)(b)) |
| Support, operations, security, and debugging | Account, support, and technical data | Contract / legitimate interest (Art. 6(1)(b)/(f)) |
| Comply with legal obligations, such as accounting | Purchase and invoice data | Legal obligation (Art. 6(1)(c)) |
5. Coach and club features
When a coach or club uses the Service to follow up player training, the coach or club determines the purposes and means of that processing and is the controller. RNSTRM Solutions AB acts as processor and processes the data under the coach/club's instructions and our Data Processing Agreement.
6. Recipients and subprocessors
We do not sell your personal data or share it for third-party marketing. We use trusted providers to deliver the Service:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database, authentication, and storage | EU/USA |
| Apple | Login, app distribution, and App Store payments | EU/USA |
| Stripe | Payments for coach/club licences | EU/USA |
| RevenueCat | Subscription management | USA |
| Optional login | EU/USA | |
| Hosting provider | Website and service hosting | EU |
We may also disclose data to authorities when required by law. An up-to-date subprocessor list can be requested at privacy@hoopiolab.com.
7. International transfers
Some providers may process data outside the EU/EEA, for example in the United States. Where this happens, we use appropriate safeguards such as the European Commission's Standard Contractual Clauses and, where applicable, certification under the EU-US Data Privacy Framework, together with additional technical and organisational measures.
8. Retention
| Data | Retention period |
|---|---|
| Account, profile, and training data | As long as you have an active account; deleted when the account is deleted |
| Health data | Until you delete it or withdraw consent, and no longer than until account deletion |
| Purchase and invoice data | Up to 7 years under Swedish accounting law |
| Technical logs | Normally up to 12 months |
| Support cases | As long as needed to handle the case and for a reasonable period afterwards |
You can export or delete your data in the app under Profile - Privacy / GDPR. When an account is deleted, data is deleted or anonymised within a reasonable time unless we are legally required to keep it.
9. Security
We use appropriate technical and organisational measures, including encryption in transit, access control, permission management, and routine review. If a personal data breach occurs, we handle it under GDPR and notify affected parties and authorities when required.
10. Children's data
The Service is primarily intended for users aged 13 or older. For children under 13, an account may only be created and managed by a guardian who consents to the processing of the child's data. If you discover that a child has provided data without consent, contact us and we will delete it.
11. Your rights
Under GDPR you may have the right to access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent. Many rights can be exercised directly in the app. You can also contact privacy@hoopiolab.com. We normally respond within one month and may need to verify your identity.
12. Automated decision-making
We do not use automated decision-making that has legal effects for you or similarly significantly affects you. Program suggestions are guidance based on information you provide.
13. Cookies
Cookies are used on hoopiolab.se. Our Cookie Policy explains what is used and how you can manage choices. The app itself does not use cookies for tracking.
14. Complaints
You may contact us first if you are unhappy with our processing. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY) at imy.se.
15. Changes
We may update this policy. The latest version is always available here. Material changes are notified in the app or by email.