Privacy Policy
Last Updated: January 19, 2025
At foß, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and share your personal information when you use our platform. We are committed to transparency and giving you control over your data.
GDPR Compliance
We are fully compliant with the General Data Protection Regulation (GDPR). We collect and process personal data only with your explicit consent and for specific, legitimate purposes. Your data is stored securely in EU data centers and is never shared with third parties without your permission.
Data Collection
We collect only the minimum data necessary to provide our services: contact information, team roster data, wellness check-ins, performance metrics, and medical records (with proper consent). All data is encrypted in transit and at rest using industry-standard encryption (TLS 1.3 and AES-256).
Data Usage
Your data is used exclusively to provide platform services: team management, analytics, wellness tracking, and performance insights. We never sell your data to third parties. We may use anonymized, aggregated data to improve our services and develop better AI models, but individual athletes are never identifiable.
Security Measures
We implement hospital-grade security: AES-256-GCM encryption for medical data, HIPAA-compliant audit logging, Row-Level Security (RLS) for multi-tenant isolation, regular penetration testing, and automatic security updates. All medical record access is logged and monitored.
Your Rights
- • Right to access your personal data
- • Right to rectification of inaccurate data
- • Right to erasure (right to be forgotten)
- • Right to data portability
- • Right to object to processing
- • Right to withdraw consent at any time
To exercise any of these rights, please contact us at support@foß.de