Privacy Policy

1) Who we are & contact

Controller: Athlete Mindset Inc
Email: sondre@stavhopp.no
Accessibility requests/alternate formats: sondre@stavhopp.no

If you are in the EEA/UK, we act as controller of your personal data.

2) Information we collect

You provide: name, email, password, sport and preferences (e.g., cue words), session notes/check-ins, support messages; purchase/subscription metadata (full card numbers are not stored by us).

Automatic: usage/diagnostics (screens, features, timestamps), device/technical data (device model, OS, app version, IP, language, time zone), cookies (web) for preferences and performance.

AI/TTS data: prompts, PETTLEP parameters, generated text/audio, minimal audio cache metadata for replay/offline.

Integrations (optional): if you connect third-party services (e.g., sign-in), we receive the minimal info needed to operate that integration.

We may create de-identified/aggregated data and will not reidentify it.

3) How we use information

• Provide, operate, and secure the Services (authentication, core features, generation of content/audio)
• Personalize experience (sport-specific scripts, voice selection)
• Process purchases/subscriptions and send related notices
• Analyze, debug, and improve the Services (analytics, crash logs, experiments)
• Communicate with you (support, updates, marketing where permitted)
• Comply with law and enforce terms

Legal bases (EEA/UK): contract, legitimate interests (product improvement, security), consent (e.g., marketing/certain cookies), legal obligation.

4) AI & audio transparency

To generate scripts and audio, we send your inputs/parameters to third-party AI and text-to-speech providers. By default, our contracts prohibit providers from using your content to train their models. If we later introduce an opt-in to help improve models, we will ask clearly first and honor your choice.

Avoid submitting highly sensitive information in prompts.

5) Cookies & tracking (web)

We use cookies or similar technologies to remember settings, analyze performance, and improve features. Manage via your browser/settings and our banner (where available).

Global Privacy Control (GPC): We honor legally required opt-out signals for activities that could be deemed "sharing."

6) Sharing your information

We do not sell personal information. We share only with:

• Service providers (hosting/CDN, databases, analytics, crash reporting, email, payments, AI/TTS) under confidentiality and security obligations
• Professional advisors/authorities where required by law or to protect rights/safety
• Business transfers (e.g., merger or acquisition), with continued protection and notice of material changes

7) International transfers

Your information may be processed in countries other than your own (e.g., U.S.). Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses).

8) Data retention

We retain personal data only as long as needed, then delete or de-identify it.

9) Your rights & choices

You may access, correct, delete, or download/port your personal data, and object/restrict certain processing, by emailing sondre@stavhopp.no. You can opt out of marketing via the unsubscribe link. Some requests may affect functionality.

Appeals (CO/CT/VA/OR/MN/RI, etc.): If we deny a request, reply "Appeal" to our decision email; we will review within the time required by law.

EEA/UK: You may lodge a complaint with your local supervisory authority; please contact us first so we can help.

10) Consumer Health Data (e.g., WA/NV)

We treat information you provide about mental performance, stress, sleep context, well-being intentions, or related inferences as "consumer health data" where state law applies.

• Purpose: deliver AI visualization and audio coaching, personalize sessions, improve the Service
• Consent: where required, we will request consent prior to processing
• Sale: we do not sell consumer health data
• Rights: access, deletion, and appeal via sondre@stavhopp.no
• Authorized agents: we honor valid agent requests per applicable law

11) Children's privacy

The Services are not intended for children under 13 (or under 16 in some jurisdictions). We do not knowingly collect data from them. If you believe a child provided data, contact us to delete it.

12) Security

We use administrative, technical, and physical safeguards (e.g., encryption in transit, access controls, monitoring). No system is 100% secure; please use strong, unique passwords and protect your credentials.

13) Region-specific disclosures

EEA/UK (GDPR)

Purposes/legal bases (Sections 3–4); rights (Section 9); transfers (Section 7). If we appoint EU/UK representatives or a DPO, we will list them here.

California (CCPA/CPRA)

• Categories collected: identifiers, internet/activity data, device data, user-generated content, limited transaction data, inferences
• Sale/sharing: We do not sell personal information and do not share it for cross-context behavioral advertising
• Rights: know/access, delete, correct, limit sensitive data (where applicable), and non-discrimination. Submit requests via sondre@stavhopp.no. We honor GPC where applicable.

Other U.S. states (CO/CT/VA/UT/OR/MN/RI, etc.)

You may have rights to access, delete, correct, port, and opt out of targeted advertising or profiling. We do not use profiling to make legal or similarly significant decisions. Contact sondre@stavhopp.no.

14) Third-party links

Third-party sites/services are governed by their own policies. Review them before use.

15) Changes to this Policy

We may update this Policy. If changes are material, we'll notify you (e.g., in-app/email) and update the "Last updated" date. Continued use means you accept the updated Policy.

16) Contact