Privacy Policy

We are continuing our efforts to become totally compliant to GDPR privacy law. This will protect your privacy as good as possible and do this as transparent as possible. One of the multiple efforts in this journey has been to create a privacy policy that we will ask you to approve.

Please read through and approve the policy to use Acro Companion.

Last updated: 06/08/2025

Dandalius (Acro Companion) respects your privacy and processes personal data in accordance with the General Data Protection Regulation (GDPR – EU 2016/679).

This Privacy Statement explains which personal data we collect, why we collect it, how long we retain it, and which rights you have as a data subject.

1. Roles under the GDPR (Data Controller and Data Processor)

Dandalius acts as a Data Controller for:

  • User account management
  • Authentication (including Google OAuth)
  • Platform security and integrity
  • Technical logs and usage data
  • Website operation and analytics

Dandalius acts as a Data Processor for:

  • Personal data related to athletes, coaches, judges, teams and competitions
  • Competition scoring and judging data
  • Any personal data entered by clubs, federations or competition organizers

In these cases, the club, federation or organizer determines the purposes and means of the processing and therefore acts as the Data Controller.

Dandalius (Acro Companion)
Nadine Crappéstraat 52 – 9000 GENT, Belgium
Email: info@acro-companion.com
Website: https://www.acrocompanion.com

2. Categories of Personal Data

2.1 Coaches and Judges

For coaches, the following personal data may be processed:

  • Name
  • Email address
  • Country
  • Address
  • Club affiliation
  • Phone number
  • Membership status of Acro Companion
  • Birth date
  • Gender

Where personal data is provided by a third party (such as a club owner or administrator), Dandalius relies on that party to ensure that the data subject has been properly informed and that a valid legal basis exists for the data processing.

2.2 Athletes

For athletes, we may process:

  • Name
  • Email address
  • Country
  • Address
  • Phone number
  • Membership status of Acro Companion
  • Birth date
  • Gender
  • Name and email of parents
  • Category and level

Where personal data is provided by a third party (such as a club owner, a coach or administrator), Dandalius on that party to ensure that the data subject has been properly informed and that a valid legal basis exists for the data processing.

2.3 Competitions

For competitions, we may process:

  • Participating teams and athletes
  • Jury panels
  • Judges and coaches
  • Exercises and routines
  • Competition structure and identifiers

2.4 Users & Judges – Technical and Usage Data

For users and judges, the following technical data may be collected:

  • Approximate location (based on IP)
  • Login timestamps
  • Click activity for debugging processes
  • System usage logs (for audit, integrity, and debugging purposes)

This data is used strictly for operational, security, and integrity reasons.

3. Purpose of Processing

Personal data is processed exclusively for the following purposes:

  • Providing and operating the Acro Companion platform
  • Managing competitions and scoring workflows
  • Ensuring correct competition results and audit trails
  • User authentication and access control
  • Platform security and fraud prevention
  • Technical support and communication
  • Compliance with legal and sporting regulations

4. Legal Basis (GDPR Art. 6)

The processing of personal data is based on:

  • Performance of a contract: Personal data is necessary to conclude and execute agreements with users, federations, judges, and organizers.
  • Legitimate interest: For platform security, system integrity, and competition auditing.
  • Legal obligation: Where competition data must be retained for regulatory or sporting reasons. Consent is requested where legally required.

5. Recipients of Personal Data

Personal data is not sold and is shared only when strictly necessary:

  • Official competition organizers and federations involved
  • Authorized judges and administrators
  • Technical service providers (hosting, monitoring, email services), under strict data processing agreements
  • Public authorities, if legally required

If automated data processing or logging is used, it is limited to what is necessary for platform functionality and security.

6. Data Retention Period

Personal data is retained as follows:

  • Account and user data: for the duration of the active account
  • Competition data: retained for historical, legal, and sporting integrity purposes
  • Technical and usage logs: retained for a limited period necessary for security and troubleshooting

Data is deleted or anonymized when no longer required, unless retention is legally mandatory.

7. Source of the Data

Personal data is obtained:

  • Directly from users via the Acro Companion website and platform
  • Through competition organizers, clubs or federations where applicable
  • Through system usage during platform access

Where Dandalius acts as a Data Processor, data subjects should primarily contact the relevant club, federation or competition organizer acting as Data Controller for requests relating to their personal data.

8. Rights of the Data Subject

In accordance with the GDPR, you have the following rights:

  • Right to information (Art. 13 GDPR): To be informed in a clear, transparent, and accessible manner about how your data is processed.
  • Right of access (Art. 15 GDPR): To request access to your personal data and information about its processing.
  • Right to rectification (Art. 16 GDPR): To correct inaccurate or incomplete personal data.
  • Right to erasure (Art. 17 GDPR): To request deletion of personal data where legally applicable.
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability: To receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to object (Art. 21 GDPR): To object to processing based on specific personal circumstances.
  • Right not to be subject to fully automated decision-making: Requests can be submitted via info@acro-companion.com.

9. Data Management & Security

Dandalius implements appropriate technical and organizational measures to protect personal data, including:

  • Secure (HTTPS) connections
  • Role-based access control
  • Limited access for authorized personnel only
  • Secure cloud infrastructure within the EEA where possible

Users are informed of material updates to this Privacy Statement via the platform or website.

10. Updates

This Privacy Statement may be updated from time to time. The latest version is always available on our website.

11. Contact

📧 info@acro-companion.com
🌐 https://www.acrocompanion.com