Privacy Policy
Last updated: June 11, 2026
This Privacy Policy explains how MC Technologies Group LLC ("we," "us," "AthletixOS") handles personal information in connection with the AthletixOS platform ("Service"). It covers two groups: (1) our customers — gym and sports club owners and their staff who use the Service ("Clubs"); and (2) the members and athletes whose information Clubs enter into the Service ("Members").
1. Our two roles
- For Club account holders, we are the data controller. We decide how their account information is handled.
- For Member data that a Club uploads, we are a data processor. The Club is the controller. We process Member data only on the Club's behalf to provide the Service. This distinction matters for the rest of this policy.
2. Information we collect
From Clubs (account holders):
- Account details: name, email, phone, business name, role.
- Billing information processed through Stripe (we do not store full card numbers).
- Usage and device data: log data, IP address, browser type, and how you interact with the Service.
From Clubs about their Members (we process, Club controls):
- Member profile data the Club enters: names, contact details, membership and booking history, event participation, and any other fields the Club chooses to store.
- For youth athletes, this may include a minor's information and a parent/guardian's contact details (see Section 7).
3. How we use information
We use Club account and usage data to: provide and maintain the Service, process payments, provide support, secure the platform, communicate with you, and improve our product. We use Member data only to provide the Service to the Club that controls it — we do not use Member data for our own marketing.
4. How we share information
We share information with: service providers who help us operate — Stripe (payments), Resend (email delivery), Plaid (optional bank sync, only when a Club connects a bank), Sentry (error monitoring), Supabase (database hosting), and Netlify (application hosting) — under confidentiality obligations; as required by law or to protect rights and safety; and in a business transfer (merger, acquisition) with notice. We do not sell personal information.
5. Data security
We use technical and organizational measures to protect personal information, including encryption in transit and at rest, access controls, multi-tenant isolation so one Club cannot access another Club's data, and signature verification on payment webhooks. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
6. Data retention and deletion
We retain Club account data while your account is active. After termination, Customer Data (including Member data) is available for export for 30 days, after which we may delete it, subject to any legal retention obligations. Clubs can request deletion of specific Member records at any time, and we will action such requests as the Club's processor.
7. Children's privacy and youth athletes (COPPA)
AthletixOS is a tool for businesses, not a service directed at children, and we do not knowingly collect personal information directly from children. However, Clubs may use the Service to store information about Members under 18, including children under 13.
Where a Club stores a child's personal information, the Club — not AthletixOS — is responsible for complying with the U.S. Children's Online Privacy Protection Act ("COPPA") and any similar laws. This includes:
- Providing required notice to parents/guardians;
- Obtaining verifiable parental consent before collecting a child's personal information, where required;
- Honoring parents'/guardians' rights to review, delete, or refuse further collection of their child's information.
We support Clubs by acting only on their instructions as a processor, providing data export and deletion tools, and limiting Member data use to delivering the Service. We rely on each Club's representation (in our Terms of Service) that it has obtained any parental consent required before entering a minor's information into the Service. If you are a parent or guardian and believe a child's information has been provided to us without proper consent, contact the relevant Club, or contact us at support@athletix-os.com and we will work with the Club to address it.
8. Your rights and choices
Depending on your location, you may have rights to access, correct, delete, or port your personal information, or to object to certain processing. Club account holders can exercise these rights by contacting us. Members should direct requests to the Club that controls their data; we will assist that Club in responding.
9. International users
The Service is operated from the United States. If you access it from elsewhere, your information may be transferred to and processed in the U.S.
10. Changes to this policy
We may update this policy. We will post the updated version with a new "Last updated" date and provide notice of material changes. Continued use after changes means you accept the updated policy.
11. Contact
Questions or requests:
support@athletix-os.com
MC Technologies Group LLC
981 Dryden Rd, Ithaca, NY 14850
Document version: 2026-06-11