Login
Home Login Lesvoorbereidingen

Privacy Policy

Last Updated: February 18, 2026

1. Introduction & Data Controller

This document explains how we collect, use, and protect your personal data when you use our services. We are committed to ensuring that your privacy is protected in accordance with the General Data Protection Regulation (GDPR).

Data Controller: This website is operated by an individual developer located in Leuven, Belgium. For any questions regarding your data, you can reach us at thetennisarchitect@gmail.com.

2. Data We Collect and How We Collect It

We collect information to provide a secure and functional experience. This is split into two categories:

A. Information You Provide

When you create an account or log in, we collect your email address and password. This information is strictly necessary for the performance of our contract with you (Art. 6(1)(b) GDPR).

B. Technical Fingerprinting (Consent-Based)

If, and only if, you select the "Blijf ingelogd" (Remember Me) option, we collect technical characteristics of your browser and device. This includes:
• Browser type, version, and engine
• Operating system and device platform
• Screen resolution and preferred language settings
• A masked IP address (the last octet is zeroed out at the point of collection to ensure anonymity)
• Approximate Geo-location (Country and City level only)

3. Purpose of Processing and Legal Basis

We process your data based on the following legal grounds:

  • Contractual Necessity: To manage your account and provide access to our features.
  • Consent: By checking "Blijf ingelogd," you provide explicit consent for us to store a security fingerprint (Art. 6(1)(a) GDPR).
  • Legitimate Interest: We have a legitimate interest in monitoring for "session hijacking" and preventing fraudulent login attempts to keep all user accounts safe (Art. 6(1)(f) GDPR).

4. Where Your Data Goes (Third-Party Processors)

We do not sell your data. However, we rely on trusted third-party providers to keep the site running. These "Sub-processors" are bound by Data Processing Agreements (DPAs):

  • Hosting: Our website is hosted via Hostinger. All application data and databases are stored on servers located in Frankfurt, Germany (EU).
  • Email: We use Gmail/Google Workspace to send system notifications (like password resets). While Google operates globally, they adhere to EU Standard Contractual Clauses (SCCs) to protect your data.

5. Data Retention and Deletion

We believe in data minimization. We only keep what we need for as long as we need it:

  • Account Data: If you choose to delete your account, all associated data is immediately and permanently wiped from our active databases.
  • Fingerprint Data: Security fingerprints are automatically deleted after 14 days of inactivity.
  • Server Logs: Our server logs are configured to exclude full IP addresses, ensuring that your browsing history cannot be linked back to you personally.

6. Your Rights Under the GDPR

You are in control of your data. As a user, you have the following rights:

  • Right to Access: You can request a summary of the data we hold about you.
  • Right to Rectification: You can update your email or password at any time via your settings.
  • Right to Erasure: You can delete your account at any time, which triggers an immediate wipe of your data.
  • Right to Object/Withdraw Consent: You can stop the use of security fingerprints simply by unchecking "Blijf ingelogd" or clearing your sessions in your account dashboard.
  • Right to Data Portability: You have the right to receive your data in a structured, machine-readable format (JSON).

7. Data Security

We implement industry-standard technical measures to protect your data, including:
Encryption in Transit: All data sent between your browser and our servers is encrypted via TLS (HTTPS).
One-Way Hashing: Your password and fingerprint data are hashed using cryptographic algorithms, meaning they cannot be read by us or anyone else.
Anonymization: We mask IP addresses before they ever reach our storage.

8. Right to Complain

If you feel we are not respecting your privacy, you have the right to lodge a complaint with a supervisory authority. In Belgium, you can contact the Gegevensbeschermingsautoriteit (GBA) at www.gegevensbeschermingsautoriteit.be.

9. Changes to this Policy

We may update this policy from time to time to reflect changes in our service or legal requirements. Significant changes will be announced on our website or via email.