Legal

Privacy Policy

Last updated: 18 June 2025  ·  Mobile Spark Creations LTD

This Privacy Policy explains how Mobile Spark Creations LTD ("we", "us", or "our"), a company registered in Cyprus, collects, uses, and protects information about you when you use our websites, mobile applications (including Streamitfit‑PL), and related services (collectively, the "Services"). Please read this policy carefully. By using our Services you agree to the practices described here.

1. Who we are

Mobile Spark Creations LTD is the data controller for personal data collected through our Services.

• Company: Mobile Spark Creations LTD
• Address: Ptolemeon 53, Neroupos Business Center, Office 203, Cyprus
• Email: info@mobilesparkcreations.com

2. Data we collect

We collect information you provide directly, information generated automatically through your use of our Services, and, where applicable, information from third parties.

Information you provide:

• Account registration data (name, email address, password)
• Profile information (age, fitness goals, preferences)
• Payment information (processed by our payment provider - we do not store card numbers)
• Communications you send us (support requests, enquiry emails)

Information collected automatically:

• Device identifiers, IP address, and browser/OS type
• Usage data (workouts completed, session duration, features used)
• Performance data (calories, heart rate where you have granted device permissions)
• Log data and crash reports
• Cookie and similar tracking data (see Section 7)

3. How we use your data

We use personal data to:

• Provide, maintain, and improve our Services
• Personalise your experience and generate AI training plans
• Process payments and manage your subscription
• Send transactional emails (receipts, account notifications)
• Send marketing communications where you have given consent (you may opt out at any time)
• Analyse usage patterns to improve product features
• Detect, prevent, and investigate fraud or security incidents
• Comply with legal obligations

4. Legal basis for processing

Where the General Data Protection Regulation (GDPR) applies, we rely on the following legal bases:

• Contract: Processing necessary to deliver the Services you have signed up for.
• Legitimate interests: Analytics, fraud prevention, and product improvement, where these do not override your rights.
• Consent: Marketing emails and non-essential cookies. You may withdraw consent at any time.
• Legal obligation: Where we must process data to comply with applicable law.

5. Data sharing and disclosure

We do not sell your personal data. We may share data with:

• Service providers acting as data processors on our behalf (e.g. cloud hosting, payment processing, analytics, customer support tools) - bound by data processing agreements.
• Professional advisors (lawyers, accountants) under obligations of confidentiality.
• Law enforcement or regulators where required by applicable law or to protect the rights and safety of our users.
• Acquirers in the event of a merger, acquisition, or asset sale, subject to standard confidentiality commitments.

6. Data retention

We retain personal data for as long as your account is active or as needed to provide Services. When you delete your account we will delete or anonymise your personal data within 30 days, unless we are required to retain it for legal, regulatory, or legitimate business purposes (such as resolving disputes or complying with tax obligations).

7. Cookies and tracking

We use cookies and similar technologies to:

• Keep you signed in and remember your preferences (strictly necessary)
• Understand how users navigate our website (analytics - requires consent)
• Measure the effectiveness of our marketing (requires consent)

You can control non-essential cookies through the cookie banner displayed on your first visit, or through your browser settings. Disabling cookies may affect the functionality of our Services.

8. Your rights

Subject to applicable law, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Delete your personal data ("right to erasure")
• Restrict or object to certain processing
• Data portability - receive your data in a structured, machine-readable format
• Withdraw consent at any time without affecting the lawfulness of prior processing
• Lodge a complaint with a supervisory authority (in Cyprus: the Office of the Commissioner for Personal Data Protection)

To exercise any of these rights, contact us at info@mobilesparkcreations.com. We will respond within 30 days.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse - including encryption in transit (TLS) and at rest, access controls, and regular security reviews. No system is completely secure; in the event of a data breach we will notify you and relevant authorities as required by law.

10. Children's privacy

Our Services are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. International transfers

We are based in Cyprus (EU). Where we transfer personal data outside the European Economic Area we use appropriate safeguards - such as Standard Contractual Clauses approved by the European Commission - to ensure your data is protected to the same standard.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and, where appropriate, by email. The "Last updated" date at the top of this page reflects when the policy was last revised. Continued use of our Services after changes are posted constitutes your acceptance of the updated policy.

13. Contact us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: info@mobilesparkcreations.com
• Post: Mobile Spark Creations LTD, Ptolemeon 53, Neroupos Business Center, Office 203, Cyprus