Privacy Policy
Last updated: March 3, 2026
Elite+ Performance Lab (“Elite+,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, store, and share information when you use our platform at eliteplusacademy.app (the “Platform”).
By using Elite+, you agree to this Privacy Policy.
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
- Name
- Email address
- Password (securely hashed using bcrypt)
- Profile details (position, level, age band, preferred foot, goals)
- OAuth profile data if signing in via Google or Discord
We never store plaintext passwords.
1.2 Performance & App Data
We collect data you voluntarily enter, including:
- Match logs (opponent, stats, ratings, results, date)
- Training sessions (duration, intensity, drills, notes)
- Goals and improvement plans
- Journal entries and mood tracking
- Recovery and wellness metrics (sleep, soreness, stress, fatigue, etc.)
- Fitness testing results
- Mental performance metrics
- Tactics board configurations
- Community posts, messages, and club activity
1.3 Automatically Collected Data
When you use the Platform, we collect:
- Usage analytics (via Google Analytics 4)
- Device type, browser type, and session duration
- Core Web Vitals performance metrics
- Secure authentication session data (eliteplus.sid)
We do not collect advertising tracking data beyond analytics.
2. How We Use Your Information
We use your information to:
- Provide dashboards, analytics, trends, and AI coaching
- Generate personalized insights using AI features
- Sync your data across devices
- Process subscription payments via Stripe
- Send transactional emails (password resets, billing notices)
- Improve performance, security, and usability
- Operate community features
We do not sell your personal data.
3. AI Processing
Elite+ uses OpenAI to power AI-driven features including AI Coach and Career Intelligence.
When AI features are used, we send structured summaries of your performance data (not raw personal identifiers) to OpenAI for real-time processing.
We do not send:
- Passwords
- Session tokens
- Raw authentication credentials
AI responses may contain inaccuracies and are provided for informational purposes only.
We do not use your personal data to train our own AI systems.
4. Third-Party Service Providers
We share data only as necessary to operate the Platform:
| Provider | Purpose |
|---|---|
| OpenAI | AI feature processing |
| Stripe | Payment processing and billing |
| Google Analytics | Usage analytics |
| Mailgun | Transactional emails |
| Google / Discord | Authentication (if used) |
Each provider processes data according to their own privacy policies.
5. Cookies & Session Management
We use:
Essential Session Cookie
- Name: eliteplus.sid
- Purpose: Authentication
- Duration: 4 hours (30 days if “Remember Me” enabled)
- Flags: httpOnly, SameSite=Lax, Secure in production
Analytics Cookies
- Used for anonymized usage analytics
- May be blocked via browser settings
We do not use advertising cookies.
For more details, see our Cookie Policy.
6. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), we process data under:
- Contractual necessity — to provide Elite+ services
- Legitimate interests — to improve and secure the platform
- Consent — for analytics or optional AI usage
- Legal obligations — tax and regulatory compliance
7. International Data Transfers
Your data may be processed in countries outside your country of residence, including the United States.
Where required, we rely on appropriate legal safeguards such as standard contractual clauses.
8. Data Retention
- Active accounts: Data retained while account is active
- Account deletion: Data removed within 30 days unless legal retention is required
- Payment data: Retained by Stripe as required by financial regulations
9. Data Security
We implement industry-standard security practices including:
- SSL/TLS encryption
- Password hashing (bcrypt)
- Secure HTTP-only cookies
- CSRF protection
- Rate limiting
- Security headers (CSP, HSTS, etc.)
- Input validation and sanitization
However, no system is 100% secure, and we cannot guarantee absolute security.
10. Your Rights
You have the right to:
- Access your data
- Export your data (CSV export available)
- Correct your information
- Delete your account
- Restrict processing
- Withdraw consent
To exercise your rights, contact:
support@eliteplusacademy.app
11. Children’s Privacy
Elite+ is intended for users aged 13 and older.
If you are under the age of majority in your jurisdiction, your parent or guardian assumes responsibility for your use of the Platform.
We do not knowingly collect personal information from children under 13. If we discover such data, we will delete it.
12. PWA & Offline Data
Elite+ operates as a Progressive Web App (PWA). When offline, limited data may be cached locally on your device and synchronized once connectivity is restored.
13. Changes to This Policy
We may update this Privacy Policy from time to time.
Material changes will be communicated via email or through the Platform.
The “Last Updated” date reflects the most recent revision.
14. Contact
For privacy-related inquiries:
support@eliteplusacademy.app
Elite+ Performance Lab
Ontario, Canada
Your data is yours. We collect only what’s needed to power Elite+ and improve your experience.