Legal

Privacy Policy

Last updated May 23, 2026

This Privacy Policy explains how personal data is collected, used, and protected when you use the Hyprace mobile application for iOS and Android (the "App"). It should be read together with our Terms and Conditions.

We are committed to protecting your privacy and to processing personal data in accordance with the EU General Data Protection Regulation ("GDPR"), the French Loi Informatique et Libertés, and other applicable laws.

1. Who is responsible for your data

The App is currently published and operated under the name "Hyprace" by an individual publisher established in France, on a non-professional basis (the "data controller", "we", "us", or "our"). A French société par actions simplifiée (SAS) is in the process of being formed and is intended to become the data controller; this Policy will be updated once that company is registered.

You can contact us about this Policy or about your data at any time at contact@hyprace.com.

2. Scope

This Policy applies to personal data processed through the App. It does not apply to third-party services, websites, or platforms that we do not control (such as the Apple App Store or Google Play), which are governed by their own privacy policies.

3. What data we collect

The App does not require you to create an account, and we do not ask you to provide your name, postal address, phone number, or date of birth in order to use it.

3.1 Data you choose to provide

If you contact us by email (for example, at contact@hyprace.com), we receive your email address and the content of your message.

3.2 Data collected automatically

When you use the App, certain data may be collected automatically:

• Device and technical data: device type and model, operating system and version, App version, language and region settings, and similar technical identifiers needed for the App to function.
• Usage and diagnostic data: technical diagnostics used to maintain and improve the App, such as crash reports, error logs, stack traces, performance data, device model, operating system version, and App version. We minimise the diagnostic data we collect and do not intentionally collect directly identifying personal data through crash-reporting tools.
• Push notifications: notifications are sent on a broadcast basis. We do not collect or store an individual device notification token; your device simply receives general broadcast messages through Apple's and Google's messaging services.

3.3 Data we do not collect

We do not knowingly collect precise geolocation data, contacts, photos, financial information, or special categories of data (such as data revealing health, religion, or political opinions), and we do not build personal profiles about you.

4. Purposes and legal bases

We process your data for the following purposes, on the following legal bases under Article 6 GDPR:

• To provide and operate the App (display schedules, results, and related content): our legitimate interest in delivering the Service you requested, and the performance of our Terms.
• To send push notifications: your consent, which you may withdraw at any time via your device settings.
• To diagnose errors, monitor stability, security, and performance, and improve the App: our legitimate interest in keeping the App stable, secure, and reliable and in detecting and resolving technical incidents.
• To ensure security, prevent abuse, and diagnose technical issues: our legitimate interest in keeping the App secure and functional.
• To respond to your requests when you contact us: our legitimate interest in handling your enquiry.

Where we rely on legitimate interest, you have the right to object (see Section 11).

5. Push notifications

Notifications are delivered on a broadcast basis through the Apple Push Notification service (APNs) and Firebase Cloud Messaging (FCM). We do not collect or store an individual device notification token; these services handle message delivery at the transport level. You can enable or disable notifications at any time through your device settings, which controls your consent for receiving them.

6. Error monitoring and diagnostics

We use Sentry for error monitoring and crash reporting, with data hosted in the European Union. Sentry processes diagnostic data such as crash reports, error logs, stack traces, technical device information, and contextual data about the event that triggered the error, for the sole purposes of crash monitoring, error reporting, service reliability, and debugging technical incidents. Error monitoring is enabled by default in recent versions of the App, on the basis of our legitimate interest in the stability and security of the Service; you have the right to object (see Section 11). We do not use Sentry for advertising, behavioural profiling, or marketing analytics.

7. Third-party services and processors

To operate the App, we rely on third-party providers that may process data on our behalf (processors) or as independent controllers, including:

• Apple App distribution and push notifications (APNs).
• Google / Firebase push notifications via Firebase Cloud Messaging (FCM).
• Sentry error monitoring, crash reporting, and diagnostics, with data hosted in the European Union.
• Hetzner cloud hosting and infrastructure used to operate the App's backend, located within the European Union (Germany/Finland).

These providers are bound by their own terms and privacy policies and, where they act as our processors, by data-processing agreements requiring appropriate safeguards.

8. International data transfers

Our hosting infrastructure (Hetzner) and our error-monitoring data (Sentry) are located within the European Union. However, some of the other providers listed above (such as Apple and Google/Firebase) may process data outside the European Economic Area (EEA), including in the United States. Where data is transferred outside the EEA, we rely on appropriate safeguards recognised under the GDPR, such as the European Commission's Standard Contractual Clauses or an adequacy decision (including, where applicable, the EU–U.S. Data Privacy Framework).

9. Data retention

We keep personal data only for as long as necessary for the purposes described in this Policy:

• Diagnostic and usage data: kept for a limited period needed to maintain and improve the App, then deleted or anonymised.
• Push notifications: we do not store an individual device notification token; notifications are sent on a broadcast basis, so there is no per-user push identifier to retain.
• Email correspondence: kept for the time needed to handle your request and to comply with any legal obligations.

10. Data security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Your rights

Subject to applicable law, you have the right to:

• access the personal data we hold about you;
• request the rectification of inaccurate data;
• request the erasure of your data ("right to be forgotten");
• request the restriction of processing;
• object to processing based on legitimate interest;
• request data portability;
• withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal;
• define directives on the fate of your data after your death.

To exercise these rights, contact us at contact@hyprace.com. We may need to verify your identity before responding. We will reply within the time limits set by applicable law (in principle one month under the GDPR).

12. Children's privacy

The App is intended for users aged 13 and over. We aim to limit the data processed through the App and do not knowingly use children's data for profiling or behavioural advertising.

If you are under the age of digital consent in your country of residence (for example, 15 in France, and between 13 and 16 across the EU), you may use the App only with the consent of a parent or legal guardian, and any processing that requires consent then relies on that consent. We do not knowingly collect personal data from children in violation of applicable law. If you are a parent or guardian and believe that a child has provided personal data without appropriate consent, please contact us at contact@hyprace.com and we will take steps to delete it.

13. Changes to this Privacy Policy

We may update this Policy from time to time, in particular to reflect changes in the App, our practices, or the law (including when the SAS is formed or when new features are introduced). The updated version will be made available within the App and/or on our website, with the "Last updated" date revised accordingly. Material changes will be notified to you by appropriate means.

14. Complaints

If you believe that your data-protection rights have not been respected, you have the right to lodge a complaint with the French data-protection authority:

Commission Nationale de l'Informatique et des Libertés (CNIL)
3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France
www.cnil.fr

You may also contact the supervisory authority of your country of residence within the EU.

15. Contact

For any question regarding this Privacy Policy or the processing of your personal data:

Hyprace
Email: contact@hyprace.com
Website: hyprace.com

The publisher's full legal identification and the hosting provider's details are available in the App's legal notice (mentions légales).