Privacy Policy
This Privacy Policy explains how Profive Academy collects, uses, shares and protects your personal data when you visit 40x20.profive.academy or use our courses, exercise library and related services (the "Services"). By using the Services you acknowledge this Policy.
1. Who is responsible for your data
Profive Academy is a sole proprietorship owned and operated by Albert Sabaté Armengol ("we", "us", "the Data Controller").
- Address: Shinagawa, Tokyo, Japan
- Contact email: [email protected]
For any privacy question or to exercise your rights (see Section 7), contact us at the email above.
2. What data we collect
We collect the following categories of personal data:
- Account data: name, email address, password, country and language preference.
- Payment data: billing name, address and card details — processed directly by Stripe, our payment processor. We never see or store your full card number.
- Usage data: courses viewed, progress, quiz results, exercises accessed, device and browser information, IP address.
- Communications: emails you send us, support requests, and any content you post in course discussions.
- Marketing data: if you subscribe to our newsletter or download a free resource, we collect your email and, optionally, your name, to send you educational content and offers.
3. How and why we use your data (legal basis)
- To provide the Services (create your account, deliver course content, track your progress) — necessary to perform our contract with you.
- To process payments and prevent fraud — necessary to perform our contract and comply with legal obligations.
- To send you service-related emails (receipts, password resets, course updates) — necessary to perform our contract.
- To send you newsletters and marketing offers — based on your consent, which you can withdraw at any time by unsubscribing.
- To improve the Services and understand how they are used — based on our legitimate interest in operating and improving our business.
We do not use your data for any automated decision-making or profiling that produces legal effects on you.
4. Who we share your data with
We never sell your personal data. We work with six service providers to operate Profive Academy. Three of them process your personal data directly, on our behalf:
- Thinkific (Canada) — hosts our website and learning platform (courses, accounts, exercise library).
- Stripe (USA/Ireland) — processes your payments securely (PCI-DSS compliant).
- Mailchimp / Intuit (USA) — sends our newsletters and manages our subscriber list.
The following providers support our internal operations and do not process your personal data:
- Wistia (USA) — hosts and streams our course and Futsalpedia videos.
- Buffer (USA) — schedules our public social media posts.
- Make (Czech Republic/EU) — powers internal workflow automations between our tools.
Thinkific, the platform we run on, may also attribute visits to Google and Meta (Google Analytics, Google Ads, Meta/Facebook Ads) as part of its default operation — see Section 6 for details.
We may also disclose data if required by law, or to protect our rights, safety, or the rights and safety of others.
5. International data transfers
Some of the providers listed above are based outside your country, including in the United States. When we transfer personal data internationally, we rely on the safeguards recognised by applicable law — such as the Standard Contractual Clauses approved by the European Commission — and we only work with providers that maintain adequate data protection standards (Thinkific, Stripe and Mailchimp all publish their own GDPR/data-processing commitments).
6. Cookies and similar technologies
Our site runs on the Thinkific platform, which automatically sets essential cookies (to keep you signed in and remember your preferences) and may also set performance cookies and cookies that attribute visits to Google, Meta (Facebook/Instagram) and similar advertising partners, as part of operating the platform. We do not add any additional tracking or advertising cookies of our own beyond what Thinkific includes by default.
When you first visit our site, a cookie notice bar informs you about this use of cookies and links to this Policy. You can control or delete cookies at any time through your browser settings — please note that blocking essential cookies may prevent parts of the site (such as signing in or checking out) from working.
7. Your rights
Depending on where you live, you have some or all of the following rights over your personal data:
- Access — request a copy of the data we hold about you.
- Rectification — ask us to correct inaccurate or incomplete data.
- Erasure — ask us to delete your data ("right to be forgotten").
- Restriction — ask us to limit how we use your data.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on our legitimate interest, including marketing.
- Withdraw consent — for any processing based on consent, at any time.
To exercise any of these rights, email [email protected]. We will respond within one month. If you are in the European Union or the UK and believe we have not resolved your request properly, you have the right to lodge a complaint with your local Data Protection Authority (for example, the AEPD in Spain — www.aepd.es). If applicable local law (such as Brazil's LGPD or a similar law in your country) grants you additional rights, we will honor those too.
8. How long we keep your data
- Account and course data: for as long as your account is active, plus up to 3 years after your last activity, for support and legal purposes.
- Payment records: as required by tax and accounting law (typically up to 6 years), handled by Stripe.
- Newsletter/marketing data: until you unsubscribe or request deletion.
9. Children's privacy
The Services are intended for coaches and adults, and require payment by card. You must be at least 18 years old (or the age of legal majority in your country, if higher) to create an account. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.
10. How we protect your data
We rely on the security infrastructure of our providers (Thinkific and Stripe are both PCI-DSS compliant) and follow reasonable organisational measures to protect your data against unauthorised access, loss or misuse. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
11. Changes to this Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice on the site before the changes take effect. The "Last updated" date at the top of this page shows when it was last revised.
12. Contact
Questions about this Policy or your data? Email [email protected].