← Back to Home

Privacy Policy

Last Updated: November 17, 2025 | Version 1.0

Welcome to ARO Performance. We are committed to protecting your privacy and the privacy of young athletes. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our athletic development platform. We take special care to protect the privacy and safety of minors using our services.

1. Information We Collect

1.1 Information You Provide

When you create an account or use ARO Performance, we collect information that you voluntarily provide, including:

  • Account Information: Name, email address, date of birth, phone number (optional)
  • Profile Information: Athletic background, sport, position, club/team affiliation, goals
  • Guardian Information: For users under 18, we collect parent/guardian name and contact information
  • Wellness Data: Daily check-in responses including sleep quality, energy levels, stress, soreness, training load
  • Training Data: Workout completions, exercise performance, RPE (Rate of Perceived Exertion) ratings
  • Communication Data: Messages sent through the platform, feedback, support requests
  • Payment Information: Billing details processed securely through our payment provider (we do not store full credit card numbers)

1.2 Information We Collect Automatically

When you use ARO Performance, we automatically collect certain information:

  • Usage Data: Features accessed, time spent in app, workout videos watched, resources viewed
  • Device Information: Device type, operating system, browser type, IP address
  • Location Data: General location (city/country level) to provide localized content and comply with regional laws
  • Cookies & Similar Technologies: We use cookies to remember your preferences and improve your experience

🛡️ Special Protections for Minors

For users under 18, we:

  • Collect only the minimum information necessary to provide our services
  • Require verifiable parental consent before account activation
  • Do not use personal information for targeted advertising
  • Do not sell or share personal information for marketing purposes
  • Provide parents/guardians with full oversight and control

2. How We Use Your Information

We use your information for the following purposes:

2.1 Providing Our Services

  • Creating and managing your account
  • Delivering personalized workout programs and recommendations
  • Tracking your progress and wellness over time
  • Facilitating communication between athletes, coaches, and guardians
  • Generating insights from your wellness data (visible only to you, your coach, and guardians if applicable)
  • Providing customer support

2.2 Platform Improvement & Research

Anonymous Research: We may use aggregated, anonymized data for research purposes to improve our platform, develop new features, and contribute to sports science knowledge. This data cannot be used to identify individual users. Examples include:

  • Understanding training patterns across different sports
  • Analyzing wellness trends to improve recommendations
  • Developing better injury prevention insights
  • Publishing research findings (always anonymized)

2.3 Safety & Security

  • Monitoring Communications: To ensure the safety of young athletes, we reserve the right to audit messages and activity within the platform for inappropriate content, harassment, or safety concerns
  • Detecting and preventing fraud, abuse, or violations of our Terms of Service
  • Complying with legal obligations and protecting legal rights

2.4 Communication

  • Sending service-related notifications (workout reminders, wellness check-ins)
  • Responding to your inquiries and support requests
  • Notifying guardians about their athlete's activity (with consent)
  • Sending important updates about our services (we do not send marketing emails to minors)

3. How We Share Your Information

We value your privacy and limit data sharing. We may share your information in the following circumstances:

3.1 Within Your Team/Club

  • Coaches: Your assigned coach can view your training data, wellness check-ins, and progress to provide guidance
  • Club Administrators: Club admins can view aggregate team data and individual athlete progress (based on club settings)
  • Guardians: Parents/guardians of athletes under 18 have access to their child's full account activity

3.2 Service Providers

We work with trusted third-party service providers who help us operate our platform. These partners are contractually obligated to protect your data and use it only for providing services to us:

  • Payment Processing: Stripe (for secure payment transactions)
  • Cloud Hosting: Hosting infrastructure providers
  • Email Services: For transactional emails and notifications
  • Analytics: To understand how our platform is used (anonymized data only)

3.3 In-Platform Partners

We may display equipment, coaching services, or educational content from partners within the platform. Any purchases or interactions with partners will be clearly indicated in the application. We do not share your personal information with partners unless necessary to complete a purchase you have requested.

3.4 Legal Requirements

We may disclose your information if required by law, court order, or to:

  • Comply with legal obligations
  • Protect the safety of our users, especially minors
  • Respond to claims of illegal activity or violations of our Terms
  • Protect our rights and property

3.5 Business Transfers

If ARO Performance is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change and your options regarding your data.

⚠️ Important: We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Your data is used solely to provide you with the best athletic development experience.

4. Parental Rights & Controls

4.1 Parental Consent

For users under 18, we require verifiable parental consent before activating an account. During the registration process:

  1. The athlete provides their parent/guardian's contact information
  2. We send a verification email to the parent/guardian
  3. The parent/guardian must review and accept this Privacy Policy and our Terms of Service
  4. Once consent is verified, the account is activated

4.2 Guardian Dashboard & Rights

Parents and guardians have comprehensive oversight and control, including the right to:

  • Access: View all data collected about their child
  • Review: Monitor messages, workout history, and wellness check-ins
  • Modify: Update their child's information
  • Delete: Request deletion of their child's account and data
  • Export: Download a copy of their child's data
  • Control: Approve coach communication and platform features
  • Revoke: Withdraw consent and deactivate the account at any time

To exercise these rights, guardians can contact us at privacy@aroperformance.com

5. Data Security

We take data security seriously and implement industry-standard measures to protect your information:

  • Encryption: Data transmitted between your device and our servers is encrypted using TLS/SSL
  • Secure Storage: Data is stored on secure servers with restricted access
  • Access Controls: Only authorized personnel can access personal information, and only when necessary
  • Regular Audits: We conduct security audits and vulnerability assessments
  • Account Security: Passwords are hashed and we encourage strong password practices

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5.1 Data Breach Notification

In the unlikely event of a data breach that compromises your personal information, we will:

  • Notify affected users within 72 hours of discovery
  • Notify guardians immediately for accounts of users under 18
  • Provide information about what data was compromised
  • Outline steps we are taking to address the breach
  • Comply with all applicable data breach notification laws

6. Your Rights & Choices

6.1 Access & Portability

You have the right to:

  • Access the personal information we hold about you
  • Request a copy of your data in a portable format
  • Request corrections to inaccurate information

6.2 Deletion

You can request deletion of your account and personal information at any time. Upon deletion:

  • Your account will be deactivated immediately
  • Personal information will be deleted within 30 days
  • Some data may be retained for legal or security purposes as required by law
  • Anonymized data used in research cannot be retrieved once anonymized

6.3 Communication Preferences

You can control:

  • Email notification preferences in your account settings
  • Push notification settings on your device
  • Marketing communications (opt-out at any time - note: minors never receive marketing emails)

6.4 Cookie Management

You can control cookies through your browser settings. Note that disabling cookies may affect platform functionality.

7. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Active Accounts: Information is retained while your account is active
  • Deleted Accounts: Personal information deleted within 30 days (except as required by law)
  • Legal Requirements: Some information may be retained longer to comply with legal, tax, or regulatory requirements
  • Anonymized Data: Aggregated, anonymized data may be retained indefinitely for research purposes
  • Backups: Data in backups will be deleted according to our standard backup retention schedule (90 days)

8. International Data Transfers

ARO Performance is based in New Zealand. If you access our services from outside New Zealand, your information may be transferred to, stored, and processed in New Zealand or other countries where our service providers operate.

We ensure that international data transfers comply with applicable privacy laws and that your data receives adequate protection through:

  • Standard contractual clauses
  • Data processing agreements with service providers
  • Compliance with GDPR for EU users

9. Third-Party Links

Our platform may contain links to third-party websites, resources, or partners. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party sites you visit.

10. Children's Privacy (COPPA & GDPR)

ARO Performance is designed for use by athletes aged 12 and older. We comply with:

  • COPPA (US): Children's Online Privacy Protection Act requirements for users under 13
  • GDPR (EU): Requirements for processing children's data (under 16, or lower age set by member states)
  • New Zealand Privacy Act 2020: Special protections for children's data

For users under the applicable age in their jurisdiction:

  • Parental consent is required before account creation
  • We collect only essential information needed to provide our services
  • Parents have full oversight and control
  • No targeted advertising or marketing to children
  • Enhanced security and monitoring measures

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you of material changes via email or prominent notice in the platform
  • For users under 18, we will notify guardians of material changes
  • Continued use of ARO Performance after changes constitutes acceptance of the updated policy
  • If you do not agree to changes, you may delete your account

12. Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal information based on the following legal grounds:

  • Consent: Where you have given explicit consent (e.g., parental consent for minors)
  • Contract Performance: To provide the services you have requested
  • Legal Obligation: To comply with applicable laws and regulations
  • Legitimate Interests: To improve our services, ensure security, and prevent fraud (balanced against your rights)

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect and how it's used
  • Right to delete your personal information (subject to exceptions)
  • Right to opt-out of the sale of personal information (note: we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@aroperformance.com

⚠️ Important Disclaimer: Physical Activity

Use of Workout Programs & Resources: While ARO Performance provides professionally designed workout programs and training resources, you use these at your own risk. We are not liable for any injuries sustained while using our guided resources.

Your Responsibility:

  • Perform all activities safely and within your capabilities
  • Ensure you have proper equipment and safe training environments
  • Consult with healthcare professionals before starting any new training program
  • Stop immediately if you experience pain or discomfort

Coach Guidance: Guidance provided by ARO coaches are suggestions and recommendations based on your reported data. They are not medical advice. Always consult with qualified healthcare professionals, physicians, or certified trainers before making decisions about your health, training, or injury management.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Email: privacy@aroperformance.com

Support: support@aroperformance.com

Data Protection Officer: dpo@aroperformance.com

ARO Performance
Auckland, New Zealand

We aim to respond to all privacy requests within 30 days. For urgent safety or security concerns, please indicate this in your communication.