Privacy Policy

Last updated: February 17, 2026

This Privacy Policy explains how DrillDeck (“DrillDeck”, “we”, “us”) collects and uses personal data when you use DrillDeck (the “Service”).

Questions? Email contact@drilldeck.app.

1) Who is responsible for your data

Data controller: DrillDeck (operated by Softheap 4711 AB), Sweden. Contact: contact@drilldeck.app

2) What we collect

Account data

  • Email address, name (if you add it), password (stored in hashed form), and basic account settings.

Your content

  • Drills you upload, session plans, notes, tags, and other text you enter.

Usage and device data

  • IP address, device/browser info, pages/actions in the app, and security logs (used to keep the Service working and safe).

Payments

  • Subscriptions are paid via Stripe. We receive subscription status and payment identifiers, but we do not store or process full card details. Card details are handled by Stripe.

Cookies and analytics

  • If you consent (where required), we use Google Analytics to understand how the Service is used.

3) How we use your data

We use data to:

  • Provide and run the Service (accounts, saving drills, creating sessions, public read-only session links)
  • Send transactional emails (e.g., sign-in, receipts, service messages)
  • Keep the Service secure, prevent abuse, and fix bugs
  • Improve the Service (including using aggregated analytics, where available)
  • Manage subscriptions and handle customer support
  • Comply with legal obligations (e.g., accounting)

4) Legal bases (GDPR)

We rely on:

  • Contract: to provide the Service you requested
  • Legitimate interests: to secure and improve the Service (without overriding your rights)
  • Consent: for non-essential cookies/analytics (like Google Analytics) where required
  • Legal obligation: for bookkeeping and similar requirements

5) Shared session links are public

Shared session links are currently public read-only. Anyone with the link can view the session.

Please avoid putting sensitive information in sessions you share.

6) Children and youth data

DrillDeck is for coaches and staff and is not intended for children to use on their own.

We also ask you not to upload personal data about minors (names, faces, contact details, medical info). If we discover this kind of data, we may remove it to protect privacy.

7) Who we share data with

We share data with service providers that help us run DrillDeck:

  • DigitalOcean (hosting and storage): we host the app and store your content, including uploaded images.
  • Mailgun (transactional email): we send emails like login/verification, receipts, and service messages.
  • Stripe (payments): processes card payments and manages subscriptions.
  • Google Analytics (analytics): helps us understand usage, only when allowed and (where required) only after you consent.

We don’t sell your personal data.

We may also share data if required by law, or to protect the rights, safety, and security of DrillDeck and our users.

8) International transfers

Some of our providers may process data outside Sweden/the EU/EEA. When that happens, we use safeguards required by law (for example, approved transfer mechanisms).

9) How long we keep data

  • We keep account data and your content while your account is active.
  • If you delete your account, we delete or anonymize your data within a reasonable time, except where we must keep some data (e.g., billing records) to meet legal requirements.
  • Backups may retain copies for a limited period before being overwritten.

10) Your choices and rights

Depending on where you live (and especially in the EU/EEA), you may have the right to:

  • Access, correct, or delete your data
  • Object to certain processing or request restriction
  • Data portability
  • Withdraw consent (for example, analytics cookies)

To exercise your rights, contact contact@drilldeck.app.

11) Security

We use reasonable technical and organizational measures to protect your data. No system is perfect, but we work to prevent unauthorized access and misuse.

12) Changes to this policy

We may update this policy. If changes are important, we’ll provide notice in the app and/or by email.

13) Contact

DrillDeck (operated by Softheap 4711 AB) Email: contact@drilldeck.app