Privacy policy
This privacy policy explains how OakStride AB (“we”, “us”) handles your personal data when you use the Nivla Parkour app. It is written to comply with the EU General Data Protection Regulation (GDPR) and Swedish data protection law.
If anything in this document is unclear, write to us at the address below — we’ll explain.
1. Who we are
OakStride AB
Sweden
Contact for privacy questions: info@nivlaparkour.com
OakStride AB is the data controller for personal data processed through the Nivla Parkour app. That means we decide what data is collected and why.
2. What the app is
Nivla Parkour is a trick library and training journal for parkour, tricking and trampoline practitioners. It lets you track which tricks you can do, log training sessions, set goals, view a shared leaderboard, and earn badges.
The app is free to use during its beta period ahead of launch. Paid plans will be introduced at launch. When that happens, this policy will be updated to describe how payment information is handled, and you will be asked to accept the new version before anything changes for you.
Anyone with a Google account can sign in and use the app.
3. What data we collect
Data you give us when you sign in
When you sign in with Google, we receive from Google:
- Your name (as it appears on your Google account)
- Your email address
- Your profile picture (if you have one)
- A unique user ID that identifies you
Data you give us by using the app
- A username you choose (optional — defaults to your Google name)
- Your trick progress (which tricks you’ve started, are training, or have mastered, including landing checkpoints)
- Training sessions you log (date, duration, perceived effort, tricks practiced, notes)
- Journal entries you write
- Weekly focus goals you set
- Notes and videos you attach to tricks
- Suggestions you submit (new tricks, improvements, videos)
- Your leaderboard opt-in choice (yes / no / undecided)
Data the app generates while you use it
- Usage telemetry: which tabs you open, how often you log sessions, when you last used the app. We use this to understand how the app is used and improve it.
- Sign-in timestamps: when you last signed in.
- Technical logs from Firebase (our hosting provider), which may include your IP address, browser type, and timestamps. These are kept by Google and we have limited access to them.
We do not collect: payment information, location data, health data, contacts, photos from your device, or anything else not listed above.
4. Why we collect it, and on what legal basis
5. Who can see your data
- You can see all your own data through the app.
- Administrators of the app (OakStride AB and any users explicitly granted admin status) can see all data on all users. Admins need this to manage the app, review suggestions, and help users with problems.
- Other users can see only what you choose to share through the leaderboard: your name (or username), profile picture, total tricks mastered, and your highest badge — but only if you have opted into the leaderboard.
- Google (as our processor) stores all data on its Firebase platform. Google does not use your data for its own purposes beyond providing the Firebase service to us.
We do not sell your data. We do not share it with advertisers. We do not share it with anyone outside the people and services listed above.
6. Where your data is stored
Your data is stored by Google Firebase in the eur3 multi-region location, which covers data centers in Belgium and the Netherlands. Your data does not leave the European Union.
Some technical Firebase services (e.g. authentication infrastructure) are operated globally by Google. Google is bound by EU adequacy decisions and Standard Contractual Clauses for any limited international transfers within its own infrastructure.
7. How long we keep your data
- While you have an account: we keep your data as long as you are using the app.
- If you stop using the app: we keep your data until you delete your account.
- If you delete your account (see section 8): we delete your data immediately, with two exceptions:
- Suggestions you submitted that were approved into the shared trick library remain in the app (because they are now part of the shared content used by others), but your name and email are stripped from them.
- Firebase technical logs kept by Google may be retained for up to 12 months per Google’s policies.
8. Your rights
Under GDPR you have the following rights regarding your personal data:
- Access — you can ask us for a copy of all data we hold on you. You can also download it yourself directly from the app (Settings → Export my data).
- Correction — you can correct your name, username, and other profile data yourself in the app. For anything you can’t change yourself, write to us.
- Deletion — you can delete your account, and all your data with it, directly from the app (Settings → Delete my account). You can also ask us to do it.
- Restriction — you can ask us to stop processing your data while a complaint is being resolved.
- Objection — you can object to processing based on legitimate interest (in particular, you can ask us to stop collecting usage telemetry on you).
- Portability — the data export gives you all your data in a standard JSON format you can take elsewhere.
- Withdraw consent — for anything we do based on consent (currently: the leaderboard), you can withdraw consent at any time from inside the app.
- Complain to a supervisory authority — if you are unhappy with how we handle your data, you can complain to the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY): www.imy.se
To exercise rights that aren’t built into the app, email us at info@nivlaparkour.com. We will respond within 30 days.
9. Children
The app is intended for parkour, tricking and trampoline practitioners of all ages, including minors. Swedish law sets the age of digital consent at 13.
- Users aged 13 or older can consent to use the app themselves.
- Users under 13 must have a parent or guardian consent on their behalf.
If you believe a child under 13 has signed up without parental consent, contact us and we will delete the account.
We do not knowingly collect data from children under 13 without parental consent. We do not show advertisements to anyone. We do not enable direct messaging between users.
10. Security
We protect your data through:
- Mandatory Google sign-in (we never see or store passwords)
- Firestore security rules that prevent users from reading or modifying each other’s data
- Admin access limited to specific named individuals
- HTTPS encryption for all data in transit
- Encryption at rest, managed by Google
No system is perfectly secure. If we become aware of a data breach that affects you, we will notify you and, where required by law, the Swedish Authority for Privacy Protection, within 72 hours of becoming aware.
11. Cookies and local storage
The app uses your browser’s local storage to keep you signed in between visits. This is strictly necessary for the app to work and does not require consent under EU cookie rules.
We do not use tracking cookies. We do not use analytics cookies from third parties. We do not run advertising.
12. Changes to this policy
We may update this policy from time to time. When we make a material change, we’ll bump the version number and re-prompt you to accept the new version the next time you open the app.
You can always see the current version at the top of this document.
13. Contact
For any privacy-related question or to exercise your rights:
OakStride AB
Sweden