Creeda Performance

Legal Notice

CREEDA is a decision-support platform. It does not provide medical diagnosis, treatment, or emergency triage.

Last UpdatedApril 3, 2026

Privacy Policy

This Privacy Policy explains how CREEDA PERFORMANCE collects, uses, stores, and safeguards personal data on CREEDA. We treat sports performance and wellness-linked data as sensitive from a trust and safety perspective.

1. Scope and Roles

Depending on the relationship, CREEDA may act as a data fiduciary/controller (for direct user accounts) and/or a processor/service provider (for certain team or organization workflows).

2. Data We Collect

  • Account identity data: name, email, role, profile identifiers.
  • Athlete and fitness context: sport, training load, readiness inputs, goals, history.
  • Wellness and health-like context: sleep, soreness, recovery, injuries, nutrition safety inputs.
  • Optional objective and device signals: camera tests, connected health sync, movement analytics.
  • Security and legal records: consent logs, request logs, access and audit metadata.

3. Why We Process Data (Purpose Limitation)

  • Deliver personalized decision-support outputs and dashboards.
  • Enable team/coach workflows where authorized.
  • Improve reliability, security, fraud prevention, and abuse controls.
  • Comply with legal obligations and rights requests.

We apply data minimization and avoid collecting data that is not needed for these functions.

4. Legal Basis and Consent

We rely on explicit consent and/or lawful processing grounds appropriate to your jurisdiction. Core policy version for consent tracking: 2026.04.03.

For minors, guardian or authorized organizational consent is required before continued use of athlete workflows.

5. Sharing and Access Controls

Data is visible according to account role, team membership, and permissions. We apply role-based access controls and least-privilege principles for operational access.

We do not sell personal data. We share data only as needed for platform operation, lawful requests, or user authorized workflows.

Current core subprocessors used for service delivery include:

  • Supabase (backend infrastructure, database, and authentication)

6. Storage, Security, and Retention

  • Encryption in transit (TLS) and platform-level encryption at rest.
  • Authentication, session protection, and access controls.
  • Audit-oriented records for consent and critical legal actions.

See our Security Overview for operational security commitments.

Retention policy:

  • Active accounts: retained while the account remains active.
  • Deletion requests: immediate deactivation, with permanent deletion targeted within 30-90 days.
  • Backup data: retained up to 90 days.
  • Analytics data: anonymized and may be retained longer.

Users may request deletion of personal data at any time. Certain records may be retained where required for legal, security, fraud-prevention, or compliance obligations.

7. Data Rights

You can raise rights requests in-app or via creedaperformance@gmail.com. We support jurisdiction-appropriate rights, including:

India DPDP Act, 2023 rights

  • Access summary of your personal data
  • Correct and update personal data
  • Erase personal data
  • Withdraw consent
  • Nominate a representative (where applicable)

GDPR rights (where applicable)

  • Access your personal data
  • Correct inaccurate data
  • Erase data (right to be forgotten, where applicable)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent

8. Automated Decision Support and Transparency

CREEDA uses algorithmic scoring and rule-based logic to assist decisions. Outputs are advisory. We provide explainability context (confidence, freshness, and data quality where available) and do not position outputs as autonomous clinical diagnosis.

9. International Data Handling

CREEDA uses third-party service providers for hosting, authentication, and analytics. Data may be stored in India and other jurisdictions including Singapore and the European Union.

  • Primary hosting region: India
  • Secondary hosting region: Singapore
  • Future GDPR-focused region: European Union (for GDPR users)

10. Contact and Grievance

Privacy and data rights contact: creedaperformance@gmail.com | +91 9769911923

Grievance Officer: Kunal Jeetendra Varma (Owner & Grievance Officer)

Response time target: Within 7 business days

© 2026 CREEDA PERFORMANCEProprietorship. All rights reserved.

Owner: Kunal Jeetendra Varma

Udyam Registration: UDYAM-MH-19-0419703

Shops & Establishment Application ID: 891080299

11, Rajshi Mansion, 4th Pasta Lane, Colaba, Mumbai - 400005, Maharashtra, India

Cookie Notice

CREEDA uses essential cookies for login and core security. Optional analytics cookies only run after you choose Accept all. Read our Cookie Policy.