GDPR

GDPR & Data-Protection Rights

Last updated: 4 July 2026

This page complements our Privacy Policy and sets out how we meet the EU/UK General Data Protection Regulation (GDPR) for users in the European Economic Area and the United Kingdom. As a Swiss-based controller, we also comply with the Swiss Federal Act on Data Protection (FADP).

1. Who is responsible for your data

The data controller is PLO Hero, operated by R. Rezgui (full operator and address details in our Impressum). You can reach us about any data-protection matter at hello@plo-hero.com.

2. Legal bases for processing

We rely on the following lawful bases under Article 6 GDPR:

What we doLegal basis (Art. 6 GDPR)
Provide your account and the training Service(b) performance of a contract
Authentication, security and abuse prevention(b) contract / (f) legitimate interests
Process payments and manage subscriptions(b) contract / (c) legal obligation
Send service emails (verification, confirmations, notices)(b) performance of a contract
Analytics to measure and improve the Service (Google Analytics)(a) consent
Meet legal, tax and accounting duties(c) legal obligation

Analytics cookies (Google Analytics) run only if you consent via our cookie banner; declining does not affect your use of the Service. Where we rely on consent (Art. 6(1)(a)), you can withdraw it at any time — use the Cookie settings link in any page footer — without affecting processing carried out before withdrawal.

3. Your rights

If you are in the EEA or UK, you have the right to:

4. How to exercise your rights

Email hello@plo-hero.com from the address on your account. We will respond within one month, as required by the GDPR (this period may be extended for complex requests, in which case we will tell you). We do not charge for genuine requests. You can also delete much of your data yourself in the app (hands, sessions and your account).

5. International transfers

We host data in Switzerland and/or the EU. Switzerland benefits from an EU adequacy decision. Some sub-processors (e.g. Stripe and Google) may process data in the United States; such transfers are protected by appropriate safeguards, such as the European Commission’s Standard Contractual Clauses. The current list of sub-processors is in our Privacy Policy.

6. Automated decision-making

We do not carry out automated decision-making that produces legal or similarly significant effects about you. The coaching feedback and statistics in the app are educational and have no effect outside the Service.

7. Data retention

We keep personal data while your account is active and delete it on account closure or request, except records we must retain to meet legal obligations (e.g. accounting records, up to 10 years under Swiss law). See the Privacy Policy for details.

8. Complaints

If you have concerns, please contact us first so we can help. You also have the right to lodge a complaint with a supervisory authority — your local Data Protection Authority in the EEA/UK, or the Swiss Federal Data Protection and Information Commissioner (FDPIC).

9. EU representative

As a small Swiss provider we do not currently maintain a separate EU representative. You can contact us directly about any data-protection matter at hello@plo-hero.com, and we will respond promptly.

10. Contact

For any GDPR or data-protection question, email hello@plo-hero.com.