Unified Privacy Policy of Kaylo.cc

Last revised: April 20, 2026

Welcome to Kaylo! We value your trust and take the protection of your personal data seriously. This Privacy Policy explains how we collect, use, and protect information on our platform.

1. Definitions and Roles

1.1. Key Terms

• Platform (Kaylo): A SaaS system for sports academy management, available at app.kaylo.cc and through mobile applications.
• Academy: A legal entity or individual entrepreneur (sports club, school) that uses Kaylo to manage its processes and interact with students.
• User: Any person who has access to the Platform (Coach, Parent, Player, Administrator).
• Ledger: An immutable log of all key operations in the system (attendance, coin accrual, balance changes).

1.2. Allocation of Responsibility (Data Controller vs Processor)

According to the Law of Ukraine "On Personal Data Protection" and GDPR:

• The Academy is the Data Controller of the personal data of its Users. It determines the composition of data, the purpose, and methods of its processing.
• FOP YUSHCHENKO OLEKSANDR SERHIIOVYCH (Tax ID: 3431104630, State Register entry: 23.08.2019, 2 480 000 0000 232410) is the Data Processor. We carry out technical storage and processing of data exclusively on behalf of the Academy and in accordance with its settings.

2. What Data We Collect

We collect and process the following categories of data to ensure the operation of the Platform:

• User Profiles: Surname, name, patronymic, date of birth, phone number, email address.
• Sports Data: History of training attendance, testing results, skill assessments, participation in events.
• Financial History: Data on membership payments, subscription status (stored within the Platform, we do not store full payment card details).
• Kaylo Coins Ecosystem: History of accrual and usage of virtual coins.
• Technical Data: IP address, device type, cookies to support the session.

3. Ledger (Transparency and Audit)

A special feature of the Platform is the use of the Ledger — a special technology for recording the history of actions. This means that every change (for example, a player's attendance mark or a change in the wallet balance) is recorded in an immutable log.

• Purpose: To ensure full transparency and prevent unauthorized data changes.
• Benefit: Parents and the Academy always see an honest history of interaction.

4. Protection of Children's Data

Kaylo is intended for sports academies where the majority of players are children (aged 2 to 18).

• Parental Consent: Child registration in the system and processing of their personal data is carried out exclusively after receiving consent from parents or legal guardians through the Academy.
• Minimalism: We collect only the children's data that is critically necessary for the training process and motivation (for example, date of birth is needed for automatic distribution by age groups).

5. Data Security and Isolation (Tenant Isolation)

We use advanced technologies to protect your data:

• Tenant Isolation: Data for each Academy is stored in isolated containers. This ensures that no other academy or third-party user can access your information.
• Encryption: All data is transmitted via secure HTTPS protocol and encrypted at rest.
• Access Restriction: Access to the database is granted only to authorized Kaylo system administrators for technical support purposes.

6. Third-party Services and Data Transfer

Kaylo does not sell your data to third parties. We use reliable infrastructure partners to operate the Platform:

• Appwrite: Our primary backend provider for secure data storage and authentication.
• Infrastructure Services: We may use cloud computing and messaging services (e.g., for SMS or Email notifications).
• Legal Requirements: We may disclose data only in cases provided by the legislation of Ukraine (by court decision).

7. User Rights and "Kill Switch"

You have full control over your data:

• Right to Access and Correction: You can view and edit your profile at any time.
• Right to be Forgotten (Deletion): Users can request the deletion of their account.
• Kill Switch: The Platform supports the function of complete and permanent deletion of user data upon request or upon termination of the agreement with the Academy (taking into account the need to maintain the Academy's financial records).

8. Data Retention Period

We store your data as long as your account is active or as necessary to provide services to the Academy.

• Active Data: Stored throughout the period of cooperation with the Academy.
• Archival Data: After account deletion, data may be stored in backups for up to 30 days, after which it is completely destroyed.
• Ledger: Transaction history may be stored longer (up to 3 years) to ensure the Academy's tax and legal reporting.

9. Changes and Contacts

We may update this Policy. We will notify you of significant changes through the Platform interface or email.

If you have questions about privacy, please contact:

• Email: privacy@kaylo.cc
• Address: Ukraine, Kyiv
• Tax ID: 3431104630. State Register entry: 23.08.2019, 2 480 000 0000 232410.