Pelion Rise
Privacy Policy
Version v1-2026-07-08. The short version: we collect what it takes to run safe, verified training sessions — nothing is sold, and kids never enter their own data.
1. What we collect
Account information: your name, email, and role (parent or trainer). Athlete profiles: the first name, age, and sport details a parent chooses to enter for their own child — athletes never create accounts or enter data themselves. Bookings and payments: session details, amounts, refunds, and payment status (your card number never touches our systems — Stripe processes payments). Trainer verification: credential evidence trainers submit for Tier-0 review (ID, background check, SafeSport, CPR/First-Aid/AED, optional insurance certificate). Messages and reviews you write on the platform. Device push-notification subscriptions if you opt in.
2. Location data (read this one)
We collect a GPS position from the trainer's device at session check-in and check-out. This is the mechanism that protects your money: the trainer is paid only after a location-confirmed session. Check-in coordinates are stored on the booking record and used solely to verify the session occurred; we do not track anyone's location outside of check-in/check-out, and parents' and athletes' devices are never location-polled.
3. How we use it
To run the marketplace: matching, booking, payment escrow and release, refunds, and dispute resolution. To keep kids safe: verifying trainer credentials before they can accept bookings and re-checking expirations. To communicate: booking confirmations, session updates, message notifications, and dispute outcomes by email and (if enabled) push. We do not sell your personal information, and we do not use your data for third-party advertising.
4. Children's privacy
Accounts are for adults (18+) only. Information about athletes is entered by their own parent or legal guardian, is limited to what's needed to run a session (first name, age, sport focus), and is visible only to the parent and to trainers the parent books. We do not knowingly collect information directly from children. If you believe a child has created an account, contact us and we will remove it.
5. Who we share with
Service providers who run the platform on our behalf: Stripe (payments, trainer payout accounts, and trainer tax reporting), Google Firebase (authentication and database), and Resend (email delivery). Each receives only what it needs to do its job. Trainers see the booking parent's name, the athlete's first name and age, and session details — never your payment information. We disclose information when the law requires it or when necessary to protect a child's safety.
6. Retention
Booking, payment, and dispute records are retained as required for financial, tax, and legal purposes even after an account closes. Trainer credential evidence is retained while the trainer is listed and for a reasonable period afterward for safety accountability. Messages and reviews persist while the accounts involved exist. Everything else is deleted on account-deletion request, within 30 days.
7. Security
Access is enforced by per-role security rules: parents can only read their own data, trainers cannot alter their own verification status or ratings, and bookings and reviews cannot be modified from any user's device — only by our servers. Payments are handled entirely by Stripe (PCI-DSS Level 1). No system is perfectly secure; if a breach affects your data we will notify you as the law requires.
8. Your choices and rights
You can edit your profile and athlete details anytime, unsubscribe from non-essential email, and revoke push notifications in your browser or device settings. Depending on your state, you may have the right to access, correct, or delete personal information we hold about you — send requests via your account's Messages inbox (a public support email publishes with our launch domain) and we will respond within 30 days. Deleting your account does not erase records we are legally required to keep (see Retention).
9. Changes to this policy
When this policy changes we bump the version number and date on this page, and announce material changes in-app or by email before they take effect.
10. Contact
Privacy questions or requests: reach us via your account's Messages inbox (a public support email publishes with our launch domain).