Locomotio Logo

Privacy Policy

Last Updated: January 15, 2026

1. Introduction

Welcome to Locomotio ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our bodyflying education platform.

Please read this Privacy Policy carefully. By using our services, you agree to the collection and use of information in accordance with this policy.

2. Data Controller Information

Locomotio is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, please contact us at:

  • Email: hello@locomotio.eu

3. What Data We Collect

We collect information that you provide directly to us and information that is automatically collected when you use our services:

3.1 Authentication Data

When you sign up or log in using Google authentication, we collect:

  • Email address
  • Display name
  • Profile photo URL (if provided by Google)
  • Google account identifier

3.2 Course Progress Data

We track your progress through our courses, including:

  • Unlocked lessons
  • Completed lessons
  • Completed tasks
  • Course engagement data

3.3 User-Generated Content

When you upload videos or other content as part of course tasks, we store:

  • Uploaded video files
  • Metadata associated with uploads (task ID, course ID, lesson ID)
  • Upload timestamps

3.4 Analytics and Usage Data

We automatically collect certain information when you use our platform:

  • Device information (browser type, operating system)
  • Usage patterns and interactions with the platform
  • IP address (anonymized where possible)
  • Purchase events and revenue tracking (for course purchases)

3.5 Email Communications

We collect and store information related to email communications, including:

  • Email delivery status
  • Communication preferences

4. How We Use Your Data

We use the information we collect for the following purposes:

  • Account Management: To create and manage your account, authenticate your identity, and provide access to course content
  • Course Delivery: To track your progress, unlock lessons, and provide personalized learning experiences
  • Communication: To send welcome emails, course updates, and respond to your inquiries
  • Platform Improvement: To analyze usage patterns, improve our services, and develop new features
  • Content Processing: To store and process your video uploads as part of course tasks
  • Analytics: To understand how users interact with our platform and measure the effectiveness of our content
  • Revenue Tracking: To track course purchases and analyze business metrics (anonymized where possible)
  • Security: To detect, prevent, and address technical issues, fraud, and unauthorized access

5. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal bases:

  • Contract Performance: We process your data to fulfill our contract with you, including providing course access, managing your account, and processing your course progress
  • Consent: We process analytics data and marketing communications based on your consent, which you can withdraw at any time
  • Legitimate Interests: We process data for our legitimate interests in improving our platform, ensuring security, preventing fraud, and analyzing usage patterns
  • Legal Obligations: We may process data to comply with legal obligations, such as tax and accounting requirements

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

6.1 Service Providers

We use third-party service providers to help us operate our platform:

  • Google/Firebase: For authentication, database storage, file storage, and analytics. Your data is processed according to Google's Privacy Policy and Firebase's terms of service
  • Resend: For sending transactional and marketing emails. Your email address is shared with Resend for email delivery purposes

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

  • Account Data: Retained while your account is active and for a reasonable period after account closure (typically 30 days) to allow for account recovery
  • Course Progress: Retained while your account is active to provide continuity of service
  • User Uploads: Retained while your account is active. You may delete your uploads at any time through your account
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely for business analysis
  • Legal Requirements: Some data may be retained longer if required by law or for legitimate business purposes (e.g., tax records)

Upon request, we will delete your personal data in accordance with your rights under GDPR, subject to any legal retention requirements.

8. Your Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request copies of your personal data
  • Right to Rectification: You have the right to request correction of inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): You have the right to request deletion of your personal data under certain circumstances
  • Right to Restrict Processing: You have the right to request restriction of processing of your personal data
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used format and to transmit it to another controller
  • Right to Object: You have the right to object to processing of your personal data based on legitimate interests
  • Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw consent at any time

To exercise any of these rights, please contact us using the contact information provided in Section 2. We will respond to your request within one month, though this period may be extended by two additional months for complex requests.

You also have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where an alleged infringement occurred.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our platform and store certain information:

  • Firebase Analytics: We use Firebase Analytics (Google Analytics 4) to understand how users interact with our platform. This service uses cookies and similar technologies to collect and analyze usage data
  • Authentication Cookies: We use cookies to maintain your authentication session and remember your preferences
  • Google OAuth: When you sign in with Google, Google sets cookies to manage the authentication process

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our platform.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication through Firebase Auth
  • Access controls and authentication requirements
  • Regular security assessments and updates
  • Firebase security features including Firestore security rules

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

Specifically, we use Firebase services, which may store and process data in various locations worldwide. Google (Firebase) has committed to complying with applicable data protection laws, including GDPR, and has implemented appropriate safeguards for international data transfers.

By using our services, you consent to the transfer of your information to these countries and processing in accordance with this Privacy Policy.

12. Children's Privacy

Our services are not intended for individuals under the age of 16 (or 18 in some jurisdictions). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

If you are under the age of 16 (or 18 in your jurisdiction), you must have your parent's or guardian's permission to use our services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on this page
  • Updating the "Last Updated" date at the top of this page

Your continued use of our services after such changes constitutes acceptance of the updated Privacy Policy.

View License Agreement