RomiYoga s.r.o. – Privacy Policy
Last updated: March 2026
Operator:
RomiYoga s.r.o.
Lochovice 168, 267 23 Lochovice, Czech Republic
Company ID: 23734566
VAT ID: CZ23734566
Email: info@romiyoga.app
1. Introduction
At RomiYoga, we place strong emphasis on the protection of personal data. This document describes what data we process, for what purposes we use it, with whom we share it, and what rights you have under the GDPR.
This policy applies to the RomiYoga mobile application and related services, in particular sign-in, data synchronization, subscription management, support, and account deletion.
In some cases, personal data may be processed or stored outside the European Union or the European Economic Area, for example if Supabase or RevenueCat use infrastructure or subprocessors outside the EU or EEA. In such cases, we ensure an adequate level of protection through Standard Contractual Clauses (SCCs) or other appropriate safeguards under the GDPR.
2. What data we process
We mainly process the following categories of data:
- Account and sign-in data, especially email address, internal user identifier, and information necessary to verify sign-in.
- Profile and preference data, such as app language, content preferences, favorite lessons, onboarding flow state, notification preferences, and analytics preferences.
- App usage data, such as lesson watch history, synchronization information, and in-app usage events for internal analytics if analytics is enabled in the app.
- Technical app and device data, such as platform, app version, and device or app language or locale.
- Subscription data, such as subscription status, product, entitlement, and subscription end date, where needed to verify access to paid content.
If you use the app without an account, some data may be stored only locally on your device until you sign in or delete it yourself.
Payment data is processed exclusively by the App Store and Google Play. The app operator has no access to payment details.
3. How we obtain data
We obtain data mainly:
- directly from you when signing in, using the app, and changing settings,
- automatically when using the app, for example during synchronization of preferences, lesson history, and internal app analytics,
- from third parties providing subscription operation and purchase verification.
4. Purpose of processing
We process your personal data mainly for the purpose of:
- operating and securing the app,
- sign-in, account management, and synchronization of data across devices,
- personalization of content and recommendations,
- subscription management and purchase verification,
- internal analytics and improving the app, if this functionality is active,
- communication with users and handling support,
- compliance with legal obligations and prevention of abuse.
5. Legal basis for processing
We process personal data on the basis of:
- performance of a contract, namely for the purpose of providing the app and features related to the account and subscription,
- legitimate interest, especially in securing the service, preventing abuse, basic operational evaluation, and improving the app,
- consent, where required by law for a specific type of processing,
- compliance with legal obligations.
6. Sharing of personal data
We share your personal data only to the extent necessary with providers that ensure operation of the app:
- Supabase – database, authentication, cloud data storage, and internal app analytics data.
- RevenueCat – purchase verification and subscription status management.
- Apple App Store and Google Play – payment processing and management of purchases and subscriptions according to the rules of the relevant platform.
These providers act as independent controllers or processors depending on the nature of the relevant service, and only to the extent necessary for operation of the app.
7. Privacy settings, analytics, and notifications
The app includes a Settings > Privacy section where you can:
- disable internal app analytics,
- adjust notification preferences.
If the app or device uses push notifications, their delivery may also depend on system-level permissions at the operating system level. Disabling a preference in the app alone may not change device permission settings, and vice versa.
8. Retention period
We retain personal data for as long as necessary to provide the app, manage the account, synchronize data, maintain subscriptions, and provide related support.
After account deletion or termination of use, we may retain some data only for the necessary period if required for:
- compliance with legal obligations,
- security and abuse prevention,
- protection of legal claims,
- internal audit and operational purposes to a reasonable extent.
9. User rights
You have the right:
- to access your personal data,
- to rectify inaccurate data,
- to erasure,
- to restriction of processing,
- to data portability,
- to object to processing in cases provided for by law,
- to lodge a complaint with the Czech Data Protection Authority.
You can delete your account and personal data directly in the app using the Delete account function in settings. An account-deletion web page is also available at https://romiyoga.app/delete-account.
Deleting your account removes the profile and data associated with use of the app in our systems, except for data we must retain by law or for security and abuse-prevention reasons.
10. Security
We use appropriate technical and organizational measures to protect personal data against loss, misuse, or unauthorized access. Data transfers take place through secure connections, and access to data is limited according to role and purpose.
11. Contact
If you have questions or requests regarding personal data protection, contact us at: info@romiyoga.app