Privacy Policy
Effective Date: 31.08.2025 · Last Updated: 17.07.2026
This Privacy Policy (the "Policy") explains how SFJ Capital UG ("Fred," "we," "us," or "our") collects, processes, stores, shares, and protects your personal data when you:
- Access our marketing website at https://fredgoals.com
- Use the Fred web app at https://app.fredgoals.com
- Use the Fred iOS app available on the App Store
- Engage with any other Fred digital products, applications, or services operated by SFJ Capital UG
This Policy is provided in compliance with the EU General Data Protection Regulation (GDPR), German DSGVO, and applicable United States data privacy laws (including the California Consumer Privacy Act where relevant).
1. Data Controller & Contact Information
SFJ Capital UG
Represented by: Sebastian Jacobsen
Address: Dhauner Straße 42, 67067 Ludwigshafen am Rhein, Germany
Handelsregister: HRB 67315
Website: https://fredgoals.com
Contact Email: team@fredgoals.com
You may address any privacy-related inquiries or requests (for example access, rectification, or deletion) to this contact.
2. Scope & Purpose of Processing
We process your personal data for the following legitimate purposes:
- User registration and account management, ensuring compliance with the Terms and Conditions and enabling access to Fred
- Responding to user queries submitted via support channels
- Legal obligations, such as compliance with judicial orders, law enforcement requests, or mandatory regulatory reporting
- Service improvement and analytics, including performance monitoring and feature optimization
- Financial transactions, payment processing, and fraud prevention
- Any additional purposes clearly noted at the point of data collection
3. Legal Basis for Processing
- Contractual necessity: Personal data processed as required to provide the Fred services you have requested.
- User consent: We rely on your explicit consent for purposes such as analytics tracking and marketing communications. You may withdraw consent at any time without impacting access to core services.
- Legal compliance: Processing necessary to comply with statutory obligations.
- Legitimate interests: Where applicable, such as ensuring service security or improving user experience, provided these interests do not override your fundamental rights.
4. Third-Party Services & Disclosures
To deliver and improve Fred, SFJ uses the following trusted third-party service providers:
a) Google Analytics / Google Tag Manager
We use Google Analytics and Google Tag Manager to collect anonymized usage data for website and app performance monitoring. This helps us understand user behavior, optimize features, and improve content. Users may opt out via browser settings, consent preferences, or Google's opt-out mechanisms.
b) Stripe
We use Stripe for secure payment processing on the web. When you make a payment (for example a subscription), Stripe collects payment details which are processed under Stripe's privacy framework. SFJ does not directly store full payment credentials; only the minimal data necessary for fulfillment and record-keeping.
c) Apple In-App Purchases
Subscriptions purchased through the Fred iOS app are processed by Apple. Apple handles payment details under Apple's privacy policy. We receive limited subscription status information needed to unlock Pro features.
d) Amplitude
We use Amplitude to analyze product usage and user interactions across our websites and applications. Amplitude helps us understand how features are used, measure engagement, and improve the user experience. Data processed may include device and browser information, usage events, and approximate location derived from IP address. Amplitude acts as a data processor under its privacy framework and applicable data protection agreements.
e) Vercel
Our websites and applications are hosted on Vercel, which processes infrastructure-level data (for example IP addresses and request logs) for hosting, deployment, and performance continuity. Vercel acts as a data processor and applies industry-standard security protocols.
We ensure each third-party provider maintains GDPR-compliant data protection and, where necessary, Standard Contractual Clauses (SCCs) or an equivalent agreement is in place.
5. Data Retention
- For the duration of your account's activity, as necessary to provide services
- After termination, data may be blocked (archived) for as long as needed to meet statutory limitation periods or liabilities, and then securely deleted
6. Your Rights under GDPR & Applicable US Law
As a data subject, you have the right to:
- Access your personal data held by us
- Rectify inaccuracies or incomplete information
- Erase your personal data ("right to be forgotten") where no legitimate reason prevents deletion
- Restrict or object to processing in specific contexts
- Receive a copy of your data in a structured, machine-readable format (data portability)
- Withdraw any consent you have previously granted
- Lodge a complaint with an EU supervisory authority or relevant US consumer protection agency
To exercise any of these rights, please contact team@fredgoals.com.
7. Data Security
We implement appropriate technical and organizational measures (encryption, access control, secure hosting, internal audits) to protect personal data against unauthorized access, loss, or alteration. Data transfers to third-party processors are conducted with contractual safeguards in place.
8. International Data Transfers
Data may be transmitted and processed by third-party providers located outside the EU (for example servers in the U.S.). For all transfers, we employ GDPR-compliant measures such as SCCs or equivalent safeguards to protect your personal data.
9. Changes to this Privacy Policy
We reserve the right to update this Policy to reflect changes in our practices, legal obligations, or service providers. You will be notified of material changes via email or prominent notices on our websites and apps.