Privacy Policy

Effective date: 14 January 2026 | Version 1.1

This Privacy Policy explains how we collect, use, share, and protect your personal data when you use the Topp Performance Service. This policy applies to our website, apps, and related services that link to it.

1. Who we are

We are TOPP SYSTEMS LTD trading as Topp Performance. We are the data controller for personal data processed in connection with the Service.

Contact: support@topp-cycling.com (support)
Registered address: Pant y Paerau, Llangynidr, NP8 1NU

2. Data we collect

We may collect the following categories of personal data:

  • Account data: name, email address, password (stored in hashed form), country, and settings.
  • Subscription and billing data: subscription status, plan, billing history, and payment identifiers from our payment processor (we do not ANY card details).
  • Training and performance data: health, activities, power and heart rate data, training history, readiness inputs, and feedback notes you provide.
  • Nutrition and fuelling data: dietary preferences, fuelling plans, estimated energy and carbohydrate targets, and any nutrition feedback you provide.
  • Device and usage data: IP address, device identifiers, app events, log data, and cookies or similar technologies.
  • Support communications: emails and in-app messages you send to us.

3. How we use your data and our legal bases

Under UK GDPR, we must have a lawful basis for processing personal data. We use your data for the purposes below:

  • Provide the Service and manage your Account (contract).
  • Process subscriptions and payments (contract).
  • Personalise training and nutrition guidance based on your inputs and connected data (contract and/or explicit consent for health data where required).
  • Customer support and service communications (contract and legitimate interests).
  • Improve and secure the Service, including debugging, analytics, and fraud prevention (legitimate interests).
  • Marketing communications where you opt in, and managing opt-outs (consent and legal obligation).
  • Comply with legal obligations (legal obligation).

4. Special category data (health and fitness data)

Some training and fitness data can be treated as special category data under UK GDPR. Where required, we will ask for your explicit consent to process this data for the purposes described in this policy (for example to generate physiological profiles and personalised training and nutrition guidance).

You can withdraw consent at any time. If we rely on explicit consent for core features, withdrawing consent may mean we cannot provide those features.

5. Marketing

We will only send marketing emails if you opt in, or where otherwise permitted by UK law (for example, the soft opt-in for existing customers for similar products, where applicable). Every marketing email includes an unsubscribe link.

Service messages (for example billing receipts and security alerts) are not marketing and cannot be opted out of while you maintain an Account.

6. Cookies and similar technologies

We use cookies and similar technologies to operate the Service and, where you consent, for analytics and marketing. For details, see our Cookie Policy.

7. Sharing your data

We may share personal data with:

  • Service providers who help us run the Service (for example hosting, analytics, email delivery, customer support, and payment processing).
  • Third Party Services you choose to connect (for example Garmin, Strava, TrainingPeaks, Intervals.icu).
  • Professional advisers (for example legal, accounting) where necessary.
  • Authorities where required by law or to protect rights and safety.

We do not sell your personal data.

8. International transfers

Some service providers may process data outside the UK. Where this happens, we use appropriate safeguards required by UK data protection law (for example adequacy regulations or approved contractual clauses).

9. Data retention

We keep personal data only as long as necessary for the purposes described in this policy, including providing the Service, complying with legal obligations, resolving disputes, and enforcing agreements. Retention periods vary by data type.

10. Your rights

You have rights under UK GDPR, including the right to access, correct, delete, or restrict processing of your personal data, and to object in certain circumstances. You also have the right to data portability where applicable.

To exercise your rights, contact support@topp-cycling.com.

11. Under 16s

The Service is not intended for, and must not be used by, anyone under 16 years old. We do not knowingly collect personal data from under 16s.

If we learn that an under 16 has created an Account, we will delete the Account and associated personal data where reasonably possible, subject to legal obligations.

12. Security

We use appropriate technical and organisational measures designed to protect personal data. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

13. Complaints

If you have concerns, contact us first and we will try to resolve them. You also have the right to complain to the UK Information Commissioner's Office (ICO).

14. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version with a new effective date and notify you of material changes where required by law.

Questions?

Contact us at support@topp-cycling.com

Chatbot Icon