Privacy Policy & PDPA Compliance

1.1 Personal Information

• Account Information: Name, email address, phone number, date of birth
• Profile Information: Fitness goals, health information, location preferences
• Payment Information: Credit card details (processed securely through Stripe)
• Communication Data: Messages exchanged with trainers, support communications
• Usage Data: Session bookings, preferences, app interactions

1.2 Trainer-Specific Information

• Professional Credentials: Certifications, qualifications, work experience
• Identity Verification: Government ID, background check information
• Financial Information: Bank account details for payouts
• Availability Data: Schedule, location preferences, service areas

2.1 Service Provision

• Facilitate trainer-customer matching and booking
• Process payments and manage credit transactions
• Enable communication between users
• Provide customer support

2.2 Legal Basis (PDPA Compliance)

• Contract Performance: To fulfill our service obligations
• Legitimate Interest: To improve our services and prevent fraud
• Consent: For marketing communications and optional features
• Legal Obligation: To comply with applicable laws and regulations

3.1 With Trainers

We share necessary information with trainers to facilitate sessions, including:

• Customer contact information and fitness goals
• Session details and location information
• Health information relevant to training safety

3.2 With Service Providers

• Stripe: Payment processing and fraud prevention
• Supabase: Database hosting and authentication
• Vercel: Website hosting and CDN services
• Resend: Email delivery services

3.3 Legal Requirements

We may disclose information when required by law or to protect our rights and safety.

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: Data encrypted in transit and at rest
• Access Controls: Role-based access with authentication
• Regular Audits: Security assessments and monitoring
• Data Minimization: We only collect data necessary for our services

You have the following rights regarding your personal data:

• Right to Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing

We retain personal data for the following periods:

• Account Data: Until account deletion or 3 years of inactivity
• Transaction Records: 7 years for financial compliance
• Communication Data: 2 years after last interaction
• Marketing Data: Until consent is withdrawn

We use cookies and similar technologies to:

• Maintain your login session
• Remember your preferences
• Analyze website usage and performance
• Provide personalized content

You can control cookie settings through your browser preferences.