Privacy Policy

1. Introduction

CoreStrength Coaching B.V. ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website thelypmeqh.life or use our personal training services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union and Netherlands.

2. Data Controller Information

3. Information We Collect

3.1 Personal Information

We may collect the following personal information:

• Name and contact details (email address, phone number, postal address)
• Health and fitness information (medical history, fitness goals, physical limitations)
• Payment information (billing address, payment method details)
• Communication records (emails, phone calls, messages)
• Training session notes and progress tracking data

3.2 Technical Information

When you visit our website, we automatically collect:

• IP address and browser information
• Device type and operating system
• Website usage data and analytics
• Cookies and similar tracking technologies

4. How We Use Your Information

4.1 Service Provision

• Providing personal training and fitness coaching services
• Creating personalised workout and nutrition plans
• Tracking your fitness progress and goals
• Scheduling and managing appointments
• Processing payments and managing billing

4.2 Communication

• Responding to your enquiries and providing customer support
• Sending appointment reminders and service updates
• Providing health and fitness tips (with your consent)

4.3 Legal Compliance

• Complying with legal obligations and regulations
• Protecting our rights and interests
• Ensuring the safety and security of our services

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary for providing our training services
• Legitimate Interests: Website analytics, service improvement, and business operations
• Consent: Marketing communications and optional data processing
• Legal Obligation: Compliance with applicable laws and regulations

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

6.1 Service Providers

• Payment processors for billing and transactions
• Cloud storage providers for data hosting
• Analytics providers for website performance
• Communication platforms for appointment scheduling

6.2 Legal Requirements

We may disclose your information when required by law, court order, or to protect our legal rights and safety.

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services and maintain our relationship with you
• Comply with legal obligations (typically 7 years for financial records)
• Resolve disputes and enforce our agreements

Health and fitness data is typically retained for 3 years after your last session unless you request earlier deletion.

8. Your Rights Under GDPR

As a data subject, you have the following rights:

8.1 Access and Portability

• Request access to your personal data
• Receive a copy of your data in a portable format

8.2 Correction and Deletion

• Correct inaccurate or incomplete personal data
• Request deletion of your personal data (right to be forgotten)

8.3 Processing Restrictions

• Restrict or object to processing of your data
• Withdraw consent for consent-based processing

To exercise these rights, contact us at privacy@thelypmeqh.life. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data:

• Encryption of data in transit and at rest
• Access controls and authentication measures
• Regular security assessments and updates
• Staff training on data protection practices
• Secure disposal of data when no longer needed

10. International Data Transfers

We primarily process data within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

11. Cookies and Tracking

Our website uses cookies and similar technologies. For detailed information about our use of cookies, please refer to our Cookie Policy.

12. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Information

For any privacy-related questions or concerns, please contact us:

15. Supervisory Authority

If you believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl or contact them at +31 70 888 8500.