Privacy Policy

A legal disclaimer

AtReforged, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, process, and store your personal data when you use our online personal training services.

We are committed to safeguarding the privacy of our clients and website visitors. This policy sets out how we will treat your personal information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By engaging with our Services, you acknowledge you have read and understood this Privacy Policy.

Privacy Policy - the basics

. Information About Us

For the purposes of the UK General Data Protection Regulation (UK GDPR), the Data Controller is:

Company Name: reforged project
Contact Email: [sanchezlong@hotmail.co.uk

If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us using the details set out above.

2. The Data We Collect About You

Personal data, or personal information, means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

Identity Data: includes first name, last name, username or similar identifier, title, date of birth and gender.
Contact Data: includes billing address, email address and telephone numbers.
Financial Data: includes bank account and payment card details (processed securely via our third-party payment processors).
Health and Fitness Data (Special Category Data): includes details about your physical health, medical history, injuries, dietary requirements, height, weight, progress photos, and fitness goals. We require your explicit consent to process this data.
Transaction Data: includes details about payments to and from you and other details of services you have purchased from us.
Technical and Usage Data: includes internet protocol (IP) address, browser type and version, time zone setting, operating system, and information about how you use our website and services.

3. How We Collect Your Personal Data

We use different methods to collect data from and about you including through:

Direct interactions: You may give us your Identity, Contact, Financial, and Health Data by filling in forms (such as the PAR-Q or consultation forms) or by corresponding with us by post, phone, email, or video call. This includes personal data you provide when you:
- Sign up for our personal training services;
- Subscribe to our service or publications;
- Request marketing to be sent to you;
- Enter a competition, promotion or survey; or
- Give us some feedback.
Automated technologies or interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and similar technologies.
Third parties or publicly available sources: We may receive personal data about you from various third parties, such as analytics providers (e.g., Google Analytics) or payment providers (e.g., Stripe, PayPal).

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Performance of a Contract: Where we need to perform the contract we are about to enter into or have entered into with you (i.e., delivering your personal training programme).
Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Legal Obligation: Where we need to comply with a legal or regulatory obligation.
Consent: Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. However, for Special Category Data (Health Data), we rely on your explicit consent to process this information to design safe and effective training programmes.

Purposes for which we will use your personal data

To register you as a new customer.
To design, deliver, and adjust your personalised training and nutrition plans.
To manage our relationship with you, including notifying you about changes to our terms or privacy policy.
To administer and protect our business and this website.
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.

5. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

6. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

7. Sharing Your Personal Data

We may share your personal data with the parties set out below:

Service providers acting as processors who provide IT and system administration services (e.g., training app platforms like MyFitnessPal or TrueCoach).
Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

8. International Transfers

Some of our external third parties (such as cloud storage providers or email marketing platforms) may be based outside the United Kingdom (UK) so their processing of your personal data will involve a transfer of data outside the UK.

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK (such as the International Data Transfer Agreement).

9. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the right to:

Request access to your personal data (commonly known as a "data subject access request").
Request correction of the personal data that we hold about you.
Request erasure of your personal data.
Object to processing of your personal data where we are relying on a legitimate interest.
Request restriction of processing of your personal data.
Request the transfer of your personal data to you or to a third party.
Withdraw consent at any time where we are relying on consent to process your personal data.

If you wish to exercise any of the rights set out above, please contact us at [Contact Email]. You will not have to pay a fee to access your personal data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.

10. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

11. Children

Our Services are not intended for children and we do not knowingly collect data relating to children. If you are under the age of 18, you must not use our Services without parental consent.

12. Changes to This Privacy Policy

We keep our privacy policy under regular review. This version was last updated on the date listed at the top of this policy. We reserve the right to update this privacy policy at any time, and we will provide you with a new privacy policy when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

13. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us in the following ways:

Email address: sanchezlong@hotmail.co.uk

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.