Privacy Policy

Last updated: March 3, 2026

Effective for users in: Netherlands, European Union, and United States

1. Introduction

Trainalitix ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

This policy is designed to comply with:

  • GDPR (General Data Protection Regulation) - EU/Netherlands
  • CCPA (California Consumer Privacy Act) - USA
  • Dutch Data Protection Act (Wet Bescherming Persoonsgegevens)

2. Information We Collect

2.1 Information You Provide

When you register and use Trainalitix, we collect:

  • Account Information: Username, email address, first name, last name, password
  • Profile Information: Age, weight, height, workout history
  • Fitness Data: Exercise logs, sets, reps, weight used, workout dates and times
  • Communication: Messages, support requests, feedback

2.2 Information Collected Automatically

  • Device Information: IP address, browser type, device type, operating system
  • Usage Data: Pages visited, time spent, clickstream data, search queries
  • Cookies and Tracking: Session IDs, preferences, authentication tokens
  • Location Data: Approximate location based on IP address (not precise GPS)

2.3 Information from Third Parties

We may receive information about you from third parties if you link external accounts or authorize integrations (if applicable in the future).

3. How We Use Your Information

We use the information we collect for:

  • Creating and maintaining your account
  • Providing, maintaining, and improving our Service
  • Personalizing your experience and recommendations
  • Processing transactions and sending related information
  • Sending promotional emails, newsletters, and updates (with your consent)
  • Responding to your inquiries and providing customer support
  • Analyzing usage patterns to improve service quality
  • Detecting, preventing, and addressing fraud, abuse, and security issues
  • Complying with legal obligations
  • Aggregating data for statistical and research purposes

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data on the following legal bases:

  • Contract Performance: Processing necessary to provide the Service
  • Consent: Your explicit consent to process your data (e.g., marketing emails)
  • Legal Obligation: Compliance with applicable laws and regulations
  • Legitimate Interests: Our interest in improving the Service and preventing fraud

5. How We Share Your Data

5.1 We Do NOT Share:

  • Your personal data is NOT sold to third parties
  • Your fitness data is NOT shared with advertisers
  • Your email is NOT shared with marketing companies

5.2 We MAY Share With:

  • Service Providers: Hosting providers, payment processors, analytics providers (under data processing agreements)
  • Legal Requirements: When required by law, court order, or government request
  • Safety: To protect our legal rights, privacy, safety, or property
  • Your Friends: If you've added them, your workout data may be visible to them (with your settings preferences)

5.3 Data Processing Agreements

All service providers are bound by Data Processing Agreements (DPAs) that ensure they handle your data in compliance with GDPR and only for the purposes specified.

6. Data Retention

We retain your personal data as follows:

  • Active Accounts: Data retained while your account is active
  • After Deletion: Account data deleted within 30 days of account termination request
  • Backup Data: Backup copies may be retained for up to 90 days for recovery purposes
  • Legal Hold: Data may be retained longer if required for legal compliance
  • Aggregated Data: Anonymized and aggregated data may be retained indefinitely

7. Your Privacy Rights

7.1 GDPR Rights (EU/Netherlands Users)

You have the right to:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data
  • Right to Restrict Processing: Limit how your data is used
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

7.2 CCPA Rights (California Users)

California residents have additional rights:

  • Right to Know: What personal information we've collected
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out of Sale: Opt out if data is sold (we don't sell)
  • Right to Non-Discrimination: No discriminatory treatment for exercising CCPA rights

7.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at info@trainalitix.com with "Privacy Request" in the subject line. We'll respond within 30 days (or as required by law).

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small files stored on your device that help us remember your preferences and analyze site usage.

8.2 Types of Cookies We Use

  • Essential Cookies: Required for site functionality (authentication, security)
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Track usage patterns to improve the Service
  • Marketing Cookies: Used for targeted advertising (only with consent)

8.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect functionality. You can also opt out of marketing cookies in your account preferences.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • HTTPS encryption for data in transit
  • Password hashing using bcrypt
  • Regular security audits and penetration testing
  • Firewalls and intrusion detection systems
  • Limited access to personal data by authorized employees
  • Regular backups and disaster recovery procedures

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Third-Party Links

Our Service may contain links to third-party websites. We're not responsible for the privacy practices of external sites. We encourage you to review their privacy policies before providing any information.

11. Children's Privacy

Trainalitix is not intended for individuals under 16 years of age (or the age of digital consent in your jurisdiction).

We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will immediately delete it. If you believe we have collected information from a minor, please contact us at info@trainalitix.com.

12. International Data Transfers

Our servers are located in [Your Server Location]. If you are located outside this jurisdiction, your data may be transferred to, stored in, and processed in countries other than your country of residence.

By using Trainalitix, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules. We ensure that such transfers are made in compliance with applicable laws.

13. California Privacy Notice (CCPA)

For California Residents Only:

Categories of Information Collected: Identifiers, commercial information, biometric information (fitness metrics), internet activity, geolocation data.

Purpose of Collection: Service provision, analytics, security, legal compliance.

Data Sale: We do not sell personal information.

14. Dutch Privacy Notice (AVG)

Voor Nederlandse Gebruikers:

Uw persoonsgegevens worden verwerkt conform de Algemene Verordening Gegevensbescherming (GDPR) en de Nederlandse Wet Bescherming Persoonsgegevens.

U hebt het recht om inzage, rectificatie, wissing en bezwaar in te dienen. Neem voor vragen contact op via info@trainalitix.com.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We'll notify you of significant changes by posting a notice on our website or sending you an email. Your continued use of the Service after such modifications constitutes your acceptance of the updated Privacy Policy.

16. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Trainalitix Privacy Team

Email: info@trainalitix.com

Or use our contact form

Response time: 30 days maximum

17. Data Protection Authority

If you have concerns about our privacy practices, you have the right to lodge a complaint with your local data protection authority:

  • Netherlands/EU: Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl)
  • California, USA: California Attorney General (www.oag.ca.gov)

ACKNOWLEDGMENT: By using Trainalitix, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our privacy practices, please do not use this Service.