PRIVACY POLICY

Last Updated: [Date]

This Privacy Policy explains how The Vault Training (“we,” “us,” or “our”) collects, uses, and protects your personal information when you use our fitness training platform.

1. INFORMATION WE COLLECT

1.1 Personal Information
– Name and email address
– Payment information (processed securely through Stripe)
– Profile photos and progress photos
– Account credentials and preferences
– Communication with our support team

1.2 Health and Fitness Data
– Body measurements and weight
– Progress tracking information
– Workout completion data
– Meal plan preferences and restrictions
– Photos uploaded for progress tracking

1.3 Technical Information
– Device type and operating system
– Browser information
– IP address and location data
– Usage patterns and platform interactions
– Video viewing statistics

1.4 Cookies and Tracking
– Session cookies for account functionality
– Analytics cookies to improve our service
– Preference cookies to remember your settings

2. HOW WE USE YOUR INFORMATION

2.1 Service Provision
– Create and manage your account
– Process payments and subscriptions
– Deliver video content and meal plans
– Provide progress tracking tools
– Offer customer support

2.2 Communication
– Send important account notifications
– Provide workout reminders and motivation
– Share updates about new content
– Respond to your inquiries
– Send marketing communications (with consent)

2.3 Service Improvement
– Analyze usage patterns to enhance features
– Develop new workout programs
– Improve video content quality
– Optimize platform performance

3. INFORMATION SHARING AND DISCLOSURE

3.1 We Do Not Sell Your Data
We never sell, rent, or trade your personal information to third parties.

3.2 Limited Sharing
We may share information only in these circumstances:
– With payment processors (Stripe) for transaction processing
– With cloud storage providers for secure data storage
– With analytics services to improve our platform
– When required by law or legal process
– To protect our rights or user safety

3.3 Trainer Access
– Our certified trainers may view your progress photos and data
– This access is limited to providing feedback and support
– Trainers are bound by confidentiality agreements

4. DATA SECURITY

4.1 Protection Measures
– Industry-standard encryption for data transmission
– Secure cloud storage with access controls
– Regular security audits and updates
– Staff training on data protection

4.2 Payment Security
– All payments processed through PCI-compliant Stripe
– We do not store your credit card information
– Secure tokenization for recurring payments

5. YOUR PRIVACY RIGHTS

5.1 Access and Control
– View and update your personal information
– Download your data in a portable format
– Delete your account and associated data
– Opt out of marketing communications

5.2 Cookie Management
– Control cookie preferences through your browser
– Opt out of analytics tracking
– Manage advertising preferences

5.3 Communication Preferences
– Unsubscribe from marketing emails
– Adjust notification settings
– Choose your preferred communication channels

6. DATA RETENTION

6.1 Active Accounts
– Personal information retained while account is active
– Progress data maintained for tracking continuity
– Payment history kept for financial records

6.2 Closed Accounts
– Most personal data deleted within 30 days
– Some data retained for legal compliance (up to 7 years)
– Anonymised usage data may be retained for analytics

7. INTERNATIONAL DATA TRANSFERS

– Your data may be processed in countries outside the UK/EU
– We ensure adequate protection through standard contractual clauses
– Data transfers comply with GDPR requirements

8. CHILDREN’S PRIVACY

– Our service is not intended for users under 18
– We do not knowingly collect data from minors
– If minor’s data is discovered, it will be deleted immediately

9. THIRD-PARTY SERVICES

9.1 Payment Processing
– Stripe processes all payments securely
– Subject to Stripe’s privacy policy
– We receive only necessary transaction information

9.2 Analytics Services
– We use analytics to improve our platform
– Data is anonymized where possible
– You can opt out of tracking

10. CHANGES TO THIS POLICY

– We may update this policy periodically
– Material changes will be communicated via email
– Continued use constitutes acceptance of changes
– Previous versions available upon request

11. GDPR COMPLIANCE

If you are in the EU, you have additional rights:
– Right to be forgotten
– Right to data portability
– Right to object to processing
– Right to lodge complaints with supervisory authorities

12. CALIFORNIA PRIVACY RIGHTS

California residents have specific rights under CCPA:
– Right to know what personal information is collected
– Right to delete personal information
– Right to opt out of sale (we don’t sell data)
– Right to non-discrimination

13. CONTACT INFORMATION

For privacy-related questions or requests:

Email: privacy@doublexl.fitness
Phone: +44 7704 433 175
Address: XXL Gym, Unit 1B Palmersvale Business Park Barry, CF63 2XA

Data Protection Officer: [Craig Burrows]

14. LEGAL BASIS FOR PROCESSING (GDPR)

We process your data based on:
– Contract performance (service delivery)
– Legitimate interests (service improvement)
– Consent (marketing communications)
– Legal obligations (financial records)

15. COMPLAINTS AND ENFORCEMENT

If you have concerns about our privacy practices:
– Contact us directly first
– File complaints with relevant authorities
– Seek legal remedies if necessary

By using Double XL Training, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your information as described herein.