Privacy Policy

Last updated: 6 January 2026

1. Introduction

PT & ME ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SaaS platform for personal training management.

We are the data controller responsible for your personal data. Our registered office is located in the United Kingdom, and we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Please read this Privacy Policy carefully. By using PT & ME, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, phone number, business name, and profile photo
  • Client Data: Client names, contact details, health information, fitness goals, workout plans, meal plans, progress photos, and check-in responses
  • Payment Information: Billing details processed securely through Stripe (we do not store full payment card details)
  • Communications: Messages, feedback, and support requests

2.2 Information Collected Automatically

  • Usage Data: IP address, browser type, device information, pages visited, time spent on pages, and interaction data
  • Cookies and Tracking: We use cookies and similar technologies to enhance user experience and analyze platform usage
  • Analytics: Platform performance metrics and user behavior patterns

3. How We Use Your Information

We process your personal data for the following purposes:

  • Service Delivery: To provide, maintain, and improve our platform features
  • Account Management: To create and manage your account, authenticate users, and provide customer support
  • Communication: To send service updates, notifications, and respond to inquiries
  • Payment Processing: To process subscription payments and manage billing
  • Platform Improvement: To analyze usage patterns, conduct research, and develop new features
  • Legal Compliance: To comply with legal obligations and enforce our Terms of Service
  • Security: To detect, prevent, and address fraud, security issues, and technical problems

4. Legal Basis for Processing (UK GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services under our Terms of Service
  • Consent: Where you have given explicit consent for specific processing activities
  • Legitimate Interests: For platform improvement, security, and fraud prevention
  • Legal Obligation: To comply with applicable laws and regulations

5. How We Share Your Information

We do not sell your personal data. We may share information with:

  • Service Providers: Third-party vendors who assist with hosting, payment processing (Stripe), email delivery, and analytics
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share your information

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

  • Active Accounts: Data is retained while your account is active
  • Closed Accounts: Data is deleted within 90 days of account closure, except where retention is required for legal or accounting purposes
  • Backup Data: May be retained in backup systems for up to 90 days

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at lewis@ptforme.app. We will respond within 30 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Secure cloud infrastructure with reputable providers
  • Regular backups and disaster recovery procedures

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Your data may be transferred to and processed in countries outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the UK authorities
  • Adequacy decisions recognizing equivalent data protection standards
  • Binding corporate rules for intra-group transfers

10. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. You can control cookie preferences through your browser settings. Types of cookies we use:

  • Essential Cookies: Required for platform functionality
  • Performance Cookies: Help us understand how users interact with our platform
  • Functional Cookies: Remember your preferences and settings

11. Children's Privacy

PT & ME is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated policy on our platform
  • Updating the "Last updated" date
  • Sending email notifications for material changes

Your continued use of PT & ME after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: lewis@ptforme.app