YuWannaBefit

Legal & Privacy

Privacy Policy

Effective Date: 1 January 2024

1. Introduction and Scope

Welcome to YUWANNABEFIT ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy governs the privacy practices for our website (YUWANNABEFIT.com) and our digital 1:1 online fitness and nutrition coaching services (collectively, the "Services").

This policy outlines our procedures regarding the collection, use, disclosure, and safeguarding of your precise personal data, health data, and browsing data, establishing compliance with leading global data protection standards (including the principles set forth by the GDPR and CCPA). By accessing our Services or submitting any forms, you consent to the data practices described in this policy.

2. Information We Collect

To provide rigorous and personalized fitness coaching, we collect several categories of information:

A. Voluntarily Provided Information

  • Identity Data: Full legal name.
  • Contact Data: Email address, mobile/WhatsApp number, and social media handles (e.g., Instagram).
  • Special Category / Health Data: Current physical training level, extensive fitness goals, past struggles or injuries, dietary restrictions, and lifestyle habits. This data is strictly necessary to evaluate your capacity for the program and adapt the digital fitness coaching to your physiological needs.

B. Automatically Collected Information

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system, and platform.
  • Geolocation Data: We determine your approximate geographical location (country, region, and city) through IP address routing (via Vercel Edge Network headers). Furthermore, we may request precise device-based geolocation data during form submissions; this is processed solely upon your explicit browser-level consent.
  • Usage Data: Information about how you interact with our website, including pages viewed, time spent on pages, and referring sites.

3. Legal Basis and Purpose of Processing

We process your personal data under the following legal bases:

  • Contractual Necessity: To review your application, determine your eligibility for the coaching program, and—if accepted—deliver personalized digital fitness and nutritional protocols.
  • Explicit Consent: For processing "Special Category" health data (injuries, physical stats), precise geolocation data, and for receiving direct marketing communications (newsletters).
  • Legitimate Interests: To operate our website securely, prevent automated spam/fraud in our inquiry forms, and analyze anonymized site traffic to improve our business operations.

4. Third-Party Data Sharing and Processors

We do not sell, rent, or trade your personal information. We only share data with carefully vetted third-party service providers (Data Processors) necessary for the operation of our business:

  • Hosting & Infrastructure (Vercel): Our website and serverless functions are hosted on Vercel. IP addresses and HTTP requests are processed through their edge network to deliver the website securely and determine generalized geographic regions.
  • Database Providers (NeonDB / PostgreSQL): Your submitted form data, including sensitive health inquiries, are securely stored in our encrypted PostgreSQL database hosted by Neon.
  • Marketing & Communications (Brevo): If you explicitly opt-in to our newsletter, your name and email address are securely synchronized with Brevo (formerly Sendinblue). Our sales and marketing team uses this platform to send you training tips, nutritional advice, and promotional offers. Brevo processes this data strictly in accordance with their GDPR-compliant privacy policies.
  • Legal Compliance: We may disclose your information if required to do so by law, or in response to valid requests by public authorities (e.g., a court or government agency).

5. Cookies and Tracking Technologies

Our website utilizes cookies and similar tracking frameworks to enhance your user experience, maintain session security, and gather statistical data.

Essential Cookies

Strictly necessary for the core functionality of the website, such as preventing Cross-Site Request Forgery (CSRF) on our inquiry forms and managing administrator authentication.

Performance and Analytics Tracking

We use proprietary, privacy-first page view tracking (alongside Vercel Web Analytics) to understand aggregated user behavior. This tracking is anonymized and does not track your behavior across other, unaffiliated websites.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept essential cookies, some structural parts of our website may not function correctly.

6. Data Security and Retention

Security Measures: We have implemented industry-standard security measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All data transitions between your browser and our servers undergo TLS/SSL encryption.

Retention Schedule: We retain your personal data only as long as necessary:

  • Inquiries (Not Accepted): If your coaching application is not accepted, your health and personal data will be purged from our database within 12 months.
  • Active Clients: Data will be kept for the duration of your coaching contract and up to 5 years thereafter for legal and tax compliance records.
  • Marketing Subscribers: Email data in Brevo is retained indefinitely until you withdraw your consent (unsubscribe).

7. Your Data Protection Rights

Depending on your jurisdiction (such as residents of the EU/UK under the GDPR, or California under the CCPA), you are granted robust rights concerning your personal data:

  • The Right to Access: You have the right to request copies of your personal data held by us.
  • The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or incomplete.
  • The Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data unconditionally from our active databases and marketing platforms, subject to certain legal exceptions (e.g., tax record requirements).
  • The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data.
  • The Right to Object: You have the right to object to our processing of your personal data, particularly regarding direct marketing. Every marketing email contains an automated "Unsubscribe" link.

8. Contacting Our Privacy Team

To exercise any of your rights regarding your data, request an erasure, or if you have questions regarding this Privacy Policy, please deliver a formal request to our designated privacy operational email:

Privacy Matters & Data Deletion Requests:

yuwannabefit@gmail.com

We aim to respond to, and fully execute, all legitimate data erasure requests within 14 to 30 days.