GDPR POLICY (DATA PROTECTION STATEMENT)

Effective Date: 01.01.2025

1. Introduction This GDPR Policy outlines how iControl Fitness ("We", "Us", "Our") collects, processes, and protects personal data in compliance with the General Data Protection Regulation (GDPR).

2. Information We Collect We may collect the following personal data from clients:

• Full Name

• Email Address

• Phone Number

• Date of Birth

• Health & Medical Information (as provided in forms)

• Payment Information

3. Purpose of Data Collection We collect personal data for the following reasons:

• To provide fitness and nutrition coaching services.

• To track client progress and tailor training programs.

• To communicate with clients regarding sessions, updates, and payments.

4. Data Storage & Security

• Personal data is securely stored and accessible only to authorized personnel.

• We implement technical and organizational measures to prevent unauthorized access.

5. Data Sharing & Third-Party Access

• We do not sell or share client data with third parties.

• Payment processing is handled through secure platforms (e.g., Stripe, PayPal).

• In rare cases, data may be shared if legally required by authorities.

6. Client Rights Under GDPR Clients have the right to:

• Access their personal data.

• Request correction or deletion of their data.

• Withdraw consent for data processing.

• File a complaint with a data protection authority if rights are violated.

7. Data Retention Policy

• We retain client data for [insert retention period, e.g., 3 years] after service completion unless legally required otherwise.

• After this period, data will be permanently deleted.

8. Contact Information For any GDPR-related inquiries or requests, clients can contact: 📧 Email: info@icontrolfitness.com

By using our services, clients acknowledge and agree to this GDPR Policy.