Tobias Drage is committed to safeguarding your privacy and ensuring that your personal data is protected. This Privacy Policy outlines how we collect, use, and protect your personal information when you visit our website or use our services, in compliance with the General Data Protection Regulation (GDPR) and applicable national laws in the Scandinavian region.
1. Information We Collect
We may collect and process personal information from you in the following situations:
- When you sign up for our newsletters or updates
- When you register for services, fitness programs, or classes
- When you fill out surveys, such as inquiries or fitness assessments
- When you make a purchase or interact with our website
The types of personal information we may collect include:
- Name, email address, phone number, and other contact details
- Fitness data (e.g., fitness goals, health history) that you provide for personalized services
- Payment details when you purchase services or products
- Information related to your website usage, such as IP address and browser data
Lawful Basis for Processing:
We process your personal data based on one or more of the following legal grounds:
- Consent: When you subscribe to our newsletters or share sensitive fitness data, you provide your explicit consent.
- Contract: When you register for our services, we process your data to fulfill the contract between you and Tobias Drage.
- Legitimate Interest: We may process your data to improve our services and ensure security, provided it does not override your privacy rights.
- Legal Obligation: Where we are legally required to store or share your data (e.g., tax records for payments).
2. How We Use Your Information
We use the personal data we collect for the following purposes:
- To provide personalized fitness coaching and services
- To communicate with you about your account, subscriptions, or services
- To respond to inquiries and provide customer support
- To process payments for services or productsTo improve and enhance our website, services, and customer experience
- To send you relevant updates, offers, or content related to your fitness journey, only if you have given consent
3. Sharing Your Information
We do not sell, trade, or rent your personal information to third parties. However, we may share your data with trusted third-party service providers who help us operate our website, deliver services, or process payments. These providers include:
- Payment processors
- Website hosting providers
- Email marketing services
We ensure that all third-party providers adhere to GDPR standards and have Data Processing Agreements (DPAs) in place. If we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses.
4. Security
We take the protection of your data seriously and implement appropriate technical and organizational measures to prevent unauthorized access, alteration, or misuse of your data. However, no method of data transmission over the internet is completely secure.
Data Breach Notification:
In the event of a data breach, we will notify the relevant authorities and affected individuals within 72 hours, as required by GDPR.
5. Cookies
We use cookies to enhance your experience on our website. Cookies are small text files stored on your device that help us track website traffic and usage. We use:
- Essential cookies for website functionality
- Analytics cookies to improve performance and user experience (optional)
Cookie Consent:
We provide a cookie consent banner that allows you to choose whether to accept or reject non-essential cookies. You can also manage cookie settings via your browser preferences.
6. Your Rights
Under GDPR, you have several rights regarding your personal data:
- Right to Access: You can request a copy of the personal information we hold about you.
- Right to Rectification: You can ask us to correct any inaccuracies in your personal data.
- Right to Erasure (Right to Be Forgotten): You can request the deletion of your data, subject to any legal obligations.
- Right to Restrict Processing: You can ask us to stop processing your data in certain situations.
- Right to Data Portability: You can request that your personal data be transferred to another service provider in a structured, commonly used format.
- Right to Withdraw Consent: Where we rely on consent to process your data (e.g., for marketing), you can withdraw your consent at any time.
- Right to Object: You can object to our use of your data where we rely on legitimate interest as the basis for processing.
Exercising Your Rights:
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, in line with GDPR requirements.
Lodging a Complaint:
If you believe we have not handled your data correctly, you have the right to lodge a complaint with your local Data Protection Authority. In Scandinavian countries, these include:
- Datainspektionen(Sweden)
- Datatilsynet(Norway)
- Datatilsynet(Denmark)
7. Changes to This Policy
We may update this Privacy Policy from time to time. Any significant changes will be communicated to you via email or a prominent notice on our website. We encourage you to review this policy periodically to stay informed of how we protect your privacy.
Contact Us
If you have any questions about this Privacy Policy or your personal data, please contact us at [email protected] or [email protected]