LogoCaloCoach

Privacy Policy

PRIVACY POLICY

  1. Overview

Sophie Gillum-Webb (the “Trainer”, “Trainers”, “we”, “our”, or “us”) is the sole proprietor and absolute owner of the application “CaloCoach” (“Platform / App”), which enables personal trainers, wellness coaches, and nutritionists to provide training and coaching to their clients using the Platform. The Trainer has the sole discretion to develop, improve, and update the Platform. The App is developed and maintained by FitBudd Inc., including any of its subsidiaries (“FitBudd”).


The Trainer attaches great importance to the privacy and protection of our Users’ personal data and other information. Our practices and procedures concerning the collection and use of personal data are set out below for your reference. We have implemented reasonable security practices and procedures that align with industry standards and are commensurate with the nature of our business. However, due to the inherent vulnerabilities of the internet, we cannot ensure or warrant the complete security of all information transmitted to us.


This Privacy Policy should be read in conjunction with the Terms of Use before using our Platform or any of its Services. By using this Platform, you agree to be bound by the terms and conditions of this Privacy Policy. We may amend this Privacy Policy at any time without prior notice, so we encourage you to review it periodically.

In providing our Services, we may use various third-party service providers. These third parties may have access to your information to the extent necessary to deliver the services they support. We ensure that such third parties implement reasonable and commensurate security practices and procedures.


For Users in the United Kingdom, this Privacy Policy is in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using the Platform, UK users consent to the collection, use, and transfer of their personal data outside of the UK, including to the United States, in accordance with these regulations. For Users in the United States, this Privacy Policy complies with applicable US federal and state laws, including the California Consumer Privacy Act (CCPA) for California residents.

This Privacy Policy applies to all Users, including clients of personal trainers, wellness coaches, and nutritionists registered on the Platform.


2. Information Collection

If you choose to register as a user of the Platform, you will be asked to create a unique username and private password (collectively, the “Access ID”), which will be used to create and activate an account through which the Trainer can make the Platform available to you (the “Account”). You expressly acknowledge and agree that certain information such as your name, age, gender, physical health condition, and email address, along with certain additional information (“Personal Information”), may be required to make the Services available to you or may be disclosed by you on or through the Services.

In order to avail of our Services, you may also be asked to upload your photos on the Platform to assess your fitness progress. FitBudd Inc., as the data processor, will store all Personal Information in accordance with the law, and we will implement reasonable measures to protect the security and confidentiality of this data. However, the Trainer shall not be held liable for any unauthorised disclosure of these photos or other Personal Information by third parties (other than FitBudd) or by trainers, wellness coaches, or nutritionists registered as service providers on the Platform.


In addition to the above, trainers, wellness coaches, and nutritionists may upload videos and images to provide enhanced services to Users. The Trainer will not be liable for the source, nature, or content of such videos and images, and cannot be held responsible for any copyright infringement or plagiarism claims made by third parties.


We also collect Users' financial account numbers (including bank account numbers, payment card details, and other payment instrument details), collectively referred to as “Financial Information.” This information is collected solely for the purposes outlined in the Terms of Use, such as processing payments and providing Services. We ensure the confidentiality and security of Financial Information in compliance with applicable data protection laws.


For UK Users, under UK GDPR, you have the right to access, correct, or delete your Personal Information, including Financial Information. You may contact our representative at [privacy@calocoach.co.uk] to amend or rectify any Personal Information or Financial Information. You may also request that we no longer retain or process your Personal Information or Financial Information; however, in such cases, some Services or access to our Platform may no longer be available to you. Any subscription or fees paid in this instance will be non-refundable.


We may use your contact information, such as your email address, without further notice, to send you information about our Services, respond to your requests, or facilitate your use of the Services. In compliance with UK GDPR, you have the right to withdraw your consent for marketing communications at any time by contacting us or using the unsubscribe option provided in our communications.


We also collect information about the pages you access, information about your device (such as device or browser type), information you send us (such as the email address used to register or communicate with us), and referral information. Like many websites and mobile applications, we use this information to better deliver our Services, track, customise, and improve them.


Additionally, any information you provide that helps identify your location (such as postal code, street address, city, or state of residence) will be used to provide localised features, relevant advertising, and marketing, and otherwise improve the Services provided to you.

For UK Users, all personal data is processed in accordance with the principles of UK GDPR, which ensures that data is:

  • Processed lawfully, fairly, and transparently
  • Collected for specified and legitimate purposes
  • Adequate, relevant, and limited to what is necessary
  • Accurate and kept up-to-date
  • Stored only as long as necessary
  • Processed in a manner that ensures appropriate security of personal data

You are responsible for providing accurate information when creating an account, including your name, phone number, email address, and Financial Information. We may verify this information through our representatives or third-party service providers.


3. Purpose of Information Collection

We will collect, record, store, handle, and use your Personal Information and Financial Information solely for the purposes of enabling you to access our Platform and use our Services, and, where you have provided consent, to advise you of other Services and updates. You may opt out of non-essential communication, such as marketing or promotional messages, at any time.


We use your Personal Information for the following purposes:

  • To keep you informed about the progress of your clients, including updated diet charts and fitness progress tracking
  • To help promote a safe service and user experience on the Platform
  • To calibrate consumer interest in our Services
  • To troubleshoot problems and resolve issues reported by users
  • To customize and enhance your experience on the Platform
  • To detect and protect against errors, fraud, and other criminal activities
  • To enforce our Terms of Use and other contractual agreements

Additionally, your Personal Information may be used as otherwise described to you at the time of collection. The photos uploaded to the Platform will be used solely to assess and track your fitness progress.


For UK Users, under the UK GDPR, the legal basis for collecting and processing your Personal Information may include:

  • Performance of a contract: Processing is necessary to provide the services you have requested through the Platform.
  • Legitimate interests: To promote a safe and effective service, troubleshoot issues, and customize user experience.
  • Consent: Where you have opted in, we may use your information for non-essential communications and marketing purposes. You may withdraw your consent at any time by contacting us or using the unsubscribe option provided in our communications.

We are committed to using your Personal Information and Financial Information responsibly and in line with applicable legal obligations. We will only retain your information for as long as necessary to fulfil the purposes for which it was collected, in compliance with the Data Protection Act 2018 and the UK GDPR.


4. Privacy, Security Policy, and Related Aspects

We do not sell or rent your Personal Information to third parties for their marketing purposes without your explicit consent. We only use your information as described in the Terms of Use and this Privacy Policy. Your Personal Information is protected by reasonable technological security devices. However, we may disclose and/or transfer your information to our affiliates, agents, and service providers for business purposes to provide you with a better experience.


For UK Users, in compliance with UK GDPR, you have the right to object to the sharing of your data with third parties for marketing purposes. Where we rely on your consent to share your information with third parties, you may withdraw your consent at any time by contacting us.


Notwithstanding anything to the contrary contained anywhere in the Terms of Use and to the extent permitted by applicable law, the Trainer will not be responsible in any manner whatsoever if information provided by the User is exposed and/or misused by any third party who accessed such information without authorisation from the Trainer.


We use standard data encryption through Secure Socket Layer (SSL) technology to 

protect the transmission of sensitive information. While we take all reasonable steps to protect your Personal Information, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

For UK Users, under the UK GDPR, you have the right to be informed in the event of a data breach where your Personal Information is at risk. We will notify you promptly if we become aware of any unauthorised access to your data, in compliance with our legal obligations.


The Platform is protected by copyright as a collective work and/or compilation (meaning the collection, arrangement, and assembly) of all the content on this Platform, pursuant to applicable law.


The Trainer’s logos, product and service marks and/or names, trademarks, patents, copyrights, and other intellectual property, whether registered or not (“IP”), are exclusively owned by the Trainer. Without prior written permission from the Trainer, the User agrees not to display and/or use the IP in any manner whatsoever. Nothing contained on this Platform or in its content should be construed as granting, in any way, any license, right, or interest in the IP without the express written permission of the Trainer.

References on this Platform to any names, marks, products, or services of third parties, or hypertext links to third-party websites or information, are provided solely for your convenience and do not constitute or imply our endorsement, sponsorship, or recommendation of the third party, information, product, or service.


5. Acceptable Use

You are prohibited from violating or attempting to violate the security of the Platform, including, without limitation:

  • (i) attempting to probe, scan, or test the vulnerability of a system or network, or to breach security or authentication measures without proper authorisation;
  • (ii) attempting to interfere with the Service to any other User, host, or network, including, without limitation, through means of viruses, overloading, 'flooding,' 'spamming,' 'mail bombing,' or 'crashing';
  • (iii) sending unsolicited emails, including for promotions and/or advertising of products or services, or otherwise sending spam communications in violation of applicable laws such as the Privacy and Electronic Communications Regulations (PECR) in the UK.

Violations of system or network security may result in civil and/or criminal liability. We will investigate occurrences that may involve such violations and may cooperate with law enforcement authorities, both in the UK and the US, in prosecuting Users who are involved in such violations. You agree not to use any device, software, or routine to interfere or attempt to interfere with the proper functioning of this Platform or any activity being conducted on this Platform.


For UK Users, any misuse of the Platform that involves unlawful processing or handling of personal data will be subject to UK data protection laws, including the UK GDPR and Data Protection Act 2018, and may result in legal action or penalties as provided by law.

Additionally, by using this Platform, you agree to handle any personal data in compliance with applicable data protection regulations, ensuring that you do not misuse, misappropriate, or unlawfully process the personal data of any other user or third party.


6. Email

In order to provide you with timely notices regarding our Services or other important information, we may send you emails and/or newsletters. You may choose to discontinue receiving these communications at any time by using the unsubscribe link provided in the email itself or by sending an email to [privacy@calocoach.co.uk] requesting that your email address be removed from our mailing list.


Please note that discontinuing email communications does not terminate your account or the Services you have prepaid for. If you choose to discontinue use of our Platform or Services, no refund will be due for any prepaid Services unless otherwise specified in the Terms of Use.


7. Exceptions

While we will not voluntarily disclose your personal data apart from the manner set out in the Terms of Use and this Privacy Policy, we may disclose such information if required to do so by a court order or under applicable law. This includes, but is not limited to, requests by government or law enforcement authorities or other legal processes, or if it becomes necessary to protect the rights, property, or safety of the Trainer, FitBudd, or others.

For UK Users, any disclosure of your personal data will be made in compliance with UK GDPR and the Data Protection Act 2018, ensuring that such disclosures are lawful, necessary, and proportionate to the specific legal request.


In addition, the Trainer and FitBudd will not be held liable for any physical injury or harm that occurs due to the use of Services provided through this App. We, and FitBudd, are not liable for any claims, damages, or liabilities arising from any injury—whether physical or otherwise—sustained while using our Services through the Platform.


By using the Platform, you acknowledge and agree to assume full responsibility for any risks related to the use of the Services, and you waive any claims or legal action against the Trainer and FitBudd for any injuries or damages incurred during the course of such use, except where liability cannot be excluded under applicable law.


8. Contact

If you have any questions, concerns, or grievances regarding the use and/or protection of your personal data or otherwise in relation to the Platform, please contact us at [privacy@calocoach.co.uk].


For UK Users, if you believe that your data protection rights under the UK GDPR have been violated, or if you are unsatisfied with the resolution of any complaint, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection authority. More information can be found on their website: https://ico.org.uk.


Alternatively, for any inquiries relating to the handling of your personal data, you may also contact our Data Protection Officer (DPO) at:

[privacy@calocoach.co.uk].


9. Health Insurance Portability and Accountability Act (“HIPAA”)

Please note that neither the Trainer nor the Services are regulated by the United States federal privacy, security, or breach notification rules of the Health Insurance Portability and Accountability Act (“HIPAA”). Consequently, when using the Services, you will not receive the protections of HIPAA in connection with your Personal Information.

For UK Users, while HIPAA protections do not apply, your personal data will still be handled in compliance with the UK General Data Protection Regulation (UK GDPR) and other applicable UK privacy laws, ensuring that your data is protected under a robust legal framework.


10. Miscellaneous

This Privacy Policy and the Disclaimer provided separately form an integral part of the Terms of Use of the Platform and should be read in conjunction with them.

Your Personal Information and Financial Information may be stored and processed in any country where we have facilities or in which we engage third-party service providers. By using the Services, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules than those in your country.


For UK Users, while your Personal Information may be transferred to countries outside the UK, we ensure that such transfers are carried out in compliance with the UK General Data Protection Regulation (UK GDPR). This includes using appropriate safeguards, to ensure an adequate level of protection for your data. Additionally, when your data is transferred outside of the UK, it may be subject to the laws of the country in which it is held, and may be disclosed to the governments, courts, or law enforcement or regulatory agencies of such other country, pursuant to its laws.


However, our practices regarding your Personal Information will at all times continue to be governed by this Privacy Policy and, where applicable, we will comply with UK GDPR, the General Data Protection Regulation (GDPR) (for EU users), and California Consumer Privacy Act (CCPA) requirements, providing adequate protection for the transfer of Personal Information from the UK, EU/EEA, or the US to a third country.

Capitalised terms used herein and not defined shall have the meanings assigned to them in the Terms of Use.