Privacy Policy

Last updated: April 4, 2026

Who we are

CoachSync is a platform for personal trainers, coaches, and physiotherapists to manage clients, create training and nutrition plans, and track progress.

The data controller is CoachSync.

What we collect

We only collect data necessary to provide the service.

Account information

  • Email address
  • Full name
  • Password (stored securely as a one way hash)

Client profile

  • Year of birth, gender, height
  • Goals and experience level
  • Medical notes entered by your trainer

Health and fitness data

  • Body measurements
  • Workout logs
  • Nutrition plans

Messages

Messages exchanged within the app.

Contact form

Name, email, and message if you contact us.

Why we collect it

  • Provide and operate the service
  • Manage accounts and authenticate users
  • Enable communication between users
  • Respond to support requests

We do not sell your data or use it for advertising.

Legal basis

  • Contract: to provide the service
  • Consent: for health related data
  • Legitimate interest: for basic communication and security

Health data

Health related data is processed with extra care:

  • Only visible to you and your trainer
  • Encrypted in transit
  • Processed only with your consent

Third party services

  • Azure Communication Services for emails
  • Cloud hosting provider located in the EU

These providers act as data processors under contract.

We do not use analytics or tracking.

International transfers

Data is stored in the EU. If data is transferred outside the EU, appropriate safeguards such as standard contractual clauses are used.

Cookies

We use a secure HTTP only cookie to keep you signed in. It is not used for tracking or advertising.

Data retention

Data is kept while your account exists. After deletion, data is permanently removed within a reasonable period unless required by law.

Your rights

  • Access your data
  • Correct inaccurate data
  • Delete your data
  • Request a copy of your data
  • Withdraw consent
  • Lodge a complaint with a data protection authority

Security

We use industry standard security practices including encryption and secure authentication. No system is completely secure.

Children

This service is not intended for users under 16. If such data is identified, it will be deleted.

Changes

We may update this policy. Significant changes will be communicated where possible.

Contact

For anything related to your data or this policy: contact@coachsync.fit