2. Privacy Policy (GDPR-Compliant)

Business Name: JT Performance Training

Contact: Joel@jtperformancetraining.co.uk

Effective Date: 26 October 2025

1. Overview

This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data We Collect

We may collect and process the following information:

Personal data: name, age, email, phone number, address (if provided).

Health data: medical history, previous injuries, lifestyle information, and exercise readiness questionnaire responses.

Coaching data: goals, training performance, progress metrics.

Payment data: securely processed by Stripe (we do not store full payment details).

Technical data: usage data from Everfit or website analytics.

3. Purpose of Collection

We use this information to:

• Deliver and tailor your training and nutrition programs.

• Communicate about your progress, billing, and support.

• Monitor health, performance, and safety.

• Maintain business records and comply with legal obligations.

4. Lawful Basis for Processing

Contractual necessity: to perform our coaching agreement.

Consent: for collecting and processing health-related information.

Legal obligation: to maintain accounting and tax records.

Legitimate interest: to enhance client experience and platform functionality.

5. Data Storage and Security

• All data is securely stored through Everfit (GDPR-compliant) and Stripe (PCI-DSS certified).

• Access to data is restricted to authorised personnel only.

• We implement encryption and secure authentication protocols to protect data.

6. Data Sharing

We only share your data with:

Everfit, for program delivery and tracking.

Stripe, for secure payment processing.

Professional service providers (e.g. accountants) when legally required.

We never sell or rent your data to third parties.

7. Data Retention

• Client data is retained while you remain a client and for up to six years thereafter for tax and legal compliance.

• You may request deletion of your personal or health data at any time, subject to legal obligations.

8. Your Rights

Under UK GDPR, you have the right to:

• Access your personal data.

• Request correction or deletion.

• Restrict or object to processing.

• Withdraw consent (for health data) at any time.

• Lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

9. Contact

For privacy concerns or requests, email Joel@jtperformancetraining.co.uk.