Privacy Policy

Effective Date: December 1, 2025

In this article
Main section 1
Sub section a

1. Controller and Scope

This Privacy Policy describes how we (“the “Coach”), located in Denmark, process personal data about my clients in connection with the delivery of online fitness coaching services (“the Coaching Services”).

The Coach is the sole data controller for all personal data processed through the Service, including data submitted directly by users and data entered by coaches about their clients.

The processing takes place through the software platform provided by Coachway ApS (“Coachway”), which acts solely as my data processor. Coachway processes personal data only on my documented instructions and only for the purpose of operating the platform.

Contact for all privacy matters: See order confirmation.

This Policy applies to all individuals who use the platform as clients of the Coach (the “Client”).

2. Categories of Personal Data Processed

The Coach processes the following categories of personal data about Clients when delivering the Coaching Services through the platform operated by Coachway:

Account Data
Name, email address and profile settings needed to create and maintain a Client account on the platform.

Coach–Client Interaction Data
Training plans, messages, notes, assessments, documents, progress entries and other information exchanged between the Coach and the Client through the platform.

Health and Fitness Data (Special Category Data)
If voluntarily entered by the Client: body measurements, weight, performance metrics, injuries, movement videos, progress photos, nutritional information, training history, and Apple Health/Google Fit (Health Connect) data when explicitly authorised. These data are processed only with the Client’s explicit consent.

Payment Data
Where applicable transaction metadata relating to payments between the Client and the Coachvia Stripe. Payment card information and transaction data are processed solely by the third party payment provider Stripe Payments Europe Ltd. (“Stripe”). The Coach does not store payment card numbers. Coachway acts only as data processor for platform related subscription payments made by the Coach, but does not store client payment card information.

Technical & Security Data
IP address, device type, operating system, browser, session metadata, crash logs, and security-related events generated when Clients access the platform.

Support & Communication Data
Information contained in messages or communications exchanged with the Coach or through support channels in the platform.

Cookies and Tracking
Essential cookies may be set without consent. Analytics and marketing technologies (including Google Analytics 4 and Meta Pixel) are loaded only after explicit consent.

3. How Personal Data Is Collected

The Coach processes personal data when:

  • The Client creates an account or submits information voluntarily.
  • The Coach enters data about the Client in connection with the Coaching Services.
  • The platform automatically collects technical and security data.
  • The Client authorises integrations such as Apple Health and Google Fit (Health Connect).
  • The platform’s subprocessors (such as hosting, analytics or payment providers) provide relevant data generated during use.
  • Analytics or tracking tools operate after explicit consent from the Client.

4. Purposes of Processing

The Coach processes personal data for the following purposes:

  • To deliver and manage the Coaching Services.
  • To enable communication, planning, programme adjustments and Client monitoring.
  • To manage billing and maintain financial records where relevant.
  • To ensure the security and proper functioning of the platform.
  • To improve service quality and maintain documentation of the coaching relationship.
  • To respond to enquiries and support requests.
  • To comply with legal obligations.
  • To process special-category data only with explicit consent from the Client.


5. Legal Bases (GDPR)

Processing is based on the following lawful bases:

  • Contract (Art. 6(1)(b)) - Processing necessary to deliver the Coaching Services to the Client.
  • Legitimate Interest (Art. 6(1)(f)) - Security monitoring, fraud prevention and service improvement.
  • Legal Obligation (Art. 6(1)(c)) - Bookkeeping and compliance with applicable law.
  • Explicit Consent (Art. 6(1)(a) + Art. 9(2)(a)) - Processing of health data, photos, body measurements, and any analytics or tracking cookies.

Consent may be withdrawn at any time. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

6. Sharing of Personal Data

The Coach does not sell personal data.

Data may be shared only with:

  • Coachway as data processor to operate the platform.
  • Third-party subprocessors used by Coachway for hosting, analytics, file storage, and payment processing (e.g. AWS, Cloudflare, Sentry, Stripe).
  • Authorities when required by law.
  • Successors in a potential business transfer under equivalent protections.

All processors are bound by GDPR-compliant agreements.

7. International Transfers

Some subprocessors may be located or have infrastructure outside the EEA. Where this results in a transfer of personal data, it is based on valid transfer mechanisms under GDPR, including the European Commission’s Standard Contractual Clauses or an adequacy decision. Transfers are made only in accordance with Chapter V GDPR.

8. Retention

Personal data is retained only as long as necessary for the Coaching Services:

  • Active Client accounts remain until the Client requests deletion or the coaching relationship ends.
  • Health data and photos are deleted upon withdrawal of consent or at account deletion.
  • Billing data is retained as required by accounting rules.
  • Backup copies are retained only temporarily and are automatically purged.
  • Data no longer needed is deleted or irreversibly anonymised.

9. Data Subject Rights

Clients have the right to:

  • Access their personal data
  • Request rectification
  • Request erasure
  • Request restriction of processing
  • Object to processing
  • Request data portability
  • Withdraw consent
  • Lodge a complaint with a supervisory authority (e.g. the Danish Data Protection Agency)


Requests may be submitted to us via the contact details set out in the order confirmation.

10. Security Measures

The platform operated by Coachway uses encryption, access control, secure credential storage, logging, monitoring, and regular security assessments. The Coach ensures that only authorised persons access personal data. If a personal data breach occurs, the Coach will notify the relevant supervisory authority and affected Clients where required.

11. Children

The Coaching Services are not intended for individuals under 16. Personal data relating to individuals under 16 is not knowingly processed. If such data is identified, it will be deleted immediately.

12. Cookies and Analytics

Essential cookies required for platform functionality are always active.
Analytics or marketing cookies are used only after explicit consent, which may be withdrawn at any time. A separate cookie policy may apply.

13. Changes to This Policy

Updates to this Privacy Policy may be made due to legal, technical or business developments. Material changes will be communicated directly. Continued use of the Coaching Services constitutes acceptance of the updated Policy.

14. Contact

See contact details in order confirmation, reach out to your coach or contact us at hello@coachway.io