Privacy Policy — RLSTRENGTH (Australia-based, serving worldwide)
1) Identity & Contact
Controller: RLSTRENGTH Pty Ltd, ABN: [Insert ABN], Registered Address: [Insert Address]
Contact: [email protected]
2) What We Collect
Identifiers: name, age, email, phone, address
Payment: processed by Stripe (we do not store full card details)
Coaching data (sensitive): weight, medical info you share, progress photos, training/nutrition logs
App/Usage: device, IP, pages viewed, cookies, analytics
Consents: email/SMS preferences and timestamps
3) How We Collect
Directly from you (forms, checkout, intake, messages)
Automatically via cookies/analytics
From processors: Stripe (payments), GoHighLevel (CRM/email/SMS)
4) Why We Use Your Data
Deliver coaching services and support
Personalise plans and track progress
Process payments, prevent fraud, maintain security
Send service updates; marketing emails/SMS with consent (opt out anytime)
Analytics and site improvement; legal compliance
5) Health Data Utilization
Our app collects and processes health-related information such as workout activity, exercise logs, heart rate, and other fitness metrics. This data is collected only with your explicit consent and is used exclusively to deliver core app features, including fitness tracking, progress insights, and cross-device synchronization.
We do not share your health data with any third parties, and we do not use this data for advertising or marketing purposes. All health information is stored securely and access is limited to authorized personnel only. We adhere to industry best practices to ensure data protection.
If you choose to delete your account, all associated personal and health-related data will be permanently deleted from our systems.
Lawful basis and consent:
We only process health data with your explicit consent and solely to deliver core coaching/app features (fitness tracking, personalised plans, progress insights, cross-device sync). Withdraw consent any time via in-app settings or email; we’ll stop processing going forward.
Use and disclosure:
We do not use your health data for advertising or marketing and do not sell/share it with third parties for ads. Access is limited to authorised personnel and processors necessary to provide the service (e.g., CRM, cloud). Payments handled by Stripe.
Security:
Encryption in transit, least-privilege access, vendor due diligence. No method is 100% secure.
International transfers:
Data may be processed outside your country with appropriate safeguards (e.g., SCCs).
Deletion:
If you delete your account, associated personal and health data are deleted or de-identified subject to legal/record-keeping obligations.
6) Legal Bases (EU/UK)
Contract (provide the program)
Consent (email/SMS marketing; sensitive health data)
Legitimate interests (security, analytics, improvement)
Legal obligation (records, tax)
7) Sharing & Processors
Stripe (payments), GoHighLevel (CRM/email/SMS), cloud hosting/storage, analytics, support tools under data processing agreements/appropriate safeguards.
We do not sell personal information. If we later “sell” or “share” data for ads (e.g., under CPRA), we will update this policy and provide required opt-outs.
8) International Transfers
Your data may be transferred internationally with safeguards (e.g., Standard Contractual Clauses where required).
9) Retention
Kept while you’re a client, then only as needed for legal, tax, or dispute purposes. We delete or de-identify when no longer required.
10) Your Rights
Australia (APPs):
access, correction, complaint to us and OAIC.
EU/UK (GDPR/UK GDPR): access, rectification, erasure, restriction, portability, objection, withdraw consent, lodge a complaint.
California (CCPA/CPRA): know, delete, correct, opt-out of “sale”/“sharing,” limit use of sensitive info, non-discrimination.
11) Marketing Choices & Cookies
Email/SMS: unsubscribe in-message or contact us.
Cookies/location: manage via our cookie banner and browser/device settings. Some features may not work if disabled.
California: if applicable, use “Do Not Sell or Share My Personal Information” and “Limit the Use of My Sensitive Personal Information” links when enabled.
12) Security
Administrative, technical, and physical safeguards; least-access; encryption in transit; staff training; vendor reviews.
13) Minors
We do not serve under 18. Do not submit data for minors.
14) Account Deletion
To request the deletion of your personal information from our database, you can submit a request through our in-app settings or contact form available on our platform. For such requests, please write "delete my account" in the subject line, and include your first and last name and e-mail address in the body of the message.
We will use commercially reasonable efforts to honor your request. We may retain an archived copy of your records as required by law or for administrative purposes.
Please note that we will store communications you may send through the Service, as well as any comments you may post, and they may not be subject to modification or deletion. You may also control the information that we collect through the settings in your browser or mobile device.
You may configure your browser to reject cookies from our app and may adjust the settings of your mobile device to prevent the Platform from obtaining location information.
However, please note that the Service may rely on cookies and location information to function properly and some parts of the Service may not be available if you disable cookies.
15) Complaints
EU: your national authority
California: CPPA/AG
16) Changes
We update this policy as practices/laws change. See effective date below.
Effective date: 20/08/2025
By using our services, you agree to the terms of this Privacy Policy.
If you have questions, contact us at: