Privacy Policy

Last Updated: December 2024

biennisprf B.V. ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our virtual personal training services and website.

Data Controller

biennisprf B.V. is the data controller for the personal data we process. We are registered in the Netherlands with registration number B56384105 and VAT number NL02415934B2. Our registered address is Stationsweg 60, 2544 OW The Hague, South Holland, Netherlands.

Data Collection

The data we collect includes personal information such as your name, email address, phone number, fitness goals, health information relevant to training, payment details, and technical data from your use of our website and services. We collect this information when you register for our services, book training sessions, communicate with us, or use our website. We may also collect information about your fitness progress and training preferences to provide personalized services.

How We Use Your Information

We explain how we use your information in this section to ensure transparency about our data processing activities. We use your personal data to provide our virtual personal training services, including scheduling sessions, delivering personalized workout plans, tracking your progress, and communicating with you about your training. We also use your information to process payments, improve our services, send important service updates, and comply with legal obligations. The use of your data is always based on a valid legal basis under GDPR.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal bases:

• Contract performance: To provide our training services and fulfill our contractual obligations
• Legitimate interests: To improve our services, ensure security, and conduct business operations
• Consent: For marketing communications and non-essential cookies (where required)
• Legal obligation: To comply with applicable laws and regulations

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information with trusted service providers who assist us in operating our business, such as payment processors, video conferencing platforms, and cloud storage providers. These third parties are contractually bound to protect your information and use it only for the specified purposes. We may also disclose your information if required by law or to protect our rights and safety.

Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law. Generally, we retain customer data for the duration of your relationship with us and for up to 7 years after termination for legal and accounting purposes. Training records and progress data are typically retained for 3 years after your last session to support continuity of care if you return to our services.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: Request a copy of your personal data
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your data under certain circumstances
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a portable format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for processing where applicable

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit and at rest, secure data centers, access controls, and regular security assessments. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

International Data Transfers

As we operate primarily within the EU, most data processing occurs within the European Economic Area. If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses, or other approved mechanisms under GDPR.

Cookies and Tracking

Our website uses cookies and similar technologies to enhance your experience and analyze usage. Essential cookies are necessary for the website to function, while optional cookies help us improve our services and provide personalized content. You can manage your cookie preferences through our cookie banner or browser settings. For detailed information about our cookie use, please see our Cookie Policy.

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us at:

Supervisory Authority

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.