PRIVACY POLICY

This Privacy Policy describes how andrahedonist.com ("we," "the site," "the platform") collects, uses, stores, and protects your personal data when you use our services. We comply with applicable data protection legislation, including Regulation (EU) 2016/679 (GDPR).

1. What data do we collect?

We may collect the following categories of personal data:

  • Identification data: first name, last name, email address, phone number;

  • Payment data: transaction information (we do not store bank card details, these are processed securely by the payment processor);

  • Health and fitness goals data: age, gender, weight, height, activity level, food preferences (optional, for program customization);

  • Technical data: IP address, device type, browser, login data, traffic data;

  • Platform usage data: feedback, messages sent.

2. How do we collect data?

Data is collected:

  • Directly from you, by filling out forms on the website or through direct communication;

  • Automatically, through the use of cookies and other tracking technologies (see Cookie Policy).

3. Purposes of data processing

We use your personal data for:

  • Provide personalized fitness and nutrition services;

  • Process payments;

  • Communicate with you (information, notifications, technical support);

  • Improve and personalize the platform experience;

  • Comply with legal and reporting obligations.

4. Legal basis for processing

We process your data based on the following legal grounds:

  • Performance of the contract (provision of services);

  • Your consent (for marketing communications or processing of sensitive data);

  • Legal obligations (e.g., billing);

  • Our legitimate interest (analysis, service improvement, fraud prevention).

5. Who do we disclose data to?

Your data may be disclosed to:

  • IT service providers, web hosting providers, payment processors (e.g., Stripe, PayPal);

  • Public authorities, if required by law;

  • Other third parties, only with your explicit consent.

6. Data storage and security

  • Data is stored on secure servers located in the European Union;

  • We apply appropriate technical and organizational measures to prevent unauthorized access, loss, or disclosure of data (encryption, backup, access control);

  • Data is retained for the duration of the provision of services and thereafter, in accordance with legal requirements (e.g., tax obligations).

7. Your rights

You have the following rights under the GDPR:

  • Right of access to personal data;

  • Right to rectification of incorrect or incomplete data;

  • Right to erasure ("right to be forgotten");

  • Right to restriction of processing;

  • Right to data portability;

  • Right to object to data processing;

  • Right to withdraw consent at any time (without affecting the lawfulness of previous processing);

  • Right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP).

To exercise these rights, you can contact us at contact@andrahedonist.com

8. Policy changes

We reserve the right to update this policy.

9. Contact

For questions or requests regarding personal data protection, please contact us at contact@andrahedonist.com