Skip to content Skip to footer
Start Your journey
Fat2Muscle
Start Your journey
Close
Legal

Privacy Policy

1. Introduction

Welcome to Fat2Muscle (“Fat2Muscle,” “we,” “us,” or “our”), accessible via the website fat2muscle.life (the “Site”) and associated mobile application (the “App”). We provide online fitness coaching services, including the “Fat2Muscle Coaching Program,” personalized training plans, meal plans, and support through our Site and App (collectively, the “Services”).

This document outlines both our Privacy Policy and our Terms & Conditions.

  • Privacy Policy (Sections 2-13): Explains how we collect, use, disclose, and protect your personal information when you use our Services, in compliance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).  
     
  • Terms & Conditions (Sections 14-24): Governs your access to and use of our Services.

By accessing or using our Site, App, or Services, you acknowledge that you have read, understood, and agree to be bound by this combined Privacy Policy and Terms & Conditions (the “Agreement”). If you do not agree with this Agreement, please do not access or use our Services.

2. Commitment to Privacy & GDPR Compliance

We are committed to protecting your privacy and handling your personal data lawfully, fairly, and transparently, in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and other applicable data protection laws.

3. Information We Collect

We collect information necessary to provide and improve our Services. This may include:

  • Personal Identification Information: Name, email address, phone number, age, location (country, potentially city for service delivery).  
     
  • Health and Fitness Information (Sensitive Data): Information you provide via contact forms or during coaching, such as weight, height, body measurements, fitness goals, training history, dietary preferences/restrictions, motivation levels, progress photos (only collected with your explicit consent), workout logs, meal logs, habit tracking data. We treat this sensitive data with extra care.
  • Technical Data: IP address, browser type and version, device information, operating system, referral source, page views, website navigation paths, usage patterns, time zone setting.
  • Account Information: Username, password, profile information for the App or Program account.
  • Communication Data: Records of communication via email, the App, or other channels.
  • Payment Information: Processed by third-party payment processors [Specify Processor(s)]. We do not store full payment card details.
  • Cookie and Usage Data: See Section 12 (Cookie Policy).

4. How We Collect Your Information

  • Directly from You: When you provide it by filling forms, signing up, using the App, communicating with us, or consenting to specific collections (like progress photos).
  • Automatically: Via cookies and similar technologies on our Site and App (subject to your consent for non-essential cookies).
  • From Third Parties: E.g., payment confirmation from processors, analytics data.

5. How We Use Your Information & Purpose of Processing

We use your information based on specific purposes and legal grounds:

  • To Provide and Manage Services: Creating personalized plans, delivering the Fat2Muscle Coaching Program, managing accounts, tracking progress, providing App functionality. (Legal Basis: Performance of a Contract)
  • To Communicate With You: Responding to inquiries, providing support, sending essential service updates. (Legal Basis: Performance of a Contract; Legitimate Interests)
  • To Process Payments: Facilitating transactions for paid Services. (Legal Basis: Performance of a Contract)
  • To Improve Our Services: Analyzing usage data (often anonymized or pseudonymized) to enhance user experience and service functionality. (Legal Basis: Legitimate Interests; Consent for certain analytics cookies)
  • For Marketing (With Explicit Consent): Sending newsletters or promotional materials. (Legal Basis: Consent – you can opt-out anytime).
  • To Comply with Legal Obligations: Fulfilling legal or regulatory requirements. (Legal Basis: Legal Obligation)
  • Processing Sensitive Health Data: Only processed with your explicit consent or where necessary for the provision of the health/fitness-related Services you have requested (Performance of Contract, coupled with appropriate safeguards).

6. Legal Basis for Processing (GDPR)

Our legal bases for collecting and using the personal information described above depend on the information concerned and the specific context, as outlined in Section 5. Primarily, we rely on:

  • Art. 6(1)(a) GDPR: Your Consent (e.g., for marketing, non-essential cookies, sensitive data like progress photos).
  • Art. 6(1)(b) GDPR: Performance of a Contract (delivering the Services you paid for).
  • Art. 6(1)(c) GDPR: Legal Obligation.
  • Art. 6(1)(f) GDPR: Legitimate Interests (e.g., service improvement, security), provided they are not overridden by your rights.
  • Art. 9(2)(a) GDPR: Explicit Consent for processing sensitive (health) data.

7. Data Sharing and Disclosure

We share data only when necessary:

  • Third-Party Service Providers: App platform providers , payment processors , hosting, analytics (e.g., Google Analytics), email providers , support tools. These processors are bound by contract to protect your data and often adhere to GDPR standards or use approved transfer mechanisms.
  • Legal Requirements: If required by law or valid legal process within the EU or based on international agreements.
  • Business Transfers: In case of merger, acquisition, or asset sale, ensuring data protection continuity.

8. International Data Transfers

Fat2Muscle operates from Ireland. If you are accessing our Services from the European Economic Area (EEA), your personal data may be transferred outside the EEA to South Africa or to countries where our third-party service providers are located. We ensure such transfers are lawful under GDPR by implementing appropriate safeguards, such as:

 

  • Using Standard Contractual Clauses (SCCs) approved by the European Commission with our service providers.
  • Obtaining your explicit consent for the transfer after informing you of the risks. [Be specific about the primary mechanism you rely upon].

9. Data Security

We use appropriate technical and organizational measures (e.g., encryption, access controls) to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.   

 

10. Data Retention

We retain personal data for as long as needed to fulfill the purposes outlined in Section 5, or as required by law. We retain account/program data while your account is active and for a period of 1 year after inactivity/termination for potential reactivation or legal purposes, unless you request erasure earlier. Anonymized data for analytics may be kept longer.

11. Your Data Protection Rights (GDPR)

As a resident of the EEA, you have the following rights:

  • Right of Access (Art. 15 GDPR): To request copies of your personal data.
  • Right to Rectification (Art. 16 GDPR): To request correction of inaccurate data.
  • Right to Erasure (‘Right to be Forgotten’) (Art. 17 GDPR): To request deletion of your data under certain conditions.
  • Right to Restriction of Processing (Art. 18 GDPR): To request limitation of processing under certain conditions.
  • Right to Data Portability (Art. 20 GDPR): To receive your data in a machine-readable format and transfer it.
  • Right to Object (Art. 21 GDPR): To object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent (Art. 7(3) GDPR): To withdraw consent at any time where processing relies on consent, without affecting the lawfulness of processing before withdrawal.
  • Automated Decision-Making: The right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you [State if you perform such processing – likely not for core coaching]   
     
  • Right to Lodge a Complaint (Art. 77 GDPR): To complain to a supervisory authority in your EU member state if you believe our processing infringes GDPR.

To exercise these rights, please contact our Data Protection contact point at info@fat2muscle.life. We will respond within one month, subject to verification of identity.

12. Cookie Policy

We use essential cookies for Site/App functionality. For non-essential cookies (Analytics, Functional, Marketing ), we obtain your explicit consent via our cookie banner/tool before placing them, in compliance with GDPR and the ePrivacy Directive. You can manage preferences and withdraw consent via email.

13. Children’s Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware of such collection, we will take steps to delete the information promptly.   

 

14. Acceptance of Terms

Accessing or using the Services signifies your agreement to these Terms & Conditions.

15. Use of Website and Services

  • Eligibility: You must be at least 18 years old, or 16 with parental consent where applicable by law, to use the Services.
  • User Accounts: You are responsible for your account security and activities.
  • Prohibited Conduct: No unlawful use, harming the service, infringing rights, etc.

16. The Fat2Muscle Coaching Program & Services

  • Health Disclaimer: Crucially important. The Services offer fitness/nutrition information for informational purposes only, NOT medical advice. Consult a qualified healthcare provider before starting any program, especially if you have pre-existing conditions. Use Services at your own risk.
  • Results Disclaimer: Results vary individually. Testimonials are not guarantees.

17. Payments, Subscriptions, and Refunds 

f you are an EU consumer purchasing digital services/subscriptions online, you generally have a 14-day right to withdraw from the contract without reason. However, this right may be lost if you explicitly consent to the service beginning immediately and acknowledge the loss of withdrawal rights, OR if the service is fully performed within the 14 days with your prior express consent. 

 

18. Intellectual Property

Content is owned by Fat2Muscle or licensors. Limited personal, non-commercial use license granted to users. No unauthorized copying, distribution, etc.

19. User Content

License grant to Fat2Muscle for submitted content (testimonials, photos – obtain explicit consent separately for sensitive items like photos). User responsibility for their content.

20. Disclaimers and Limitation of Liability

  • Disclaimer of Warranties: Services “as is.” (See Health Disclaimer Section 16).
  • Limitation of Liability: Liability limited as permitted by law. 

21. Indemnification

You agree to indemnify Fat2Muscle against claims arising from your breach of terms or misuse of Services.

22. Governing Law and Dispute Resolution (EU Focus)

  • Governing Law: This Agreement is governed by the laws of ireland. However, if you are an EU resident consumer, mandatory provisions of the consumer protection laws of your member state shall apply if they are more favorable to you.
  • Online Dispute Resolution (ODR): For EU consumers, if you have a complaint, you are encouraged to contact us first at [info@fat2muscle.life]. You also have the right to use the European Commission’s Online Dispute Resolution platform: http://ec.europa.eu/odr.
  • Jurisdiction: Disputes may be brought in the courts of ireland or, if you are an EU resident consumer, in the courts of your member state of residence.

23. Changes to Terms & Conditions

We reserve the right to modify terms, notifying users via Site/App update and changing the Effective Date. Continued use implies acceptance.

24. Termination

We may terminate/suspend access for breach of terms.

25. Miscellaneous

Entire agreement, severability, no waiver clauses. Contact for Terms: info@fat2muscle.life.

3. Embedded Content
Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. Below you can find a list of the services we use:
Facebook
The Facebook page plugin is used to display our Facebook timeline on our site. Facebook has its own cookie and privacy policies over which we have no control. There is no installation of cookies from Facebook and your IP is not sent to a Facebook server until you consent to it. See their privacy policy here: Facebook Privacy Policy .
Twitter
We use the Twitter API to display our tweets timeline on our site. Twitter has its own cookie and privacy policies over which we have no control. Your IP is not sent to a Twitter server until you consent to it. See their privacy policy here: Twitter Privacy Policy .
Youtube
We use YouTube videos embedded on our site. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube and your IP is not sent to a YouTube server until you consent to it. See their privacy policy here: YouTube Privacy Policy.
4. Cookies

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.

Necessary Cookies (all site visitors)
  • cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
  • PHPSESSID: To identify your unique session on the website.
Necessary Cookies (Additional for Logged in Customers)
  • wp-auth: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
  • wordpress_logged_in_{hash}: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
  • wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.
  • wp-settings-[UID]: WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
  • wp-settings-[UID]:WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
5. Who Has Access To Your Data

If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself.

If you are a client with a registered account, your personal information can be accessed by:

  • Our system administrators.
  • Our supporters when they (in order to provide support) need to get the information about the client accounts and access.
6. Third Party Access to Your Data
We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:
Envato Pty Ltd
For the purpose of validating and getting your purchase information regarding licenses for this theme, we send your provided tokens and purchase keys to Envato Pty Ltd and use the response from their API to register your validated support data. See the Envato privacy policy here: Envato Privacy Policy.
Ticksy
Ticksy provides the support ticketing platform we use to handle support requests. The data they receive is limited to the data you explicitly provide and consent to being set when you create a support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.
7. How Long We Retain Your Data For

When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. We use this data so that we can recognize you and approve your comments automatically instead of holding them for moderation.

If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.

8. Security Measures

We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personally identifiable information is not captured/hijacked by third parties without authorization.

In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.

9. Your Data Rights
General Rights

If you have a registered account on this website or have left comments, you can request an exported file of the personal data we retain, including any additional data you have provided to us.

You can also request that we erase any of the personal data we have stored. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).
If you wish that all of your data is erased, we will no longer be able to offer any support or other product-related services to you.

GDPR Rights

Your privacy is critically important to us. Going forward with the GDPR we aim to support the GDPR standard. AncoraThemes permits residents of the European Union to use its Service. Therefore, it is the intent of AncoraThemes to comply with the European General Data Protection Regulation. For more details please see here: EU GDPR Information Portal.

10. Third Party Websites

AncoraThemes may post links to third party websites on this website. These third party websites are not screened for privacy or security compliance by AncoraThemes, and you release us from any liability for the conduct of these third party websites.
All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties unless you explicitly click on them.

Please be aware that this Privacy Policy, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service or Site. AncoraThemes bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.

11. Release of Your Data for Legal Purposes

At times it may become necessary or desirable to AncoraThemes, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.

Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.

Go to Top