Privacy Policy
Absolutely! Below is a GDPR-compliant Privacy Policy tailored for Somnium Performance, ensuring it covers your online coaching business and aligns with UK & EU GDPR regulations. This policy is designed to protect your business while providing transparency to your clients.
Privacy Policy – Somnium Performance
Effective Date: 04/03/2025
Last Updated: 04/03/2025
At Somnium Performance, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and store your personal data when you interact with us, purchase coaching services, or visit our website.
We comply with the General Data Protection Regulation (GDPR) and all applicable data protection laws in the UK and EU.
1. Who We Are
Somnium Performance
📍 [Insert Business Address if required]
📧 [email protected]
🌐 https://somniumperformance.com/
2. What Data We Collect
We may collect and process the following types of data:
a) Personal Data You Provide Directly
Full name
Date of birth
Email address
Phone number
Billing address & payment information
Medical history & injury information (where relevant to your training)
Training data (e.g., from TrainingPeaks, Strava, or similar platforms)
Feedback & progress updates
Communication records (emails, messages)
b) Automatically Collected Data
When you visit our website, we may collect:
IP address
Device type
Browser type
Pages visited
Time spent on pages
Referring website/source
c) Special Category Data
When relevant to coaching (e.g., health information), we will only process this data with your explicit consent, and it will only be used to design safe and effective training plans.
3. How We Use Your Data
We use your data to:
Provide and manage your coaching services.
Create personalized training plans and monitor progress.
Communicate with you about your plan, updates, and performance.
Process payments and manage your subscription.
Respond to inquiries or customer service requests.
Improve our website, services, and user experience.
Comply with legal obligations.
Legal Basis for Processing
Under GDPR, we rely on the following lawful bases to process your personal data:
Performance of a contract: To deliver the coaching services you’ve purchased.
Legitimate interests: To improve our services and market to existing customers.
Consent: For processing sensitive data (e.g., health data) or sending marketing communications.
Legal obligation: To comply with financial, tax, or regulatory requirements.
4. How We Store Your Data
Personal data is stored securely on password-protected systems, and any third-party tools (e.g., TrainingPeaks, Stripe) have their own GDPR-compliant processes.
We only retain your data for as long as necessary to fulfil the purposes outlined in this policy (e.g., during your coaching period + up to 6 years for financial/legal records).
5. Who We Share Your Data With
We only share data where necessary to provide services, process payments, or comply with legal obligations. This may include:
Payment processors (e.g., Stripe, PayPal)
Training platforms (e.g., TrainingPeaks)
Legal or regulatory bodies (if required by law)
We do not sell, rent, or trade your personal data.
6. International Data Transfers
If we transfer your data outside the UK or EEA (e.g., using a US-based software provider), we ensure appropriate safeguards (e.g., Standard Contractual Clauses) are in place to protect your data.
7. Your Rights Under GDPR
Under GDPR, you have the right to:
Access your personal data.
Rectify inaccurate data.
Erase your data (“right to be forgotten”) in certain circumstances.
Restrict processing of your data.
Object to certain processing, including direct marketing.
Data portability – request a copy of your data in a machine-readable format.
Withdraw consent where processing relies on consent.
To exercise these rights, contact us at [email protected]
8. Cookies & Tracking
Our website uses cookies to enhance user experience, track website performance, and improve our services. You can manage cookie preferences via your browser settings.
For more information, see our Cookie Policy [link to separate page if applicable].
9. Marketing Preferences
If you opt into receiving marketing communications, we may send emails about training tips, new services, or special offers. You can unsubscribe at any time using the link in the email.
10. Data Breach Procedures
In the event of a data breach that may impact your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours, in line with GDPR requirements.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. The latest version will always be available on our website.
12. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, contact:
📧 [email protected]
If you’re unhappy with how we handle your data, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) (UK) or your local data protection authority.