Privacy Policy

Last Updated: May 11, 2025

SVG Placeholder

Privacy Policy

Effective Date: May 15, 2025

Welcome to Abooyeah Fitness Trainer, a professional personal training and sports science consultancy operated through https://www.abooyeah.com ("Website"). We are committed to protecting your personal information and respecting your privacy in compliance with the United Arab Emirates’ Federal Decree-Law No. 45/2021 on the Protection of Personal Data ("UAE Data Protection Law") and the United Kingdom’s Data Protection Act 2018 and UK GDPR ("UK Data Protection Law"). This Privacy Policy explains how we collect, use, store, disclose, and safeguard your personal data when you visit our Website, engage with our services (in-person or online personal training, nutritional guidance, or fitness programs), or interact with us. By using our Website or services, you consent to the practices described in this Privacy Policy. If you do not agree, please do not access the Website or use our services.

1. Who We Are

Abooyeah Fitness Trainer is a UAE-based personal training service led by a qualified Sports Science graduate from the United Kingdom. We are the data controller responsible for your personal data under UAE Data Protection Law and, where applicable, UK Data Protection Law. For inquiries, contact our Data Protection Officer:

  • Business Name: Abooyeah Fitness Trainer
  • Email: privacy@abooyeah.com
  • Phone: +971 52 798 3619
  • Website: https://www.abooyeah.com
  • Address: [Insert UAE Physical Address, if applicable, or note: Online-based service operating from Dubai, UAE]

2. Information We Collect

We collect personal data to deliver personalized fitness and nutritional services. The types of data depend on your interactions with us and include:

2.1 Personal Data You Provide

  • Identity and Contact Information: Full name, email address, phone number, UAE or international address, age, gender, and date of birth (e.g., when booking sessions, registering, or completing forms).
  • Sensitive Personal Data: Health and fitness information, including medical history, injuries, allergies, dietary preferences, fitness goals, or medications, provided via Physical Activity Readiness Questionnaire (PAR-Q), consultation forms, or during training sessions.
  • Payment Information: Credit card details, bank account information, or billing details processed through secure third-party payment processors (e.g., Stripe, PayPal).
  • Account Information: Login credentials, profile preferences, or subscription details if you create an account on our Website.
  • Communications: Inquiries, feedback, or correspondence via email, contact forms, phone, or social media.

2.2 Automatically Collected Data

  • Technical Data: IP address, browser type, operating system, device identifiers, and approximate geolocation (e.g., city-level based on IP).
  • Usage Data: Pages visited, time spent on the Website, clicks, session duration, and interactions with content or forms.
  • Cookies and Tracking: Data collected via cookies, web beacons, or similar technologies to analyze Website performance and user behavior (e.g., Google Analytics).

2.3 Data from Third Parties

  • Service Providers: Data from payment processors, hosting providers, or analytics platforms to facilitate services.
  • Social Media or Referrals: Information you share publicly or through linked accounts (e.g., if you contact us via Instagram or sign up using a third-party login).

We collect sensitive personal data (e.g., health information) only with your explicit consent, as required by UAE and UK laws. You are not obligated to provide data, but failure to provide necessary information may limit our ability to deliver personalized services.

3. How We Use Your Information

We process your personal data for legitimate purposes, ensuring compliance with UAE and UK data protection laws. We use your data to:

  • Deliver tailored personal training, online coaching, fitness programs, and nutritional guidance based on your health and fitness information.
  • Manage bookings, process payments, and issue invoices or receipts.
  • Provide customer support, respond to inquiries, and resolve issues.
  • Improve the Website, services, and user experience through analytics and client feedback.
  • Send administrative communications (e.g., booking confirmations, session reminders, account updates).
  • With your explicit consent, send promotional emails, newsletters, SMS, or offers about our services or events.
  • Ensure client safety by assessing health data to design safe exercise programs.
  • Comply with legal obligations, such as tax reporting, anti-money laundering, or responding to legal requests in the UAE or UK.
  • Prevent fraud, enforce our Terms and Conditions, and protect the security of our Website and services.

We will not use your data for purposes beyond those listed unless we obtain your consent or are required by law.

4. Legal Basis for Processing

We process your data based on the following legal grounds under UAE Data Protection Law and UK GDPR:

  • Explicit Consent: For processing sensitive personal data (e.g., health, fitness), sending marketing communications, or using non-essential cookies (e.g., analytics, advertising). You may withdraw consent at any time.
  • Contractual Necessity: To fulfill our obligations under a contract, such as delivering training sessions or programs you’ve purchased.
  • Legal Obligation: To comply with UAE or UK laws, such as tax reporting, consumer protection, or responding to lawful requests.
  • Legitimate Interests: For activities like improving services, preventing fraud, or analyzing Website usage, provided your rights and freedoms are not overridden.

5. Sharing Your Information

We do not sell, rent, or lease your personal data to third parties for marketing purposes. We may share your data with trusted parties under strict confidentiality agreements, including:

  • Service Providers: Third-party vendors who assist with Website hosting (e.g., Webflow), payment processing (e.g., Stripe, PayPal), analytics (e.g., Google Analytics), email delivery (e.g., Mailchimp), or customer management systems. These providers are bound by UAE and UK data protection standards.
  • Professional Advisors: Lawyers, accountants, or auditors in the UAE or UK to comply with legal or financial obligations.
  • Legal Authorities: When required by UAE or UK law, court order, or government request, or to protect our rights, safety, or property (e.g., to prevent fraud or harm).
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to a successor entity, with prior notice to you.

All third parties are required to comply with UAE Data Protection Law and UK GDPR through Data Processing Agreements or equivalent safeguards.

6. Data Security

We implement robust technical and organizational measures to protect your personal data, in line with UAE and UK requirements, including:

  • Encryption of data in transit (e.g., SSL/TLS) and at rest.
  • Secure servers hosted in data centers compliant with UAE and UK data protection standards.
  • Access controls to restrict data access to authorized personnel only.
  • Regular security audits and updates to address vulnerabilities.
  • Anonymization of analytics data where feasible.

While we strive to protect your data, no online system is completely secure. In the event of a data breach, we will notify you and the UAE Data Office or UK Information Commissioner’s Office (ICO) within 72 hours (per UK GDPR) or as required by UAE law, detailing the breach and mitigation steps.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by UAE and UK laws. Retention periods include:

  • Client Data: Personal and health data is retained for the duration of your engagement and up to 2 years after your last interaction, unless you request deletion or a longer period is required (e.g., for tax or legal purposes).
  • Form Submissions: Contact form or inquiry data is retained for 12 months of inactivity, then securely deleted.
  • Analytics Data: Anonymized usage data (e.g., Google Analytics) is retained for up to 26 months.
  • Payment Data: Transaction records are kept for 7 years to comply with UAE and UK tax and accounting laws, but sensitive payment details (e.g., card numbers) are not stored by us.

Data no longer needed is securely deleted or anonymized in accordance with UAE and UK data minimization principles.

8. Your Data Protection Rights

You have rights under UAE Data Protection Law and UK GDPR regarding your personal data:

  • Right to Be Informed: Receive clear information about how your data is processed (as provided in this Privacy Policy).
  • Right to Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data, subject to legal retention obligations.
  • Right to Restrict Processing: Limit processing in certain cases (e.g., while a complaint is investigated).
  • Right to Object: Object to processing for marketing or legitimate interests.
  • Right to Data Portability: Receive your data in a structured, machine-readable format or have it transferred to another controller.
  • Right to Withdraw Consent: Withdraw consent for processing (e.g., marketing or health data) at any time, without affecting prior processing.
  • Right to Lodge a Complaint: File a complaint with the UAE Data Office (u.ae) or the UK Information Commissioner’s Office (ico.org.uk).

To exercise these rights, contact us at privacy@abooyeah.com. We will respond within 14 days (UAE requirement) or 30 days (UK GDPR), with possible extensions for complex requests. Identity verification may be required. There is no fee unless your request is excessive, in which case we may charge a reasonable administrative fee.

9. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies (e.g., web beacons, pixel tags) to enhance functionality, analyze performance, and personalize content. Cookies are categorized as:

  • Essential Cookies: Required for Website functionality (e.g., session management, login). These cannot be disabled.
  • Analytics Cookies: Collect anonymized data on user behavior (e.g., Google Analytics) to improve the Website.
  • Marketing Cookies: Track preferences for targeted ads or personalized offers, used only with your consent.

A cookie banner will prompt you to accept or customize cookie settings upon visiting our Website. You can manage cookies via your browser settings, but disabling essential cookies may impair functionality. For details, see our Cookie Policy [Note: Create a separate Cookie Policy page if applicable].

10. International Data Transfers

Your data may be transferred to and stored in countries outside the UAE or UK, such as the United States or European Union, where our servers or third-party providers are located. We ensure compliance with UAE and UK data protection laws through:

  • Adequacy Agreements: Transfers to countries recognized as having adequate data protection by the UAE or UK.
  • Standard Contractual Clauses (SCCs): Contracts with third parties to ensure UAE and UK-compliant data handling.
  • Data Processing Agreements: Binding agreements with providers to protect your data.

By using our services, you consent to the transfer, storage, and processing of your data in these jurisdictions, provided appropriate safeguards are in place. We prioritize UAE-based storage for UAE clients where required by law.

11. Children’s Privacy

Our Website and services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children without verifiable parental consent. If we discover we have collected data from a child under 16, we will promptly delete it. If you believe we have such data, contact us at privacy@abooyeah.com.

12. Third-Party Links

Our Website may contain links to third-party websites or services (e.g., payment processors, social media platforms). We are not responsible for their privacy practices or content. Review their privacy policies before providing personal data.

13. Marketing Communications

With your explicit consent, we may send promotional emails, newsletters, or SMS about our services, events, or offers. You can opt out at any time by:

  • Clicking the “unsubscribe” link in emails.
  • Contacting us at privacy@abooyeah.com.
  • Updating preferences in your account settings (if applicable).

Opting out of marketing does not affect administrative or service-related messages (e.g., booking confirmations).

14. Data Breach Notification

In the event of a data breach that risks your rights and freedoms, we will notify you and the UAE Data Office or UK ICO within 72 hours (per UK GDPR) or as required by UAE law, providing details of the breach, its impact, and mitigation steps.

15. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, UAE or UK legal requirements, or services. Updates will be posted on this page with a revised “Effective Date.” Significant changes will be communicated via email or a prominent Website notice at least 14 days before taking effect. Review this policy periodically to stay informed.

16. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the United Arab Emirates. Any disputes arising will be subject to the exclusive jurisdiction of the UAE courts. For UK clients, we ensure compliance with UK GDPR and Data Protection Act 2018, and you may exercise rights through the UK ICO if applicable.

17. Contact Us

For questions, concerns, or complaints about this Privacy Policy or our data practices, contact our Data Protection Officer:

  • Business Name: Abooyeah Fitness Trainer
  • Email: privacy@abooyeah.com
  • Phone: +971 52 798 3619
  • Website: https://www.abooyeah.com
  • Address: [Insert UAE Physical Address, if applicable, or note: Online-based service operating from Dubai, UAE]

We aim to respond within 48 hours during business hours (Monday–Friday, 9:00 AM–5:00 PM GST). If unsatisfied, you may contact the UAE Data Office (u.ae) or, for UK clients, the UK Information Commissioner’s Office (ico.org.uk).