PRIVACY POLICY

Last Updated: 31 July 2025

TRI-ASSIST ("we", "us", or "our") respects your privacy and is committed to protecting your personal data, including sensitive health-related information. This Privacy Policy explains how we collect, use, and safeguard your data when you visit https://tri-assist.com or use our coaching services.

1. WHO WE ARE

Data Controller: Weronika Niemczyk (Sasha), sole proprietor registered in Poland, operating under the business name “TRI-ASSIST”

Contact Email: support@tri-assist.com

2. DATA WE COLLECT

a) Personal Information

When you interact with us, we may collect:

  • Full name, email address, phone number

  • Address, country of residence

  • Payment information (processed securely via Stripe – we do not store card data)

  • Communication history (WhatsApp, email, PDFs, Calendly, etc.)

b) Health & Fitness Data (Sensitive Personal Data)

With your explicit consent, we may collect:

  • Fitness goals, injury history, health concerns, medical notes

  • Progress tracking (e.g., photos, weight, training performance)

Sensitive data is only collected with your informed, explicit consent.

c) Usage Data (collected automatically)

  • IP address, browser type, device information, time of visit

  • Analytics via third-party tools such as Google Analytics

d) Cookies and Tracking Technologies

We use cookies to enable core website functions, remember preferences, and analyze traffic.

See our Cookie Policy for more details.

3. PURPOSES AND LEGAL BASES FOR DATA PROCESSING

We collect and process your personal data for the following purposes:

  • To provide coaching services and consultations - Performance of Contract

  • To process payments - Performance of Contract

  • To personalize your coaching plan (including health data) - Explicit Consent

  • To send newsletters and marketing emails (Substack) - Consent

  • To schedule calls or sessions - Legitimate Interest

  • To analyze performance and improve our services - Legitimate Interest

  • To meet tax, legal, and regulatory obligations - Legal Obligation

Processing of Data for Digital Products and Subscriptions
When you purchase a digital product or subscribe to our content (including via third-party platforms), we process your personal data for the following purposes:

  • To deliver the purchased product or subscription content

  • To manage your account or subscription preferences (where applicable)

  • To provide customer support related to your purchase or subscription

If you purchase via a third-party platform (e.g., Patreon, Substack, YouTube, Discord), that platform is the data controller for any information you provide to them directly. We only receive limited data necessary to fulfill our obligations (e.g., your name, email address, or confirmation of payment).

For more information on how these platforms handle your data, please review their respective privacy policies.

4. CONSENT FOR SENSITIVE DATA

We will ask for your explicit and informed consent before collecting any health-related data. You may provide consent via:

  • Intake forms (Google Forms, Fitebo, etc.)

  • Written confirmation (email, WhatsApp, etc.)

You have the right to withdraw your consent at any time by contacting: support@tri-assist.com.
Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

5. DATA SHARING & THIRD PARTIES

We only share your data with trusted third-party services essential to our operations:

  • Stripe - Payment processing - EU / USA

  • Calendly - Appointment scheduling - USA

  • Substack - Email newsletter - USA

  • Google Workspace - Cloud storage & forms - EU / USA

  • WhatsApp - Client communication - Global (Meta)

  • Fitebo - Online coaching platform - EU / USA

  • Hostinger - Website hosting - EU

All providers are either GDPR-compliant or offer adequate safeguards such as Standard Contractual Clauses (SCCs).

6. DATA SECURITY

We use appropriate technical and organizational measures to ensure your data is protected:

  • Encrypted cloud storage (e.g., Google Drive)

  • Access restrictions and password protection

  • End-to-end encrypted communication tools (e.g., WhatsApp)

Your sensitive data is only accessible to the data controller and is never shared without your consent.

7. DATA RETENTION

We retain personal data only as long as necessary for its intended purpose or as required by law:

  • Coaching-related data: Up to 2 years after the end of the client relationship

  • Tax and billing data: 5 years (as required by Polish law)

  • Communication records: Based on necessity or until consent is withdrawn

8. YOUR RIGHTS UNDER GDPR

If you are located in the EU/EEA or UK, you have the following rights:

  • Access to your personal data

  • Rectification of inaccurate or incomplete data

  • Withdraw consent at any time

  • Erasure (right to be forgotten)

  • Restriction or objection to data processing

  • Data portability

  • Lodge a complaint with your national Data Protection Authority

To exercise any of the above rights, contact: support@tri-assist.com

9. CHILDREN'S PRIVACY

Our services are not directed toward individuals under 18. We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, please contact us immediately.

10. INTERNATIONAL DATA TRANSFERS

If you are based outside the EU (e.g., USA, Canada), your personal data may be transferred and processed within the EU and by providers located in third countries.
We use services with adequate safeguards, such as Standard Contractual Clauses (SCCs).

11. DO-NOT-TRACK & COOKIES

We do not currently respond to Do-Not-Track (DNT) browser signals.
You can disable cookies in your browser settings.

See our Cookie Policy for more details.

12. CHANGES TO THIS PRIVACY POLICY

We may update this policy from time to time. When we do, we will post the revised version with an updated date at the top of this page.

13. CONTACT

If you have questions or concerns about this Privacy Policy or your personal data, please contact: support@tri-assist.com