Privacy Policy

1. Who are we?

Tom Smeets, operating under the name Coached by Tom Smeets, is responsible for the processing of personal data as described in this privacy policy.

• Website: tomsmeets.com
• App: coachedby.tomsmeets.com
• Email: [email protected]

2. What data do we collect?

Through our coaching app, we collect the following personal data:

Account information

• Full name
• Email address
• Access code

Health and lifestyle data

• Body weight (per day)
• Height and age
• Gender
• Calorie intake and nutritional data
• Training data (exercises, sets, reps, weights)
• Step count and movement activities
• Progress photos (front, side, back)

Mental and personal reflection data

• Weekly reflections and mindset journal entries
• Personal goals and progress
• Energy levels, sleep and stress (self-reported)

3. Why do we use your data?

We use your data solely for the following purposes:

• Providing personal coaching advice and guidance
• Tracking and analyzing your progress
• Adjusting your training and nutrition program
• Communication about your coaching journey

We never sell your data to third parties and do not use it for marketing purposes without your explicit consent.

4. Legal basis for processing

We process your personal data based on:

• Performance of a contract: the data is necessary to deliver the coaching service.
• Consent: for uploading progress photos and completing personal reflection data, we request your implicit consent through the use of the app.

5. Special categories of personal data

We process health data (weight, nutrition, physical condition) and potentially sensitive personal reflections. These are special categories of personal data under the GDPR. We handle this data with care and never share it without your consent.

6. How long do we retain your data?

We retain your personal data for as long as you actively use our coaching service. After the end of your coaching journey, we retain your data for a maximum of 12 months, unless you request deletion earlier.

Progress photos are retained for as long as your account is active and are deleted immediately upon request.

7. Who do we share your data with?

Your data is stored with the following processors:

• Supabase Inc. (database and file storage) — servers in the EU
• Vercel Inc. (web application hosting)

Data processing agreements are in place with both parties through their standard terms of service. We do not share your data with any other third parties.

8. Security

We take the security of your data seriously. The app uses:

• Encrypted connections (HTTPS/TLS)
• Secure access via personal codes
• Private file storage for progress photos
• No public access to personal data

9. Your rights

Under the GDPR, you have the following rights:

• Right of access: you can request which data we process about you.
• Right to rectification: you can have incorrect data corrected.
• Right to erasure: you can request deletion of all your data.
• Right to object: you can object to the processing of your data.
• Right to data portability: you can request your data in a readable format.

To exercise your rights, please contact us at [email protected]. We will respond within 30 days.

10. Use of the app

By using the Coached by Tom Smeets app, you agree to the processing of your personal data as described in this privacy policy. You may withdraw your consent at any time by requesting deletion of your account.

11. Complaints

If you have a complaint about the processing of your personal data, please contact us at [email protected]. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at www.autoriteitpersoonsgegevens.nl.

12. Changes

We reserve the right to amend this privacy policy. In the case of significant changes, we will inform you via the app or by email. The most current version is always available at tomsmeets.com.