Back

Privacy Policy

Last updated: March 2026

1. Overview

The protection of your personal data is important to us. This privacy policy informs you about the type, scope, and purpose of processing personal data at AI Body Coaching.

AI Body Coaching is a product of Syntronix Solutions, incorporated in Canada. Syntronix Solutions is the data controller responsible for the processing of personal data on this platform.

2. Data Controller

Syntronix Solutions [Full Address] [City, Province, Postal Code], Canada E-Mail: privacy@aibodycoaching.com Legal: legal@aibodycoaching.com

3. Data We Collect

We collect the following categories of data:

  • Account data: Username, email, password (encrypted)
  • Health data: Body weight, body fat, blood values, sleep, nutrition (voluntarily entered)
  • Usage data: Interactions with the AI coach, training plans, supplement stacks
  • Technical data: Browser type, language preference (no IP addresses)

4. Verarbeitung besonderer Kategorien personenbezogener Daten (Art. 9 DSGVO) / Processing of Special Category Data (Art. 9 GDPR)

AI Body Coaching verarbeitet Gesundheitsdaten, die gemäß Art. 9 Abs. 1 DSGVO als besondere Kategorie personenbezogener Daten gelten. Dies umfasst insbesondere:

  • Blutbild- und Laborwerte
  • Körperzusammensetzung und Gewichtsverlauf
  • Supplement- und Medikamentenprotokolle
  • Trainings- und Erholungsdaten

AI Body Coaching processes health data that qualifies as a special category of personal data under Art. 9(1) GDPR, including blood work values, body composition, supplement/medication logs, and training data.

Die Verarbeitung erfolgt ausschließlich auf Grundlage Ihrer ausdrücklichen Einwilligung gemäß Art. 9 Abs. 2 lit. a DSGVO, die Sie bei Kontoerstellung erteilen. Sie können diese Einwilligung jederzeit in Ihren Kontoeinstellungen widerrufen.

Processing is based exclusively on your explicit consent pursuant to Art. 9(2)(a) GDPR, which you grant upon account creation. You may withdraw this consent at any time in your account settings.

5. Legal Basis

  • Art. 6 Abs. 1 lit. a GDPRConsent (for health data)
  • Art. 6 Abs. 1 lit. b GDPRContract fulfillment (providing the service)
  • Art. 6 Abs. 1 lit. f GDPRLegitimate interests (system security)
  • Art. 9 Abs. 2 lit. a GDPRExplicit consent for health data (special category)

6. Data Storage

Your data is stored on Neon servers (PostgreSQL, AWS US-East) and protected by encryption. Data is stored as long as your account is active. After account deletion, all data will be removed within 30 days.

7. Third Parties

Zur Bereitstellung des Dienstes setzen wir sorgfältig ausgewählte, vertrauenswürdige Drittanbieter ein. Diese sind vertraglich zur Einhaltung der DSGVO verpflichtet und erhalten ausschließlich die für ihre jeweilige Funktion notwendigen Daten. Die Kategorien der eingesetzten Dienste umfassen: Datenbank-Hosting, Anwendungs-Hosting, E-Mail-Versand sowie KI-gestützte Analyse zur Generierung personalisierter Coaching-Empfehlungen.

To provide the service, we use carefully selected, trusted third-party providers. They are contractually bound to comply with GDPR and receive only the data necessary for their respective function. Categories of services used include: database hosting, application hosting, transactional email delivery, and AI-powered analysis for generating personalized coaching recommendations.

8. Cookies

We only use technically necessary cookies. No tracking or advertising cookies.

  • ht_sessionAuthentication session (30 days)
  • ht_onboardedOnboarding status (30 days)

9. Your Rights (GDPR)

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

Contact for data protection inquiries: privacy@aibodycoaching.com

10. Data Security

We employ state-of-the-art security measures: password hashing (scrypt), HTTPS encryption, HttpOnly cookies, and server-side session validation.

11. Kanadisches Datenschutzrecht / Canadian Privacy Law (PIPEDA)

Syntronix Solutions unterliegt als kanadisches Unternehmen zusätzlich dem Personal Information Protection and Electronic Documents Act (PIPEDA). Kanadische Nutzer können ihre Datenschutzrechte unter diesem Gesetz geltend machen.

As a Canadian company, Syntronix Solutions is additionally subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). Canadian users may exercise their privacy rights under this legislation by contacting privacy@aibodycoaching.com.