Privacy Policy

AthleteSync Privacy Policy Effective Date: [15 May 2024]

AthleteSync ("Company", "We", "Us" or "Our") is a technology company providing solutions to monitor athletic training progress. Our goal is to revolutionize the world of training and athletic performance. We provide users (either individuals or companies) ("Users") a platform to monitor athletic training progress, and make available certain services and contents supplied by third parties with whom We contract (the "Services"). These third parties may provide content in several forms, including, but not limited to, workout and exercise prescriptions, guidance, and cues ("Content Providers").

For example, Content Providers can, through AthleteSync, publish and or sell training that can then be downloaded by Users. Content Providers can also upload their training (paper, pdf, excel) and through generative artificial intelligence, We will convert them into usable workouts.

AthleteSync relies on collecting information, including Personal Information, from you to produce personalized workout plans that are customized for your specific body type, fitness level, training, or fitness goals, and are practical given your schedule and resources. "Personal information" means any information that relates to an identified or identifiable individual. Our computer algorithm relies on these various inputs to produce exercise recommendations and schedules.

We may at times work with third parties and Content Providers to present offers and advertisements which we believe are relevant to you and may also customize the content and user experience based on your information. Our main purpose in collecting such Information is to provide you with an excellent service and overall User experience. We strive to maintain transparency and will not use or share your Personal Information with anyone except as described in this Policy.

Capitalized terms that are not defined in this Policy have the meaning given them in Our Terms of Use. We encourage you to get acquainted with our Terms of Use to understand how We provide the Services to you. We respect your privacy and are committed to protecting it through Our compliance with this Policy.

Please read this Policy carefully to understand our privacy practices. If you do not want Us to process your Personal Information as it is described in this Policy, please do not use Our Services. If you have any questions about this Policy or AthleteSync, please contact Us at (for additional contact information, please see Section 15 of this Policy).

1. Introduction

This Privacy Policy ("Policy") covers the Personal Information that We collect through AthleteSync application and its website (the "Website"), owned or controlled by the Company or websites that post a link to this Policy. When you use Our Services, you'll share some information with Us.

According to Article 13 of the General Data Protection Regulations Regulation, (EU) 2016/679 (GDPR), in Our role as a controller of Personal Information (as defined below), We want to be upfront about the information We collect, how We use it, whom We share it with, and the controls We give you to access, update, and delete your Information. You should read our entire Policy, so that you can feel confident in sharing your data with Us.

2. Who is the data controller

The Company is the controller of your Personal Information. The Company is registered at: Harju maakond, Tallinn, Kesklinna linnaosa, Ahtri tn 12, 1555. If you have questions, requests, or concerns regarding your privacy and rights, please let Us know how We can help. You can contact Us at

3. Information We collect

There are three basic categories of information We collect:

Here's a little more detail on each of these categories.

Information you provide to Us

When you use Our Services, you usually provide to Us certain information, including your Personal Information such as:

When you use the Websites

When you visit Our Website, We collect Internet or other electronic network activity information through the use of cookies and other trackers. Depending on your tracking preferences, the information We collect may include but is not limited to your device's Internet Protocol ("IP") address, referring website, what pages your device visited, and the time that your device visited our Website. We may also rely on analytics and tools used to prevent spam and other security risks related to the use of abusive automated software. Visit our Cookie Policy for more information on the types of cookies and other trackers We use on our Website.

Information We collect automatically

When you use Our Services, We may automatically collect certain data about you. This data is needed for operation of the Services and, among others, may be used for in-app analytics or marketing purposes. The data We collect automatically includes:

The technologies We use for automatic data collection may include: We use third-party analytics tools, such as AWS to help Us measure traffic and usage trends for AthleteSync. These tools collect information via third-party analytics software development kits incorporated into AthleteSync, which may include your pseudonymised user ID and the information about the webpages you visit when following the links available to you on Our Services, your actions in AthleteSync application and basic information about the type of subscription you have. We collect and use this analytics information in an aggregated manner with analytics information from other users so that it cannot reasonably be used to identify any particular user. For information on how third-party analytics tools collect and process your data, please contact us at

4. Legal bases for using your Personal Information

According to Article 6 of the GDPR, We are allowed to use your Personal Information when certain conditions apply. These conditions are called "legal bases" and We typically rely on one of four:

5. Information We collect directly from you on our Website

We will use Personal Information for the following purposes:

6. Sharing and disclosure of Personal Information

AthleteSync Services include connecting Users to coaches and/or teams, and to offer the Services, AthleteSync discloses Personal Information to the coaches and/or teams that your Account is associated with or that you interact with through Our Services. We do not rent or sell your Personal Information, including text to any third parties outside AthleteSync.

Parties with whom We may share your Personal Information: We may also share your Personal Information and other collected information with third-party organizations such as contractors and service providers that We use to support our business who will act as data processors according to Article 28 of the GDPR and who are bound by confidentiality and data protection terms (consistent with this Policy) to keep your Personal Information confidential and use it only based on our instructions ("Service Providers").

If We receive your Personal Information and subsequently transfer that information to a third-party agent or Service Provider for processing, We remain responsible for ensuring that such third-party agent or Service Provider processes your Personal Information to the standard required by the applicable privacy laws, including the GDPR, and CCPA. These transfers will typically be based on Our legitimate interests. Such Service Providers include:

By these means, We are able to reach you and people like you on various platforms. For the avoidance of doubt, We do not share or transfer your Contents to third parties other than coaches (except storing your Contents to our cloud providers Google Cloud Platform and Amazon Web Services). We use only secure places of storage, such Amazon Web Services.

You are sharing your Personal Information: You might be sharing information on message boards, chat, and other services to which you are able to post Content. Please note that any information you post or disclose through these services will become public and may be available to other users and the public.

What happens in the event of a change of control: If We sell or otherwise transfer part or the whole of the Company or Our assets to another organization (e.g., during a transaction like a merger, divestiture, restructuring, reorganization, acquisition, bankruptcy, dissolution, liquidation), your Personal Information and any other collected information may be among the items sold or transferred.

Responding to legal requests and preventing harm: We may access, preserve, and share your Personal Information in response to a legal (like a search warrant, court order or subpoena), government or regulatory request if We have a good faith belief that the law requires Us to do so. This may include responding to legal, government or regulatory requests from jurisdictions where We have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards.

We may also access, preserve, and share information when We have a good faith belief it is necessary to:

Information We receive about you may be accessed, processed, and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.

Protection of Our company and others: We reserve the right to access, read, preserve, and disclose any Personal Information as necessary to:

Non-personal information: We may also share with third parties that provide services to Us or perform business purposes for us aggregated, non-personally identifiable, or de-identified information.

7. Third-Party Advertisers

We may use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Services and other websites or online services, based on information relating to your access to and use of the Services and other websites or online services. To do so, these companies may place or recognize a unique cookie on your browser. In addition, We may share information that does not directly identify you (such as de-identified usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain AthleteSync services.

AthleteSync may allow third-party ad servers or ad networks to serve advertisements on the Services. These third-party ad servers or ad networks use technology to send, directly to your browser, the advertisements and links that appear on AthleteSync. They automatically receive your IP address when this happens. They may also use other technologies (such as cookies, JavaScript, or web beacons) to measure the effectiveness of their advertisements and to personalize the advertising content. AthleteSync does not provide any information that directly identifies you to these third-party ad servers or ad networks without your consent or as required under applicable law. However, please note that if an advertiser asks AthleteSync to show an advertisement to a certain audience and you respond to that advertisement, the advertiser or ad server may conclude that you fit the description of the audience they are trying to reach. In addition, third-party advertisers may use information (not including your name, address, email address, body information, or telephone number) about your visits to this and other websites to provide advertisements about goods and services of interest to you. AthleteSync is not the entity responsible for the processing of your information by third-party ad servers or ad networks. The AthleteSync Privacy Policy does not apply to, and We cannot control the activities of, third-party advertisers. Please consult the respective privacy policies of such advertisers for more information.

8. International data transfer

Your Personal Information might be processed outside the EU. As to the location of our servers, We use AWS and Google Cloud Platform servers located in the EU. However, our third-party AI Service Providers Servers may be located, stored and/or processed outside EEA/UK countries. When Service Providers engage in such transfers of Personal Information, they rely on i) Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR), or ii) Standard Contractual Clauses issued by the European Commission. The European Commission has determined that the Standard Contractual Clauses provide sufficient safeguards to protect personal data transferred outside the EU or EEA. For more information, please visit this link.

We will always protect your Personal Information in accordance with this Policy wherever it is processed. We do not voluntarily or actively transfer or disclose your Personal Information to the government or law enforcement authorities (the "Authorities") and/or otherwise grant any Authorities access to your Personal Information.

9. Treatment of Personal Information

We will treat your Personal Information according to correctness, lawfulness and in compliance with all the principles of Article 5 of the GDPR, and with the aid of electronic tools, and in compliance with Article 5 of this Policy. The analysis of your tastes and preferences which, subject to your previous consent, may be carried through profiling, will always involve a human intervention and will never take place exclusively in automated ways. We use appropriate technical, organizational, and administrative security measures to protect any Personal Information We store from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

No company or service can guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user's Personal Information at any time. Among other practices, your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

10. Data Retention

Your Personal Information: We store your Personal Information for different time periods depending on the category of Personal Information or you request us to delete your data (by contacting us at Some information may be deleted automatically based on specific schedules, such as marketing information. Other information e.g. account information, may be retained for a longer period unless you request us to delete your data (by contacting us at Finally, We may further retain information for business practices based on Our legitimate interests or legal purposes, such as network improvement, fraud prevention, record-keeping, or enforcing our legal rights.

Your Contents: We keep your Contents on Our servers if they are necessary to give context and to allow them to perform the Tasks. We inform you that, in case of revocation of your consent and, in any case, at the expiration of terms indicated above, We will erase or anonymize your Personal Information from Our archives. We may retain your Personal Information in connection with your privacy-related requests and communications with Us, if any, as necessary to comply with Our legal obligations, to resolve disputes, and to enforce Our agreements. Even if We delete some or all of your Personal Information, We may continue to retain and use anonymized data previously collected that can no longer be used for personal identification.

11. What are your rights (data subject rights - DSR)

We want you to be in control of your Personal Information, so We provide you with the following tools: You have the right to obtain from Us the indication of:

In particular, you have the right to obtain:


Finally, you have the right to object, in whole or in part to the processing of your Personal Information:

Because your privacy is important to Us, We will ask you to verify your identity or provide additional information before We let you access or update your personal information. We may also reject your request to access or update your personal information for a number of reasons, including, for example, if the request risks the privacy of other users or is unlawful.

12. How you can exercise your rights

If you would like exercise the rights referred to in Article 15 to 22 of the GDPR, or the California Consumer Privacy Act ('CCPA') or Virginia, Colorado, Utah, and Connecticut you can send Us an email to Our privacy team will examine your request and respond to you as quickly as possible and no longer than 30 days from the moment you exercise your right. Please note that We may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will tell you why We made that decision and provide you with a cost estimate before completing your request. We remind you that you have a right to lodge a complaint with a supervisory authority within EEA should you feel unsatisfied with Our treatment of your Personal Information.

13. Specific geographies rights

Residents of California, Virginia, Colorado, Utah, and Connecticut may have statutory rights under state comprehensive privacy law including the rights specified below. You can exercise these rights by contacting Us at

California and Delaware "Do Not Track" disclosures: California and Delaware law require the Company to indicate whether it honors your browser's "Do Not Track" settings concerning targeted advertising. The Company adheres to the standards set out in this Policy and does not monitor or respond to Do Not Track browser requests.

Please keep in mind that in case of a vague request to exercise any of the aforementioned right We may engage with you in a dialogue to ask for more details if so needed to complete your request. In case this is impossible, We reserve the right to refuse granting your request. Following the provisions of the applicable law, We might also ask you to prove your identity (for example, by requesting your user or some other proof of your identity) in order for you to invoke the mentioned rights. This is made to ensure that no right of third parties is violated by your request, and the mentioned rights are exercised by an actual Personal Information subject or an authorized person.

14. Opting Out of Promotional Emails


15. Users' Age

Protecting the privacy of young children is especially important. AthleteSync does not knowingly collect or solicit Personal Information from anyone under the age of thirteen (13) or knowingly allow such persons to register as Users. If you are under 13, please do not send any Information about yourself to Us. If We learn that We have collected Personal Information from a child under age 13 without parental consent, We will delete that Information as quickly as possible. If you believe your child under 13 has submitted Personal Information to us without your consent, please contact us at

16. Linked websites

For your convenience, hyperlinks may be posted on the Services that links to other websites (the "Linked Sites"). We are not responsible for, and this Policy does not apply to, the privacy practices of any Linked Sites or of any companies that We do not own or control. Linked Sites may collect information in addition to that which We collect through Our services. We do not endorse any of these Linked Sites, the services or products described or offered on such Linked Sites, or any of the content contained on the Linked Sites. We encourage you to seek out and read each Linked Site's privacy notice to understand how the Personal Information about you is used and protected.

17. Revisions to the Privacy Policy

The date this Policy was last revised is indicated at the top of the page. The Company may modify or update this Policy from time to time. Some changes do not require your consent: for example, when We add a new purpose of processing that is compatible with the existing purposes, or the new processing activity that falls under the users' reasonable expectation. However, if the changes made may pose risk to your rights and freedoms (e.g., by including a new purpose of the processing that is not compatible with the existing purposes of processing, a new legal basis, a new category of personal data to be collected or a new data subject, all of which are not reasonably expected by the users, we will ask for your consent to those changes separately from this Policy. If you did not receive a request for your consent to the changes or refused to give consent, those changes will not apply to you. That fact can negatively affect some of our Services provided to you in case those services inevitably include consent to the changes.

18. Contact us

General contact details: If you have any questions about this Privacy Policy or the Company, please contact us via email or our mailing address: Harju maakond, Tallinn, Kesklinna linnaosa, Ahtri tn 12, 15551.

Controller's Contact