Privacy Policy

Last updated: 15 May 2026

This Privacy Policy explains how Bioenergmuscle ("we", "us") processes personal data when you visit bioenergmuscle.world, contact us, or use our soft fitness programmes. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data controller

Bioenergmuscle
26 High Street, Windsor SL4 1LH, United Kingdom
Email: online@bioenergmuscle.world
Phone: +44 1753 621786

2. Personal data we collect

Contact enquiries

Name, email address, message content, and GDPR consent confirmation when you use our contact form.

Website usage

Technical data such as IP address, browser type, device information, and pages viewed when analytics cookies are enabled.

Programme membership

If you join a programme, we may process booking details, attendance records, and notes you choose to share with coaches.

3. Purposes and legal bases

• Responding to enquiries — legitimate interests and, where applicable, consent.
• Providing fitness programmes — performance of a contract.
• Website security and operation — legitimate interests.
• Analytics and marketing cookies — consent (see Cookies Policy).

4. Retention

Contact form data is kept for up to 24 months unless a longer period is required for follow-up or legal obligations. Membership records are retained for the duration of your membership plus up to 6 years for accounting and dispute purposes. Server logs are typically deleted within 90 days.

5. Sharing and transfers

We do not sell personal data. Processors (such as hosting or email providers) may process data on our behalf under written agreements. Where data is transferred outside the UK/EEA, we use appropriate safeguards such as Standard Contractual Clauses.

6. Security

We apply access controls, encrypted connections (HTTPS), and staff training. No method of transmission over the internet is completely secure; we encourage you to use strong passwords where accounts exist.

7. Your rights

Under UK GDPR you may request access, rectification, erasure, restriction, portability, and object to processing based on legitimate interests. Where processing relies on consent, you may withdraw consent at any time without affecting prior lawful processing. You may lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Automated decision-making

We do not use solely automated decision-making that produces legal or similarly significant effects concerning you.

9. Marketing

We send marketing communications only where permitted by law and, where required, with your consent. You may opt out at any time using the link in emails or by contacting us.

10. Children

Our services are intended for adults. We do not knowingly collect data from children under 16 without parental authority.

11. Changes

We may update this policy and will revise the date above. Material changes will be highlighted on the website.