← Grįžti į Treniruoju.lt

Privacy Policy

Last Updated: April 10, 2026

Summary

Treniruoju.lt is a marketplace platform that connects clients with personal trainers in Lithuania. We collect, process, and protect your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Lithuanian data protection laws.

1. Controller and Contact

Data Controller: Treniruoju.lt
Contact Email: info@treniruoju.lt
Address: Lithuania

2. What Data We Collect

• Account Information: Name, email address, phone number (optional), password (hashed)
• Location Data: City or region (for trainer filtering)
• Profile Data: Profile photo, bio, specializations (for trainers)
• Payment Information: Payment method details (processed through secure payment providers)
• Verification Documents: ID copies and professional certifications (trainers only; stored securely)
• Contact History: Messages and interactions between clients and trainers
• Technical Data: IP address, browser user-agent, device type, cookie identifiers
• Consent Records: Timestamps and versions of policies you accept

3. Legal Basis for Processing

• Contract: To provide marketplace services (matching, messaging, verification)
• Consent: For marketing emails, analytics, and non-essential cookies
• Legitimate Interest: To prevent fraud, improve the service, and ensure platform security
• Legal Obligation: To comply with tax, payment, and anti-money-laundering laws

4. Your Rights Under GDPR

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Data Portability: Receive your data in a portable, structured format
• Restrict Processing: Limit how we use your data
• Object: Opt-out of marketing emails and non-essential processing
• Withdraw Consent: Withdraw consent for optional processing at any time

To exercise any of these rights, email info@treniruoju.lt with the request type and sign with your account email. We aim to respond within 30 days.

5. Data Retention

• Accounts: Deleted on request; we retain minimal audit records for up to 5 years if legally required
• Verification Documents: Retained for 3 years after account closure for fraud prevention
• Consent Logs: Retained for 5 years for audit purposes
• Payment Records: Retained per tax regulations (typically 5-7 years)
• Technical Logs: Typically retained for 30-90 days

6. Security Measures

• All connections use HTTPS with TLS 1.2+
• Verification documents encrypted with AES-256
• Role-based access control; only admins can view sensitive documents
• Daily encrypted backups with tested disaster recovery
• Immutable audit logs of all access to sensitive data
• Passwords hashed with bcrypt or Argon2

7. Cookies and Tracking

See our Cookie Policy for details on what cookies we use and how to manage your preferences.

8. Third-Party Processors

We may share data with:

• Hosting: Cloudflare (GDPR DPA in place)
• Payment Processing: Stripe or similar (GDPR DPA in place)
• Analytics: Google Analytics (consent-based; DPA in place)
• Email Service: For support and marketing (consent-based; DPA in place)
• Storage: Cloudflare R2 / S3 for verification documents (encryption at rest enabled)

9. Contact Us

For privacy questions or data requests:

Email: info@treniruoju.lt
Address: Lithuania
Response Time: Within 30 days

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or by updating the "Last Updated" date. Your continued use of the platform constitutes acceptance of the updated policy.