Legal

Privacy Policy

Last updated: April 22, 2026

Operator placeholder. Rogufit is operated by [BUSINESS LEGAL NAME — TBD]. The owner must replace this placeholder, the contact email, and the mailing address before going live.

1. Who We Are

This Privacy Policy describes how Rogufit ("we," "us") collects, uses, and shares personal information when you use this website or book personal training services.

2. Information We Collect

  • Booking & account information: name, email address, phone number, password (stored hashed), booking history, messages you send the trainer, and any health, fitness-goal, or special-needs notes you choose to provide.
  • Payment information: we do not store full credit-card numbers. Card payments are processed by Stripe, Inc.; we receive only the last four digits, card brand, and a payment confirmation. Venmo and Zelle transactions are confirmed by reference number you supply.
  • Calendar information: if you connect Google Calendar, we read and write only the events tied to your training sessions.
  • Technical information: standard server logs (IP address, browser, timestamps) used for security and debugging.

3. How We Use Information

  • To schedule, confirm, deliver, and follow up on your training sessions.
  • To process payments, refunds, and chargebacks.
  • To send transactional messages (booking confirmations, reminders, schedule changes).
  • To respond to your messages and provide customer support.
  • To comply with legal obligations and enforce our Terms.

We do not sell your personal information.

4. Third-Party Service Providers

We share personal information only with the third-party processors that make this Site work:

  • Stripe, Inc. — payment processing. See stripe.com/privacy.
  • Email delivery providers (e.g., SendGrid, Gmail SMTP, or other transactional-email services) — used to send booking confirmations and reminders.
  • Google LLC — only if you opt to connect Google Calendar; we use the minimum scopes required.
  • Hosting provider — this site runs on managed infrastructure that processes data on our behalf under standard data-processing terms.

5. Cookies

We use a small number of strictly-necessary cookies (login session, CSRF protection). We do not use third-party advertising or tracking cookies. You may disable cookies in your browser, but you may not be able to log in or book sessions without them.

6. Data Retention

We retain booking and payment records for as long as needed to operate the business and to meet tax, accounting, and legal-defense requirements (typically up to 7 years). You may request deletion of your account at any time; we will delete personal data that is not subject to a legal-retention requirement.

7. Your California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect about you.
  • Request a copy of that information.
  • Request deletion of your information (subject to legal-retention exceptions).
  • Correct inaccurate information.
  • Opt out of "sale" or "sharing" of personal information — we do neither.
  • Be free from retaliation for exercising your rights.

To make a request, email us with the subject line "California Privacy Request."

8. Your European Privacy Rights (GDPR / UK GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have rights of access, rectification, erasure, restriction, data portability, and objection. The legal bases on which we process your data are: (a) performance of a contract (booking and delivering Services), (b) compliance with a legal obligation, (c) our legitimate interests in operating a small business safely, and (d) your consent where required. You may withdraw consent at any time without affecting prior processing. You also have the right to lodge a complaint with your local data-protection authority.

9. Children's Privacy

This Site is intended for adults 18 and older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, please contact us and we will delete it.

10. Security

We use HTTPS in transit, hashed passwords at rest, and reputable third-party processors for payments. No system is perfectly secure; please do not transmit highly sensitive medical information through our messaging system.

11. Changes to This Policy

We may update this Policy from time to time. The "Last updated" date above will reflect the most recent change.

12. Contact & Privacy Requests

For privacy questions, deletion, or access requests, email rodrigoguzman2000@gmail.com with the subject line "Privacy Request" or write to [BUSINESS MAILING ADDRESS — TBD].

Book a Session Back to Home