Privacy Policy

Last updated: March 2026
Version: 1.1

In compliance with Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 on Personal Data Protection (LOPDGDD).

1. DATA CONTROLLER

CANARIAN INSIGHT SL (trading as BookingArt)
CIF: B13898804
Registered office: Avenida de los Pueblos 20, LC 69, Costa Adeje, Santa Cruz de Tenerife, Canary Islands, Spain
Email: administracion@bookingart.es

2. PERSONAL DATA COLLECTED

Name, email, profile photo, role, fitness goals (optional), location (optional, not stored). Social login data: Google (name, email, photo, ID), Apple (name, email, ID). Payment data managed by Stripe/Apple (not stored on our servers).

3. PURPOSES

Account management, Client-Coach intermediation, payment system, service notifications, personalization, technical support. Data is not used for direct marketing without consent.

4. LEGAL BASIS

Contract performance (Art. 6.1.b GDPR), consent (Art. 6.1.a), legitimate interest (Art. 6.1.f), legal obligation (Art. 6.1.c).

5. TRANSFERS

Stripe, SendGrid, Apple, Google (processors). We do not sell or share data with third parties for commercial purposes.

6. DATA RETENTION

Account data: for the duration of the contractual relationship. After cancellation: as required by law (generally 5 years). Transactions: 10 years (Spanish tax regulations).

7. USER RIGHTS

Access, rectification, erasure, restriction, portability, objection, consent withdrawal. Contact: administracion@bookingart.es

8. SECURITY

Encrypted passwords (scrypt), HTTPS/TLS communications, PCI-DSS payments (Stripe), JWT authentication.

9. SUPERVISORY AUTHORITY

AEPD (www.aepd.es) or supervisory authority of the Member State of residence.