Privacy Policy
Effective date: June 18, 2026
Juroc Tech Solutions SRL operates a fitness and sports-coaching marketplace that connects trainers, sports coaches, and other service providers with potential clients. This Privacy Policy explains how we collect, use, disclose, protect, and retain personal data when you use our mobile app, website, and related services (together, the "Service"). Trainee is operated from Romania (European Union), and we treat the EU General Data Protection Regulation (GDPR) and Romanian data protection law as the primary framework governing this Policy. We also describe rights that may apply to you under other laws, such as the CCPA/CPRA (for California residents), PIPEDA (for Canada), and similar laws, and how to exercise those rights.
By using the Service, you acknowledge that you have read this Privacy Policy. If you do not agree with it, you should not use the Service.
1. Who We Are and How to Contact Us
The Service is operated by Juroc Tech Solutions SRL, a company organized under the laws of Romania (registered office: Str. Luminii nr. 37, Faurei, Vrancea, Romania). Juroc Tech Solutions SRL ("Trainee," "we," "us," or "our") is the data controller for personal data that we collect directly through the Service, unless a third party is independently acting as a controller for its own services. Trainee operates the Service as a platform for discovering trainers and sports coaches, managing profiles, booking-related interactions, billing, support requests, and scheduling features.
If you have privacy questions, requests, or complaints, contact us at robertojudele@juroc.tech or via the support channels available in the Service.
2. Personal Data We Collect
We collect personal data that you provide directly to us, such as your name, email address, phone number, password, profile information, role selection, profile image, training or coaching details, location information, social contact links, issue reports, billing-related details, and any other information you choose to submit in your profile, messages, support requests, or account settings.
If you are a trainer or coach, we may also collect professional profile details such as experience, specializations, rates, availability, schedule information, and gym association data.
We also collect information automatically when you use the Service. This may include device and app information, IP address, approximate (coarse) location derived from your device or network, log files, crash and diagnostic information, screen interactions, authentication events, rate-limiting and security events, and first-party usage analytics that we generate ourselves. When you view public trainer profiles, we may record profile-view events to power our in-house trainer analytics (for example, profile-view counts shown to trainers), for fraud prevention, and for service improvement. Where permitted, we may also use cookies or similar technologies on web surfaces for authentication, preferences, and security.
We do not use third-party advertising networks, ad SDKs, or cross-app tracking technologies. We do not track you across other companies' apps or websites, and we do not use your personal data for cross-context behavioral advertising. Any "analytics" we perform is first-party and is used to operate, secure, and improve the Service.
We may receive information from third parties when you choose to connect them to the Service, such as subscription, billing, or entitlement data from payment providers, app store billing systems, or RevenueCat; profile image or file-upload data from cloud storage providers; email delivery and verification data from messaging providers; and map or place data from external data sources used for location-based features.
3. How We Use Personal Data
We use personal data to create and manage accounts, authenticate users, provide marketplace and scheduling features, display trainer and coach profiles, connect users to potential clients, process subscriptions and billing, deliver verification and transactional emails, support image uploads, detect fraud and abuse, enforce rate limits, investigate support issues, improve service quality and reliability, and comply with legal obligations.
We also use personal data to maintain security, prevent account takeover, detect suspicious activity, and protect the integrity of public profile and scheduling features. We may use aggregate or de-identified data for analytics, product planning, troubleshooting, and service improvement.
4. Legal Bases for Processing
If you are located in the European Economic Area, the United Kingdom, or a similar jurisdiction, we process personal data only when we have a valid legal basis. These may include the performance of a contract when we provide the Service to you, our legitimate interests in operating and securing the Service, compliance with legal obligations, and your consent where consent is required, such as for certain optional communications or device features. Where we rely on legitimate interests, we balance our interests against your rights and freedoms.
5. How We Share Personal Data
We do not sell your personal data, and we do not share it for cross-context behavioral advertising. We may share personal data with service providers and processors that help us operate the Service, such as hosting providers, database and infrastructure providers, email delivery providers, payment processors (for example, Stripe), app-store billing and subscription providers (for example, Apple App Store, Google Play, and RevenueCat for subscription entitlement management), cloud storage providers, map and location providers (for example, Google Maps), and logging, monitoring, and error-diagnostics providers. These providers are only permitted to process personal data on our instructions and under a data processing agreement, and are expected to use appropriate safeguards.
We may also share personal data where required by law, to respond to lawful requests, to protect our rights or the rights of others, to prevent fraud or abuse, or in connection with a corporate transaction such as a merger, acquisition, reorganization, or asset transfer. Certain information may be visible to other users as part of marketplace functionality, such as trainer or coach profile content and details you intentionally publish.
6. Third-Party Services and Processor Categories
The Service may rely on third-party services for account email delivery, transactional messaging, billing and subscriptions, cloud hosting, storage, and map/place functionality. Depending on your use of the Service, these third parties may include cloud hosting providers, email delivery providers, payment processors, app marketplace billing systems, subscription management platforms, file storage providers, and monitoring infrastructure services.
When we work with processors, we require contractual or comparable protections intended to preserve data confidentiality, integrity, and availability. If you interact with a third-party feature, that third party may process your data under its own privacy policy and terms.
7. International Data Transfers
The Service may be operated from, and personal data may be stored or processed in, countries other than where you live, including the United States, the European Union, and the United Kingdom depending on provider infrastructure. Where required by law, we use appropriate transfer safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, adequacy decisions, vendor contractual commitments, and other lawful transfer mechanisms.
If local law requires additional protections for international transfers, we will implement them. By using the Service, you understand that your personal data may be transferred to and processed in jurisdictions that may have different data protection laws than those in your home country.
8. Security Measures
We use technical and organizational safeguards designed to protect personal data from unauthorized access, disclosure, alteration, and destruction. These safeguards include encryption in transit (TLS), access controls, least-privilege permissions, server-side secret management, input validation and sanitization, rate limiting, audit and diagnostic logging, and role-based access restrictions.
We also protect certain sensitive workflows by hashing values before storage where feasible (for example, verification or check-in codes) and by using secure token-based authentication for account access. While we work to protect your information, no system is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for notifying us promptly of any suspected unauthorized access.
9. Data Retention
We retain personal data only for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, support accounting and tax requirements, and maintain legitimate business records.
- Account and profile data: retained while your account is active; deleted or anonymized within 90 days of account closure.
- Profile and workout photos: retained while your account is active; removed within 90 days of account deletion.
- Support requests and issue reports: up to 24 months after the issue is resolved.
- Security, fraud, and abuse-prevention logs: up to 12 months, unless extended for active investigations or legal obligations.
- Billing and tax records: for the period required by applicable Romanian accounting and tax law.
- Verification and check-in codes (stored hashed): until used or expired, then deleted.
- Backups: retained on a rolling cycle and deleted within 90 days.
When data is no longer needed, we delete, anonymize, or archive it in accordance with the schedule above and applicable law.
10. Your Rights
Depending on where you live, you may have rights to access your personal data, correct inaccurate information, delete your personal data, obtain a copy of your data in a portable format, object to or restrict certain processing, and withdraw consent where processing is based on consent. You may also have rights to know what categories of personal information we collect, use, and disclose, and rights to opt out of certain disclosures or uses under applicable law, including rights recognized by the CCPA/CPRA for California residents.
To exercise your rights, contact us at robertojudele@juroc.tech or through support channels in the Service, specifying your request. We will respond within the timeframe required by applicable law (under the GDPR, generally within one month, which may be extended for complex requests). We may need to verify your identity before fulfilling a request. We will not discriminate against you for exercising privacy rights.
11. Data Portability and Deletion
If you request a copy of your data, we provide it in a commonly used format where required by law and technically feasible. If you request deletion, we delete or anonymize data that we are not legally required or otherwise permitted to retain.
If you are a trainer, coach, or other professional using the Service, deleting your account may remove your public profile from active display, but some historical records (such as billing, security, and abuse-prevention logs) may remain for a limited period as permitted by law.
12. California Privacy Notice
If you are a California resident, you may have rights under the CCPA/CPRA, including the right to know, the right to delete, the right to correct, the right to limit use of sensitive personal information where applicable, and the right to opt out of certain data disclosures that may be considered "sharing" for cross-context behavioral advertising.
Juroc Tech Solutions SRL does not intentionally sell personal information in the ordinary sense, but some data flows may still be considered a disclosure under California law depending on the circumstances and services involved.
13. Privacy Rights Under GDPR, PIPEDA, and Similar Laws
If you are covered by GDPR, you may have the right to access, rectify, erase, restrict processing, object to processing, and data portability, as well as the right to lodge a complaint with a supervisory authority. Because Trainee is established in Romania, our lead supervisory authority is the Romanian National Supervisory Authority for Personal Data Processing (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal, "ANSPDCP"), www.dataprotection.ro. If you are in the European Economic Area or the United Kingdom, you may also lodge a complaint with the data protection authority in your country of residence or work. We would, however, appreciate the chance to address your concerns directly before you do so — please contact us at robertojudele@juroc.tech.
If you are covered by PIPEDA or similar Canadian privacy laws, you may have rights to access and challenge the accuracy or completeness of your information and to raise concerns about how it is handled. Where local laws provide additional rights, we will honor them as required.
14. Minors and Age Restrictions
The Service is intended for adults and is not directed to children. You must be at least the age required by law in your jurisdiction to consent to data processing and use the Service. We do not knowingly collect personal data from children without appropriate authorization. If we learn that we have collected personal data from a child in violation of applicable law, we will take appropriate steps to delete it.
15. Public Profiles, Reviews, and Visibility Settings
Certain information you choose to publish in your profile may be visible to other users and, in some cases, publicly visible. This may include your name, profile photo, location, trainer or coach description, specializations, rates, availability, contact links, and review content.
Information you make public may be copied, shared, or retained by others outside our control. Keep public profile details limited to what is necessary for your professional presence.
16. Cookies and Similar Technologies
Where the Service uses a web interface, we may use cookies, local storage, or similar technologies to keep you signed in, remember preferences, secure sessions, and measure performance and reliability. Where required by law, we request consent before placing non-essential cookies. You can usually control cookies through browser/device settings, but some features may not function properly if cookies are disabled.
17. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in practices, technology, legal requirements, or the Service. If we make material changes, we will take reasonable steps to notify you, such as posting the updated policy in the Service or providing another appropriate notice. Your continued use of the Service after an updated policy becomes effective means you accept the revised policy.
18. Contact Us
If you have questions about this Privacy Policy, your rights, or how we handle personal data, contact:
Juroc Tech Solutions SRL
Email: robertojudele@juroc.tech
Registered office: Str. Luminii nr. 37, Faurei, Vrancea, Romania
You can also reach us through the support or contact options available in the Service. If you are making a privacy request, include enough information for us to verify your identity and understand your request.