PRIVACY POLICY

Updated 1 March 2026

1. Data Controller

 

Pentagram of Health
KvK: 99621002
Fazantlaan 17
5613 CB Eindhoven
The Netherlands
Email: support@pentagramofhealth.com

Pentagram of Health is the data controller under the General Data Protection Regulation (GDPR).

2. What Personal Data We Collect

We may collect:

  • Name
  • Email address
  • Phone number
  • Billing details
  • Payment information (processed via third-party providers)
  • Health information voluntarily provided
  • Training progress data
  • App usage data
  • IP address

3. Legal Basis for Processing

We process personal data based on:

  • Performance of a contract (Article 6(1)(b) GDPR)
  • Legal obligation (Article 6(1)(c))
  • Legitimate interest (Article 6(1)(f))
  • Consent (Article 6(1)(a))

Health data is processed only with explicit consent (Article 9(2)(a)).

4. Purpose of Processing

We process data to:

  • Deliver coaching services
  • Provide personalized training programs
  • Process payments
  • Communicate with clients
  • Improve services
  • Comply with legal obligations
  • Send marketing (if consented)

5. Data Sharing

We may share data with:

  • Payment providers
  • Hosting providers
  • Fitness app platforms
  • Accountants (for legal compliance)

We do not sell personal data.

6. Data Retention

Personal data is retained only as long as necessary for:

  • Contract performance
  • Legal tax obligations (7 years under Dutch law)
  • Legitimate business purposes

Health-related data is deleted upon termination unless legally required to retain.

7. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Rectify incorrect data
  • Request deletion
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

Requests may be sent to: support@pentagramofhealth.com

You also have the right to lodge a complaint with:

Autoriteit Persoonsgegevens
https://autoriteitpersoonsgegevens.nl

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse.

9. International Transfers

If data is processed outside the EU/EEA, appropriate safeguards are implemented (e.g., Standard Contractual Clauses).

10. Cookies

Our website may use cookies for functionality and analytics. See our Cookie Policy for details.