BACK

Privacy
policy.

LAST UPDATED · 24 APRIL 2026

This policy explains what personal data PLOT collects, how we use it, who we share it with, and what your rights are under the General Data Protection Regulation (GDPR) and applicable European consumer-protection law. If you only read one section, read §6 — Your rights.

SECTION 1

Who we are

PLOT is operated by the legal entity behind the marketplace at plot-flax-xi.vercel.app (and any custom domain we later move to). For data-protection questions, write to privacy@plot.app. We are the data controller for everything we collect directly from you. Trainers you book through PLOT are independent professionals — they become a separate data controller once a booking is confirmed (see §4).
SECTION 2

What we collect

  • Account data — email, password hash, display name, role (client / trainer / venue owner), language and currency preference, profile photo if you upload one.
  • Booking data — sessions you book, dates, location, mode (outdoor / trainer place / your place / virtual), price, status, messages, reviews you write.
  • Health intake — only if you fill it during booking: birth year, fitness level, goal, injuries note, emergency contact. We share these only with the trainer you book and only for the session you book them for.
  • Trainer onboarding data — for trainers: bio, photo, ID/insurance/certification documents, hourly rate, service areas, language and modality preferences.
  • Payment data — handled by Stripe; PLOT never sees your card number, CVC or full bank details. We store the Stripe customer / payment identifiers and the amount / currency / status of each transaction.
  • Location data— when you tap “Near me” or pick a city, we store the coordinates / city name long enough to render results. Approximate IP-derived city may be inferred at first visit (Vercel headers).
  • Technical data — minimal server logs (IP, user-agent, requested URL, timestamp, response code) for security and abuse prevention; rotated every 30 days.
  • Cookies — see §7.
SECTION 3

Why we process it (legal bases)

  • Contract (Art. 6(1)(b) GDPR) — to create your account, deliver bookings, route messages, process payments, issue refunds, send transactional emails.
  • Legal obligation (Art. 6(1)(c)) — accounting, tax, anti-fraud, complying with consumer-protection law and court orders.
  • Legitimate interest (Art. 6(1)(f)) — security logs, abuse detection, product analytics on aggregated data, blocking obviously-banned content.
  • Consent (Art. 6(1)(a)) — optional analytics cookies, marketing emails, push notifications. You can withdraw consent at any time without affecting prior processing.
  • Health data — explicit consent (Art. 9(2)(a)) — the optional health intake is shared with your booked trainer only after you submit it. You can wipe it from Settings → Health intake.
SECTION 4

Who we share data with

  • Trainers you book — your name, profile photo, age range, fitness level, goal, injuries note, and emergency contact (if filled).
  • Stripe (Stripe Payments Europe Ltd, Ireland) for payment processing and trainer payouts.
  • Resend (USA, EU sub-processor) for transactional emails.
  • Google Cloud — Maps + Places APIs for venue discovery and address autocomplete (server-side calls; your identity is not sent).
  • OpenWeatherMap for the rain-plan auto-reschedule check (lat/lng of the booked outdoor session, no personal data).
  • Vercel (USA, EU regions) — hosting and edge logs.
  • Turso (libSQL hosted in AWS EU West / Ireland) — primary database.
  • Authorities when legally required.

We don't sell your data. We don't share it with advertising networks.

SECTION 5

Where it lives + how long

Your data is stored in the EU (Turso AWS Ireland; Vercel EU regions when possible). Some sub-processors (Stripe, Resend, Google) operate globally — they have signed Standard Contractual Clauses with PLOT for transfers outside the EEA.

  • Account data: until you delete the account, then deleted within 30 days (some accounting records are retained 10 years per EU tax law).
  • Booking + payment records: 10 years (legal obligation).
  • Messages: 2 years after the last conversation activity.
  • Server logs: 30 days.
  • Cookies: see the cookie banner / §7 below.
SECTION 6

Your rights

You can, at any time:

  • Access a copy of the data we hold on you (Settings → Download my data, or write to privacy@plot.app).
  • Rectify incorrect data (Settings → Profile).
  • Erase your account (Settings → Delete account).
  • Object to processing based on legitimate interest.
  • Restrict processing while we resolve a dispute.
  • Port your data to another service in a machine-readable format.
  • Withdraw consent for marketing or analytics without affecting prior, consent-based processing.
  • Lodge a complaint with your local data protection authority (in France: CNIL, cnil.fr).
SECTION 7

Cookies

We use only the cookies strictly needed to run the product (NextAuth session, language preference, city picker). Optional analytics or marketing cookies are off by default and only enabled if you tap Accept all on the consent banner.

SECTION 8

Security

All traffic is HTTPS. Passwords are stored as bcrypt hashes (never plain). Database access is restricted to a single Vercel-internal token. We patch the runtime monthly and run automated dependency security scans on every deploy.

If a breach affecting your data ever occurs, we'll notify you and the supervisory authority within 72 hours, as required by Art. 33 GDPR.

SECTION 9

Changes to this policy

When we make a material change we'll update the date at the top, and email registered users at least 14 days before the change takes effect.

QUESTIONS · PRIVACY@PLOT.APP