Privacy Policy

Website: fresnoathletictraining.com | Last updated: 5 May 2026

1. Data Controller

The Data Controller for personal data collected through the website fresnoathletictraining.com is a natural person residing in Poland, reachable at the e-mail address indicated on the Contact page of the website.

The processing of personal data is carried out in accordance with Regulation (EU) 2016/679 (GDPR) and the applicable provisions of Directive 2002/58/EC (ePrivacy Directive). Where EU data protection law applies to visitors from the European Economic Area, the Controller complies with all relevant obligations thereunder.

The Controller has not appointed a Data Protection Officer (DPO) under Art. 37 GDPR, as the conditions set out in paragraph 1, points (b) and (c) of that article are not met.

2. Categories of Personal Data Collected

The website may collect the following categories of personal data:

Navigation data: IP address, browser type, operating system, pages visited, access timestamps, referral URL.
Voluntarily submitted data: name, e-mail address, and any other information entered in contact forms or newsletter sign-up fields.
Cookie and tracking data: identifiers stored on the user’s device for technical purposes and, subject to consent, for analytics or advertising purposes.

The website does not knowingly collect special categories of data under Art. 9 GDPR (health data, ethnic origin, sexual orientation, etc.).

3. Purposes of Processing and Legal Bases

Provision of the informational service (Art. 6(1)(b) GDPR – performance of a contract or pre-contractual steps): delivering the website’s features and responding to user enquiries.
Technical and session cookies (Art. 6(1)(f) GDPR – legitimate interests): ensuring the correct functioning of the website and secure browsing.
Aggregated statistical analysis (Art. 6(1)(f) GDPR – legitimate interests): understanding how the website is used and improving its performance.
Non-technical cookies and advertising profiling (Art. 6(1)(a) GDPR – consent): activated only after the user has given explicit consent via the cookie banner.
Compliance with legal obligations (Art. 6(1)(c) GDPR): retention of data as required by applicable law.

4. Legitimate Interests Balancing Test

Where processing is based on legitimate interests (Art. 6(1)(f) GDPR), the Controller has carried out the balancing assessment under Art. 6(4) GDPR. The interests pursued — proper functioning of the website and aggregated traffic analysis — do not override the fundamental rights and freedoms of data subjects, given the limited nature of the data processed, the absence of special categories, and the reasonable expectations of users visiting an informational website.

5. Cookies and Tracking Technologies

Technical cookies: essential to the operation of the website (e.g. session management, language preferences). These do not require user consent.

Non-technical cookies (third-party analytics, advertising, profiling): these are not activated before the user has given their consent via the dedicated banner, in compliance with the ePrivacy Directive and applicable guidance.

Users may manage or withdraw their consent to cookies at any time via the banner settings or their browser options. Disabling technical cookies may impair certain website functions.

6. Retention Periods

Navigation data: retained for a maximum of 12 months, unless a legal obligation requires longer retention.
Contact requests / newsletter: until consent is withdrawn or as long as necessary to handle the request, and in any case no longer than 36 months from the last interaction.
Cookie data: in accordance with the lifespan of the specific cookie, as detailed in the full cookie policy.

7. Contact Forms and Lead Generation

Where the website provides contact forms or newsletter sign-up features, data submitted will be processed for two distinct purposes:

Purpose 1 – Responding to the enquiry (Art. 6(1)(b) GDPR): processing and replying to the user’s communication.
Purpose 2 – Lead generation / transfer to partners (Art. 6(1)(a) GDPR – consent): with the user’s explicit consent, data may be shared with selected commercial partners operating in the sports performance, fitness and athletic training sector, for the purpose of sending relevant offers or information.

Consent to Purpose 2 is optional and may be withdrawn at any time without affecting the lawfulness of processing carried out prior to withdrawal.

8. Disclosure to Third Parties and Transfers

The Controller engages third-party service providers acting as processors (Art. 28 GDPR) or as independent controllers. These include:

Kwanko – affiliate and digital advertising network (Privacy Policy).
CJ Affiliate (Conversant) – affiliate network (Privacy Policy).
Escrow.com – secure domain sale service (Privacy Policy).
Hosting, CDN and analytics providers that process data solely on the Controller’s instructions.

Data is not sold to third parties. Any transfers outside the EEA are made on the basis of appropriate safeguards (standard contractual clauses under Art. 46 GDPR or adequacy decisions of the European Commission).

9. Rights of Data Subjects

Under Arts. 15–22 GDPR, users have the right to:

Access (Art. 15): obtain confirmation of processing and a copy of their personal data.
Rectification (Art. 16): correct inaccurate or incomplete data.
Erasure (Art. 17): request deletion of their data (“right to be forgotten”).
Restriction (Art. 18): restrict processing in certain circumstances.
Portability (Art. 20): receive their data in a structured, machine-readable format.
Objection (Art. 21): object to processing based on legitimate interests.
Withdrawal of consent (Art. 7(3)): withdraw consent at any time without affecting the lawfulness of prior processing.

Requests should be sent to the Controller’s e-mail address on the Contact page. The Controller will respond within 30 days; in complex or multiple cases, this period may be extended by a further 60 days (Art. 12(3) GDPR), with a reasoned notification provided within the first month.

10. Security Measures

The Controller implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction or accidental disclosure, in accordance with Art. 32 GDPR. These include: encrypted connections (HTTPS/TLS), restricted backend access, and regular security updates.

11. Children

The website is not directed at children under the age of 13. The Controller does not knowingly collect personal data from children below this age. If such data is identified as having been collected without parental or guardian consent, it will be deleted immediately.

12. Informational Nature of the Website

Important notice: fresnoathletictraining.com is an informational website only, providing general content about athletic training, sports performance and fitness bootcamp programmes in Fresno, California. The content published on this site does not constitute professional fitness advice, medical advice, diagnosis or a personalised training plan. Before beginning any new exercise programme, consult a qualified athletic trainer, certified fitness professional or healthcare provider, particularly if you have any pre-existing medical condition, injury or health concern. The website is not affiliated with any gym, training facility, coaching service or sports organisation. Information on programmes, schedules, pricing and availability is indicative only and may not be current. The domain is for sale.

13. Changes to This Policy

The Controller reserves the right to modify this policy at any time, including in response to changes in applicable law. Updates will be published on this page with a revised date. In the event of material changes, the Controller may notify users via a prominent notice on the website. Users are encouraged to review this page periodically.

14. Supervisory Authority

Users who are residents of the European Economic Area have the right to lodge a complaint with a competent supervisory authority under Art. 77 GDPR:

UODO – Urzàd Ochrony Danych Osobowych (Poland – country of the Controller)
Stawki 2, 00-193 Warsaw | uodo.gov.pl

Users may also contact the supervisory authority of their country of habitual residence within the EEA.

15. International Data Transfers

This website is primarily directed at users in the United States. Some third-party service providers may transfer data outside the European Economic Area (EEA). In such cases, the Controller verifies that appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission (Art. 46(2)(c) GDPR) or adequacy decisions. Further information is available on request at the Controller’s e-mail address.

16. Automated Decision-Making

The website does not carry out processing based on solely automated decisions, nor individual profiling that produces legal effects or similarly significant effects on data subjects, within the meaning of Art. 22 GDPR.

17. Minimum Age for Digital Consent in EU Member States

Under Art. 8 GDPR, the minimum age for valid consent to the processing of personal data in information society services varies by EU Member State. The table below is for reference for any EEA-based users:

Member State	Minimum age
Germany	16 years
Netherlands	16 years
Austria	14 years
Bulgaria	14 years
Denmark	13 years
Estonia	13 years
Finland	13 years
France	15 years
Ireland	16 years
Italy	14 years
Latvia	13 years
Lithuania	14 years
Poland	16 years
Portugal	13 years
Romania	16 years
Slovakia	16 years
Slovenia	15 years
Spain	14 years
Sweden	13 years
Hungary	16 years

The website is intended for an adult audience. Where a minor below the applicable age threshold wishes to use the website’s services, parental or guardian consent is required.