Privacy Policy

Great Northern Gains ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

Lawful Basis for Processing (GDPR)

If you are located in the European Union or EEA, we process your personal data under the following lawful bases:

1. Information We Collect

Account Information: When you register, we collect your name, email address, phone number, and date of birth.

Health and Fitness Data: As part of your coaching intake, we collect information including your height, weight, fitness goals, experience level, injuries, current medications, dietary restrictions, allergies, and any other health details you choose to share. This information is used exclusively to provide personalized coaching services.

Usage Data: We collect data about how you use the platform, including workout logs, nutrition entries, check-in submissions, and compliance scores. This data is used to track your progress and improve coaching quality.

Communication Data: Messages exchanged with your coach through the platform are stored to maintain coaching continuity.

Payment Data: Payments are processed by Stripe. We do not store your full payment card information. We receive confirmation of payment status and a Stripe customer ID.

Device Data: If you install the app or enable push notifications, we store a push subscription token associated with your account.

Analytics Data: We use Google Analytics 4 (GA4) on this platform. Google Analytics collects information such as your IP address, device type, browser, operating system, pages visited, time spent on the site, and general geographic location. This data is transmitted to and stored by Google. Google may use this data in accordance with its own privacy policy.

2. How We Use Your Information

3. Data Sharing

We share your information with the following categories of third parties:

Your coaching health data (workout logs, meal plans, check-ins, health intake information, and messages) is never sold or shared with any third party for commercial purposes. We may disclose your information if required by law, court order, or to protect the rights and safety of Great Northern Gains or others.

4. Data Retention

We retain your data according to the following schedule:

You may request deletion of your account and all associated data at any time via your portal Settings or by emailing jonathonstotler@gmail.com.

5. Your Rights

You have the right to:

To exercise these rights, contact us at jonathonstotler@gmail.com.

California Residents — CCPA Rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

To submit a CCPA request, email jonathonstotler@gmail.com with the subject line "CCPA Request" and your full name and email address. We will respond within 45 days.

6. Security

We implement industry-standard security measures including encrypted connections (HTTPS/TLS), row-level security on all database tables, and hashed passwords via Supabase Auth. No system is 100% secure; please use a strong, unique password for your account.

7. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such data, please contact us immediately.

8. Cookies and Tracking

We use the following types of cookies and similar technologies:

We do not use advertising or retargeting cookies.

Data Controller

Great Northern Gains is operated by Jonathon Stotler, Wasilla, Alaska, USA. For privacy questions, data requests, or to exercise your rights: jonathonstotler@gmail.com

Changes to This Policy

We may update this Privacy Policy. We will notify you of significant changes via email or in-app notice at least 30 days before changes take effect. Your continued use after the effective date constitutes acceptance.