1. What Is Health Data?
Health data is a special category of personal data under GDPR (Article 9) that receives heightened protection. In the context of the PBE Service, health data includes:
- Your answers to the onboarding health questionnaire (physical limitations, injury history, pain areas, activity level, sleep quality, stress level);
- Body measurements you provide (weight, height, BMI-derived values);
- Exercise completion records and performance data;
- Any health-related notes or goals you add to your profile.
We process this data only with your explicit consent, which you provide at registration by checking the "I consent to health data processing" box.
2. Why We Need It
Health data is essential for the core purpose of the Service — personalisation. Without it, we cannot:
- Match you to a workout plan appropriate for your physical condition and job type;
- Adapt exercises to avoid movements that may aggravate known injuries or limitations;
- Track your progress meaningfully over time;
- Provide accurate session scheduling that accounts for your energy patterns and schedule.
We use health data only to deliver and improve these personalised wellness features. We do not use it for advertising, insurance purposes, or any purpose unrelated to your wellness.
3. Legal Basis
We process special-category health data under GDPR Article 9(2)(a) — your explicit, freely given, informed, and specific consent.
This means:
- You chose to provide this information voluntarily.
- You were clearly informed of what data we collect and why, before consenting.
- You may withdraw consent at any time without detriment (see Section 7).
- Withdrawal does not affect the lawfulness of processing that occurred before withdrawal.
4. How It Is Stored and Protected
We apply a higher standard of security to health data:
- Encryption at rest: health questionnaire answers and sensitive profile fields are encrypted at the database column level using AES-256-GCM before storage. The encryption key is managed separately from the database.
- Encryption in transit: all data transmitted between your device and our servers is protected by TLS 1.2 or higher.
- Access controls: health data is accessible only to your own account and to PBE staff who require it strictly for technical support or legal compliance purposes. Access is logged.
- No plaintext export: health data is never stored or exported in an unencrypted form.
5. Who Can Access Your Health Data
| Party | What they can see |
|---|
| You | All of your health data, at any time, via the app |
| PBE platform team | Anonymised aggregates for service improvement; individual data only when required for technical support (logged) |
| Your company administrator | Cannot see health questionnaire answers or body measurements — only aggregate session completion rates |
| Third-party processors | Infrastructure providers with data processing agreements; they process data on our behalf and cannot use it independently |
| Other users | None — your health data is never visible to other users |
6. Retention
Health data is retained for as long as your account is active. When your account is deleted:
- Health questionnaire answers and body measurements are permanently deleted within 30 days.
- Session completion records are anonymised (stripped of personally identifying fields) and may be retained in aggregate form for up to 12 months for product analytics.
- You may request immediate deletion at any time (see Section 7).
7. Your Rights and How to Exercise Them
You have the following rights specifically regarding your health data:
- Withdraw consent: you can withdraw consent to health data processing at any time. Note that withdrawal will limit the personalisation features of the Service, but will not otherwise affect your account.
- Access: request a full export of the health data we hold about you in a machine-readable format (JSON).
- Erasure: request immediate and complete deletion of all health data. We will confirm deletion within 14 days.
- Rectification: correct any inaccurate health data — you can update most fields directly in the app under Profile → Edit.
- Restriction: request that we pause processing while a dispute is under review.
To exercise any right, email hello@pilatesbyelahe.com with the subject line "Health Data Request". We will verify your identity and respond within 14 days.
You may also lodge a complaint with the data protection supervisory authority in your country.
8. Automated Decision-Making
Our plan-matching system uses your health questionnaire answers to algorithmically select an appropriate workout plan. This process has no legal or similarly significant effect on you — it simply determines which exercise programme you start with, and you can always switch plans manually. It does not affect your eligibility for employment, insurance, or any other material matter.
No human decision-maker reviews individual questionnaire answers in the normal course of service delivery.