Sessionly (“we”, “us”, or “our”) provides software that helps independent fitness trainers manage clients, sessions, payments, and renewals. This Privacy Policy explains how we collect, use, and protect information about trainers who use Sessionly and the clients they add to the platform.
2. Information We Collect
Account data. When you sign up we collect your name, email address, and authentication details from Supabase Auth (including any profile information shared by OAuth providers such as Google).
Trainer workspace data. You may store client contact information, session history, packages, notes, payments, and notification preferences. You control what you add to your workspace.
Usage data. We collect product analytics (page views, feature engagement, device/browser metadata) through Plausible and operational telemetry through Sentry to improve reliability and user experience.
Billing data. When you upgrade to a paid plan, Stripe stores your payment method, subscription status, and transaction history. We keep Stripe customer IDs and plan information to administer your subscription.
Support and communications. If you contact us or submit forms (including the contact page), we collect the details you provide and our responses.
3. How We Use Information
To provide, maintain, and secure the Sessionly application.
To personalize your dashboard, reminders, and plan entitlements.
To process payments, manage trials, and send invoices or receipts.
To send transactional emails, renewal reminders, and service notices.
To monitor usage trends, diagnose issues, and improve product performance.
To comply with legal obligations and enforce our Terms of Service.
4. How We Share Information
We do not sell personal information. We share data only with trusted subprocessors that help us run Sessionly:
Supabase for authentication, database, storage, and scheduled jobs.
Stripe for subscription billing and payment processing.
Resend (or compatible SMTP services) for transactional and notification emails.
Plausible for privacy-conscious product analytics.
Sentry for error monitoring and application health.
Each provider processes information per our instructions and applicable agreements. We may also disclose information if required by law, to protect rights and safety, or in connection with a business transfer.
5. Data Retention
We retain account and workspace information for as long as your account remains active. If you delete a client or request account deletion, related data is removed or anonymized within a reasonable timeframe, subject to legal or operational retention requirements (for example, financial records maintained for tax purposes).
6. Security
Sessionly uses Supabase Row-Level Security, access controls, and encrypted transports (HTTPS/TLS) to protect trainer workspaces. No method of transmission or storage is completely secure, so we encourage you to use strong passwords, enable multi-factor authentication where available, and limit exported reports to trusted devices.
7. Your Rights
Depending on your jurisdiction, you may have rights to access, correct, export, or delete personal information. You can manage most client data directly inside Sessionly. For other privacy requests, contact us using the details below and we will respond as required by applicable law.
8. International Transfers
Sessionly is operated from the United States. By using the service, you consent to transferring your information to the U.S. and other locations where our subprocessors operate, subject to appropriate safeguards.
9. Children’s Privacy
Sessionly is not directed to individuals under 18. Trainers should avoid entering minors’ personal data unless they have obtained any required parental consent. If we learn we have collected personal information from a minor without consent, we will delete it.
10. Changes to This Policy
We may update this Privacy Policy to reflect product, legal, or operational changes. We will post the revised policy with a new “Last updated” date and, when appropriate, notify you through the app or via email.
