Privacy Policy

We collect information you provide directly, information generated through your use of the Service, and information from third-party platforms you choose to connect. We do not collect data from social, calendar, payment, or video platforms unless you authorize that connection.

When you create an account, we collect account information such as email address, authentication metadata, display name, workspace name, and profile details you enter. Workspace data may include business name, niche, target audience, offer details, pricing inputs, content preferences, schedules, growth notes, attribution data, AI prompts, and generated recommendations.

TrainerDNA lets you record client and prospect information such as names, contact details, goals, check-in notes, progress updates, testimonial text, proof notes, progress photos or media, and engagement status. You are responsible for having a lawful basis and any required consent before entering that information into TrainerDNA. We process it to provide the Service to you.

If you connect Google Calendar, we may access calendar event information you authorize, such as event titles, times, descriptions, locations, attendees, and calendar metadata needed to show your schedule inside TrainerDNA. We request read-only calendar access and do not write events back to your calendar.

If you connect TikTok, Instagram, Facebook, or YouTube, we may access the account identity, profile details, public content or media metadata, and performance metrics you authorize. Depending on the provider and permissions approved, this may include handles, avatars, follower or subscriber counts, video or post counts, views, likes, comments, shares, links, verification status, and recent public video or upload metrics.

If you connect Stripe, we may receive connected account identifiers, onboarding status, transaction or subscription metadata, customer identifiers, amounts, and limited card metadata such as last four digits. Stripe processes payment data under its own terms and privacy policy. We do not store full payment card numbers on our own servers.

When you authorize a third-party connection, we may receive access tokens, refresh tokens, provider account identifiers, and granted scope information. Tokens are stored encrypted at rest where the Service persists them, used only to provide authorized sync and connection features, and removed from TrainerDNA when you disconnect the integration or request deletion. Where a provider supports token revocation, we attempt to revoke access as part of disconnect or deletion workflows.

We may collect usage and technical information such as pages or features used, request timestamps, IP address, browser, device, operating system, errors, diagnostics, and security logs. We use necessary cookies and similar storage for authentication, security, preferences, and basic product functionality. We do not currently use advertising or retargeting pixels in the Service; if that changes, we will update this policy before using them.

Authentication is handled by Supabase. Passwords are never stored by us in plaintext. Supabase may process session, IP, user agent, and login metadata to operate authentication and security. We may send transactional emails such as confirmations, password resets, security notices, deletion confirmations, and service updates through an email provider such as Resend. We do not send marketing emails unless you opt in.

We use information to:

• Provide, operate, secure, and maintain TrainerDNA.
• Authenticate users and protect accounts and workspaces.
• Display connected calendar, social, video, payment, and workspace data.
• Generate AI-powered recommendations, content ideas, and business insights.
• Sync authorized third-party data and keep connection status current.
• Provide customer support and respond to deletion or privacy requests.
• Diagnose issues, prevent abuse, improve reliability, and comply with law.

TrainerDNA uses AI providers, such as Anthropic and any future AI provider we configure, to generate recommendations, content drafts, scoring, and summaries. We send only the information needed to provide the feature you use. AI outputs may be incomplete or inaccurate, and you should review them before acting on them or sharing them.

We do not sell personal information, client data, Google user data, or social platform data. We share information only as described here:

• With service providers that host, store, secure, email, process payments, run AI inference, or otherwise help operate the Service.
• With third-party platforms you connect, only to exchange the information needed for the connection you authorized.
• When required by law, legal process, governmental request, platform policy, or to protect rights, safety, and security.
• In connection with a merger, acquisition, financing, restructuring, or sale of assets, with notice where required by law.

TrainerDNA relies on third-party services including Supabase (authentication, database, storage), Vercel (hosting), Stripe (payments), Anthropic (AI inference), Resend (email), Google Calendar, YouTube, TikTok, Instagram, Facebook, and Meta products you choose to connect. Each provider has its own terms and privacy policy. TrainerDNA is not affiliated with, endorsed by, or sponsored by these platforms unless explicitly stated.

Tandem DNA Marketing LLC is based in the United States. If you access TrainerDNA from outside the United States, your information may be processed and stored in the United States and other countries where we or our service providers operate. Those countries may have data protection laws different from your own. Where required, we rely on appropriate legal mechanisms and service-provider safeguards for international transfers.

We retain information for as long as your account is active or as needed to provide the Service. Account, workspace, client, proof, content, and business data are generally retained until you delete them, disconnect an integration, close your account, or request deletion. Social snapshots, calendar events, sync logs, connection metadata, and diagnostics may be retained for a reasonable period for product functionality, security, support, and audit purposes.

We may retain certain information after account closure where required by law, to resolve disputes, enforce agreements, prevent fraud or abuse, maintain security, or preserve anonymized or aggregated records that no longer identify you. Some data may also exist in browser localStorage; clearing browser storage removes that local copy.

You can update many profile and workspace details inside the Service. You can disconnect third-party integrations from TrainerDNA and revoke access from the connected provider's own account settings. To request account deletion, connected account deletion, access, correction, portability, restriction, objection, or withdrawal of consent, email tandemdnamarketing@gmail.com from the email address associated with your account.

Depending on where you live, you may have additional rights under privacy laws such as GDPR/UK GDPR, state privacy laws, or other local rules. We will process rights requests within a reasonable time and as required by applicable law. You can also review our data deletion instructions for provider-specific removal steps.

We use safeguards designed to protect information, including encryption in transit, encrypted storage for persisted OAuth tokens, scoped OAuth permissions, access controls, and authentication protections. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials safe.

TrainerDNA is intended for adults and is not directed to children under 13 or the equivalent minimum age in your jurisdiction. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us so we can take appropriate action.

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date and, where appropriate, notify you in the Service or by email. Continued use of TrainerDNA after changes take effect constitutes acceptance of the updated policy.

Questions or privacy requests can be sent to tandemdnamarketing@gmail.com. TrainerDNA is operated by Tandem DNA Marketing LLC.