Privacy Policy

1. Introduction
Femmeprenista ("We", "Us", "Our"), operated by Thrivology Limited (Company Number 13215559), is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.femmeprenista.com), use our services (including coaching programs like Spark, Momentum, Ascend, courses, and the Femme:Connect community), or otherwise interact with us.
Thrivology Limited, 7 Heron Court, Biddenham, Bedfordshire, United Kingdom, MK40 4UQ, is the Data Controller responsible for your personal data.
Please read this policy carefully. If you have any questions, please contact us at info@femmeprenista.com.
2. Information We Collect
We may collect and process the following categories of personal data about you:
Identity Data: Includes first name, last name, username or similar identifier.
Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
Financial Data: Includes payment card details. (Note: We use third-party payment processors; we do not store full card details ourselves).
Transaction Data: Includes details about payments to and from you and details of products and services you have purchased from us.
Technical Data: Includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website or platforms (collected via cookies and similar technologies).
Usage Data: Includes information about how you use our website, products, and services.
Profile Data: Includes your username and password (for platforms), purchases made, your interests, preferences, feedback, and survey responses.
Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Client Service Data: Includes information you provide during coaching sessions, program participation, community interactions, support requests, notes related to your progress, goals, and challenges relevant to the service being provided.
3. How We Collect Your Information
We collect information about you through various methods:
Direct Interactions: You may give us your Identity, Contact, Financial, and Client Service Data by filling in forms, corresponding with us by post, phone, email, participating in coaching sessions or community forums, or otherwise. This includes data provided when you:
Purchase our products or services.
Create an account on our website or platform.
Subscribe to our service or publications.
Request marketing to be sent to you.
Enter a competition, promotion or survey.
Give us feedback or contact us.
Automated Technologies or Interactions: As you interact with our website, we will automatically collect Technical Data about your equipment, Browse actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our Cookie Policy for further details.
Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties such as:
Technical Data from analytics providers (e.g., Google).
Contact, Financial and Transaction Data from providers of technical, payment and delivery services (e.g., Stripe, PayPal).
4. How We Use Your Information (Purposes & Legal Basis)
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances, relying on these legal bases under UK GDPR:
Purpose/Activity
Type of Data
Lawful Basis for Processing
To register you as a new client/member
Identity, Contact
Performance of a contract with you
To process and deliver your order/service
Identity, Contact, Financial, Transaction, Client Service
Performance of a contract with you
To manage payments, fees and charges
Identity, Contact, Financial, Transaction
Performance of a contract, Legitimate interests (debt recovery)
To manage our relationship with you (support, updates)
Identity, Contact, Profile, Marketing & Comms
Performance of a contract, Legitimate interests (keep records updated)
To provide coaching/training services
Identity, Contact, Client Service
Performance of a contract with you
To administer and protect our business/website
Identity, Contact, Technical
Legitimate interests (running business, security), Legal obligation
To deliver relevant website content & ads to you
Identity, Contact, Profile, Usage, Marketing, Tech
Legitimate interests (study use, develop business), Consent (cookies)
To use data analytics to improve our offerings
Technical, Usage
Legitimate interests (define customers, keep site updated, strategy)
To make suggestions/recommendations about services
Identity, Contact, Technical, Usage, Profile
Legitimate interests (develop products/grow business), Consent (marketing)
To manage community interactions
Identity, Contact, Profile, Client Service
Performance of a contract, Legitimate interests (community mgmt)
To comply with legal or regulatory obligations
Identity, Contact, Financial, Transaction
Legal obligation

Marketing: We strive to provide you with choices regarding certain personal data uses, particularly around marketing. We will generally get your express opt-in consent before sending third-party direct marketing communications. You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent or by contacting us.
5. Data Sharing and Disclosure
We may share your personal data with the parties set out below for the purposes outlined in the table above:
Internal Third Parties: Other companies within the Thrivology Limited group acting as joint controllers or processors.
External Third Parties:
Service providers acting as processors who provide IT, system administration, payment processing, email delivery, hosting, analytics, and other business support services. (e.g., [List key ones like Email Provider (e.g., ActiveCampaign), Payment Processor (e.g., Stripe), Platform Host (e.g., Kajabi), Analytics (e.g., Google Analytics)]). We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the UK who provide consultancy, banking, legal, insurance and accounting services.
HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.
Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets.
We do not sell your personal data to third parties.
6. International Transfers
We may transfer your personal data outside the UK/European Economic Area (EEA), for example, if our service providers are based overseas. Where we do so, we ensure a similar degree of protection is afforded to it by ensuring adequate safeguards are in place, such as using specific contracts approved for use in the UK (Standard Contractual Clauses) or transferring to countries deemed to provide an adequate level of protection.
7. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Details of these measures are outlined in our Data Protection Policy. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.
8. Data Retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
Typically, basic information about our customers (Contact, Identity, Financial and Transaction Data) is kept for six years after they cease being customers for tax purposes. Other data retention periods may vary depending on the nature of the data and the purpose for processing.
9. Your Legal Rights (UK GDPR)
Under data protection law, you have rights including:
Request access to your personal data.
Request correction of your personal data.
Request erasure of your personal data.
Object to processing of your personal data.
Request restriction of processing your personal data.
Request transfer of your personal data.
Right to withdraw consent at any time (where we rely on consent).
If you wish to exercise any of these rights, please contact us at info@femmeprenista.com. Please see our Data Protection Policy for more detail on these rights. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
10. California Residents (CCPA Rights)
If you are a resident of California, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA):
Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collecting it, and the categories of third parties with whom we have shared it.
Right to Delete: You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.
Right to Opt-Out of Sale: Femmeprenista does not "sell" personal information as defined by the CCPA. Therefore, there is no need to opt-out of sale.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
To exercise your Right to Know or Right to Delete, please submit a verifiable consumer request to us by emailing info@femmeprenista.com. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
11. Cookies
Our website uses cookies to distinguish you from other users. This helps us provide you with a good experience and allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them, see our Cookie Policy.
12. Changes to This Privacy Policy
We keep our privacy policy under regular review. Any changes will be posted on this page, and where appropriate, notified to you by email. Please check back frequently to see any updates or changes.
13. Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Lead (Admin) in the following ways:
Email: info@femmeprenista.com
Post: Data Protection Lead, Femmeprenista (Thrivology Limited), 7 Heron Court, Biddenham, Bedfordshire, United Kingdom, MK40 4UQ