PRIVACY POLICY 

Business Name: Samsons-forge 
Website: www.samsons-forge.com 
Effective Date: 5th December 2025 

1. Introduction and Scope 

This Privacy Policy explains how Samsons-forge (“Samsons-forge”, “we”, “us”, “our”) collects, uses, discloses and protects personal information when you: 

  • visit or use our website at www.samsons-forge.com and any related pages or subdomains (the “Website”); 

  • purchase or use our online coaching, fitness programs, personal plans or other services (the “Services”); and/or 

  • otherwise interact with us, for example by email or through online forms. 

This Privacy Policy is intended to comply with, and be interpreted in line with, applicable data protection laws, including: 

  • the General Data Protection Regulation (EU) 2016/679 (“GDPR”); 

  • the UK GDPR and UK Data Protection Act 2018; 

  • the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act (“CCPA”); and 

  • any other privacy laws that may apply to our processing activities. 

If you do not agree with how we process personal information as described in this Privacy Policy, you should not use the Website or Services. 

 

2. Who We Are and Controller Responsibility 

For the purposes of GDPR and similar laws, Samsons-forge is the data controller of your personal information, meaning we decide how and why your information is processed. 

Controller details 

  • Business name: Samsons-forge 

  • Registered / main business location: ______________________________ (State, Country) 

  • Contact email for privacy matters: ______________________________ 

In certain cases (for example, where we use third-party platforms or processors), those third parties may act as data processors or, in some circumstances, as independent controllers of your personal information. This Privacy Policy applies to processing activities where Samsons-forge acts as controller. 

 

3. Personal Information We Collect 

The types of personal information we collect depend on how you interact with us and which Services you use. We may collect: 

3.1 Identity and Contact Information 

  • Name 

  • Email address 

  • Country or region of residence 

  • Any other contact details you choose to provide 

3.2 Account and Service Information 

  • Login details (such as username, if applicable) 

  • Information about your purchases and Service history 

  • Coaching preferences and goals 

  • Communications between you and us (emails, messages) 

3.3 Health and Training Information (Special Category Data) 

In order to provide tailored fitness coaching and plans, we may collect information you choose to share about, for example: 

  • training history and experience level 

  • injuries, physical limitations or pain 

  • general health status or relevant medical conditions 

  • lifestyle factors (such as sleep, stress, time availability, equipment access) 

We only ask for the minimum health-related information needed to design and deliver the Services safely and effectively. You are not required to provide any information you do not wish to share, but this may affect our ability to provide certain Services. 

3.4 Technical and Usage Information 

  • IP address 

  • browser type and version 

  • device identifiers 

  • pages viewed, links clicked, time spent on the Website 

  • referring website or source 

  • general location information (e.g., country or city, where available) 

This information is typically collected via cookies and similar technologies, as described in Section 8 and in our Cookie Policy. 

3.5 Payment and Transaction Information 

We use third-party payment processors (such as Revolut and others we may engage from time to time). We receive limited payment-related information, for example: 

  • confirmation that a payment has been made or declined 

  • partial payment card details (limited digits) or transaction IDs 

  • billing country or region 

We do not store your full payment card details on our own systems. 

 

4. How We Collect Personal Information 

We collect personal information in the following ways: 

  • Directly from you – when you complete forms on the Website, purchase Services, fill in questionnaires, respond to coaching check-ins, or contact us by email or other channels. 

  • Automatically – when you use the Website, through cookies, log files and similar technologies. 

  • From third-party service providers – for example, payment processors, website hosting providers (including Squarespace), email and analytics tools, where this is necessary to operate the Website and Services. 

We do not obtain personal information from data brokers or other commercial sellers of personal data. 

 

5. Purposes and Legal Bases for Processing (GDPR / UK GDPR) 

Where GDPR or similar laws apply, we rely on one or more of the following legal bases to process your personal information: 

5.1 Performance of a Contract 

We process your personal information where necessary to enter into, or perform, our contract with you, including to: 

  • create and manage your account; 

  • provide online coaching, fitness programs and personal plans; 

  • customise plans based on your answers and feedback; 

  • communicate with you about your purchases and Services. 

5.2 Consent 

We may process certain information based on your consent, for example: 

  • collecting and using more detailed health-related information (special category data) to design tailored plans; 

  • sending certain types of marketing communications, where required by law; 

  • using non-essential cookies and similar technologies on the Website. 

You can withdraw your consent at any time (see Section 14), but this does not affect the lawfulness of processing before withdrawal. 

5.3 Legitimate Interests 

We may process your information where this is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. This includes: 

  • improving and developing our Services and Website; 

  • preventing fraud, misuse and security incidents; 

  • communicating with you about updates or changes to our terms and policies; 

  • documenting and managing our business operations and compliance. 

5.4 Legal Obligations 

We may process and retain certain information where necessary to comply with our legal obligations, for example: 

  • tax and accounting requirements; 

  • responding to lawful requests from public authorities; 

  • complying with applicable consumer or data protection laws. 

 

6. Additional Information for CCPA / U.S. Privacy Laws 

For residents of California and certain other U.S. jurisdictions, we may process “personal information” as defined under applicable law. The categories of personal information we collect are broadly aligned with those listed in Section 3. 

At the time of this Policy: 

  • We do not sell your personal information for money. 

  • We do not knowingly “share” your personal information for cross-context behavioural advertising in a way that would trigger opt-out mechanisms under CCPA, but if this changes, we will update this Policy and provide the required notices and choices. 

California residents may have specific rights under CCPA, including the rights to: 

  • know what personal information is collected and how it is used; 

  • request access to, or deletion of, certain personal information; 

  • request correction of inaccurate personal information; 

  • opt out of any sale or certain sharing of personal information, where applicable; 

  • not be discriminated against for exercising their rights. 

See Section 15 for more details on how to exercise these rights. 

 

7. How We Use Health and Special Category Data 

Certain information you provide about your health, injuries, and training history may be treated as “special category” data under GDPR and similar laws. 

We use this information only for carefully defined purposes, such as: 

  • assessing the suitability of particular exercises or training structures; 

  • customising your program or plan; 

  • monitoring progress and adjusting guidance. 

We process this type of data based on: 

  • your explicit consent (for example, when you voluntarily provide such information in questionnaires or communications and continue using our Services); and 

  • where applicable, the necessity to provide personalised coaching as part of our contract with you, while taking appropriate safeguards. 

You may choose not to provide certain health information; however, this may limit our ability to provide tailored Services or require us to recommend more general plans. 

 

8. Cookies and Similar Technologies 

We use cookies and similar technologies on the Website to: 

  • enable essential functionality (e.g., security, session management); 

  • remember your preferences; 

  • analyse usage of the Website to improve performance; 

  • support integrations provided by Squarespace and other providers (for example, analytics, SEO tools or certain AI features). 

Details of the specific cookies we use and how you can manage your preferences are set out in our Cookie Policy, which forms part of this Privacy Policy. 

Where required by law (for example, in certain jurisdictions under GDPR), we will request your consent for non-essential cookies. You can withdraw or change your cookie preferences using your browser settings or any cookie management tools we provide. 

 

9. Payment Processing and Financial Data 

Payments for our Services are processed by secure third-party providers such as Revolut and any other payment processors we may use from time to time. 

  • We do not collect or store your full payment card details on our own systems. 

  • We may receive limited information necessary to confirm payment status (e.g., transaction ID, last digits of a card, payment success or failure). 

  • The processing of your payment information is also governed by the privacy policies and terms of the relevant payment processor. 

You should review the privacy policy of the payment provider you choose to use. We are not responsible for the privacy practices of third-party payment processors, but we only engage providers that we reasonably consider to handle payment data securely. 

 

10. How We Share Personal Information 

We do not sell your personal information. We may share your personal information with: 

10.1 Service Providers (Processors) 

Trusted third parties who assist us in operating the Website and providing the Services, such as: 

  • website hosting and platform providers (including Squarespace); 

  • payment processors (including Revolut); 

  • email and communication tools; 

  • analytics and performance tools; 

  • professional advisers (e.g., legal, accounting) where necessary. 

These providers are given access only to the information they need to perform their functions and are contractually required (where legally mandated) to process personal information on our instructions and to protect it appropriately. 

10.2 Legal and Regulatory Authorities 

We may disclose personal information if we reasonably consider it necessary to: 

  • comply with a legal obligation or lawful request; 

  • protect our rights, security, or property, or the rights, security, or property of others; 

  • detect, prevent or address fraud, security or technical issues. 

10.3 Business Transfers 

In the event of a merger, acquisition, reorganisation or other corporate transaction involving Samsons-forge, personal information may be transferred as part of the relevant transaction. We will take appropriate steps to inform you and ensure that your rights continue to be protected. 

We do not grant third parties general rights to use your personal information for their own independent marketing purposes without your consent. 

 

11. International Transfers 

We may process and store your personal information in countries other than the one in which you are located. For example: 

  • our hosting and infrastructure providers may operate globally; 

  • we may access data from our location, which may be in a different jurisdiction to yours. 

Where required by law (for example, for transfers out of the European Economic Area or the UK), we implement appropriate safeguards, such as: 

  • Standard Contractual Clauses approved by the European Commission or the UK authorities; and/or 

  • other measures permitted under applicable data protection laws. 

You can contact us using the details in Section 20 for more information about international transfers and the safeguards we use. 

 

12. Data Retention 

We retain personal information only for as long as necessary to: 

  • provide the Services and operate the Website; 

  • comply with legal, accounting or reporting obligations; 

  • resolve disputes and enforce our agreements. 

Retention periods vary depending on the type of information and purpose of processing. For example: 

  • coaching records and plan-related information may be retained for a reasonable period after the end of the coaching relationship; 

  • transaction records may be kept for legally required periods (e.g., tax or accounting requirements). 

When personal information is no longer needed, we will delete or anonymise it, or, where that is not reasonably possible (for example, because it is stored in backup archives), we will securely store it and isolate it from any further processing until deletion is feasible. 

 

13. Security 

We take reasonable and proportionate technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration or destruction. These measures may include: 

  • using reputable hosting providers (such as Squarespace); 

  • restricting access to personal information on a need-to-know basis; 

  • using secure transmission technologies where appropriate; 

  • maintaining internal practices designed to reduce the risk of data incidents. 

However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, and you use the Website and Services at your own risk. If we become aware of a data breach that affects your personal information and which we are legally required to notify you about, we will do so in accordance with applicable laws. 

 

14. Your Rights Under GDPR and Similar Laws 

If you are located in the EU, EEA, UK or another jurisdiction with similar data protection laws, you may have some or all of the following rights (subject to applicable law and certain limitations): 

  • Right of access – to obtain confirmation as to whether we process your personal information and to receive a copy. 

  • Right to rectification – to have inaccurate or incomplete personal information corrected. 

  • Right to erasure – to request deletion of personal information in certain circumstances. 

  • Right to restriction of processing – to request we limit processing in certain circumstances. 

  • Right to data portability – to receive personal information you provided in a structured, commonly used and machine-readable format and to request that we transfer it to another controller where technically feasible. 

  • Right to object – to object to processing based on our legitimate interests or for direct marketing. 

  • Right to withdraw consent – where processing is based on consent, you can withdraw your consent at any time. 

To exercise these rights, please contact us using the details in Section 20. We may need to verify your identity before fulfilling your request. We aim to respond within the time periods required by law. 

You also have the right to lodge a complaint with your local data protection authority. We encourage you to contact us first so we can attempt to resolve your concerns. 

 

15. Your Rights Under CCPA and Other U.S. Laws 

If you are a California resident, you may have additional rights under the CCPA/CPRA, including: 

  • Right to know what categories of personal information we collect, the sources, purposes of use, and categories of third parties with whom we share it. 

  • Right to access specific pieces of personal information we hold about you, subject to verification. 

  • Right to deletion of certain personal information, with some exceptions (for example, where we need the information to comply with a legal obligation). 

  • Right to correction of inaccurate personal information. 

  • Right to opt out of the sale or certain sharing of personal information (if applicable). At the time of this Policy, we do not sell personal information for money. 

  • Right to non-discrimination for exercising these rights. 

To exercise any of these rights, you or your authorised agent may contact us using the details in Section 20. We will verify your identity (and, where relevant, your agent’s authority) as required by law before responding. 

Residents of other U.S. states may have similar rights under their local privacy laws. We will honour such rights where applicable and to the extent required by law. 

 

16. Marketing Communications 

We may use your contact details to send you information about our Services, new offerings or related updates: 

  • In some jurisdictions, we rely on your consent to send electronic marketing; 

  • In others, we may rely on legitimate interests, subject to your right to opt out. 

You can opt out of marketing emails at any time by: 

  • clicking the “unsubscribe” link in any marketing email; or 

  • contacting us using the details in Section 20. 

Opting out of marketing communications does not affect important non-marketing communications (for example, service messages, order confirmations, or updates to this Policy). 

 

17. Children’s Privacy 

The Website and Services are not intended for individuals under 18 years of age, and we do not knowingly collect personal information from children under 18. 

If we learn that personal information has been collected from a child under 18 without appropriate consent, we will take reasonable steps to delete that information as soon as practicable. If you believe we may have personal information about a child, please contact us using the details in Section 20. 

 

18. Automated Decision-Making and Profiling 

We do not use personal information to make decisions solely by automated means that produce legal effects or similarly significant effects on you. 

We may use basic profiling (for example, segmenting clients by training experience or goals) in order to tailor coaching and plans, but such profiling does not involve automated decisions with legal or similarly significant impact, and it always involves meaningful human input and review. 

 

19. Changes to This Privacy Policy 

We may update this Privacy Policy from time to time, for example to reflect: 

  • changes in our Services, technology or business operations; or 

  • changes in applicable laws or regulatory guidance. 

When we make material changes, we will: 

  • update the “Effective date” at the top of this Policy; and 

  • take any additional steps required by law, which may include notifying you directly or obtaining your consent where necessary. 

We encourage you to review this Privacy Policy periodically to stay informed about how we process personal information. 

 

20. Contact and Complaints 

If you have any questions about this Privacy Policy or how we handle your personal information, or if you wish to exercise your privacy rights, you can contact us at: 

Email: ______________________________ 
Website: www.samsons-forge.com 

If you are located in the EU, EEA, UK or another jurisdiction with a dedicated supervisory authority, you also have the right to lodge a complaint with that authority. We would, however, appreciate the opportunity to address your concerns first, so please consider contacting us in the first instance. 

 

COOKIE POLICY 

Business Name: Samsons-forge 
Website: www.samsons-forge.com 
Effective Date: 5th December 2025 

1. Purpose of This Cookie Policy 

This Cookie Policy explains how Samsons-forge (“Samsons-forge”, “we”, “us”, “our”) uses cookies and similar technologies on www.samsons-forge.com (the “Website”). 

It should be read together with our Privacy Policy, which explains how we process personal information more generally. 

By continuing to use the Website after seeing our cookie notice or adjusting your cookie settings, you agree that we can use cookies as described in this Policy, unless you disable them via your browser or settings tools. 

 

2. What Are Cookies? 

Cookies are small text files that are stored on your device (computer, tablet, smartphone) when you visit a website. They are widely used to: 

  • make websites work or function more efficiently; 

  • remember your preferences and settings; 

  • understand how visitors use a site; 

  • support security and basic features. 

Similar technologies (such as pixels, tags, local storage and scripts) may also be used for these purposes. In this Policy, we refer to all of these collectively as “cookies”

 

3. Who Sets Cookies on Our Website? 

Cookies on our Website may be set by: 

  1. First-party cookies – placed directly by Samsons-forge or by our Website platform provider (e.g., Squarespace) on our behalf. 

  1. Third-party cookies – placed by other organisations, such as analytics providers, embedded content providers, or payment processors, when their services are integrated into the Website. 

We do not control how third parties use their cookies once they are set; their use is governed by their own privacy and cookie policies. 

 

4. Types of Cookies We Use 

We use the following broad categories of cookies: 

4.1 Strictly Necessary Cookies 

These cookies are essential for the operation of the Website and cannot be switched off in our systems. They are usually set: 

  • in response to actions you take (e.g., logging in, filling out forms, using the checkout); 

  • to manage security and network stability; 

  • to remember your cookie preferences. 

If you block these cookies, parts of the Website may not function properly. 

4.2 Performance and Analytics Cookies 

These cookies help us understand how visitors use the Website (for example, which pages are most popular, how long visitors stay, and which links are clicked). We typically use them to: 

  • improve the performance and design of the Website; 

  • identify errors and technical issues; 

  • compile aggregated statistics about site usage. 

We generally use these cookies in a way that does not directly identify you, but some analytics providers may collect IP addresses or other identifiers as part of their normal operation. 

4.3 Functional Cookies 

These cookies allow the Website to remember choices you make, such as: 

  • language or region; 

  • your preferences for certain features or layouts. 

They help provide a more personalised experience, but are not strictly essential to basic operation. 

4.4 Targeting or Advertising Cookies (If/When Used) 

If and when we use advertising or retargeting tools (e.g., via social media platforms or ad networks), these cookies may: 

  • record your visit to the Website; 

  • track pages you view and links you follow; 

  • help show you more relevant ads on other sites or platforms. 

We will only use such cookies in compliance with applicable laws and, where required, with your consent. 

 

5. Examples of Cookies on Our Website 

Because our Website is built on Squarespace and may integrate other services, cookies can include: 

  • Platform cookies – used by Squarespace to operate the site, manage sessions, maintain security and support basic analytics. 

  • Analytics cookies – used by analytics tools (e.g., Squarespace Analytics, or other providers we may implement) to gather aggregated usage statistics. 

  • Payment-related cookies – used by payment processors such as Revolut or other providers during checkout to prevent fraud, remember payment preferences and complete transactions. 

The specific names, providers and durations of cookies may change over time as our Website and tools are updated. We endeavour to keep our cookie usage under regular review. 

 

6. Legal Basis for Use of Cookies (GDPR / UK GDPR) 

Where GDPR or similar laws apply, we rely on the following legal bases: 

  • Strictly necessary cookies – processed on the basis of our legitimate interests in operating a secure, functional Website and delivering the Services you request. 

  • Analytics, functional and targeting cookies – processed on the basis of your consent, where required by law. You can withdraw your consent at any time by adjusting your browser settings or your cookie preferences as described below. 

 

7. Cookies and “Sale”/“Sharing” of Personal Information (CCPA / CPRA) 

Under the California Consumer Privacy Act (CCPA) as amended by the CPRA, certain uses of cookies may be considered a “sale” or “sharing” of personal information if they involve cross-context behavioural advertising. 

At the time of this Policy: 

  • We do not sell personal information for money. 

  • If we use third-party advertising or analytics cookies in a way that constitutes a “sale” or “sharing” of personal information under CCPA, we will provide the necessary notices and options (such as a “Do Not Sell or Share My Personal Information” mechanism) in accordance with California law. 

For more information about your privacy rights, please see our Privacy Policy

 

8. How You Can Manage or Disable Cookies 

You have several options for managing cookies: 

8.1 Browser Settings 

Most browsers allow you to: 

  • view which cookies are stored on your device; 

  • delete cookies; 

  • block all cookies or only third-party cookies; 

  • receive warnings before cookies are stored. 

How you do this depends on your browser. You can usually find these settings in the “Options”, “Tools” or “Preferences” menu. If you block all cookies, some parts of the Website may not function properly. 

8.2 Device and OS Settings 

Some mobile devices and operating systems provide additional controls for cookies and tracking at the device level. Check your device’s privacy or security settings for more details. 

8.3 Cookie Banners and Tools (Where Available) 

Where we implement a cookie banner or preference centre, you may be able to: 

  • accept or reject certain categories of cookies; 

  • change your choices at any time. 

Please note that your choices may be stored in a cookie; if you clear cookies in your browser, you may need to reset your preferences. 

 

9. Third-Party Cookies and External Sites 

Our Website may include links to third-party websites or embedded content from third-party services. These third parties may use their own cookies and similar technologies, which are not under our control. 

We are not responsible for the privacy practices or cookie usage of third-party sites. We encourage you to review the privacy and cookie policies of any external sites you visit. 

 

10. Data Collected via Cookies 

Depending on the cookie, data collected may include: 

  • IP address; 

  • device type and operating system; 

  • browser type and settings; 

  • referring URL; 

  • pages visited and time spent; 

  • links clicked; 

  • approximate location based on IP (e.g., city or region). 

Where this information is considered personal data under applicable laws, we will handle it in accordance with our Privacy Policy, including your rights to access, deletion, objection and restriction. 

 

11. Retention of Cookie Data 

Cookies remain on your device for different periods: 

  • Session cookies – are temporary and expire when you close your browser. 

  • Persistent cookies – remain on your device for a set period or until you delete them via your browser or device settings. 

We and our providers set retention periods consistent with the purposes of each cookie and applicable legal requirements. You can usually see and manage expiry times through your browser’s cookie management tools. 

 

12. Security 

Cookies themselves are not used to run programs or deliver viruses. However, because cookies store information, we take reasonable steps to ensure that: 

  • cookies used are appropriate for their purpose; 

  • our Website and integrated services are operated securely; 

  • personal information collected via cookies is protected in line with our overall security measures. 

For more information on our security practices, please see our Privacy Policy

 

13. Your Rights in Relation to Cookies and Tracking 

Depending on where you live, you may have rights under GDPR, UK GDPR, CCPA or other privacy laws in relation to personal information collected via cookies, including: 

  • the right to know what personal information we process; 

  • the right to access, correct or delete certain information; 

  • the right to restrict or object to certain types of processing; 

  • the right to withdraw consent for non-essential cookies; 

  • specific rights under CCPA (e.g., right to know, delete, correct, and opt out of sale/sharing, where applicable). 

To exercise these rights, please follow the instructions in our Privacy Policy or contact us directly (see Section 15 below). 

 

14. Changes to This Cookie Policy 

We may update this Cookie Policy from time to time, for example to: 

  • reflect changes in the cookies we use; 

  • comply with legal or regulatory changes; 

  • adjust how we use cookies as our Website or Services evolve. 

When we make material changes, we will: 

  • update the “Effective date” at the top of this Policy; and 

  • take any additional steps required by law (for example, displaying a notice on the Website or asking for your consent again where necessary). 

We encourage you to review this Cookie Policy periodically to stay informed about our use of cookies. 

 

15. Contact Us 

If you have any questions about this Cookie Policy or our use of cookies and similar technologies, you can contact us at: 

Email: __________________________ 
Website: www.samsons-forge.com 

For broader information on how we handle personal information, your rights and how to exercise them, please refer to our Privacy Policy