Privacy Notice
1. About this notice
This notice explains what personal data 141kg collects when you use the platform, why we collect it, what we do with it, how long we keep it, and the rights you have under UK GDPR.
It applies to:
- Personal trainers (PTs) using the Tenant app at pt.141kg.com.
- Clients using the Client app at client.141kg.com.
- Visitors to our legal site at legal.141kg.com.
If you are a client, please also read the section below on the two relationships, which explains the difference between the data we control and the data your PT controls.
2. Who we are
The controller of your personal data is 141kg Ltd, a company registered in England and Wales under company number 17241763, with registered office at Gables House, 62 Kenilworth Road, Leamington Spa, CV32 6JX.
You can contact us about anything in this notice at admin@141kg.com.
We are not required to appoint a Data Protection Officer under UK GDPR Article 37 because our processing does not meet the thresholds for mandatory appointment. Privacy questions are handled by the directors and reach us via the email above.
3. The two relationships (important for clients)
When you use the Client app, two separate UK GDPR relationships apply at the same time. Understanding the difference matters because your rights are exercised against different people in each case.
Where 141kg is the controller. For your account itself (your email address, password hash, date of birth, login activity, account preferences, how you use the app, and the technical operation of the app on your device), 141kg decides what is collected and why. This notice covers that. You exercise your rights against us.
Where your PT is the controller and 141kg is the processor. For the training data your PT enters about you and that you enter about yourself (workouts, sets, reps, body weight, heart rate, RPE, session calories, session notes, goals), your PT decides what is collected and why. We process it on their behalf under our Data Processing Agreement at https://legal.141kg.com/dpa/. Your PT should have their own privacy notice explaining this. You exercise rights over that data against your PT in the first instance. If your PT cannot be reached, contact us at admin@141kg.com and we will help.
Where you use the Client app without a personal trainer. There is no PT in the picture, so 141kg is the controller of your training data as well as your account. You exercise all of your rights against us.
4. What we collect and why
We collect personal data in the following categories. The lawful basis for each is named below, as required by UK GDPR Article 13(1)(c).
Account data (controller: 141kg)
- What: Your name, email address, password hash, date of birth, sex (optional), role (PT or client), tier (Essential / Pro / Elite), preferences, and (for PTs) business name and brand colour settings.
- Why: To create and operate your account. Date of birth is used to confirm you are old enough to use the platform (16+ for clients, 18+ for PTs) and to group clients by age decade for benchmarking inside their PT's account. Sex, where given, is used to group clients by sex for benchmarking inside their PT's account and for the optional leaderboard filter. Sex is not used to infer health conditions or to adjust health metrics.
- Lawful basis: Performance of a contract (Article 6(1)(b)) for the account itself. Legitimate interests (Article 6(1)(f)) for the age gate and the benchmarking groupings. The interest is providing a working, age-appropriate fitness benchmarking tool. Our balancing test concludes the impact on you is low: the data is shown only inside your PT's account and your own account, never shared externally, and never used for advertising or profiling.
Authentication and security data (controller: 141kg)
- What: Login timestamps, IP addresses, user agent strings, multi-factor authentication factors (for PTs), failed login attempts, password reset events.
- Why: To authenticate you, prevent unauthorised access, detect abuse, and meet our security obligations under UK GDPR Article 32.
- Lawful basis: Legitimate interests (Article 6(1)(f)). The interest is keeping accounts secure. Our balancing test concludes that this is a low-impact, expected use of the data that any reasonable user would assume is happening.
- One thing your PT can see: the date you last used the app, taken from this login record. Nothing else from it reaches them: not your IP address, not your device, not the times of day you log in. See App engagement shared with your trainer, below.
Communications data (controller: 141kg)
- What: Invite emails, password reset emails, account notifications, and any messages you send us at admin@141kg.com.
- Why: To send you the communications you need to use the platform and to respond to your queries.
- Lawful basis: Performance of a contract for transactional emails. Legitimate interests for responding to your queries.
- Marketing: We do not send you marketing or promotional communications for our own purposes. The emails we send on our own behalf are transactional only. Separately, if you train with a PT, your PT can ask us to send you an email about the app on their behalf. See App engagement shared with your trainer, below.
Payment data (controller: 141kg)
- What: Your subscription tier, status, billing period dates, the amounts due, and the identifiers that link your account to our payment processor. Card numbers and payment-method details are handled by our payment processor and are not stored by us.
- Why: To operate your paid plan and take payment for it.
- Lawful basis: Performance of a contract (Article 6(1)(b)) for your subscription. Legitimate interests (Article 6(1)(f)) for fraud and abuse prevention; the impact on you is low and limited to keeping billing secure.
Training data (controller: your PT where you train with one; 141kg where you use the Client app without a PT)
- What: Workouts, exercises, sets, reps, weights, times, body areas, session dates and times, session notes, goals, leaderboard opt-in, training history.
- Why: To record your training and surface observations from it.
- Lawful basis (where your PT is the controller): The PT's lawful basis, usually contract or legitimate interests, set out in the PT's own privacy notice.
- Lawful basis (where 141kg is the controller, solo Client app use): Performance of a contract with us for the Client app.
The leaderboard. If you opt into the leaderboard, other clients of the same PT can see the display name you choose and your standing on it (such as ranking and points). They cannot see your body weight, date of birth, email address, or any other account detail. Taking part is optional and you can leave the leaderboard at any time.
Special category data (controller: your PT where you train with one; 141kg where you use the Client app without a PT)
- What: Body weight, heart rate, rate of perceived exertion (RPE), and session calories.
- Why: To record health-relevant training data and surface observations from it.
- Lawful basis: Explicit consent under UK GDPR Article 9(2)(a). You will be asked for this consent separately, before the data is recorded for the first time. You can withdraw your consent at any time in the app settings or by emailing admin@141kg.com. Withdrawing consent does not affect processing carried out before withdrawal.
If you are a PT entering this category of data about a client, the Tenant app provides a consent capture screen for the client to give explicit consent. You must use this before entering special category data about any client.
Technical and device data (controller: 141kg)
- What: Browser type and version, operating system, screen size, language preference, error logs.
- Why: To make sure the platform works on your device and to diagnose problems.
- Lawful basis: Legitimate interests. The interest is providing a working service. This device data is not used for the usage analytics described below, nor for advertising or profiling.
App usage analytics (controller: 141kg)
- What: When you open the app, which screens you open, and that you used certain in-app actions: logging a set, a body weight, an RPE, or a session heart rate or calorie figure. These are recorded as events linked to your account. The action events record that the action happened and when, not the value behind it. The values you enter, including the health-related ones, are held as training and special category data as described above and in section 5, not copied into these analytics events.
- Why: To understand how the app is used: which features and screens are popular, how often and at what times of day people return, and which logging actions are used, so we can keep the service running and improve it. We analyse this only in aggregate, across users, and we apply a small-number floor: any screen or health-related action used by fewer than three people on a given day is dropped from the aggregates, so nothing we look at or send ourselves can single you out. We do not use it to make decisions about you or to build a profile of you. Your PT never sees these events. The date you last used the app, which your PT can see, comes from your login record and not from these events. See App engagement shared with your trainer, below.
- Lawful basis: Legitimate interests (Article 6(1)(f)). The interest is operating and improving the service. Our balancing test concludes the impact on you is low: we count only that an action happened, not the value behind it; we report aggregate totals with the small-number floor described above; we surface no individual history, to ourselves or to your PT; the data is never used for advertising or profiling; and it is deleted after 6 months. The health values themselves stay under the explicit consent described in section 5. If you withdraw that consent you stop logging those metrics, so there is no further action of that kind to count.
App engagement shared with your trainer (controller: your PT)
- What: The date you last used the Client app, taken from your login record. Your PT sees that one date. They do not see which screens you opened, how long you stayed, or any history of your app use.
- Why: So your PT knows whether you are using the app they set up for you, and can help if you are not.
- Emails from your PT: Your PT can ask us to email you about the app: a reminder if you have never signed in, or a nudge if you have been away. Your PT chooses who to email. We never send one on our own initiative, and never for any purpose of our own. The email tells you about the app and shows example screens. It carries none of your training data.
- Opting out: Every one of these emails carries an unsubscribe link. Using it stops all of them, from any trainer, and no trainer can undo it. You can also email admin@141kg.com. Opting out changes nothing else about your account.
- Lawful basis: Your PT is the controller here and the sender of the email, and their own privacy notice sets out their basis. We act as their processor, on their instruction, under the Data Processing Agreement at legal.141kg.com/dpa.
Trainer app usage (controller: 141kg, applies to personal trainers only)
- What: If you are a personal trainer, we record when you open the Tenant app and which screens you open. These are recorded as events linked to your trainer account. We do not record what you type, and no client data is held in these events.
- Why: To understand how trainers use the app, so we know what to build, fix, and remove. We also use it to see whether you are still using the platform, so we can offer help if you have stopped, and to report trainer activity in our own daily operations email.
- This is not aggregate only, and we want to be clear about that. Unlike the client analytics above, our internal reporting identifies you: our daily operations email lists each trainer by name and email address with the date you were last active, and our admin app shows which screens you have used. Only 141kg staff see it. We do not use it to make decisions about you, it does not affect your price, tier, or access to the platform, and it is never shared or used for advertising or profiling.
- Lawful basis: Legitimate interests (Article 6(1)(f)). The interest is operating and improving the service and supporting the trainers who use it. Our balancing test concludes the impact on you is low: the events say only that you opened the app or a screen, and when; the platform is a business tool you use in a professional capacity; the data is seen only by us; and it is deleted after 6 months.
- Your right to object: Because we rely on legitimate interests, you can object to this at any time by emailing admin@141kg.com. This processing is not needed to run the service for you, so if you object we will stop logging your app usage and delete the events we already hold for your account. Nothing else about your account changes.
5. Special category data, in plain terms
Some of the data the platform records is treated as a "special category" of personal data under UK GDPR Article 9. This category has tighter rules because it can reveal information about your health. On this platform, the special categories are:
- Body weight measurements.
- Heart rate (per session, optional).
- Rate of perceived exertion (RPE) on a 0 to 10 scale (per session, optional).
- Session calories (per session, optional, user-entered estimate).
For this category we rely on your explicit consent under Article 9(2)(a). This is a stricter standard than ordinary consent: it must be specific, informed, and given by a clear affirmative action.
Because this is special category data, the app asks for your consent in two parts on the consent capture screen:
- Agreement: a tick-box confirming you consent to 141kg recording body weight, heart rate, RPE, and session calories as part of your training records.
- Acknowledgement: a separate tick-box confirming you understand this data is treated as special category health data under UK GDPR Article 9, and that you can withdraw consent at any time.
Both tick-boxes must be ticked for consent to be valid. Without both, the platform will not record this data about you.
You can withdraw consent at any time in the app settings or by emailing admin@141kg.com. When you do, we stop the relevant processing immediately. Data already recorded remains in your history unless you also ask for it to be deleted (which is a separate right, covered in section 11).
About the Recovery feature. The Recovery indicator shown in the app is computed from your training data (volume per body area and time elapsed since you last trained that area). It is not a separate data point you or your PT enter, and we do not record sleep, soreness, mood, or stress ratings. Because Recovery is derived from training data, it does not require separate special category consent: its lawful basis is the same as the underlying training data it is computed from. If we ever add user-entered recovery or wellbeing fields (such as a sleep tracker or soreness slider), we will update this section and ask for fresh consent before recording that data.
6. What we do not collect
We do not collect, store, or process the following categories of data:
- Injury, illness, medication, or medical history. The platform does not include fields for injuries, conditions, prescriptions, surgeries, allergies, pregnancy status, mental health information, or any other medical record.
- PAR-Q or health screening questionnaires. The platform does not capture pre-activity readiness questionnaires or medical clearance forms. If a PT uses one, it must be kept outside the platform.
- Progress photos, body composition images, or transformation images. The platform does not have a photo upload feature for clients or PTs to attach to a client record. Profile imagery is rendered from the user's initials only.
- Wellbeing or readiness fields entered by the user. We do not capture sleep, soreness, stress, mood, or similar ratings. The Recovery indicator in the Client app is computed from training data alone; it is not a separate data point you enter.
- Wearable device data. We do not integrate with Apple Health, Fitbit, Garmin, Whoop, or any other wearable platform.
- Nutrition or food intake data. The platform does not have nutrition tracking.
- Marketing or advertising data. We do not track you across sites, build advertising profiles, or share data with advertisers.
If you have entered any of the above into a free-text field on the platform (such as a session note or a goal description), this is outside the intended use of that field. PTs are instructed in the Tenant app not to enter health information in free-text fields and to keep that information in a separate clinical system if needed. See section 11 for what to do if you believe such data has been entered about you.
7. Change control for future fields
If we plan to add a new data field to the platform in the future, particularly one that would or might constitute health data under UK GDPR (for example, a sleep tracker, a soreness slider, a wearable integration, a nutrition log, or an AI-generated readiness score), we will:
- Update this Privacy Notice and bump the version number.
- Update the Data Processing Agreement and bump that version number.
- Where the field is or may be special category data, ask you for fresh explicit consent under Article 9(2)(a) before the field is recorded about you. The existing consent does not extend automatically to new fields.
- Where the new feature involves automated decision-making with a significant effect on you, ask for your consent before that feature applies to you and complete a Data Protection Impact Assessment first.
8. Where we store your data
Your data is stored on infrastructure operated by our sub-processors:
- Vercel hosts our applications. Vercel is headquartered in the United States but offers EU and UK regions which we use where available.
- Supabase hosts our database and provides authentication. Supabase is headquartered in Singapore and uses AWS infrastructure. We use the EU (Ireland) region.
- Fastmail hosts our corporate email (admin@141kg.com and similar). Fastmail is headquartered in Australia.
- Resend sends our transactional email (invites, password resets, account notifications), and delivers the engagement email a PT asks us to send to their own clients. Resend is headquartered in the United States.
- Stripe processes payments and subscription billing (PT and client plans). Stripe is headquartered in the United States. Card numbers and payment-method details are held by Stripe; we do not store card numbers.
Where data is transferred outside the UK to a country not covered by an adequacy decision, we rely on the UK International Data Transfer Agreement (UK IDTA) or the EU Standard Contractual Clauses with the UK Addendum, in line with UK GDPR Articles 44 to 49. These are the safeguards required to transfer personal data outside the UK. You can request a copy of the safeguards in place for any specific transfer by emailing admin@141kg.com. This is your right under UK GDPR Article 13(2)(e).
9. Automated decision-making
This statement is provided under UK GDPR Article 13(2)(f).
We do not make automated decisions about you that produce legal effects or similarly significant effects.
The platform computes summaries, trends, and observations from data you and your PT have entered (for example, weekly tonnage, frequency of training, changes in load on specific exercises, body area volume). These are shown to your PT as part of their analysis view, and to you in your own progress view. They are observations, not decisions. They do not change anything about your access to the platform, your tier, your data, or any external service. Decisions about your training are made by your PT, not by the platform.
If this ever changes (for example, if a future feature uses automated decision-making in a way that produces a significant effect), we will update this section and ask for your consent before the change applies to you.
10. How long we keep your data
This is the single retention schedule for the 141kg platform. It is referenced by our Terms of Service and our Data Processing Agreement, and overrides any retention period stated elsewhere.
| Data category | Retention period | Trigger for deletion |
|---|---|---|
| Active account data (PT or client) | For the life of the account | Account closure |
| Training data (workouts, sets, body weight, special category data) | For the life of the account | Account closure or deletion request |
| PT account after closure (transitional period for client data export) | 30 days after closure | Automatic deletion 30 days after closure |
| Authentication logs (login events, IP, user agent) | 12 months | Rolling deletion |
| Failed login attempts and security events | 12 months | Rolling deletion |
| App usage analytics events (screen views, app opens, in-app action events) | 6 months | Rolling deletion |
| Trainer app usage events (screen views, app opens) | 6 months | Rolling deletion |
| Transactional emails (invites, password resets) and engagement email sent on a PT instruction | 30 days at sub-processor (Resend), then deleted | Automatic at Resend |
| Engagement email: record of which messages your PT sent you | 12 months | Rolling deletion |
| Engagement email: your opt-out, if you unsubscribe | For as long as your account exists | Account closure. We keep this so we do not email you again by mistake. Deleting it would put you back on the list. |
| Inactive accounts (no login for 24 months) | Closed and deleted after notice | Reasonable notice, then deletion |
| Backups (containing any of the above) | Up to 30 days after the live record is deleted | Backup rotation |
| Anonymised aggregate data | Indefinite (cannot be linked to any individual) | Not applicable |
| Records we are required to keep by law (accounting, tax) | As required by the relevant law (typically 6 years) | End of statutory retention period |
When we delete data, we remove it from active systems first. Data may persist in backups for up to 30 days after that, in line with normal backup rotation. After that point it is gone.
11. Your rights
Under UK GDPR you have the following rights over your personal data. To exercise any of them, email admin@141kg.com. We will respond within 30 days. There is no fee unless the request is manifestly unfounded or excessive.
- Access (Article 15): Ask us for a copy of the personal data we hold about you.
- Rectification (Article 16): Ask us to correct data that is inaccurate or incomplete. Most data can be corrected by you directly in the app.
- Erasure (Article 17): Ask us to delete your data. We will delete it in line with the retention schedule above, except where we are required to keep it by law.
- Restriction (Article 18): Ask us to stop processing your data in certain circumstances (for example, while we investigate a complaint).
- Portability (Article 20): Ask us for your data in a machine-readable format, or ask us to send it to another provider where technically possible. PTs can export this directly from the Tenant app. Clients can export their own data from the Client app, or request it by email.
- Object (Article 21): Object to processing we carry out under legitimate interests.
- Withdraw consent (Article 7(3)): Where processing is based on consent (in particular, special category data), withdraw your consent at any time. We stop the relevant processing immediately. Withdrawal does not affect processing already carried out.
- Complain to the ICO: If you are not happy with how we handle your data, you can complain to the UK Information Commissioner's Office at ico.org.uk, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. We would prefer you contact us first so we have a chance to put things right.
If your data is controlled by your PT (training data, special category data), you exercise these rights against your PT in the first instance. If your PT cannot be reached, contact us and we will help.
12. Children
The 141kg platform is not available to anyone under 16 years old. We enforce this by capturing date of birth at signup and blocking accounts that indicate the person is under 16. PTs are required by our Terms of Service not to enter data about anyone under 16 and to confirm a client's age before inviting them.
If we become aware that we hold data about someone under 16, we will delete it without delay. If you believe we hold such data, please tell us at admin@141kg.com.
13. Cookies and tracking
We use only strictly necessary cookies and storage on your device. These are required to keep you logged in, remember your preferences, and operate the app on your device. They are not used for analytics, advertising, or profiling.
We do not use Google Analytics, Facebook Pixel, Hotjar, Mixpanel, Amplitude, Segment, PostHog, Vercel Analytics, or any equivalent service. We do not embed third-party tracking scripts. We do not sell your data and we do not share it with advertisers.
We do not send you marketing or promotional communications for our own purposes. The emails you receive from us on our own behalf are transactional: account invitations, password resets, account notifications, billing emails if you are on a paid plan, and replies to your queries. If we ever change this position, we will update this notice and ask for your consent first.
If you train with a PT, your PT can ask us to send you an email about the app on their behalf. Your PT chooses who to email; we send none on our own initiative. Every such email carries an unsubscribe link that stops all of them, from any trainer. Section 4 sets this out under App engagement shared with your trainer.
Separately from cookies, we collect first-party usage analytics about how the app is used (which screens are opened, when the app is opened, and that certain in-app actions were used), as described in section 4. This is recorded on our own systems as events linked to your account. It does not use third-party tracking scripts, advertising cookies, or cross-site tracking.
If you are a client: we analyse this only in aggregate, with a small-number floor that drops anything used by fewer than three people on a given day. Nothing we look at or send ourselves can single you out, and your PT never sees these events at all. Separately, your PT can see the date you last used the app. That comes from your login record, not from these analytics events. Section 4 sets it out, including how to opt out of the emails your PT can send about it.
If you are a personal trainer: we record when you open the Tenant app and which screens you open, and our internal reporting on that identifies you. It is not aggregate only. Section 4 sets this out in full, including your right to object.
Our sub-processors (Vercel and Supabase) log technical request data (IP address, request path, timestamp) for security and service operation. This is strictly necessary and is covered by the legitimate interests basis in section 4.
14. Security
We take security seriously. Specifically:
- All connections to the platform use HTTPS (TLS 1.2 or later).
- Your data is encrypted at rest by our database provider.
- Backups are encrypted and stored in the same region as the live database.
- PT accounts are protected by mandatory multi-factor authentication using a TOTP authenticator app.
- Client accounts use password-only authentication, which is standard for consumer fitness apps. We may add MFA for clients in future, but we have not committed to a timeline.
- Database access controls (row level security) ensure that one PT cannot see another PT's data, and one client cannot see another client's data.
- We use the principle of least privilege for our own access to client data: we access it only where necessary to operate the platform or to respond to a support request from the PT or client.
If there is a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours of becoming aware of it, and we will notify you without undue delay where the risk to you is high. This is required by UK GDPR Articles 33 and 34.
15. Sub-processors
The following sub-processors handle your personal data on our behalf. The full list with role, location, and safeguards is set out in our Data Processing Agreement at https://legal.141kg.com/dpa/.
- Vercel (United States): application hosting.
- Supabase (Singapore, EU Ireland region for our data): database and authentication.
- Fastmail (Australia): corporate email.
- Resend (United States): transactional email (invites, password resets, notifications), and engagement email sent on a PT instruction.
- Stripe (United States): payment processing and subscription billing. Card data is held by Stripe; we do not store card numbers.
- Microsoft (United States, with EU and UK regions where available): internal staff messaging and calls via Teams. Client references are limited to first names; no surnames, emails, or other client details.
If we add or change a sub-processor, we will update the DPA and notify PTs in the app.
16. Changes to this notice
We may update this notice from time to time. When we do, we will:
- Bump the version number at the top of this document.
- Show you the updated notice in the app the next time you log in.
- Where the change is material, ask you to acknowledge it before continuing.
Previous versions are available on request.
17. Contact
For anything about your data, including to exercise any of the rights in section 11, email admin@141kg.com.