Privacy Policy

Last updated: May 29, 2026

1. Introduction

This Privacy Policy explains how Mandy’s Power (“Mandy’s Power”, “we”, “us”, or “our”), a fitness coaching business based in Dubai, United Arab Emirates and operating through the website mandyspower.com, collects, uses, shares, and protects your personal data when you visit mandyspower.com (the “Site”) or use our coaching services, digital products, and related services (together, the “Services”).

We are the controller responsible for your personal data. By using the Services you acknowledge that you have read and understood this Policy. We handle personal data in line with applicable United Arab Emirates data protection law, including Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, and, where it applies to visitors located in those regions, the EU and UK General Data Protection Regulation.

2. Scope

This Policy applies to personal data we collect through the Site, during the sale and delivery of digital products, during coaching, through our newsletter and forms, and through any other interaction with us. It does not apply to third-party websites or services that we link to, which have their own privacy policies.

3. Information we collect

We collect the following categories of personal data:

  • Account and identity data: name, email address, username, password, and country.
  • Purchase and payment data: products purchased, order history, billing details, currency, and partial payment information. Full card details are collected and processed directly by our payment provider (Stripe) and are not stored by us.
  • Coaching and health data: for coaching clients, information you choose to provide such as age, height, weight, body measurements, fitness goals, activity levels, training history, injuries, medical history, medications, dietary information, progress photos, and similar details. See section 4 for how we treat this sensitive data.
  • Communications: messages, check-ins, support requests, and any information you provide when you contact us.
  • Marketing data: your email address and preferences when you subscribe to our newsletter or community list.
  • Technical and usage data: IP address, approximate location, device and browser type, pages viewed, referral source, and how you interact with the Site.
  • Cookie data: data collected through cookies and similar technologies, as described in our Cookie Policy.

4. Sensitive and health data

To provide coaching safely and effectively, we may process health-related information that you voluntarily provide, such as injuries, medical conditions, medications, and body measurements. This is treated as sensitive personal data and we only process it with your explicit consent and for the purpose of delivering coaching to you.

You are not required to share any health information, but if you choose not to, we may be unable to provide safe or appropriate coaching. You can withdraw your consent at any time by contacting us, which will end the relevant processing going forward, although it will not affect processing already carried out.

5. How we use your information and our legal bases

We use your personal data for the following purposes:

  • To provide the Services (deliver coaching, fulfil digital product orders, manage your account). Legal basis: performance of a contract.
  • To deliver coaching using your health information. Legal basis: your explicit consent.
  • To process payments and prevent fraud. Legal basis: performance of a contract and legitimate interests.
  • To communicate with you about your account, orders, and support requests. Legal basis: performance of a contract and legitimate interests.
  • To send marketing and newsletter emails where you have opted in. Legal basis: your consent. You can unsubscribe at any time.
  • To operate, secure, and improve the Site and understand how it is used. Legal basis: legitimate interests and, for non-essential cookies, your consent.
  • To comply with legal obligations and to establish, exercise, or defend legal claims. Legal basis: legal obligation and legitimate interests.

6. Cookies and similar technologies

We use cookies and similar technologies to operate the Site and remember your preferences. We do not describe individual cookies here. Full details of the cookies we use, their purposes, and how to manage or withdraw your consent are set out in our Cookie Policy. You can review and change your choices at any time through the cookie settings on the Site.

7. How we share your information

We do not sell your personal data. We use self-hosted, privacy-friendly analytics and do not share your data with any third-party analytics or advertising company. We share personal data only as needed with:

  • Service providers who process data on our behalf, including our payment processor (Stripe), our email delivery provider (Postmark, used to send newsletter and transactional emails), the online application we use to deliver coaching and through which coaching and health information is processed, and our hosting and infrastructure providers. These providers are only permitted to use your data to provide services to us.
  • Professional advisers such as lawyers and accountants where necessary.
  • Authorities or third parties where required by law, to comply with a legal process, or to protect our rights, safety, or property.
  • A successor in the event of a merger, acquisition, or sale of assets, subject to this Policy.

8. International data transfers

We are based in the United Arab Emirates. Some of our service providers, including our payment processor and our email delivery provider, are located outside the UAE and may store or process data abroad. Where personal data is transferred outside the UAE or, for relevant users, outside the EEA or UK, we take steps to ensure an appropriate level of protection in line with applicable data protection law, such as relying on adequacy decisions or appropriate contractual safeguards.

9. Data retention

We keep your personal data only for as long as necessary for the purposes set out in this Policy, including to provide the Services, to comply with legal, tax, and accounting obligations, and to resolve disputes. When data is no longer needed, we delete or anonymise it. Coaching and health data is retained only for as long as needed to deliver coaching and for a reasonable period afterwards, unless a longer period is required by law.

10. Data security

We use appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or alteration. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential.

11. Your rights

Subject to applicable law, you have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate or incomplete data;
  • request deletion of your data;
  • object to or request restriction of certain processing;
  • withdraw consent at any time, where processing is based on consent;
  • request a copy of certain data in a portable format; and
  • lodge a complaint with the relevant data protection authority.

To exercise any of these rights, contact us at contact@mandyspower.com. We will respond within the time required by applicable law. You may also have the right to complain to the UAE Data Office or, if you are located in the EEA or UK, to your local supervisory authority.

12. Marketing communications

If you have subscribed to our newsletter or marketing emails, you can opt out at any time by using the unsubscribe link in any email or by contacting us. We will continue to send you essential service messages relating to your account or purchases.

13. Children

The Services are intended for users aged 16 and over. We do not knowingly collect personal data from anyone under 16. If you are between 16 and 18, you should only use the Services with the consent of a parent or guardian. If you believe we have collected data from a child under 16, please contact us so we can delete it.

14. Third-party links

The Site may contain links to third-party websites and services. We are not responsible for the privacy practices or content of those third parties, and we encourage you to review their privacy policies.

15. Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date above reflects the most recent version. Material changes will be made clear on the Site. Your continued use of the Services after changes are posted constitutes acceptance of the updated Policy.

16. Contact us

If you have any questions about this Privacy Policy or how we handle your personal data, contact:

Mandy’s Power
Email: contact@mandyspower.com
Dubai, United Arab Emirates

This website uses cookies to enhance your browsing experience and ensure the site functions properly. By continuing to use this site, you acknowledge and accept our use of cookies.

Accept All Accept Required Only