GAIT

Privacy Policy

Last updated: June 2025

GAIT is operated by GAIT Digital Ltd (“GAIT”, “we”, “us”, “our”). This policy explains what personal data we collect, why we collect it, and how we use and protect it. By using the GAIT platform you agree to this policy.

Who we are

GAIT Digital Ltd is the data controller for personal data collected through the GAIT platform (gaitportal.com and associated mobile applications). If you have questions about this policy or wish to exercise your rights, contact us at privacy@gaitportal.com.

Data we collect

We collect information you provide directly when you create an account (name, email address, billing details) and information generated by your use of the platform (exercise plans, client relationships, subscription status). We also collect standard technical data such as IP address, browser type, and usage analytics via PostHog and error reports via Sentry.

How we use your data

We use your data to operate the GAIT platform, process subscription payments via Stripe, send transactional emails via Resend (account confirmation, password reset, invitation emails), provide customer support, and improve the product. We do not sell your data to third parties.

Legal basis for processing

For trainers (physiotherapists): we process your data to fulfil our contract with you (providing the platform), to comply with legal obligations (billing records), and on the basis of legitimate interests (platform security and improvement). For horse owners: we process your data on the basis of legitimate interests in delivering the service requested by your physiotherapist, and your consent where required.

Data sharing

We share data with the following third-party processors: Stripe (payment processing), Fly.io (cloud infrastructure), Mux (video hosting), Cloudflare (CDN, image hosting, DNS), Resend (transactional email), PostHog (analytics), and Sentry (error monitoring). All processors are bound by data processing agreements and are prohibited from using your data for their own purposes.

Data retention

We retain account data for as long as your account is active. If you delete your account we will remove your personal data within 30 days, except where we are legally required to retain it (for example, billing records which we retain for seven years). Exercise plans associated with a client relationship may be retained in anonymised form.

Your rights

Under UK GDPR you have the right to access, correct, or delete your personal data; to restrict or object to processing; and to data portability. You can exercise most of these rights directly from your account settings. To submit a formal request contact privacy@gaitportal.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ico.org.uk).

Cookies

We use strictly necessary cookies to keep you signed in (httpOnly session cookies). We use analytics cookies only with your consent. You can manage your cookie preferences at any time via the cookie preferences link in the footer.

Changes to this policy

We may update this policy from time to time. If we make material changes we will notify you by email or via an in-app notice. The date at the top of this page reflects the most recent revision.