Last updated: 20 April 2026

At StretchyEasy, we take your privacy seriously. This policy explains what information we collect, why we collect it, what we do with it, and how you can control it. We’ve tried to keep things simple and clear.
If you have any questions after reading this, just contact us at hello@stretchyeasy.com. For data protection questions specifically, write to hello@stretchyeasy.com with the subject line 'Data Protection Request'.

1. Who we are
We are Naforiam Limited, a company registered in Cyprus, with our office at Evangelou Floraki 6A2643 Nicosia, Cyprus.
When we say “we”, “us”, or “our” in this policy, that’s who we mean.
Our service is the StretchyEasy website (StretchyEasy), services and the subscription that gives you stretching and flexibility training content (we call all of this the “Service”).

2. What information do we collect?
It depends on how you use StretchyEasy. Here are the main types:
• Account info – your name, email address, username, password (stored securely, not in plain text), country, and language preferences.
• Payment info – what plan you’re on, when your subscription renews, payment amount, and transaction ID. We do not store your full credit or debit card number. That all goes directly to our secure payment partners (like Stripe or PayPal).
• Health and activity info (if you choose to share it) – things like height, weight, age, flexibility level, injuries, or training goals. You only share this if you want to, and we only use it to personalise your training. You can delete it anytime from your profile settings.
• Technical and usage data – your IP address, browser type, device model, which pages you visit, how long you use the Service, your training progress, and where you came from (e.g., a Google search or an ad).
• Communications – anything you send us: support requests, feedback, or emails.

3. Why do we process your data and on what legal basis?
We only process your data when we have a valid reason under the law. Here’s how it works:
• To perform our contract with you – creating your account, providing the service, processing payments, helping you with support.
• With your consent – collecting health data, sending you marketing emails, using non-essential cookies. You can withdraw consent anytime.
• For our legitimate interests – keeping the service secure, preventing fraud, improving features, and doing internal analytics (without identifying you personally).
• To follow the law – keeping accounting and tax records, responding to legal requests from authorities.

4. What do we use your information for?
Here are the main ways we use your data:
• Registering and logging you in
• Giving you access to training and personalising content
• Handling payments, renewals, cancellations, and refunds
• Sending you service-related messages (like changes to our terms)
• Providing customer support
• Sending marketing emails – only if you agree (or where we’re allowed to give you an opt-out)
• Improving StretchyEasy and developing new features
• Keeping the service secure and preventing fraud
• Complying with the law

5. Do we share your information?
No, we never sell your personal data. But we do share it with some trusted partners who help us run the service:
• Hosting & cloud providers – to store data and run the website/app
• Payment processors (Stripe, PayPal, etc.) – to handle payments securely
• Analytics tools (Google Analytics etc.) – to understand how people use StretchyEasy (only if you’ve agreed via cookies)
• Email & support platforms (SendGrid, Intercom, etc.) – to send emails and manage customer service
• Professional advisors – lawyers, auditors, accountants
• Authorities – only if required by law

6. Where is my data stored?
Most of your data stays within the European Economic Area (EEA). If we need to send it outside the EEA, we use legal safeguards like EU Standard Contractual Clauses to make sure it’s still protected.

7. How long do we keep your data?
We don’t keep your data forever. Here are the main timeframes:
• Account data – while you have an account, plus 3 years after you close it
• Financial records – 6 years (as required by Cyprus tax law)
• Security logs – up to 12 months
• Support messages – up to 2 years
• Marketing consents – until you withdraw your consent
• Health data – until you delete it or close your account
After these periods, your data is either deleted or anonymised (so it can’t be traced back to you).

8. What are your rights?
Under data protection law, you have the right to:
• Access – ask us for a copy of your data
• Correct – fix inaccurate information
• Delete – ask us to erase your data (“right to be forgotten”)
• Restrict – limit how we use your data
• Port – get your data in a common format and move it to another service
• Object – say no to processing based on legitimate interests or direct marketing
• Withdraw consent – anytime, without affecting anything done before
• Lodge a complaint – with the Cyprus data protection authority (contact details below)
To exercise any of these rights, email us at hello@stretchyeasy.com. We’ll respond within one month.
Cyprus Supervisory Authority:
Office of the Commissioner for Personal Data Protection
1 Iasonos Street, 1082 Nicosia, Cyprus
Email: commissioner@dataprotection.gov.cy
Website: www.dataprotection.gov.cy

9. Automated decisions and profiling?
We may use algorithms to suggest training programmes based on your level, goals, or injuries. These recommendations don’t have legal effects on you, and you can always adjust them manually or contact support.

10. How do we protect your data?
We take security seriously. We use TLS encryption (the same as online banking), encrypt data where it’s stored, control who has access, do regular backups, and train our staff. If a data breach happens that risks your rights, we’ll tell the authorities within 72 hours and notify you if required.

11. Children
StretchyEasy is not meant for children under 18. We don’t knowingly collect data from anyone under 14. If you’re a parent and think your child under 14 has given us data, please contact us and we’ll delete it.

12. Cookies and similar technologies
Cookies are small text files that websites place on your device. They help the website remember you and your preferences.
What cookies do we use?
• Strictly necessary – these are essential. Without them, the website won’t work properly. You can’t turn these off.
• Functional – remember your preferences (like language or time zone). You choose whether to allow these.
• Analytics – help us see how people use the site (e.g., most popular pages). You choose whether to allow these.
• Marketing – show you relevant ads on other platforms and measure ad performance. You choose whether to allow these.
How do you control cookies?
When you first visit our site, you’ll see a cookie banner where you can:
• Accept all non-essential cookies
• Reject all non-essential cookies
• Customise your preferences
You can change your mind anytime by clicking the “Cookie Settings” link in the website footer. You can also delete cookies through your browser settings.
Simply continuing to browse or closing the banner does not count as consent under European law.

13. Updates to this policy
We may update this policy from time to time. If we make important changes, we’ll notify you by email or with a notice in the app at least 14 days in advance. The latest version will always be on our website.

14. Governing law
This policy is governed by the laws of Cyprus and applicable EU law. Any disputes will be handled by the courts of Cyprus, but as a consumer you can also bring proceedings in your local courts if you prefer.

15. Contact us
For questions regarding this Policy, please contact us at:
Email: hello@stretcheasy.com
Naforiam Limited, Evangelou Floraki 6A2643 Nicosia, Cyprus