Skip to main content
Build The Shelf Join the waitlist

Legal

Privacy Policy

Effective

This Privacy Policy explains how Build The Shelf ("we", "us", "our") collects, uses, shares, and safeguards your personal data when you use our website, join our waitlist, and (in the future) use the Build The Shelf mobile app (collectively, the "Service"). It applies to visitors, waitlist subscribers, future app users, and anyone who contacts us.

1. Who we are

Build The Shelf is the data controller for the personal data described in this policy. You can reach us at hello@buildtheshelf.com.

2. The data we collect

We collect the following categories of personal data depending on how you interact with us:

  • Waitlist data: the email address you submit when joining the waitlist, plus any program-interest selections you make on the waitlist form.
  • Contact and support communications: emails you send to our support, press, or partnerships addresses, and our replies.
  • Future app account data: once the Build The Shelf app launches, we will collect account information (name, email, password stored hashed) and training-related profile data (goal, target date, equipment access). Specific details and additional rights will be covered in an updated version of this policy at app launch.
  • Future training data: training history, workout logs, optional progress photos, and any health permissions you grant via Apple Health or equivalent. This data is not collected today — it will be collected only after you create an app account.
  • Future payment data: in-app purchases and subscriptions will be processed by Apple App Store / Google Play. We do not see or store full card numbers; we only receive transaction references.
  • Usage data: IP address, browser, device, pages visited, and similar analytics information collected when you use the website.

3. How we use your data

We process personal data to:

  • Add you to the waitlist and send the launch invite when the app is ready
  • Send occasional waitlist-only notes about the build (no marketing churn)
  • Respond to support, press, and partnership inquiries
  • Improve the website and (later) the app via aggregated, non-identifying analytics
  • Comply with legal obligations and enforce our Terms of Service

4. Our legal bases (UK / EU residents)

If you are in the UK or EU, we rely on the following lawful bases under UK GDPR / GDPR:

  • Consent: joining the waitlist and receiving waitlist emails. You can withdraw at any time via the unsubscribe link in any email or by contacting us.
  • Contract: in the future, processing necessary to deliver the app you've subscribed to.
  • Legitimate interests: running our business, securing the Service, and improving our content.
  • Legal obligation: tax, accounting, and dispute records.

5. Sharing your data

We do not sell personal data. We share data only with the following categories of recipients, and only as needed to operate the Service:

  • Our email service provider — to send waitlist invites and updates
  • Apple App Store / Google Play — future subscription handling
  • Hosting and analytics providers — site delivery and aggregated usage measurement
  • Professional advisors — accountants, legal counsel, where strictly necessary
  • Authorities — when legally required by valid court order or regulator request

6. International transfers

Some of our service providers are based outside the UK / EU. Where personal data is transferred internationally, we rely on the UK International Data Transfer Agreement, EU Standard Contractual Clauses, or another approved transfer mechanism.

7. How long we keep your data

We retain personal data only as long as we need it for the purposes set out in this policy:

  • Waitlist email and program-interest data: until you unsubscribe or 24 months after launch, whichever comes first
  • Future app account and training data: while your account is active, plus 12 months
  • Payment and tax records: 7 years (statutory requirement)
  • Marketing preferences: until you withdraw consent

8. Your rights

You have the following rights in relation to your personal data:

  • Access — request a copy of the data we hold about you
  • Rectification — ask us to correct inaccurate data
  • Erasure — ask us to delete data we no longer need (including removing you from the waitlist)
  • Restriction — limit how we use your data while a query is resolved
  • Portability — receive your data in a machine-readable format
  • Objection — object to processing based on legitimate interests
  • Withdraw consent — withdraw any consent you previously gave
  • Complain — UK residents can lodge a complaint with the Information Commissioner's Office at ico.org.uk

To exercise any of these rights, email hello@buildtheshelf.com. We respond within one calendar month.

9. Security

We use industry-standard technical and organisational measures to protect personal data, including TLS in transit, encryption at rest where supported by our providers, role-based access controls, and regular review of our security posture. No system is perfectly secure; we cannot guarantee absolute security but we do our best.

10. Children's privacy

The Service is intended for users 18 and older. We do not knowingly collect personal data from children under 18. If you believe a child has provided us with personal data, contact us and we will delete it.

11. Cookies

We use cookies and similar technologies as described in our Cookie Policy.

12. Changes to this policy

We will update this policy when the Build The Shelf app launches to cover app-specific data collection. If we make a material change before then, we will notify waitlist members by email and update the effective date at the top of this page.

13. Contact

Questions about this policy or our handling of your data should go to hello@buildtheshelf.com.