Privacy policy
Last updated: June 27, 2026
At Functional Rehab Academy, we take your privacy seriously. We are committed to processing your personal data transparently, securely, and in compliance with the EU General Data Protection Regulation (GDPR) and other applicable laws.
This Privacy Policy explains how we collect, use, share, and protect your personal information when you visit our website, sign up for our newsletter, purchase courses, or become a member of Functional Rehab Academy.
1. Data Controller
Functional Rehab Academy is a part of
- Move2Peak Academy ApS
- Bernhard Bangs Alle 23
- 2000 Frederiksberg, Danmark
- CVR: 33749651
- Email: info@functionalrehabacademy.com
If you have any questions about how we process your personal data, please contact us at the email above.
2. Personal Data We Collect
We collect the following categories of personal data:
- Identification and contact data: Name, email address, phone number, business name (if provided).
- Payment information: Processed securely via our payment provider (e.g., Stripe). We do not store full card details.
- Technical and usage data: IP address, browser type, device type, pages visited, time spent on site, and click behavior.
- Marketing and preference data: Consent for newsletters, interests in specific topics or courses.
- Course and membership data: Enrolled courses, progress, completions, and communications with us.
3. How We Collect Your Data
- Directly from you (when you register, purchase, contact us, or create an account).
- Automatically through cookies and tracking technologies on our website.
- From third parties (e.g., Facebook and Google when you interact with our ads).
We use the following tracking tools:
- Google Analytics / Google Tag Manager: To analyze website traffic, understand user behavior, and improve our services.
- Facebook Pixel (Meta): To measure ad performance, show relevant ads to serious therapists, and build lookalike audiences.
4. Purposes and Legal Basis for Processing
We process your personal data based on the following legal grounds:
4. Purposes and Legal Basis for Processing
We process your personal data based on the following legal grounds:
| Purpose | Legal Basis |
|---|---|
| Providing access to courses and membership | Contract (Art. 6(1)(b) GDPR) |
| Managing payments and subscriptions | Contract + Legitimate interest |
| Sending newsletters and marketing | Consent (Art. 6(1)(a)) or Legitimate interest |
| Analyzing and improving our platform | Legitimate interest (Art. 6(1)(f) GDPR) |
| Complying with legal obligations (accounting, taxes) | Legal obligation (Art. 6(1)(c) GDPR) |
| Protecting our business against misuse | Legitimate interest |
You can withdraw your consent for marketing at any time without affecting the lawfulness of prior processing.
5. Sharing of Personal Data
We only share your data with trusted third parties who help us operate the platform:
- Payment processors (e.g., Stripe)
- Hosting and platform providers
- Email marketing services
- Analytics and advertising partners: Google and Meta (Facebook)
- Professional service providers (accountants, legal advisors) – always under Data Processing Agreements (DPAs).
We never sell your personal data to third parties.
6. Cookies and Tracking Technologies
We use necessary cookies for the website to function properly, as well as analytics and marketing cookies (Google, Facebook). You can manage your preferences through our cookie banner.
For more details, see our [Cookie Policy] (or include it here).
7. Your Rights
You have the following rights regarding your personal data:
- Right to access
- Right to rectification or erasure
- Right to restriction of processing
- Right to data portability
- Right to object
- Right not to be subject to automated decision-making (including profiling)
To exercise any of these rights, please contact us at [insert email]. We will respond within one month.
8. Data Retention
We retain your data only as long as necessary for the purposes outlined or as required by law (e.g., 5 years for accounting records). Marketing data is deleted when you withdraw consent.
9. Security
We implement appropriate technical and organizational security measures to protect your data against unauthorized access, loss, or misuse.
10. International Transfers
Some of our processors (e.g., Google and Meta) are located in the USA. Transfers are safeguarded by Standard Contractual Clauses (SCCs) and/or other GDPR-approved mechanisms.
11. Changes to This Policy
We may update this Privacy Policy. The latest version will always be available on our website. We will notify you of material changes via email or on the website.
12. Complaints
If you are unhappy with how we process your data, you have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet) or your local supervisory authority.