Privacy Policy

This Policy provides basic information about the purposes, methods of processing and security of your personal data as a user of the website (hereinafter referred to as the Store). By reading the Privacy Policy, you will find out who is the administrator of your personal data, what personal data is collected by the Store, for what purposes it is used and how it is protected.


1)      Basic information

a)  The Data Controller of personal data collected via the Store is Maciej Osytek, , address: ul. Środkowa 25, 05-540 Ustanów, PL, NIP: 5342318535, REGON: 368013196.

b)  Contact with the Data Controller is possible via the contact form available at .

2)      Data Processing principles

a)  Personal data collected by the Data Controller through the Store is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR and other relevant data protection legal acts.

b)  The Data Controller processes personal data in accordance with the following principles:

i)        based on a legal basis and in accordance with the law

ii)      not more than necessary

iii)    no longer than necessary

iv)    ensuring adequate data security

3)      Type of personal data processed, purpose and scope of data collection

a)  The Data Controller processes your personal data in the following cases:

i)        Contact via the contact form

If you use the contact form, you will be asked to provide your e-mail address so that we can answer you. If you do not have an account with us, your data will be deleted as soon as we reply to your message.

ii)      Purchase in the Store

If you decide to make a purchase in the Store, you will be asked to provide personal data such as: e-mail address, name, surname, address and, if you want to receive an invoice – TAX ID and company’s name. We need this data to provide the services specified in the agreement. Your e-mail address may also be used for us to send commercial information by electronic means, but only if you agree to it by checking the appropriate box when making a purchase (consent may be withdrawn later).

The data collected for the purpose of performing the concluded agreement are subject to cessation of processing for this purpose within 3 months from the performance or other termination of the agreement.

iii)    Using the online coaching service

If you use the online coaching service, you will be asked to complete an initial questionnaire, which enables us to identify your needs and adjust the service to your needs accordingly. If you have purchased training coaching, we will ask for data such as: birth year, gender, height, weight, training goals, number of days a week you can train, level of physical fitness, past injuries, health problems, whether you smoke or drink alcohol, mode of work or study, level of motivation, preferred training location, what training accessories you have or are ready to buy for the purpose of training, the preferred nature of the training.

If you have purchased dietary coaching, we will ask for data such as: do you follow a special type of diet, how many meals do you eat during the day, how often you eat between meals, do you use any dietary supplements, how much fluids do you drink during the day, do you notice any disturbing symptoms, what foods do you like, what foods you do not like, whether you have food intolerances or allergies, have you ever used any diets and with what effect, do you eat in restaurants, what are the characteristics of your diet.

We need this data to provide the services specified in the agreement. The data collected for the purpose of performing the concluded agreement are subject to cessation of processing for this purpose within 3 months from the performance or other termination of the agreement.

iv)    Subscribing to the newsletter

If you choose to subscribe to the Iron Nation newsletter , you will be asked to enter your email address. It will be used by us for marketing purposes. From time to time, we will send you messages containing information about new articles that have appeared on the blog, as well as available offers, promotions and new products appearing in the Store. The legal basis for data processing is the consent given when subscribing to the newsletter. This consent may be withdrawn at any time, which will make us stop sending messages and delete your data from our databases.

b)  Providing personal data by the user is voluntary.

c)  When using the Store, additional information may be collected, in particular: the IP address assigned to your computer or the external IP address of your Internet provider, domain name, browser type, access time, operating system type. We register this information for statistical and analytical purposes as well as for monitoring traffic on the Store with the use of cookies, based on the Data Controller’s legitimate interest related to the correct functioning of the Store and conducting website traffic analysis.

d)  Personal data will also be processed by automated means in the form of profiling, provided that you consent to this on the basis of Article 6(1)(a) of the GDPR. If you express your consent, you will be assigned a profile for the purposes of decision making based on your choices, and analysis or prediction of your preferences and behavior.

e)  The Store uses Google reCAPTCHA technology on the following pages: contact, account registration, password reminder, account activation link resend request. This is used to distinguish whether a request has been made by an individual or has been abused by automated programs/bots. This helps to maintain the security of the Store, is therefore our legitimate interest and fulfils our legal obligation. The service includes the transmission of your IP address and possibly other data required by Google Inc. for the operation of the reCAPTCHA service. In this respect, different data protection regulations of Google Inc. apply. Further information on data protection by Google Inc. can be found at .

4)      Sharing of personal data

a)  Users’ personal data is transferred to service providers used by the Data Controller in running the website. The service providers to whom the personal data is transferred, depending on the contractual arrangements and circumstances, are either subject to the Data Controller’s instructions as to the purposes and means of processing the data (processors) or determine themselves the purposes and means of processing the data (controllers).

b)  Your personal information is stored only within the European Economic Area (EEA).

c)  A list of service providers to whom we share data is available at .

5)      The right to control, access and rectify your data

a)  The data subject has the right to access the content of their personal data and the right to rectification, erasure, restriction of processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.

b)  The legal basis for the user’s request:

i)        Right of access to data – Article 15 of the GDPR

ii)      Right to rectification – Article 16 of the GDPR.

iii)    Right to erasure of data (so-called right to be forgotten) – Article 17 of the GDPR.

iv)    Right to restriction of processing – Article 18 of the GDPR.

v)      Right to data portability – Article 20 of the GDPR.

vi)    Right to object – Article 21 of the GDPR

vii)   Right to withdrawal of consent – Article 7(3) of the GDPR.

c)  In order to exercise the rights referred to in point 5.b., you can send a relevant message via the contact form.

d)  When the user makes a request exercising their rights referred to in point 5.b., the Data Controller shall either comply with the request immediately or refuse to comply with it, but no later than within one month of receiving the request. However, if – due to the complexity of the request or the number of requests – the Data Controller is not able to meet the request within a month, they will meet it within the next two months by informing the user about the intended extension of the deadline and the reasons for it within a month of receiving the request.

e)  If it is determined that the processing of personal data violates the provisions of the GDPR, the data subject has the right to file a claim with the Supervisory Authority, represented in Poland by the Polish Data Protection Authority. Any data subject who resides outside of Poland may file a claim with the Supervisory Authority appointed in their country of residence.

6)      Cookies

a)  Cookies are IT data, in particular text files that are stored on your device, i.e. your computer, laptop or smartphone, depending on which device you use to use the Store. Cookies usually contain the name of the website from which they come, the time of storage on your terminal device and a unique number. You can decide how cookies are used – these settings are available in each web browser.

b)  Cookies are primarily for your convenience – by using them, the loading time of the website is significantly reduced on subsequent visits.

c)  Cookies features and purposes:

i)        adjust the content of web pages of the service to the User. They optimize the User’s navigation on the website, in particular these files allow for recognition of the device by which the website is displayed and for setting of its parameters in such a way that the navigation does not cause problems and is optimized in respect of individual needs of the User.

ii)      allow you to view a website that is tailored to your individual needs;

iii)    create statistics thanks to which the Data Controller knows which content is of interest to the Users. This allows for continuous improvement of the site and such a construction of content that will suit the visitors of the site.

iv)    allow multiple use of the login option by the User, which is much more convenient for you, because when moving around the site and visiting multiple times you are not forced to enter your login and password each time.

d)  The Store uses two main types of cookies: “session” and “permanent”. Session cookies are temporary files that are stored in the final device of the User until logging out, leaving the website or switching off the software (web browser). Permanent cookies are stored in the final device of the User for the time specified in the parameters of cookies or until they are deleted by the User.

e)  You may delete cookies at any time.

f)   Restrictions on the use of cookies introduced by the User may affect some of the Store’s functionality, making it significantly more difficult to freely use all of its options.

g)  Cookies are placed in the User’s device and can also be used by advertisers and other partners cooperating with the Store’s operator. The User may, however, delete them at any time.

h)  If you are in doubt about your cookie settings, please contact the operator of your web browser.

i)  If you do not agree to the Site’s use of cookies, please exit the Site or activate the appropriate settings on your web browser.

j)  The consent to the use of statistical cookies is voluntary; it can be granted or withdrawn at any time by deleting cookies in the settings of your web browser.

Privacy policy