Privacy

STEAD AI FITNESS & LIFESTYLE LTD (“Stead AI”, “we”) is a company registered in England & Wales (company number 17239767), with its registered office at 66 Paul Street, London EC2A 4NA, United Kingdom. We build and operate the software platforms that premium training, nutrition and coaching brands run their operations on.

You can reach us about this notice at info@stead.fit.

For most personal data on our platform — the records of a client brand’s members, including operational and health-related information — that brand is the data controller and Stead AI acts as a data processor, handling the data only on the client’s documented instructions under a data processing agreement. If you are a member of one of those brands, that brand’s own privacy notice governs your relationship with them, and applies alongside this notice.

We act as a controller only for the limited data we collect directly: business enquiries sent to us, and standard technical logs from this website.

• This website. We do not run advertising trackers here. Our hosting provider keeps standard technical logs (such as IP address and request metadata) to deliver and secure the site.
• Business enquiries. If you email us, we process the contact details and content you send in order to respond.
• On behalf of client brands. As a processor, we handle member data those brands collect — which can include identity, contact, training, nutrition and clinically relevant information — strictly to provide the platform and only as instructed.

Platform data is hosted on enterprise cloud infrastructure located in the European Union and United Kingdom. We rely on a small set of vetted sub-processors to operate the platform:

• Cloud hosting and application delivery
• Managed database and storage
• AI / model processing for the in-product assistant
• Messaging delivery (email, WhatsApp / SMS)

Each sub-processor is engaged under terms that require appropriate security and confidentiality. A current list is available to clients on request.

Because our infrastructure and some sub-processors are outside Sri Lanka, member data may be transferred to and processed in the EU, the UK or other jurisdictions. Where data leaves its country of origin, we and our clients put appropriate safeguards in place and process it in a manner intended to align with the EU/UK GDPR and Sri Lanka’s Personal Data Protection Act No. 9 of 2022.

We apply technical and organisational measures appropriate to the sensitivity of the data — including access controls, encryption in transit, role-based permissions and tenant isolation — and review them as the platform evolves.

We retain data we hold as a processor for as long as our agreement with the relevant client requires, and return or delete it on termination as instructed. Direct business-enquiry data is kept only as long as needed to deal with your enquiry and our legitimate follow-up.

You have rights over your personal data, including access, correction and deletion. If you are a member of a client brand, please direct your request to that brand as the controller — we will support them in responding. For data we hold directly, contact us at info@stead.fit.

We may update this notice as our platform and obligations evolve. The date at the top reflects the most recent change.