Back to Home

Privacy Policy

Last updated: December 07, 2025

1. Introduction

Welcome to Road Daily Plan. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our service.

Road Daily Plan is operated from the Netherlands and complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Processing Purposes

To create an account

We process your personal data to register your account, process your payment, and provide you with access to the Service. The data processed for this purpose includes:

  • Name
  • Email address: Required for account creation and communication
  • Password: Encrypted and securely stored
  • Preferred language/locale: To provide service in your language

To generate a personalized plan

We process health and lifestyle data provided by you in the onboarding wizard to generate a personalized workout, nutrition, and sleep plan using artificial intelligence. This data includes:

  • Biometric Data: Age, sex, height, weight, and activity level.
  • Work & Schedule Context: Route type, typical schedule, stops per day, time available per rest stop, and medical renewal deadline.
  • Physical Constraints & Health: Specific trouble areas, available exercise locations, available equipment, sleep challenges, sleep location, and related details provided in open text fields.
  • Nutrition Context: Country of operation, primary truck stop chains frequented, dietary restrictions, food avoidances, budget preferences, available truck appliances, and related details provided in open text fields.
  • Goals: Main health goal, target weight, and desired plan duration.

Usage Data

  • Pages visited and features used
  • Browser type and device information
  • IP address and general location (for pricing and fraud prevention)
  • Session data for authentication

Payment Information

Payment processing is handled by our Merchant of Record, Paddle. We do not store credit card numbers or full payment details. We only receive payment confirmation and transaction IDs.

3. How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: Generate personalized AI-powered health plans based on your inputs
  • Authentication: Maintain your account and session security
  • Payment Processing: Process payments and prevent fraud
  • Communication: Send transactional emails (account confirmation, password resets, plan completion)
  • Progress Tracking: Display your achievements and progress over time
  • Service Improvement: Analyze anonymous usage data to improve our service
  • Legal Compliance: Comply with legal obligations and protect our rights

4. Legal Basis for Processing (GDPR)

  • Explicit Consent (Special Category Data): We process your health-related data (including weight, lifestyle factors, and physical limitations) only with your explicit consent, which you provide via the checkbox during the account creation process. You may withdraw this consent at any time by deleting your account, which will cease all processing of your health data.
  • Contract Performance: Processing necessary to manage your account, process payments, and deliver the digital products (PDFs and dashboard access) you have purchased.
  • Legitimate Interest: Anonymous analytics to improve site performance, security monitoring, and fraud prevention.
  • Consent: Enhanced analytics, session recordings, and marketing tracking (you can withdraw this anytime via Cookie Settings ).
  • Legal Obligation: Tax records, fraud prevention, and compliance with financial regulations.

5. Third-Party Services

We use the following third-party services that may process your data:

Paddle (Payment Processing)

Merchant of record for payments, tax compliance, and fraud prevention. Paddle is certified under PCI DSS Level 1 compliance.

Transactional Email Service

For account-related emails only (no marketing). All emails are transactional and necessary for the service to function.

PostHog Analytics (EU-hosted)

Privacy-first analytics hosted in the EU. Tier 1 (anonymous) runs by default. Tier 2 (session recordings) requires your explicit consent. See our Cookie Policy for details.

AI Service Provider

Your health information is sent to our AI service provider to generate personalized plans. Data is processed securely and is not used to train AI models.

Meta Pixel (Optional - Consent Required)

Only loaded if you accept cookies. Used for conversion tracking and retargeting. Data transfers to Meta (US-based) use EU Standard Contractual Clauses for GDPR compliance.

6. Data Storage & Security

  • Encryption: All data stored on secure, encrypted cloud servers
  • Backups: Regular automated backups to prevent data loss
  • Password Security: Passwords encrypted using industry-standard bcrypt hashing
  • Session Protection: Secure cookies with CSRF tokens and HTTPS encryption
  • Data Location: Primary servers located in Europe (GDPR-compliant)

7. Data Retention

  • Active Accounts: We retain your personal data while your account is active. An account is considered "active" if you have signed in at least once within the last 6 months.
  • Inactive Accounts & Automated Deletion: If you do not sign in for 6 consecutive months, your account is classified as "inactive." We retain inactive account data for a subsequent grace period of 6 months. After a total of 12 months of inactivity, your account and all associated personal data are automatically and permanently deleted (with prior notice).
  • Progress Logs: Your daily logs, plan history, and biometric data are retained for the lifetime of your account.
  • Payment Records: Transactional records are retained for 7 years to comply with tax and accounting regulations. These records do not contain credit card details.
  • Deleted Accounts: Data permanently deleted within 30 days of deletion request

8. Your Rights Under GDPR

If you are in the European Union, you have the following rights:

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Correct inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten")

Request deletion of your data. Available in your dashboard under Settings > Privacy & Data.

Right to Data Portability

Receive your data in a machine-readable format (JSON).

Right to Object

Object to certain types of data processing, including marketing.

Right to Withdraw Consent

Withdraw cookie consent at any time via our Cookie Policy page or footer link.

To exercise any of these rights, please contact us at [email protected] . We will respond within 30 days as required by GDPR.

9. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

10. International Data Transfers

While our primary servers are located in Europe, some third-party services (like Meta Pixel) may transfer data internationally. All international data transfers are protected by:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Other appropriate safeguards as required by GDPR

11. Changes to This Privacy Policy

We may update this privacy policy from time to time. When we make significant changes, we will notify you via email. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data:

Email: [email protected]

Response Time: Within 48 hours for general inquiries, 30 days for GDPR requests

Company Information:

"my name" (Trading as Road Daily Plan),Leiden, Netherlands

EU Supervisory Authority

If you are in the EU and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority.