Skip to content
MotionReach

Legal

Privacy Policy

Last updated: 16/04/2026

MotionReach ("we", "us", "our") builds and operates websites and a supporting dashboard for personal trainers and fitness studios. This policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights you have over it.

If you have any questions about this policy, email hello@motionreach.co.uk.

Who we are

"MotionReach" (also used as "MotionReach Digital") is a trading name of Elevate Fitness Studios Ltd, a company registered in England and Wales under company number 14881338. Its registered office is:

Elevate Fitness Studios Ltd
c/o Price & Accountants Ltd, WeWork
1 Fore Street Avenue
London EC2Y 9DT
United Kingdom

VAT number: GB491188760.

The data controller for the personal data described in this policy is Elevate Fitness Studios Ltd. We are registered with the UK Information Commissioner's Office as a data controller under registration number ZB639079. For any data-protection enquiry, contact hello@motionreach.co.uk.

What this policy covers

  • This website (motionreach.co.uk), which is a static marketing site.
  • The MotionReach dashboard, used by clients to view performance, SEO, and monitoring data for their own websites.
  • Integrations where MotionReach is authorised by a client to connect to third-party services on their behalf, including Google Search Console, Google Analytics, and Google Business Profile.

Information we collect

Information you give us

  • Contact details. Name, email address, and anything you write to us when you email hello@motionreach.co.uk or submit a contact form.
  • Account data. If you are a MotionReach client, the name, email, and business details you provide when we set up your account.

Information we collect automatically

  • Basic request data. Your IP address, user-agent string, and requested URL are recorded in our server logs when you load this site. We retain these logs for up to 30 days for security and debugging.
  • Aggregate analytics. If and when analytics are enabled on this site, they will only fire after you give consent via the cookie banner. Analytics data is aggregated and does not identify you personally.

Information we access through Google APIs

If you are a MotionReach client and you connect a Google account to your dashboard, we request read-only access to specific Google products on your behalf. We only ever request the narrowest scopes needed to do the job:

  • Google Search Console. Search queries, clicks, impressions, position data, and indexing status for sites you own.
  • Google Analytics (GA4). Aggregated visitor metrics, session data, and conversions for properties you own.
  • Google Business Profile. Reviews, ratings, and listing insights for locations you manage.

We do not request write access to any Google product unless a specific feature needs it (for example, replying to reviews), and we will tell you clearly before enabling such a feature.

How we use your information

  • To reply to enquiries you send us.
  • To run the MotionReach dashboard for you, including calculating performance scores, tracking SEO positions, monitoring uptime, and surfacing alerts.
  • To send you service-related notifications by email or Telegram, such as downtime alerts or performance drops.
  • To secure our systems, prevent abuse, and comply with our legal obligations.

We do not use your personal data, or any data obtained through Google APIs, to serve advertising, to train machine-learning models, or to sell to third parties.

Google API Services User Data Policy: Limited Use

MotionReach's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • Limited use: Google user data is only used to provide or improve the features that the user has explicitly connected it to (for example, displaying your Search Console data in your MotionReach dashboard).
  • No advertising: We do not use Google user data for advertising, profiling for advertising, or serving ads.
  • No human access: No MotionReach employee reads your Google user data, except where you have given explicit permission, where it is necessary for security purposes, to comply with applicable law, or for our internal operations where the data has been aggregated and anonymised.
  • No transfer: We do not transfer Google user data to third parties except as necessary to provide or improve the product (for example, our database provider), to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
  • No AI/ML training: We do not use Google user data, or data derived from it, to develop, improve, or train generalised AI or machine-learning models.

How we store and protect your data

  • Data is stored on managed infrastructure in the European Union (Neon Postgres in Frankfurt, Render application servers in Frankfurt).
  • Access credentials such as OAuth refresh tokens are encrypted at rest using AES-256.
  • Network traffic between your browser and our services is encrypted in transit using TLS.
  • Access to production systems is restricted to named administrators and protected by multi-factor authentication.

Data retention

  • Contact enquiries are kept for up to 24 months so we can follow up on conversations, then deleted.
  • Client account data and integration tokens are kept for as long as the client relationship is active. When a client cancels, their account data and any connected OAuth tokens are deleted within 30 days.
  • Server request logs are kept for up to 30 days.

Your rights under UK GDPR

If you are in the UK or EU, you have the right to:

  • Access a copy of the personal data we hold about you.
  • Have inaccurate data corrected.
  • Have your data deleted, where we have no lawful basis to keep it.
  • Object to processing based on legitimate interests.
  • Withdraw consent to any processing that was based on consent.
  • Port your data to another provider where technically feasible.
  • Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) if you believe we have mishandled your data.

To exercise any of these rights, email hello@motionreach.co.uk and we will respond within one calendar month.

Revoking Google access

You can revoke MotionReach's access to your Google account at any time by visiting your Google Account permissions page and removing MotionReach. When you do, your dashboard will stop showing data from the revoked integration within 24 hours, and we will delete any cached tokens for that account within 30 days.

Cookies

This site sets a strictly necessary cookie for your consent preferences. It sets no analytics or advertising cookies unless you explicitly opt in via the cookie banner.

Changes to this policy

We may update this policy from time to time. When we do, we will change the "Last updated" date at the top of this page. Material changes will also be flagged to active clients by email.

Contact

Questions, requests, or complaints about this policy should be sent to hello@motionreach.co.uk.