Privacy policy

The data controller is Ioanna Chronopoulou, trading as Fitness Production, Andromachis 284, Kallithea 17674, Athens, Greece.

For privacy questions or deletion requests, email [email protected].

When you enter a draw, we collect your name and surname, email address, phone number, the draw you entered and the time of entry.

For abuse prevention, we also store a hashed version of your IP address and your browser user-agent. The raw IP address is not stored in this draw app after it has been hashed.

The entry form uses Cloudflare Turnstile to reduce spam and automated entries. Turnstile may process signals such as your IP address, user-agent, browser or device information, the site key and the page origin to distinguish people from bots.

We use entry data to run the draw, enforce one entry per email address and phone number, select and audit the winner, and contact the winner manually.

If you tick the optional marketing checkbox, we also use your contact details to email you about future Fitness Production giveaways and offers. You can unsubscribe anytime.

We use anti-abuse data to protect the draw, detect repeated or automated attempts, and keep the result fair for entrants.

If a draw is completed, the public page may show a privacy-safe winner name, such as first name and last initial. Full contact details are only visible to the admin.

We process entry data because it is necessary to administer the draw you choose to enter and to apply the draw terms you accept before submitting.

We send marketing emails only when you consent by ticking the optional marketing checkbox.

We process anti-abuse data based on Fitness Production's legitimate interest in preventing fraud, spam and duplicate entries.

We do not sell entrant data or use it for entrant accounts, payments or analytics. Entrants are added to our marketing contact list only when they tick the optional marketing checkbox.

Cloudflare is based in the United States, so using Turnstile involves transferring limited data outside the EU/EEA. These transfers rely on the European Commission’s Standard Contractual Clauses together with Cloudflare’s own technical and contractual safeguards.

Cloudflare processes Turnstile data to provide bot protection and may also process Turnstile signals for its own security improvement purposes under its Turnstile privacy notice.

We keep your entry data for up to 12 months after a draw is completed so we can contact the winner, resolve disputes, and maintain the draw audit record. Anti-abuse data, such as the hashed IP address and user-agent, is kept for up to 6 months from the date of entry. After these periods the data is deleted.

If you opt in to marketing emails, we keep your name and contact details for that purpose until you unsubscribe or ask us to stop, even after the draw’s other data has been deleted.

You can request deletion sooner by emailing [email protected]. If the draw is still open, the admin can delete your entry. After winner selection, deletion may be limited where the record is needed to preserve the fairness and auditability of the completed draw.

You can ask to access, correct, delete, restrict or object to the processing of your personal data, subject to legal limits that may apply to a completed draw record.

You also have the right to complain to the Hellenic Data Protection Authority or another competent EU data protection authority.

The admin area is password protected. Entrant contact details are not shown publicly, and public winner announcements use only a shortened name.