How quickly can I get started with PersonaLift?

You can install the JavaScript snippet and launch your first personalization campaign in under 5 minutes. No technical knowledge required.

What results should I expect from AI personalization?

Most fitness businesses see 15–40% conversion lift within the first weeks. Results vary by offer mix, traffic quality, and implementation. Based on 247 participating customers from Oct-Dec 2024.

Do you offer integrations with fitness management software?

Yes, we integrate with GoHighLevel, Mindbody, ZenPlanner, and other fitness management platforms. Enterprise includes custom integrations.

Is there a contract or setup fee?

No setup fees and no long-term contracts. Month-to-month by default with annual discounts available. Cancel anytime with 30 days notice.

How does PersonaLift handle member data and privacy?

All data is encrypted in transit and at rest. We're GDPR and CCPA compliant. No personally identifiable information is stored without consent. Enterprise customers receive dedicated data processing agreements.

Data Processing Agreement

GDPR-compliant data processing terms for Enterprise customers and data protection compliance

Enterprise Customers

This DPA is automatically incorporated into your Enterprise agreement. Professional plan customers can request DPA coverage by contacting our legal team.

GDPR Compliant

Full compliance with EU General Data Protection Regulation

Standard Contractual Clauses

EU-approved clauses for international data transfers

Sub-processor Transparency

Full disclosure of all data processing partners

Agreement Overview

This Data Processing Agreement ("DPA") forms part of the PersonaLift Service Agreement between PersonaLift Inc. ("PersonaLift," "Processor") and the Customer ("Controller") regarding the processing of Personal Data in accordance with applicable Data Protection Laws.

Key Terms

Controller

The Customer who determines the purposes and means of processing Personal Data

Processor

PersonaLift, who processes Personal Data on behalf of the Controller

Personal Data

Any data relating to website visitors processed through our personalization service

Data Protection Laws

GDPR, CCPA, and other applicable data protection regulations

1. Processing Details

Element	Details
Purpose	AI-powered website personalization and conversion optimization
Categories of Personal Data	Behavioral data, device information, location data (anonymized), session identifiers
Data Subjects	Website visitors of Controller's properties
Retention Period	26 months maximum, or as instructed by Controller
Processing Operations	Collection, analysis, storage, automated decision-making, deletion

2. Processor Obligations

Process Personal Data only on documented instructions from the Controller

Ensure confidentiality of processing through appropriate technical and organizational measures

Implement appropriate security measures including encryption and access controls

Only engage sub-processors with Controller approval and equivalent protection

Assist Controller in responding to data subject requests within 30 days

Notify Controller of any data breaches within 24 hours of discovery

Conduct Data Protection Impact Assessments when required

Delete or return Personal Data upon termination of services

3. International Data Transfers

PersonaLift may transfer Personal Data to countries outside the EEA for processing. All transfers are protected by appropriate safeguards:

Transfer Mechanisms

• Standard Contractual Clauses (EU Commission approved)
• Adequacy decisions for certain countries
• Additional contractual safeguards where required

4. Security Measures

Technical Safeguards

• Encryption in transit (TLS 1.3)
• Encryption at rest (AES-256)
• Multi-factor authentication
• Regular security audits
• Automated backup systems

Organizational Measures

• Role-based access controls
• Employee background checks
• Data protection training
• Incident response procedures
• Regular compliance audits

5. Sub-processors

PersonaLift engages the following categories of sub-processors. A complete and current list is available on our Sub-processors page.

Cloud Infrastructure

AWS, Google Cloud Platform - for hosting and data storage

Analytics

Google Analytics, Mixpanel - for usage analytics and performance monitoring

Support Services

Zendesk, Intercom - for customer support and communication

Sub-processor Changes

We will provide 30 days notice of any new sub-processors. Customers may object to new sub-processors and terminate services if no suitable alternative can be found.

6. Data Subject Rights

PersonaLift will assist Controllers in responding to data subject requests, including:

Individual Rights

• Right of access
• Right of rectification
• Right to erasure
• Right to restrict processing

Additional Rights

• Right to data portability
• Right to object to processing
• Rights related to automated decision-making
• Right to withdraw consent

Response Timeframes

PersonaLift will provide assistance within 30 days of receiving a data subject request from the Controller. Emergency requests (e.g., data breaches) will be handled within 24 hours.

7. Contact Information

Data Protection Officer

Email: dpo@personalift.io
Address: PersonaLift Inc.
548 Market Street, Suite 35410
San Francisco, CA 94104

Legal & Compliance

Email: legal@personalift.io
Phone: +1 (415) 555-0847
Emergency: Available 24/7 for data breaches

This Data Processing Agreement is effective as of January 2025 and governs the processing of Personal Data by PersonaLift Inc. on behalf of its customers in accordance with applicable Data Protection Laws.

Last updated: January 2025 | Version 2.1