Within your planning stage introductory section you should be engaging with DATA PROTECTION & GDPR protocols.
I.e, consent is integral as client feedback will ultimately tailor the direction of the project. Personal infomation and details are likely to be required also and must be handled in an ethical and suitable manner.
Article 5 of GDPR lays out six principles for processing data. If you’re a personal trainer with your own business for example then it will be your responsibility to comply with the following:
1 – Personal data must be processed in a lawful, fair and transparent manner
2 – Any data that’s collected must be done so for a specific and stated purpose. It must be explained to the user/customer/client why that data has been collected and what it is going to be used for
3 – Data collected must be relevant to a specific task, in other words, minimise the amount of data collected where possible
4 – Personal data must be kept up to date and accurate
5 – Data must not be stored for longer than is necessary
6 – Personal data must always be stored securely