Privacy Policy

Last Updated: 7/29/2025

1. Introduction

Gymminity ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you use our gym management SaaS platform.

2. Information We Collect

  • Contact details: Name, email, phone number
  • Business information: Gym name, location, staff profiles
  • Customer data: Member profiles, attendance, payment data
  • Technical data: IP address, browser type, device identifiers
  • Usage data: Access logs, feature usage, activity metrics
  • Cookies & tracking: Session cookies, analytics cookies, etc.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Performance of a contract (e.g. providing our services)
  • Consent (e.g. marketing emails, cookie tracking)
  • Legal obligations (e.g. tax, fraud prevention)
  • Legitimate interests (e.g. service improvement, analytics)

4. How We Use Your Information

  • To operate and manage the Gymminity platform
  • To process transactions and manage billing
  • To personalize user experience and improve performance
  • To send important updates, alerts, and offers
  • To ensure security and prevent unauthorized access
  • To comply with regulatory obligations

5. Cookies and Tracking Technologies

We use cookies and similar technologies to collect usage data and improve the user experience. You can control cookie preferences via your browser or through our cookie settings banner.

Types of cookies we use include: essential cookies, analytics cookies (e.g. Google Analytics), and functionality cookies.

6. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law. Gym owners are responsible for managing retention of their gym members' data.

7. Third-Party Services

We use trusted third-party services for functions such as:

  • Payment processing (e.g. Stripe)
  • Email delivery (e.g. SendGrid)
  • Analytics (e.g. Google Analytics)
  • Cloud hosting (e.g. AWS)

These providers are contractually obligated to process data in accordance with applicable privacy laws.

8. Cross-Border Data Transfers

Your information may be transferred to and stored on servers located outside your country. We ensure appropriate safeguards such as Standard Contractual Clauses or compliance with the EU-U.S. Data Privacy Framework.

9. Data Security

We implement technical and organizational measures to protect your data, including encryption, secure cloud storage, and access controls. Despite these efforts, no method of transmission over the internet is 100% secure.

10. Your Rights

You may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion of your data (subject to legal exceptions)
  • Restrict or object to data processing
  • Receive a copy of your data in a portable format
  • Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us at privacy@gymminity.com.

11. Children's Privacy

Our service is not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided us data, please contact us to have it deleted.

12. Data Breach Notification

In the event of a data breach that affects your personal data, we will notify you and relevant authorities as required by applicable laws.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices. We will notify users via email or in-app notice before significant changes take effect.