Privacy Policy
Last updated: September 7, 2025
Your privacy is important to us. This Privacy Policy explains how Gymly ("we," "our," or "us") collects, uses, discloses, and protects your information when you use our mobile application and related services (collectively, the "Service").
1. Information We Collect
1.1 Personal Information
When you create an account or use our Service, we may collect:
- Account Information: Full name, email address, phone number, profile picture
- Authentication Data: Login credentials, social media account information (Google, Apple)
- Contact Information: Emergency contact details, communication preferences
1.2 Health and Fitness Data
To provide personalized fitness services, we collect:
- Physical Information: Height, weight, date of birth, gender
- Fitness Goals: Your fitness objectives and preferences
- Health Information: Medical conditions, fitness level, workout preferences
- Activity Data: Workout history, check-in records, progress tracking
- Emergency Information: Emergency contact details for safety purposes
1.3 Location Data
We collect location information to:
- Find nearby gyms and fitness centers
- Provide location-based recommendations
- Enable check-in functionality
- Improve our services with location analytics
Note: You can control location sharing through your device settings.
1.4 Payment Information
For gym pass purchases and payments, we collect:
- Payment method details (processed securely through Razorpay)
- Transaction history and receipts
- Billing information for subscription management
Important: We do not store your complete payment card information. All payment processing is handled by our secure payment partners.
1.5 Device and Technical Information
We automatically collect:
- Device information (model, operating system, unique device identifiers)
- App usage data and performance metrics
- IP address and network information
- Camera and storage permissions (for QR scanning and photo uploads)
1.6 Social and Community Data
When you use social features, we collect:
- Posts, comments, and interactions
- Gift transactions and social connections
- Community participation and engagement data
2. How We Use Your Information
2.1 Service Provision
- Provide and maintain the Gymly platform
- Process gym pass purchases and payments
- Enable gym discovery and check-in functionality
- Deliver personalized fitness recommendations
- Facilitate social interactions and community features
2.2 Health and Safety
- Provide emergency contact information to gym staff when needed
- Track fitness progress and provide health insights
- Ensure safe workout environments
- Comply with health and safety regulations
2.3 Communication
- Send important service updates and notifications
- Provide customer support and respond to inquiries
- Send promotional content (with your consent)
- Notify you about pass expirations and renewals
2.4 Analytics and Improvement
- Analyze app usage patterns to improve functionality
- Conduct research and development
- Monitor service performance and security
- Generate aggregated, anonymized insights
3. Information Sharing and Disclosure
3.1 Gym Partners
We share necessary information with gym partners to:
- Verify your membership and check-in status
- Provide access to gym facilities
- Ensure safety and emergency protocols
- Process payments and manage memberships
Important: Gym partners are contractually obligated to protect your information and use it only for the purposes specified in our agreements with them. They are prohibited from selling, renting, or otherwise monetizing your personal information.
3.2 Service Providers
We work with trusted third-party service providers:
- Firebase/Google: Analytics, messaging, storage, and authentication
- Supabase: Database and backend services
- Razorpay: Payment processing
- Microsoft Clarity: User experience analytics
3.3 Legal Requirements
We may disclose your information when required by law or to:
- Comply with legal obligations, court orders, or subpoenas
- Protect our rights, property, or safety, or that of our users
- Ensure user safety and prevent fraud, abuse, or illegal activities
- Respond to valid government requests with proper legal authority
- Investigate potential violations of our Terms of Service
- Protect against imminent harm to any person or property
Note: We will only disclose the minimum amount of information necessary to comply with legal requirements and will notify you of such disclosures when legally permitted to do so.
4. Data Security
We implement industry-standard security measures to protect your data:
- End-to-end encryption for sensitive data transmission
- Secure data storage with access controls
- Regular security audits and updates
- Employee training on data protection
- Incident response procedures
5. Your Rights and Choices
5.1 Access and Control
You have the right to:
- Access your personal information
- Update or correct inaccurate data
- Delete your account and associated data
- Export your data in a portable format
- Opt-out of marketing communications
5.2 Location and Permissions
You can control:
- Location sharing through device settings
- Camera and storage permissions
- Push notification preferences
- Social sharing settings
5.3 Health Data Rights
For health and fitness data specifically:
- Request access to your health information
- Correct inaccurate health data
- Delete health information (subject to legal requirements)
- Restrict processing of sensitive health data
6. Data Retention
We retain your information for as long as necessary to:
- Provide our services to you
- Comply with legal obligations
- Resolve disputes and enforce agreements
- Maintain security and prevent fraud
When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.
7. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:
- Standard contractual clauses
- Adequacy decisions by relevant authorities
- Other appropriate safeguards as required by law
8. Children's Privacy
Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy on this page
- Sending you an email notification
- Providing notice through the app
Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.
10. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- Email: contact@gymlyapp.in
- Address: Gymly Privacy Team, [Your Business Address]
For data protection inquiries, please include "Privacy Inquiry" in your subject line.
11. Regional Privacy Rights
11.1 California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act, including the right to know what personal information we collect and how we use it, the right to delete personal information, and the right to opt-out of the sale of personal information.
11.2 European Union Residents (GDPR)
If you are in the European Union, you have rights under the General Data Protection Regulation, including the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data.
11.3 Other Jurisdictions
We comply with applicable privacy laws in all jurisdictions where we operate. If you have specific privacy rights under your local laws, please contact us for assistance.
This Privacy Policy is effective as of September 7, 2025 and was last updated on September 7, 2025.