This Privacy Policy explains how Gymilo ("Gymilo", "we", "us" or "our") collects, uses, discloses and safeguards your information when you use our gym management platform, websites and related services (together, the "Services"). By using the Services you agree to the practices described below. If you do not agree, please do not use the Services.
1 Information We Collect
We collect information you provide directly, information generated as you use the Services, and information from third parties.
Information you provide
- Account & profile data — name, email address, phone number, password and gym/business details.
- Member & client records that gym operators enter into the platform, such as contact details, memberships, attendance and bookings.
- Billing data — plan selection and transaction details. Card payments are processed by our payment providers; we do not store full card numbers.
- Communications — messages you send to support, demo requests and survey responses.
Information collected automatically
- Usage data — pages visited, features used, actions taken and timestamps.
- Device & log data — IP address, browser type, operating system and referring pages.
- Cookies & similar technologies — used to keep you signed in, remember preferences and measure performance.
2 How We Use Your Information
We use the information we collect to:
- Provide, operate, maintain and improve the Services;
- Create and manage accounts and authenticate users;
- Process payments, subscriptions and renewals;
- Send transactional messages, service updates and security alerts;
- Provide customer support and respond to your requests;
- Monitor usage, detect fraud and protect the integrity of the platform; and
- Comply with legal obligations and enforce our agreements.
3 Operators and Member Data
Gyms and businesses that use Gymilo (each an "Operator") decide what member and client information to enter and how to use it. For that data, the Operator is the controller and Gymilo acts as a processor on their behalf. If you are a member or client of a gym, please direct requests about your personal data to that gym; we will support them in responding.
4 How We Share Information
We do not sell your personal information. We share it only in these circumstances:
- Service providers — vendors who host infrastructure, process payments, send email/SMS or provide analytics, under contractual confidentiality obligations.
- Within your gym — staff and administrators of the Operator you belong to, according to their assigned roles and permissions.
- Legal & safety — when required by law, or to protect the rights, property or safety of Gymilo, our users or the public.
- Business transfers — in connection with a merger, acquisition or sale of assets, subject to this Policy.
5 Data Security
We use administrative, technical and organizational safeguards — including encryption in transit, access controls and the principle of least privilege — designed to protect your information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
6 Data Retention
We retain personal information for as long as your account is active or as needed to provide the Services, comply with our legal obligations, resolve disputes and enforce our agreements. When data is no longer required, we delete or anonymize it.
7 Your Rights and Choices
Depending on where you live, you may have the right to:
- Access, correct or delete your personal information;
- Object to or restrict certain processing;
- Request a portable copy of your data; and
- Withdraw consent where processing is based on consent.
To exercise any of these rights, contact us using the details below. You can also manage many settings directly from your account, and opt out of marketing emails using the unsubscribe link in those messages.
8 Cookies
We use strictly necessary cookies to operate the Services (for example, to keep you signed in) and optional cookies to understand usage and improve performance. You can control cookies through your browser settings, though disabling some may affect how the Services work.
9 Children's Privacy
The Services are intended for businesses and are not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us so we can remove it.
10 Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, notify you. Your continued use of the Services after changes take effect constitutes acceptance of the updated Policy.
Contact Us
If you have questions about this Privacy Policy or how we handle your data, reach out to us:
Email: support@gymilo.com