Privacy Policy

Last updated: May 30, 2025

GyManage ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), India’s Digital Personal Data Protection Act, 2023 (DPDP Act), and other applicable laws.

1. Information We Collect

We collect the following types of information:

• Personal Data: Name, email address, phone number, and payment information when you register or make a purchase.
• Fitness Data: Workout preferences, fitness goals, and health metrics you provide.
• Usage Data: IP address, browser type, device information, and app usage patterns.
• Cookies: See our Cookie Policy for details.

2. How We Use Your Information

We use your information to:

• Provide and improve our services, such as personalized workout plans.
• Process payments and manage subscriptions.
• Send promotional emails (with your explicit consent).
• Analyze usage to enhance user experience.
• Comply with legal obligations in your jurisdiction.

3. Legal Basis for Processing

We process personal data based on:

• Consent: For marketing, cookies, and sensitive data (e.g., health metrics), as required by GDPR and DPDP Act.
• Contract: To provide services you’ve signed up for.
• Legitimate Interests: For improving our app and ensuring security.
• Legal Obligation: To comply with laws like the DPDP Act or IT Act, 2000 in India.

4. Your Rights

Under GDPR, you have the right to:

• Access, correct, or delete your personal data.
• Restrict or object to processing.
• Data portability.
• Withdraw consent at any time.

Under CCPA, California residents can:

• Request disclosure of data collected or sold.
• Opt-out of data sales (we do not sell your data).

Under DPDP Act (India), you have the right to:

• Confirm data processing and access a summary of your data.
• Correct, update, or erase your data.
• Nominate a representative to act on your behalf.
• File complaints with our Grievance Officer (see below).

To exercise these rights, contact us at legal@gymanage.com.

5. Data Sharing

We may share data with:

• Service providers (e.g., payment processors) under strict confidentiality agreements.
• Legal authorities if required by law, including India’s IT Act, 2000.
• Data fiduciaries compliant with DPDP Act for Indian users.

6. Data Security

We use encryption, secure servers, and access controls to protect your data, in line with GDPR, CCPA, and DPDP Act requirements. However, no system is 100% secure.

7. International Data Transfers

Your data may be transferred to servers outside your country (e.g., US, EU). For EU users, we use Standard Contractual Clauses (GDPR). For Indian users, we ensure compliance with DPDP Act cross-border transfer rules.

8. Data Retention

We retain personal data only as long as necessary for the purposes outlined or as required by law (e.g., 7 years for tax records in India).

9. India-Specific Compliance (DPDP Act)

For users in India:

• We act as a Data Fiduciary under the DPDP Act, ensuring data minimization and purpose limitation.
• We obtain explicit consent for processing sensitive personal data (e.g., health metrics).
• Our Grievance Officer can be contacted at grievance@gymanage.com for complaints or data requests.

10. Children’s Privacy

Our services are not intended for users under 18. We do not knowingly collect data from children. If you believe we have, contact us immediately.

11. Contact Us

For questions or to exercise your rights, contact our Data Protection Officer:

Email: support@gymanage.com
Address: GyManage, Mahim, Mumbai, Maharashtra - 400016

Contact our Grievance Officer:

Email: grievance@gymanage.com

Back to Home