1. What data we collect
Trainer data: name, email address, phone number, UPI ID or bank account details, certifications, and profile information you provide.
Client data (entered by the trainer): name, WhatsApp number, UPI ID, age, address, fitness level, goals, body measurements, and session history. This data belongs to the trainer and their client. We store it to make the app work.
Wearable data: body parameters such as heart rate, accessed during sessions with the client's explicit permission. This data is used only during the active session window and is not stored permanently.
Payment data: transaction amounts, payment method (UPI, cash, bank), and dates. We do not store card numbers or bank passwords.
2. Why we collect it
- To run the app and provide its features to trainers
- To process bookings and payments
- To send WhatsApp notifications to clients on behalf of trainers
- To generate session reports and progress summaries
- To calculate and collect the platform fee
- To respond to support requests
3. WhatsApp messages to clients
When a trainer creates a booking or sends a message through the app, we send WhatsApp messages to the client's phone number on the trainer's behalf. Clients do not have accounts with us. Their phone numbers are stored only to deliver these messages and are not used for any other purpose.
4. How we protect your data
All data is stored on secure servers. Sensitive fields like UPI IDs and bank details are encrypted. We use access controls to make sure only you can see your own data and your clients' data.
5. Who we share data with
We share data only with the services needed to run the app — our payment gateway (for processing payments and the platform fee split), and our messaging service (for WhatsApp delivery). We do not share data with any third party for advertising or profiling.
6. Your rights under DPDP Act 2023
- You can ask us what data we hold about you at any time.
- You can ask us to correct any inaccurate data.
- You can delete your account, which removes your data. Client data you entered will also be removed unless the law requires us to keep it.
- You can raise a concern with us directly before approaching any regulatory authority.
7. Data retention
We keep your data as long as your account is active. When you delete your account, we remove your data within 30 days. Payment records may be retained for up to 7 years as required by Indian tax regulations.
8. Changes to this policy
We will notify you of any significant changes to this policy through the app or by email. Continued use of the app after notification means you accept the updated policy.
9. Contact for privacy matters
For any privacy questions or requests, write to us at privacy@gymbuddies.in. We will respond within 7 working days.