GymCore (“we,” “us,” or “our”) operates the gym management software available at getgymcore.com (the “Service”). This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights as a user or subscriber.

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

We collect the following categories of information:

• Account Information: Name, email address, business name, phone number, and billing address provided when you create an account or purchase a subscription.
• Payment Information: Credit card numbers, bank account details, and billing information. Payment data is processed by our third-party payment processors and is not stored on our servers in unencrypted form.
• Gym & Member Data: Information you enter about your gym members, including names, contact details, membership status, attendance records, class enrollments, health notes, and payment history.
• Usage Data: Log files, IP addresses, browser type, pages visited, timestamps, and other diagnostic data generated automatically when you access the Service.
• Communications: Emails or messages you send to our support team.

2. How We Use Your Information

We use collected information to:

• Provide, operate, and improve the Service.
• Process payments and manage subscriptions.
• Send transactional emails (receipts, account alerts, password resets).
• Send SMS notifications to gym members on your behalf when you enable that feature.
• Respond to support requests and troubleshoot issues.
• Analyze usage trends to improve product features.
• Comply with legal obligations.

We do not sell your personal data or your members’ data to third parties.

3. Third-Party Service Providers

We share data with trusted third-party processors only as necessary to deliver the Service:

• Stripe & WooPayments: For processing subscription payments and storing payment methods. Governed by Stripe’s Privacy Policy.
• PayPal: As an alternative payment method. Governed by PayPal’s Privacy Statement.
• Twilio: For sending SMS notifications to gym members when you enable text messaging features. Governed by Twilio’s Privacy Policy.
• Hosting & Infrastructure: Cloud infrastructure providers that store data on servers located in the United States.
• Analytics: Aggregated, anonymized usage analytics. No personal data is sold or shared for advertising purposes.

All third-party processors are contractually obligated to protect your data and use it only for the purposes we specify.

4. Data Retention

We retain your account and gym data for as long as your subscription is active. Upon cancellation, we retain your data for 90 days to allow account recovery, after which it is deleted or anonymized from our production systems. Backup copies may persist for up to an additional 30 days before permanent deletion. Billing records may be retained for up to 7 years for tax and accounting compliance.

5. Security

We use industry-standard measures to protect your data, including TLS encryption in transit, AES-256 encryption at rest for sensitive fields, role-based access controls, and regular security audits. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

6. Cookies

We use essential cookies to keep you logged in and remember your preferences. We may also use analytics cookies to understand how the Service is used. You can disable non-essential cookies through your browser settings; this may affect some features of the Service.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your account and associated personal data.
• Port your data in a machine-readable format.
• Object to or restrict certain types of processing.
• Withdraw consent where processing is based on consent.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

8. Children’s Privacy

The Service is not directed to individuals under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us personal information, contact us at [email protected] and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the effective date. Continued use of the Service after changes constitute acceptance of the revised policy.

10. Contact Us

If you have questions about this Privacy Policy, please contact us:

GymCore
Email: [email protected]
Website: getgymcore.com