At GYMSNA, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our gym management and class booking platform.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide to us when you:

• Register an account: Name, email address, password, phone number
• Set up a gym: Gym name, address, business details, phone number
• Process payments: Payment information (processed securely through Stripe)
• Book classes: Class preferences, booking history, cancellation information
• Purchase memberships: Membership details, credit package information
• Complete forms: Custom information required by gyms (e.g., emergency contacts, health declarations)
• Contact support: Communication preferences, support inquiries

1.2 Information Automatically Collected

When you access GYMSNA, we automatically collect certain information:

• Device information: IP address, browser type, device type, operating system
• Usage data: Pages viewed, features used, time spent on the platform
• Location data: Approximate location based on IP address
• Cookies and tracking: Session data, preferences, authentication tokens

1.3 Information from Third Parties

We may receive information from:

• Stripe: Payment processing information, transaction status
• Corner Integration: User data from integrated booking systems
• Social login providers: Basic profile information if you use social login

2. How We Use Your Information

We use your information for the following purposes:

2.1 To Provide Our Services

• Create and manage your account
• Process class bookings and cancellations
• Manage waitlists and send notifications
• Process payments and refunds
• Facilitate communication between gyms and members
• Provide customer support

2.2 To Improve Our Services

• Analyze usage patterns and trends
• Develop new features and functionality
• Debug and fix technical issues
• Conduct research and analytics

2.3 To Communicate With You

• Send booking confirmations and reminders
• Notify you of waitlist availability
• Send service updates and announcements
• Respond to your inquiries
• Send marketing communications (with your consent)

2.4 For Security and Compliance

• Prevent fraud and abuse
• Enforce our Terms of Service
• Comply with legal obligations
• Protect the rights and safety of our users

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

3.1 With Gym Owners

When you book a class or purchase a membership, we share relevant information with the gym, including your name, contact information, and booking details.

3.2 With Service Providers

We share information with trusted third-party service providers who help us operate our business:

• Stripe: Payment processing
• Amazon Web Services (AWS): Hosting and data storage
• Email service providers: Transactional and marketing emails
• Analytics providers: Usage analytics and performance monitoring

3.3 For Legal Reasons

We may disclose information if required by law or if we believe in good faith that such disclosure is necessary to:

• Comply with legal obligations, court orders, or government requests
• Enforce our Terms of Service
• Protect the rights, property, or safety of GYMSNA, our users, or others
• Investigate fraud or security issues

3.4 Business Transfers

If GYMSNA is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data is encrypted in transit using SSL/TLS and at rest
• Access controls: Limited employee access on a need-to-know basis
• Password protection: Passwords are hashed using bcrypt
• Secure payment processing: PCI-DSS compliant payment processing through Stripe
• Regular security audits: Ongoing monitoring and security assessments

While we use reasonable efforts to protect your information, no system is completely secure. You use our Service at your own risk and are responsible for maintaining the confidentiality of your account credentials.

5. Your Rights and Choices

5.1 Access and Correction

You have the right to access and update your personal information through your account settings. If you need assistance, contact us at support@gymsna.com.

5.2 Data Deletion

You may request deletion of your account and personal information. Note that:

• Some information may be retained for legal or business purposes
• Gym owners retain data about their members for their business records
• Deletion may take up to 30 days to complete
• Some information may remain in backup systems temporarily

5.3 Marketing Communications

You can opt out of marketing emails by:

• Clicking the "unsubscribe" link in any marketing email
• Updating your communication preferences in account settings
• Contacting us at support@gymsna.com

Note: You cannot opt out of transactional emails (e.g., booking confirmations, password resets) as these are necessary for the Service.

5.4 Cookie Preferences

You can control cookies through your browser settings. Note that disabling cookies may affect functionality of the Service.

5.5 Data Portability

You have the right to request a copy of your data in a machine-readable format. Contact us at support@gymsna.com to make a request.

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Active accounts: Data retained while your account is active
• Deleted accounts: Most data deleted within 30 days; some data retained for legal compliance
• Transaction records: Retained for 7 years for tax and accounting purposes
• Support communications: Retained for 3 years
• Backup data: May persist in backups for up to 90 days

7. Children's Privacy

GYMSNA is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately at support@gymsna.com, and we will delete such information.

Parents or guardians may create accounts and book classes on behalf of minors, but the account holder must be at least 16 years old.

8. International Data Transfers

GYMSNA is based in [Your Country/Region] and processes data in [Your Country/Region]. If you access our Service from outside this region, your information may be transferred to, stored, and processed in [Your Country/Region].

By using GYMSNA, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

• Essential cookies: Required for the Service to function (e.g., authentication, security)
• Performance cookies: Help us understand how you use the Service
• Functionality cookies: Remember your preferences and settings
• Analytics cookies: Provide insights into usage patterns

9.2 Third-Party Tracking

We may use third-party analytics services (e.g., Google Analytics) that use cookies to collect usage data. These services have their own privacy policies.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know: What personal information we collect and how we use it
• Right to delete: Request deletion of your personal information
• Right to opt-out: Opt out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination: You will not be discriminated against for exercising your rights

To exercise these rights, contact us at support@gymsna.com with "California Privacy Rights" in the subject line.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

• Right of access: Obtain confirmation of data processing and access to your data
• Right to rectification: Correct inaccurate personal data
• Right to erasure: Request deletion of your personal data
• Right to restriction: Restrict processing of your personal data
• Right to data portability: Receive your data in a portable format
• Right to object: Object to processing of your personal data
• Right to withdraw consent: Withdraw consent at any time

You also have the right to lodge a complaint with your local data protection authority.

11.1 Legal Basis for Processing

We process your data based on:

• Contract performance: To provide the Service you requested
• Legitimate interests: To improve our Service, prevent fraud, and ensure security
• Consent: For marketing communications and optional features
• Legal compliance: To comply with legal obligations

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of material changes by:

• Posting the updated policy on our website
• Updating the "Last Updated" date
• Sending an email notification for significant changes
• Displaying a notice in the Service

Your continued use of GYMSNA after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

GYMSNA Support Team
Email: support@gymsna.com
Website: www.gymsna.com

We will respond to your inquiry within 30 days.