Fit-C User – Privacy Policy

1.Introduction

BJ Dhanvi Software Solutions Private Limited with brand name Fit-C (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains what personal data we collect, how we use and share it, and your rights regarding that data. We comply with applicable Indian laws, including the Digital Personal Data Protection Act, 2023, and relevant app distribution platform guidelines.

We follow industry best practices to safeguard your information and we do not sell your personal data or use it for third-party advertising without your consent. By using Fit-C’s services, you agree to the collection and use of information in accordance with this policy.

2.Data We Collect

We collect only the data necessary to provide and improve our services. This includes:

• Personal Identity and Contact Information: Name, email address, phone number, postal address, and login credentials.
• Fitness & Health Information: Data about your fitness goals, nutrition, workout history, physical attributes (height, weight, body measurements), and any health conditions you disclose. This includes biometric data and wellness metrics (e.g. BMI, heart rate, step count) collected via the app or integrated wearables.
• Workout and Activity Data: Records of your sessions, exercise plans, class bookings, attendance, and progress logs. This may include processing camera outputs for activity tracking during workouts (e.g., "live energy").
• Device and Usage Information: Technical data automatically collected, such as IP address, device identifiers, operating system, app version, usage logs, and data collected via cookies.
• Location Data: With your permission, approximate location information (GPS or network) to show nearby fitness centres. You can disable this at any time.
• Payment and Transaction Data: Billing name, transaction amount, and payment method details. Full card numbers are not stored on our servers; payments are handled by secure, PCI-compliant payment gateways.
• Third-Party Integrations Data: Information received if you choose to sync third-party services (e.g., Apple Health, Google Fit). This data is used only to provide health and fitness features to you, and not for advertising or onward sharing.
• User-Generated Content: Profile photos, workout images, comments on community forums, or feedback you post or upload.

3.How We Use Your Information

Fit-C uses your personal data to operate, provide, and enhance our services:

• Providing and Personalizing Services: Managing your account, delivering features, generating AI-driven workout/diet recommendations, and tracking your progress.
• Facilitating Bookings and Memberships: Scheduling gym/class bookings, managing memberships, and processing payments.
• Communication: Sending service-related communications (reminders, alerts, support responses). With consent, sending promotional messages (you can opt-out at any time).
• Health and Fitness Insights: Analyzing data to provide insights and recommendations (e.g., motivational messages triggered by low activity). This processing helps you reach your wellness goals.
• Improving and Innovating: Using aggregated, de-identified usage data to understand user interaction, diagnose issues, and develop new features.
• Safety and Security: Authenticating identity, detecting and preventing fraud, and enforcing our Terms & Conditions.
• Legal Compliance: Using or disclosing information to comply with legal obligations (e.g., court orders, government requests).

We rely on the legal bases of your consent (for health data/marketing), contractual necessity (for service delivery), and legitimate interests (for product improvement/security). Where consent is required, you have the right to withdraw it at any time.

4.How We Share Your Information

We do not sell or disclose personal information to third parties except in the following circumstances:

• With Fitness Centres and Trainers: If you are a member of a partner gym or work with a trainer, relevant information (booking details, profile info, workout logs, health notes) is shared with them to enable them to serve you. These partners are bound by confidentiality obligations.
• Service Providers: Trusted third-party companies (cloud hosting, payment processing, email delivery) perform functions on our behalf. They are contractually obligated to protect your data and use it solely for our specified purposes.
• Business Transfers: Your information may be transferred to a successor entity during a merger, acquisition, or sale of assets. The new entity will be required to honor your privacy rights.
• Legal and Safety Disclosures: Disclosure when required by law, court order, or when necessary to protect the rights, property, or safety of Fit-C, our users, or the public.
• With Consent: Sharing with third parties (like an integrated nutrition app or insurer) only when you have given explicit consent. You can revoke this consent at any time.
• De-identified Insights: Sharing aggregated, anonymized statistics that cannot identify you personally (e.g., fitness trend reports) with business partners or researchers.

We do not sell your personal information to any third-party advertisers, nor do we share health-related data from Apple HealthKit or similar sources for marketing.

5.Data Security

Fit-C implements robust administrative, technical, and physical safeguards to protect your personal information:

• Encryption: Industry-standard HTTPS/TLS encryption secures data transmission. Sensitive data (passwords, health metrics) are stored in encrypted form (e.g., passwords are hashed).
• Access Controls: Access is restricted to employees and contractors on a need-to-know basis, subject to strict confidentiality.
• Security Testing and Monitoring: Routine vulnerability testing, firewalls, and monitoring systems are in place to prevent intrusions and detect suspicious activity.
• Data Minimization: We only keep data for as long as necessary, reducing risk.
• Training and Policies: Staff are trained, and a Grievance Officer is appointed to manage security and privacy issues.

While no system is 100% secure, we will promptly notify you and the appropriate authorities of any data breaches as required by law.

6.Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services, subject to legal requirements.

• Account Information: Kept until you delete your account or we no longer need it to provide services.
• Fitness and Activity Data: Retained to allow you and your trainers to track progress over time.
• Transaction Records: Retained for the duration needed for accounting, auditing, and compliance with financial laws (e.g., tax regulations).
• Deletion: If you delete your account, data will be securely removed or anonymized within a reasonable time, unless required for legitimate legal purposes (e.g., backups are purged on a cycle).

7.Your Rights and Choices

As a “Data Principal” under Indian law, you have rights, and we are committed to honoring them:

• Right to Access: Request details and obtain a copy of the personal data we hold about you.
• Right to Correction: Request correction of any inaccurate or outdated information (you can edit much of this directly in the app).
• Right to Erasure: Request deletion of your personal data (e.g., deleting health logs or your entire account), subject to legal exceptions.
• Right to Withdraw Consent: Withdraw consent at any time for processing based on consent (e.g., marketing emails, health data processing).
• Right to Grievance Redressal: Raise a complaint with us (see Section 9) or escalate to the Data Protection Board of India if unresolved.
• Right to Data Portability: Request transfer of your data to you or another service provider in a machine-readable format, when technically feasible.
• Choices in Data Sharing: You control what you share (e.g., connecting third-party apps, privacy settings on community features).

To exercise any of your rights, please contact our Grievance Officer (details in Section 9). We will verify your identity and respond in accordance with applicable law.

8.Third-Party Services and Links

Our platform may contain links or allow access to third-party services (wearables, payment gateways, app stores). This Policy does not cover those third parties. If you click a link or integrate a service, you are subject to that third party’s terms and privacy policy.

Important: Transactions on App Store/Google Play are governed by them. We comply with rules (e.g., Apple HealthKit/Google Fit guidelines) to ensure your data from these sources is not used for advertising or data mining.

9.Grievance Officer & Contact Information

Fit-C has appointed a Grievance Officer (Data Protection Officer) to address your questions or complaints:

10.Children’s Privacy

Fit-C’s services are not directed to children under the age of 16, and we do not knowingly collect personal data from minors under 16 without parental consent. If we become aware of such collection, we will take steps to delete the information.

11.International Data Transfers

Fit-C primarily operates and stores user data on servers located in India. If your data is transferred outside of India (e.g., to cloud infrastructure in other regions), we will ensure that adequate safeguards are in place (e.g., contractual measures) to protect your information, as required by law. Your continued use signifies consent to such cross-border transfers when they occur.

12.Updates to this Policy

We may update this Policy to reflect changes in practices or legal requirements. When we make material changes, we will notify you by appropriate means (e.g., email or in-app notice). Your continued use after any update signifies acceptance of the revised Policy.