Privacy Policy

BookFit ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines how we collect, use, share, and protect personal data in connection with our software platform. By using our services, you consent to the practices described in this Privacy Policy and our compliance with the General Data Protection Regulation (GDPR).

Collection and Use of Personal Data:

We collect and process personal data only to the extent necessary for the proper functioning of our software and in compliance with applicable data protection laws. The personal data we collect varies based on whether you are a Client or a Trainer. This data will be processed for the purposes outlined below.

Personal Data: Trainers

Below is a list of the personal data we collect from Trainers, along with the lawful basis for its collection and processing:

  • First Name & Last Name
    Legal Basis: Contract
    Purpose: Required to create an account and offer BookFit services.
  • Profile Picture (optional)
    Legal Basis: Consent
    Purpose: Helps Clients identify you easily.
  • Email
    Legal Basis: Contract
    Purpose: Required to create an account and offer BookFit services.
  • Notification Tokens (optional)
    Legal Basis: Consent
    Purpose: Used to send mobile notifications (e.g., class updates or booking confirmations).
  • Mobile Number (optional)
    Legal Basis: Consent
    Purpose: Allows Clients to contact you directly.
  • Social Media Profile URLs (optional)
    Legal Basis: Consent
    Purpose: Allows Clients to follow your professional profile on social platforms.

Personal data for Trainers is used for creating and managing your BookFit account, processing payments related to your services, sending important BookFit-related information, meeting obligations imposed by payment providers, and providing secure access to the BookFit Platform.

Personal Data: Clients

Below is a list of the personal data we collect from Clients, along with the lawful basis for its collection and processing:

  • First Name & Last Name
    Legal Basis: Contract
    Purpose: Required to create an account and provide our services.
  • Profile Picture (optional)
    Legal Basis: Consent
    Purpose: Allows Trainers and other Clients to identify you more easily.
  • Email
    Legal Basis: Contract
    Purpose: Required to create an account and provide our services.
  • Date of Birth
    Legal Basis: Contract
    Purpose: Determines the age group so we can offer relevant services.
  • Notification Tokens (optional)
    Legal Basis: Consent
    Purpose: Used to send mobile notifications (e.g., reminders or updates).
  • Address (optional)
    Legal Basis: Contract
    Purpose: Needed to create a company account (if applicable) and provide accurate receipts.

Client personal data is used for creating and managing your BookFit account, processing payments for booking services, providing secure access to the BookFit Platform, and facilitating communication when necessary.

Additional Data Collected by the Trainer: Trainers may require additional personal data from you to provide their services. Any such data is collected under the Trainer’s own privacy policies and practices. BookFit does not determine what extra information a Trainer might request, and Trainers are fully responsible for ensuring that any additional data they collect is gathered lawfully and in compliance with relevant regulations.

Legal Basis for Data Processing:

We process personal data based on one or more lawful grounds as provided under the GDPR. The legal bases for processing personal data include the necessity of processing for the performance of a contract, compliance with legal obligations, legitimate interests pursued by BookFit, and consent when required.

Anonymous Data and Software Improvement:

In addition to personal data, we also collect and store anonymous data about the clients of our software. This information is aggregated and cannot be traced back to individuals. We collect anonymous data to:

  • Understand how our software is used to improve its functionality.
  • Analyze global trends and client preferences.
  • Enhance and optimize the software's performance and client experience.

Sharing and Disclosure of Information:

BookFit is committed to protecting your personal information and will not sell it to third parties. We only share and disclose information when necessary to provide booking and payment services, comply with legal obligations, or with your explicit consent. This may include sharing data with payment providers and third-party service providers who assist us in delivering our services. We ensure that such third parties adhere to strict data protection standards.

Use of Cookies:

BookFit uses cookies, which are small pieces of data sent to your browser by our website. Cookies may be used to store login information, so you don't have to sign in every time you visit. We also use cookies to analyze how our website is used, but this data does not contain personal information and cannot be traced back to individuals. You can manage your cookie preferences through your browser settings.

Data Processing and Storage:

We take measures to ensure that personal data is processed and stored securely:

  • All personal data is processed securely via encrypted connections (e.g., HTTPS), ensuring data remains protected during transmission.
  • Data is stored in secure databases with robust access controls to prevent unauthorized access.
  • Passwords are never stored in plain text; instead, they are salted and hashed using bcrypt for enhanced security.
  • We share data with third-party providers only as necessary for services such as payment processing and data hosting. Each third party we work with adheres to stringent data protection measures.

Protection of Personal Data:

We take the protection of your personal data seriously and employ technical and organizational measures to prevent misuse, loss, unauthorized access, disclosure, or alteration of your data. We have implemented appropriate security measures in accordance with the GDPR requirements.

Data Subject Rights:

As a data subject under the GDPR, you have certain rights regarding your personal data, including the right to access, rectify, erase, restrict processing, data portability, and object to processing. You also have the right to withdraw your consent at any time when processing is based on consent. To exercise these rights, you can:

  • Access your account settings through our web or mobile interface to review and update your personal data.
  • Send an email to our support team at [email protected] request changes, deletions, or to exercise any of your other rights.

We will respond to all data-related requests as quickly and thoroughly as possible. If you have any further questions or concerns, please do not hesitate to contact us.

Data Transfers:

In certain circumstances, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We will ensure that such transfers comply with the applicable data protection laws and that appropriate safeguards are in place to protect your personal data.

Data Retention:

We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. The retention periods may vary depending on the type of data and the applicable legal requirements.

Contact Information:

If you have any questions or concerns about our Privacy Policy or the protection of your personal data, please contact us at [email protected]. We will address your inquiries and concerns to the best of our ability.

Last updated: 27/02/2025

Please review this Privacy Policy periodically, as it may be subject to updates or revisions to ensure compliance with evolving privacy laws and regulations.