Privacy Policy

Last updated: March 1, 2026

1. Introduction

GYMBOX ("we," "our," or "us") operates the GYMBOX platform, which includes the GYMBOX website (gymboxhq.com), the GYMBOX web dashboard for gym owners, and the GYMBOX mobile application for gym members (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you register for an account, use the Service, or contact us. This may include:

  • Full name and contact details (email address, phone number)
  • Gym business information (gym name, address, registration details)
  • Payment and billing information (bank account details, transaction history)
  • Profile photos and biographical information
  • Health and fitness data (workout logs, body measurements, dietary information) provided voluntarily by members

2.2 Automatically Collected Information

When you use the Service, we may automatically collect certain information, including:

  • Device information (device type, operating system, unique device identifiers)
  • Usage data (features used, pages visited, time spent, click patterns)
  • Location data (GPS coordinates for check-in functionality, with your explicit consent)
  • Log data (IP address, browser type, access times, referring URLs)

2.3 Information from Third Parties

We may receive information about you from third-party services if you choose to link or sign in through them (such as Google Sign-In), including your name, email address, and profile picture.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: To create and manage your account, process check-ins, facilitate payments, deliver training plans, and enable all platform features.
  • Communication: To send you service-related notices, respond to your inquiries, and provide customer support.
  • Improvement: To analyze usage patterns, diagnose technical issues, and improve the quality and functionality of our Service.
  • Personalization: To customize your experience, recommend relevant features, and provide targeted content.
  • Safety & Security: To detect and prevent fraud, abuse, and unauthorized access to the Service.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Marketing: To send promotional communications about new features, offers, and updates (with your consent, where required by law). You can opt out of marketing communications at any time.

4. Data Storage and Security

Your data is stored on secure servers with industry-standard encryption. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest (AES-256)
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements for all staff
  • Regular backups and disaster recovery procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • With Gym Owners: If you are a gym member, your profile information, check-in data, and subscription status are shared with the gym(s) you belong to, as this is essential for the Service to function.
  • With Service Providers: We engage trusted third-party companies to perform services on our behalf (payment processing, hosting, analytics). These providers have access only to the information needed to perform their tasks and are contractually obligated to protect your data.
  • For Legal Reasons: We may disclose your information if required by law, regulation, court order, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal information may be transferred as part of the transaction. We will notify you of any such change.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies are small text files stored on your device that help us:

  • Remember your preferences and login status
  • Understand how you interact with our Service
  • Analyze traffic and usage patterns
  • Deliver relevant content and advertisements

You can control cookie settings through your browser preferences. Disabling certain cookies may limit your ability to use some features of the Service.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your personal data, subject to certain legal exceptions.
  • Data Portability: Request a copy of your data in a structured, commonly used format.
  • Objection: Object to the processing of your personal data for certain purposes.
  • Withdrawal of Consent: Withdraw your consent to data processing at any time, where processing is based on consent.

To exercise any of these rights, please contact us at privacy@gymboxhq.com. We will respond to your request within 30 days.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you close your account, we will delete or anonymize your personal data within 90 days, except where we are required to retain it for legal, regulatory, or legitimate business purposes (such as resolving disputes or enforcing our agreements).

9. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than Nigeria, where our servers or service providers are located. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws, including the Nigeria Data Protection Regulation (NDPR).

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Service after any changes constitutes your acceptance of the revised policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: privacy@gymboxhq.com
  • Address: 8 The Green, Suite A, Dover, DE 19901, USA