Gym0 – Privacy Policy - anitron.world

Effective date: October 25, 2025

Controller: Anitron Technology (OPC) Private Limited, Assam, India • Website: https://anitron.world • Contact: anitron@anitron.world

1) Who we are

Gym0 is provided by Anitron Technology (OPC) Private Limited. This policy explains what data we collect, why we collect it, how we use it, and the choices you have.

2) What we collect

Account & profile: name, email, phone number, gym details, and identifiers (e.g., Firebase UID).
Usage: app activity, device info (model, OS, IP, coarse location), crash & diagnostics.
Payments: limited billing metadata from our payment processors (e.g., transaction IDs, status). We do not store full card or UPI details on our servers.
Messaging (WhatsApp Cloud API): recipient numbers, template names/parameters, message IDs, delivery/read statuses, and error codes. Message body content for business-initiated templates may be logged for delivery troubleshooting.

3) How we use data

Provide and secure the service, including authentication, fraud prevention, and abuse detection.
Send service communications (e.g., membership reminders) via WhatsApp templates, email, or SMS with proper opt‑in.
Operate analytics, improve features, and ensure reliability.
Comply with law, enforce policies, and protect rights.

4) Legal bases (GDPR/DPDP)

We process data under one or more lawful bases: consent (e.g., marketing templates), contract (providing the app), legitimate interests (security, analytics), and legal obligation. We honor applicable rights under the EU GDPR and India’s Digital Personal Data Protection Act, 2023 (DPDP Act).

5) Sharing

Processors: hosting, databases, analytics, crash reporting, payment gateways, and messaging providers (including Meta’s WhatsApp Business Platform).
Legal/Compliance: to respond to lawful requests and enforce our terms.
We do not sell personal data.

6) International transfers

We may transfer data to countries outside your own. Where required, we use appropriate safeguards (e.g., SCCs) with our processors.

7) Data retention

We retain data only as long as necessary for the purposes above. Typical retention: account data for the life of the account; logs up to 18 months; message delivery metadata up to 30–90 days unless needed longer for fraud/security or legal reasons.

8) Your choices & rights

Access, correction, deletion, and portability (where applicable).
Object or restrict certain processing; withdraw consent at any time.
Opt‑out of marketing messages. For WhatsApp, you can reply STOP or use in‑app controls.

9) Children

Gym0 is not directed to children under 13 (or the age defined by local law). We will delete data obtained in error.

10) Security

We use administrative, technical, and physical safeguards. No method is 100% secure; report issues to anitron@anitron.world.

11) Third‑party services

When you interact with WhatsApp messages, WhatsApp may receive information as described in WhatsApp’s Privacy Policy and Meta’s terms. Our payment providers process your payments under their own policies.

12) Contact & complaints

Email: anitron@anitron.world. If you are in the EU/UK, you may contact your local data protection authority. For India, you may file grievances under the DPDP Act with the Data Protection Board when applicable.

13) Changes

We will update this policy as needed and indicate the effective date above. Material changes will be communicated in‑app or via email/WhatsApp where appropriate.