← Back to GymBooker Pro

Privacy Policy

Last updated: 30 November 2025

GymBooker Pro ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

1.1 Information You Provide

Data Type	Purpose	Retention
Name and Email	Account creation and communication	Until account deletion
Nuffield Health Credentials	Automated class booking	Until you remove them or delete account
Payment Information	Subscription processing (via Stripe)	Managed by Stripe
Class Preferences	Scheduling your bookings	Until account deletion

1.2 Information Collected Automatically

• Log data (IP address, browser type, pages visited)
• Device information
• Cookies and similar technologies

3. How We Use Your Information

We use your information to:

• Provide and maintain our booking service
• Process your subscription payments
• Send you booking confirmations and service updates
• Respond to your enquiries and support requests
• Improve our service and develop new features
• Comply with legal obligations

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data based on:

• Contract: Processing necessary to provide our service to you
• Consent: Where you have given explicit consent (e.g., marketing communications)
• Legitimate Interest: For service improvement and security purposes
• Legal Obligation: Where required by law

5. Data Sharing

We do not sell your personal data. We may share data with:

• Stripe: For payment processing (see Stripe's Privacy Policy)
• Service Providers: Who help us operate our service (under strict confidentiality agreements)
• Legal Requirements: If required by law or to protect our rights

We never share your Nuffield Health credentials with any third party.

6. Cookies

We use cookies for:

• Essential Cookies: Required for the service to function (session management, authentication)
• Analytics Cookies: To understand how you use our service (with your consent)

You can control cookies through your browser settings. Disabling essential cookies may affect service functionality.

7. Your Rights (GDPR)

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a portable format
• Object: Object to certain processing activities
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at privacy@gymbooker.app

8. Data Retention

We retain your data for as long as your account is active. Upon account deletion:

• Personal data is deleted within 30 days
• Nuffield Health credentials are deleted immediately
• Payment records may be retained for legal/accounting purposes (up to 7 years)
• Anonymised analytics data may be retained indefinitely

9. International Transfers

Your data is stored on servers located in the United Kingdom. If we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place.

10. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect data from children.

11. Security

We implement appropriate technical and organisational measures to protect your data, including:

• Encryption at rest and in transit
• Regular security assessments
• Access controls and authentication
• Secure development practices

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the service.

13. Contact Us

For privacy-related enquiries:

Email: privacy@gymbooker.app

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk