Launch offer: 50% off in Growth and Pro Plan

Privacy Policy

April 30, 2026

1. Introduction

GymBelay (referred to as "we," "us," "our," or "Company") recognizes the importance of protecting the privacy of information you provide to us. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our software, and interact with our services (collectively, the "Services"). Please read this policy carefully. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

We collect information you directly provide, including: (a) Account information: name, email, phone, password, organization name, gym profile, billing address; (b) Gym operational data: member information, class schedules, staff records, billing transactions, check-in history, attendance data; (c) Payment information: credit card and billing details (processed securely through third-party providers); (d) Communication data: support inquiries, feedback, emails, and messages; (e) Member data: information you import or create about your facility's members, including personal information, waivers, membership status, and check-in records ("Participant Data"). We also automatically collect: IP address, browser type, device type, operating system, unique device identifiers, access times and dates, geographic location, pages visited, time spent on pages, referring websites, and other technical information through cookies and similar technologies.

3. How We Use Your Information

We use collected information to: (a) provide, operate, maintain, and improve the Services; (b) process subscriptions, payments, and billing; (c) create and manage your account; (d) send administrative and transactional communications; (e) provide customer support and respond to inquiries; (f) conduct research, analytics, and system monitoring; (g) detect, investigate, and prevent fraud and security issues; (h) comply with applicable laws and legal obligations; (i) enforce these Terms of Service and other agreements; (j) create aggregated, anonymized analytics about how customers use the Services; (k) personalize and improve your experience. We do not sell your personal information to third parties for their marketing purposes. However, we may share aggregated, anonymized data with service providers and analytics partners.

4. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar technologies to: (a) remember your preferences and login information (session and persistent cookies); (b) understand how you use the Services (analytics cookies); (c) detect and prevent fraud (security cookies); (d) deliver targeted advertising (marketing cookies). Necessary cookies cannot be disabled but are essential for the Services to function. You can control most cookies through your browser settings. Disabling cookies may limit access to certain Service features. We use Google Analytics and similar tools to analyze usage patterns. You can opt out of Google Analytics at https://tools.google.com/dlpage/gaoptout/.

5. Third-Party Service Providers and Data Sharing

We work with third-party service providers who process data on our behalf: (a) Payment processors (Stripe and similar payment gateways) for billing; (b) Cloud infrastructure providers for data storage and computing; (c) Email and communication providers for notifications; (d) Analytics providers for usage insights; (e) Customer support platforms; (f) Authentication providers (Auth0 and similar). These providers are contractually obligated to protect your data and use it only for the specified purposes. We do not authorize them to use or disclose your information except as necessary to provide their services. We may disclose information when required by law, in response to legal process, to protect safety, or to enforce our Terms.

6. Data Retention and Deletion

We retain personal information as long as needed to provide Services, fulfill transactions, and comply with legal obligations. You can request deletion of your account and associated data at any time by contacting info@gymbelay.com. Please note that some data may be retained for legal, accounting, or audit purposes, and some Participant Data may be retained if your gym continues operations. Upon account termination, we will securely delete or anonymize your personal information within 30 days, unless longer retention is required by law.

7. Data Security

We implement comprehensive security measures including: (a) encryption of data in transit (TLS/SSL) and at rest; (b) role-based access controls and authentication; (c) regular security audits and penetration testing; (d) employee training on data protection; (e) secure backup and disaster recovery procedures; (f) firewalls, intrusion detection, and monitoring systems. While we strive to protect your information, no security system is completely impenetrable. We cannot guarantee absolute security of your data.

8. GDPR and EU/UK Privacy Rights

If you are a resident of the European Union, United Kingdom, or Switzerland, you have additional rights under applicable data protection laws. These include: (a) right to access your personal information; (b) right to rectify inaccurate data; (c) right to erasure ("right to be forgotten"); (d) right to restrict processing; (e) right to data portability; (f) right to object to processing; (g) right to withdraw consent. We may require reasonable proof of identity before processing these requests. Please submit requests to info@gymbelay.com. We will respond within the timeframe required by applicable law.

9. Children's Privacy

GymBelay is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18 without verifiable parental consent. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information. If you believe we have collected information from a child under 18, please contact info@gymbelay.com immediately.

10. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence, including the United States. These countries may not have the same data protection laws as your home country. By using the Services, you consent to the transfer of your information to countries outside your country of residence, which may provide a different level of data protection.

11. California Consumer Privacy Act (CCPA)

If you are a California resident, you have rights under the CCPA, including: (a) right to know what personal information is collected and used; (b) right to delete personal information (subject to exceptions); (c) right to opt-out of the sale or sharing of personal information; (d) right to non-discrimination for exercising your rights. To exercise these rights, please submit a verifiable consumer request to info@gymbelay.com. We will respond within 45 days of receiving a verifiable request.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email or prominently displayed on the website. Your continued use of the Services following any modifications constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy, wish to access or delete your personal information, or want to exercise your privacy rights, please contact us at info@gymbelay.com or by mail at the address provided on our website. We will respond to your inquiry within 30 days.