Privacy Policy

Effective Date: April 11, 2026

Introduction

GymMixPro ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with our website at gymmixpro.com, our application at app.gymmixpro.com, and other services we provide (collectively, the "Service").

We operate GymMixPro as a multi-gym SaaS management platform designed to help gym owners, members, coaches, and partners manage their fitness operations efficiently. Your privacy is important to us, and we are transparent about how we handle your data.

By accessing or using GymMixPro, you agree to the terms of this Privacy Policy. If you do not agree with our practices, please do not use our Service. We recommend reading this policy carefully to understand our privacy practices.

Information We Collect

We collect information in several ways to provide and improve our Service:

Account Information: When you create an account with GymMixPro, we collect information such as your name, email address, password, phone number, and business information (if applicable). This information is necessary to establish and maintain your account and provide access to our platform.

Gym Data: If you operate a gym or manage gym operations, we collect information about your gym, including gym name, location, hours of operation, facilities, equipment inventory, class schedules, and pricing information. This data is essential to provide our core service and enable you to manage your gym effectively.

Member Data: Gym owners and managers provide member information to GymMixPro, including member names, contact information, membership status, membership dates, and membership tier. We collect this information on your behalf so you can manage your member relationships and communicate with your members.

Check-In Records: We collect check-in data and attendance records when members use the Service. This includes timestamps, visit duration, classes attended, and trainer information. This data helps gym owners track attendance and member engagement.

Billing Information: To process payments for our Service, we collect billing information including company name, billing address, and transaction history. We do not directly store your credit card information; instead, payment processing is handled securely by Stripe, our payment processor. Stripe collects and maintains your payment card data in accordance with their privacy practices and PCI compliance standards.

Usage Analytics: We automatically collect information about how you interact with our Service, including IP address, browser type, device information, pages visited, time spent on pages, referring pages, and actions taken within the platform. This helps us understand how our Service is used and identify areas for improvement.

Communication Data: When you contact us via email or through our Service, we collect and retain the content of your communications, including any attachments. This allows us to respond to your inquiries and maintain a record of our interactions.

How We Use Your Information

We use the information we collect for the following purposes:

Providing the Service: We use your information to establish your account, authenticate your identity, maintain your account, and provide access to GymMixPro's features and functionality. This includes storing your gym data, member information, and attendance records.

Processing Payments: Your billing information is used to process subscription payments through Stripe. We use this information to invoice you, manage your subscription, and handle refunds or billing disputes.

Sending Notifications: We send you transactional emails and notifications about your account, such as password reset emails, confirmation emails, and important service updates. If you have opted in, we may also send you marketing communications about new features, promotions, or educational content related to GymMixPro.

Improving the Platform: We analyze usage data and user feedback to understand how our Service is used, identify bugs and performance issues, and develop new features. This analytics helps us provide a better user experience and improve our Service for all users.

Legal Compliance: We may use your information to comply with applicable laws, regulations, and legal processes, such as responding to subpoenas or court orders.

Fraud Prevention and Security: We use your information to detect, investigate, and prevent fraudulent transactions, security incidents, and other harmful activities that could affect our Service or users.

Communication and Support: We use your information to respond to your inquiries, provide customer support, and maintain correspondence with you about your account or use of our Service.

Data Sharing and Third Parties

We do not sell your personal information to third parties. However, we share information with carefully selected service providers who assist us in operating our Service and delivering our products to you:

Stripe: We share billing and payment information with Stripe, our payment processor. Stripe processes your payment card data securely and in compliance with PCI DSS standards. Please review Stripe's privacy policy at stripe.com/privacy for details about how they handle your payment information.

Supabase: We use Supabase as our backend infrastructure to host and manage your data. Supabase is a cloud-hosted PostgreSQL database service hosted on AWS infrastructure. Your data is stored and processed by Supabase in accordance with their security practices and data protection measures. See Supabase's privacy policy at supabase.com/privacy for more information.

Vercel: Our website and application are hosted on Vercel's CDN (Content Delivery Network) for fast, reliable delivery of content. Vercel may process certain information necessary to deliver our Service. Review Vercel's privacy policy at vercel.com/legal/privacy-policy for details.

Resend: We use Resend as our email service provider to send transactional and marketing emails. Resend processes your email address and communication data for the purpose of delivering these emails. See Resend's privacy policy at resend.com/privacy for more information.

Legal Requirements: We may disclose your information if required to do so by law, regulation, legal process (such as a subpoena or court order), or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers: In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice of such changes and any choices you may have regarding your information.

Data Security

We implement comprehensive technical, administrative, and physical safeguards to protect your personal information from unauthorized access, alteration, disclosure, or destruction.

Encryption in Transit: All communication between your device and our servers is encrypted using TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols. This ensures that your data is protected while traveling over the internet and cannot be intercepted by unauthorized parties.

Encryption at Rest: Sensitive data stored in our database is encrypted at rest using industry-standard encryption algorithms. This protects your information even if our servers were to be physically compromised.

Row Level Security (RLS): We implement Row Level Security policies in our database to ensure that users can only access data they are authorized to view. This means that gym owners can only see their own gym data, members can only see their own information, and coaches can only access the information relevant to their role.

Role-Based Access Control: GymMixPro uses role-based access control to limit what different user types can do within the platform. Gym owners have different permissions than members, and coaches have specific permissions related to their coaching responsibilities. This ensures that data is accessed only by authorized individuals with a legitimate business need.

Regular Security Audits: We regularly review and update our security practices to address emerging threats and vulnerabilities. However, no security system is impenetrable, and we cannot guarantee absolute security.

Secure Authentication: We use Supabase Auth to manage user authentication securely. We support email/password authentication and magic link authentication to provide secure access to your account. Passwords are never stored in plain text; they are hashed using industry-standard algorithms.

Data Retention

We retain your personal information for as long as your account is active and you use GymMixPro. This allows us to provide continuous service and maintain your data history.

If you request deletion of your account or specific data, we will delete your personal information within a reasonable timeframe, subject to any legal obligations we may have to retain certain information. Some information may be retained in aggregated, anonymized form for analytics and improvement purposes.

If you have questions about data retention for specific types of information, please contact us at hello@gymmixpro.com.

Your Privacy Rights

Depending on your location and applicable laws, you may have certain rights regarding your personal information:

Right to Access: You have the right to request access to the personal information we hold about you and to receive a copy of that information in a portable format.

Right to Correction: You have the right to request that we correct inaccurate or incomplete personal information about you.

Right to Deletion: You have the right to request deletion of your personal information, subject to certain legal and operational limitations. We will delete your information unless we have a lawful reason to retain it.

Right to Data Portability: You have the right to request that we provide your personal information in a structured, commonly used, and machine-readable format so you can transfer it to another service.

Right to Withdraw Consent: If we rely on your consent to process your information, you have the right to withdraw that consent at any time. However, this will not affect the lawfulness of processing based on consent given before withdrawal.

To exercise any of these rights, please contact us at hello@gymmixpro.com with your request. We will respond to your request within the timeframe required by applicable law (typically 30 days).

Cookies and Tracking

GymMixPro uses cookies and similar tracking technologies to enhance your experience and maintain your session.

Session Cookies: We use session cookies to authenticate your identity and maintain your login session. These cookies are essential for the Service to function and allow us to remember that you are logged in as you navigate between pages in the application.

Functional Cookies: We may use functional cookies to remember your preferences, such as language settings or display preferences, to provide a customized experience.

No Advertising Cookies: We do not use third-party advertising or tracking cookies that would allow advertisers to track your behavior across websites. We do not share cookie data with advertising networks or data brokers.

You can control cookies through your browser settings and choose to disable them if you wish. However, disabling cookies may affect your ability to use certain features of GymMixPro.

Children's Privacy

GymMixPro is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information promptly and terminate the child's account.

Parents or guardians who believe we have collected information from a child under 13 should contact us immediately at hello@gymmixpro.com.

International Data Transfers

GymMixPro's servers and service providers are located in the United States. When you use our Service, your personal information is collected, stored, and processed in the United States. By using GymMixPro, you consent to the collection and processing of your information in the United States, which may have different data protection laws than your country of residence.

If you are located outside the United States, please be aware that information we collect (including cookies) will be transferred to, stored in, and processed in the United States. If you do not agree to the processing of your information in the United States, please do not use our Service.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Any changes will be effective when we post the updated policy on our website with a new "Effective Date." Your continued use of GymMixPro after any changes constitutes your acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. If we make material changes that negatively affect your privacy rights, we will provide notice and an opportunity to opt out if applicable.

Contact Information

If you have questions about this Privacy Policy, concerns about our privacy practices, or wish to exercise any of your privacy rights, please contact us:

Email: hello@gymmixpro.com
Company: GymMixPro (Operated by Jose)
Website: https://gymmixpro.com
Application: https://app.gymmixpro.com

We will respond to your inquiry within 30 days of receipt. If you are not satisfied with our response, you may have the right to lodge a complaint with your local data protection authority or regulatory agency.