Privacy Policy

GymPoint Overview

• Gym Management Platform: GymPoint
• Operated by: GymPoint LLC
• Website: https://gympoint.ai
• Effective Date: March 27, 2026
• Last Updated: March 27, 2026

1. Introduction

GymPoint LLC ("Company," "we," "us," or "our") operates the GymPoint gym management platform, accessible at gympoint.ai and through related web and mobile applications (collectively, the "Service").

This Privacy Policy explains how information is collected, used, shared, and protected in connection with your use of the Service.

Who this policy applies to: gym operators, staff members, adult members, and the parent or legal guardian of a minor member enrolled through a gym using GymPoint.

Acceptance: By accessing or using the Service, you acknowledge you have read and agree to the practices described in this policy.

2. Scope

This Privacy Policy covers information collected through the GymPoint web application, mobile applications, embeddable widgets and check-in kiosks operated by gyms using GymPoint, and communications between you and GymPoint LLC.

3. Information We Collect

3.1 Personal Identification Information

GymPoint collects information that identifies or can reasonably identify you, including:

• Full name
• Email address
• Phone number
• Mailing/billing address
• Date of birth
• Profile photos (if provided)

3.2 Health & Fitness Information

Because GymPoint is a gym management platform, GymPoint may collect and store health and fitness-related data entered by gym operators, staff, and members, including fitness goals, workout history, class attendance, body composition data, and emergency medical contact information.

Important note: GymPoint stores this information on behalf of the gym operator. The gym operator is responsible for obtaining appropriate consent from their members before entering health-related data into the platform.

3.3 Minor Member Information

For members under age 18, GymPoint collects the minor's name, date of birth, enrollment details, parent/guardian information, and participation records. GymPoint does not knowingly collect personal information directly from minors; all minor member data must be provided by a verified parent, legal guardian, or authorized gym operator acting with documented parental consent.

3.4 Payment & Billing Information

Payment processing is handled by PCI-compliant third-party payment processors. GymPoint does not store, process, or transmit raw cardholder data, including full card numbers, CVV codes, or magnetic stripe data. All payment transactions are tokenized and processed outside of GymPoint's infrastructure.

3.5 Account & Usage Data

GymPoint collects login credentials (passwords are hashed and never stored in plaintext), IP address, browser type, device information, session activity, feature usage, and access logs.

4. How We Use Your Information

• Provide and operate the Service
• Support gym operators in managing members, staff, and programs
• Communicate transactional emails, billing notifications, and support responses
• Improve the platform and identify bugs
• Ensure security and detect fraud
• Comply with legal obligations

Important: GymPoint does not sell personal information to third parties and does not use member health or fitness data for advertising purposes.

5. How We Share Your Information

5.1 With Gym Operators

If you are a gym member, your information is accessible to the gym operator and authorized staff. GymPoint acts as a data processor on behalf of the gym operator, which is the data controller.

5.2 With Service Providers

GymPoint engages trusted third-party vendors including cloud infrastructure providers, payment processors, email platforms, and analytics services. Vendors are contractually obligated to protect your information.

5.3 For Legal Compliance

GymPoint may disclose information if required by law, court order, or governmental authority, or if necessary to protect rights, property, or public safety.

5.4 Business Transfers

In case of merger, acquisition, or sale of assets, user information may be transferred. GymPoint will notify affected users prior to any transfer.

6. Data Retention

GymPoint retains personal data as long as necessary to provide the Service and fulfill stated purposes. When a gym operator terminates their subscription, member data is retained for 90 days then permanently deleted, unless a different period is required by law.

Users may request earlier deletion by contacting privacy@gympoint.ai.

7. Data Security

GymPoint implements industry-standard security measures including encrypted data transmission, hashed password storage, role-based access controls, regular security audits, and isolated production environments. However, no method of transmission is 100% secure.

8. Children's Privacy

Minor member profiles may only be created by a parent, legal guardian, or authorized gym operator with documented parental consent. GymPoint does not knowingly allow minors under 13 to create their own accounts. Parents/guardians may request access, correction, or deletion of their child's data.

9. Your Rights & Choices

Depending on your location and applicable law, you may have rights to access, correct, delete, restrict, or port your personal information. Contact privacy@gympoint.ai to exercise these rights. GymPoint will respond to verifiable requests within 30 days.

10. Cookies & Tracking Technologies

GymPoint uses cookies to maintain sessions, remember preferences, and analyze usage. You may control cookie settings through your browser. GymPoint does not use third-party advertising cookies or behavioral tracking for ad targeting.

11. Third-Party Links

The Service may contain links to third-party websites. GymPoint is not responsible for their privacy practices. We encourage you to review their privacy policies.

12. Changes to This Policy

GymPoint may update this Privacy Policy. Material changes will be communicated via email or a prominent platform notice at least 14 days before taking effect. Continued use constitutes acceptance.

13. Contact Us