Privacy Policy

Shredeo ("we", "us", or "our") operates a gym management platform that provides software services to fitness businesses and their members. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform, mobile applications, or website.

We collect the following categories of personal data when you create an account, use our services, or interact with our platform:

• Identity data: first name, last name, date of birth, gender
• Contact data: email address, phone number, physical address
• Health data: medical conditions (optional, provided voluntarily for workout safety)
• Financial data: payment information processed securely through Stripe (we do not store card numbers)
• Fitness data: workout logs, class attendance history, booking records
• Profile data: profile photograph, account preferences, language settings
• Technical data: device push notification tokens, app version, device type
• User-generated content: social posts, comments, and photos shared within the gym community

We use your personal data to: provide and maintain the platform services; process gym membership payments and invoices; send booking confirmations, class reminders, and gym announcements via push notifications; enable gym staff to ensure your safety during workouts (medical conditions); display your profile within the gym community; generate anonymised analytics for gym operators; and comply with legal obligations including tax and accounting requirements.

We share data with the following third-party service providers, solely for the purposes described:

• Stripe: processes payment transactions securely. Stripe's privacy policy applies to payment data handling.
• Expo Push Notifications: delivers push notifications to your device. Only your device push token is shared.
• Backblaze B2: stores uploaded files (profile pictures, documents) in encrypted cloud storage.

We retain your personal data for as long as your account is active or as needed to provide services. When you delete your account, we initiate a 30-day grace period during which you can cancel the deletion. After this period, your personal data is permanently deleted or anonymised. Financial records (invoices, payment history) are retained for 7 years as required by Belgian accounting law.

We implement industry-standard security measures including: encrypted data transmission (TLS/HTTPS), encrypted storage for sensitive fields (IBAN, payment references), secure token-based authentication, database-level row-level security for multi-tenant isolation, and regular security audits. However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

• Right of access: request a copy of the personal data we hold about you
• Right to rectification: correct inaccurate or incomplete personal data via your profile settings
• Right to erasure: delete your account and all associated personal data through the in-app account deletion feature
• Right to data portability: request an export of your personal data in a machine-readable format
• Right to object: opt out of push notifications at any time through the app or device settings

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will take steps to delete such information.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the app or by email. The "Last updated" date at the top of this policy indicates when it was last revised. Your continued use of the platform after changes are published constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy, wish to exercise your GDPR rights, or need to report a data protection concern, please contact us at support@shredeo.com