GDPR Compliance

Our commitment to data protection and your privacy rights under GDPR.

Effective Date: May 25, 2018

Gympify and the GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens the protection of personal data for individuals within the European Union (EU) and provides them with greater control over their data. Gympify is committed to GDPR compliance (alongside our Privacy Policy) and supporting our customers in their compliance journey.

Our Role as a Data Processor

When you use Gympify to manage your gym members' data, you are the Data Controller, and Gympify acts as the Data Processor. We process personal data on your behalf and in accordance with your instructions (see our Terms of Service). We have updated our Data Processing Agreement (DPA) to reflect GDPR requirements.

International Data Transfers

As Gympify (Coderstm) is based in India, personal data may be processed outside the European Economic Area (EEA). To ensure lawful transfer of personal data to a third country, we rely on the European Commission's Standard Contractual Clauses (SCCs), which form part of our Data Processing Agreement. These clauses act as a safeguard to ensure your data protection rights are respected.

Data Subject Rights

We have implemented features to help you fulfill requests from your members (Data Subjects) regarding their rights under GDPR, including:

  • Right to Access: Ability to export member data.
  • Right to Rectification: Easy editing of member profiles.
  • Right to Erasure (Right to be Forgotten): Tools to permanently delete member data upon request.
  • Right to Data Portability: Export data in a machine-readable format.

Data Security Measures

We employ robust technical and organizational measures to ensure the security of personal data (detailed in our Security Policy), including:

  • Encryption of data in transit and at rest.
  • Regular security audits and vulnerability assessments.
  • Access controls and authentication mechanisms.
  • Staff training on data privacy and security.

Sub-processors

We use trusted third-party service providers (sub-processors) to deliver our services (e.g., cloud hosting, payment processing). We maintain a list of these sub-processors and ensure they meet GDPR standards.

Contact Us

If you have any questions about our GDPR compliance or need assistance with a data subject request, please contact our Data Protection Officer at: [email protected].

Coderstm
18/A, Jader Box Lane, Kanchrapara
North 24 Parganas
WB - 743145, India

Ready to Transform Your Gym?

Join thousands of gym owners growing their business with Gympify.

Get Started Free Schedule Demo

No credit card required for trial.