Privacy Policy

Your privacy is important to us. This Privacy Policy explains how we collect, use, share, and protect your personal data in accordance with Saudi Arabia's Personal Data Protection Law (PDPL) in relation to the 1Fit Gyms services, including both web and mobile applications.

1. Scope of the Policy

This policy applies to all users of 1Fit Gyms, including gym members, visitors, trainers, and staff using our systems through web or mobile applications.

2. Data We Collect

We may collect and process the following types of personal data:

• **Personal Identification Information:** Name, email address, phone number, national ID or Iqama number.
• **Account Details:** Username, password, and account preferences.
• **Financial Information:** Payment details, transaction history, and billing information.
• **Gym Membership and Attendance Details:** Information such as check-in history, class bookings, and fitness assessments.
• **Health and Fitness Information:** Data including goals, workout preferences, and medical disclosures where provided.
• **Usage Data:** IP address, device information, browser type, and activity logs.
• **Communication Data:** Messages, inquiries, or other interactions with the platform.

3. How We Use Your Data

Your personal data is collected and used for the following purposes:

• Managing memberships, class scheduling, trainer assignments, and gym access control.
• Providing personalized training recommendations.
• Facilitating secure communication between users and service providers.
• Processing payments and managing transactions.
• Complying with legal and regulatory obligations.
• Enhancing user experience through analytics and feature development.
• Sending notifications, updates, and promotional content (with your consent).

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under the PDPL:

• **Consent:** When you explicitly agree to the collection and use of your data.
• **Contractual Obligation:** To fulfill our contractual obligations to provide services.
• **Legal Compliance:** To meet regulatory or legal requirements in Saudi Arabia.
• **Legitimate Interests:** For purposes such as improving the platform or ensuring security.

5. Data Sharing and Disclosure

We may share your personal data in the following circumstances:

• **With Service Providers:** Third-party vendors assisting in payment processing, IT services, or customer support.
• **With Trainers, Gym Staff, and Class Instructors:** To facilitate service delivery.
• **With Fitness Analytics Providers:** Sharing aggregated or anonymized data where possible.
• **With Other Users:** Sharing relevant data (e.g., names or contact details) to facilitate 1Fit Gyms-related communications.
• **With Government Authorities:** When required by law or for regulatory compliance.
• **With Consent:** When you explicitly authorize data sharing with specific parties.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Gym membership records are kept while active and for a defined period after cancellation (e.g., 2 years) unless a longer retention period is required by law. Once your data is no longer needed, we will securely delete or anonymize it.

7. Data Security

We implement robust security measures to protect your personal data, including:

• Data encryption during transmission and storage.
• Regular security audits and vulnerability assessments.
• Access controls to restrict unauthorized access to sensitive data.

8. Your Rights

Under Saudi Arabia’s PDPL, you have the following rights as members, trainers, and staff:

• **Access:** Request access to the personal data we hold about you.
• **Correction:** Request corrections to inaccurate or incomplete data.
• **Deletion:** Request deletion of your personal data (subject to legal requirements).
• **Withdrawal of Consent:** Withdraw consent for specific processing activities.
• **Portability:** Request a copy of your personal data in a portable format.

To exercise these rights, please contact us at privacy@1-fit.com.

9. International Data Transfers

Where data is transferred outside Saudi Arabia, we ensure compliance with PDPL requirements by implementing adequate safeguards, such as contracts or government-approved mechanisms.

10. Cookies and Tracking Technologies

Our platform uses cookies and similar technologies to enhance user experience and collect analytics data. Tracking technologies may also be used in gym kiosks, access gates, and connected fitness devices. You can manage your cookie preferences through your browser settings.

11. Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or regulatory requirements. Users will be notified of significant updates, and continued use of the platform constitutes acceptance of the revised policy.

12. Contact Information

If you have any questions or concerns about this Privacy Policy, please contact us:

Email: privacy@1-fit.com

Effective Date: 1 January 2025