Phone 044 431 28 38

Open 24/7

Supervised times: Monday
11:30 - 21:00
Supervised times: Tuesday
11:30 - 13:30 | 16:30 - 21:00
Supervised times: Wednesday
11:30 - 13:30 | 16:30 - 21:00
Supervised times: Thursday
11:30 - 13:30 | 16:00 - 21:00
Supervised times: Friday
11:00 - 14:00 | 15:30 - 20:00
Supervised times: Saturday
10:00 - 14:00
Supervised times: Sunday
No supervised times
 044 431 28 38        24/7

Privacy policy

Controller

GYMONE AG
Sonnenrainweg 8
8834 Schindellegi
Switzerland

E-Mail: info@gymone.ch
Phone: +41 (0)44 431 28 38

1. About this notice

This Privacy Notice explains how GYMONE AG / the platform Future of Sports (“GYMONE”, “we”, “us”) collects and processes personal data when you use our website, app, membership services, booking functions, communications and related digital services.

We process personal data in accordance with the Swiss Federal Act on Data Protection (FADP/DSG) and, where applicable, the EU General Data Protection Regulation (GDPR).

2. What personal data we process

Depending on how you use our services, we may process the following categories of personal data:

Account and identity data
First name, last name, phone number, email address, account identifiers, profile photo, preferred language, date of birth and gender.

Membership and transaction data
Membership type, subscription start and end dates, cancellation status, auto-renewal-related settings, payment status, transaction references, payment metadata, receipts and billing-related records.

Profile and personalisation data
Height, weight, fitness level, fitness goals, coach profile information, training preferences, communication preferences and notification settings.

Usage and activity data
Gym attendance, class attendance, personal training bookings, in-app notification history, technical logs, device and app usage information, push registration details and related delivery data.

Website and app analytics data
Information about how you use our website and app, including device-related identifiers, crash reports, performance data and product analytics data, where enabled.

Special category / sensitive data
Where you choose to use optional personalisation, fitness features or health data tracking and analysis, we may process health-related or fitness-related data such as height, weight, fitness level and fitness goals. Additional wearable, body scan or similar health metrics will only be processed if and when those features are activated and you have given the required explicit consent.

3. Why we process your data

We process personal data for the following purposes:

  • to create and manage user accounts;
  • to provide memberships, bookings, training services and app functionality;
  • to process payments and administer subscriptions;
  • to communicate with you about your account, bookings, memberships and service matters;
  • to manage your preferences, notifications and support requests;
  • to provide personalisation and training-related features;
  • to operate, secure, maintain and improve our website, app and services;
  • to perform analytics, troubleshooting and service monitoring;
  • to comply with legal, tax, accounting and regulatory obligations;
  • to send marketing communications where you have consented or where otherwise permitted by law.

4. Legal bases

Where GDPR applies, we rely on the following legal bases:

  • performance of a contract or steps taken at your request before entering into a contract;
  • compliance with legal obligations;
  • legitimate interests, for example to secure, administer and improve our services, prevent misuse, and manage operational communications;
  • consent, where required, including for marketing communications, certain cookies or similar technologies, and explicit consent for special category health data.

Where processing is based on consent, you may withdraw that consent at any time with future effect.Where processing is based on consent, you may withdraw that consent at any time with future effect.

5. Health data

Some fitness and personalisation features are mandatory and involve health-related data. We only process such data where you have provided separate explicit consent. If you do not provide that consent, you can still use the core service, but certain optional features may not be available.

If additional health integrations are introduced in future, such as wearable or body composition data, we will update this Privacy Notice and obtain any further consent required before processing starts.

6. Marketing and communications

We use your contact details to send service messages relating to your account, memberships, bookings, payments and platform operation.

We only send marketing messages by email, SMS, push or similar channels where you have opted in, or where otherwise permitted under applicable law. You can unsubscribe or change your preferences at any time in your account settings or by contacting us.

7. Cookies, similar technologies and analytics

Our website and app may use cookies and similar technologies for functionality, security, analytics and, where applicable, marketing.

Where required by law, we will ask for your consent before using non-essential cookies or similar technologies. You can manage your preferences through our cookie banner or relevant device/app settings.

8. Sources of personal data

We usually collect personal data directly from you. We may also generate certain data through your use of the platform, for example attendance records, booking records, notification history, app usage logs and technical diagnostics.

9. Who we share personal data with

We may share personal data with carefully selected service providers and processors who support the operation of our business and platform, including:

  • Microsoft Azure (cloud infrastructure, storage and related communications services) – associated with the United States, but all our data is stored in Europe exclusively.
  • Stripe (payments and billing) – associated with the United States and Ireland.
  • GatewayAPI / ONLINECITY.IO - Passion for Platforms (SMS services) – associated with Denmark and operations in Germany.
  • Amplitude (product analytics) – associated with the United States; EMEA presence includes the Netherlands.
  • Sentry (crash and error monitoring) – associated with the United States.
  • Expo / 650 Industries, Inc. (push notification infrastructure, where used) – associated with the United States.

We may also disclose personal data to coaches, affiliated gym staff, professional advisers, auditors, authorities or courts where necessary and legally permitted.

10. International data transfers

Some of our service providers may process personal data outside Switzerland or the EEA/UK. Where this happens, we take appropriate steps to ensure that personal data remains adequately protected, for example by relying on adequacy decisions, standard contractual clauses or other recognised safeguards, as applicable.

11. How long we keep personal data

We keep personal data only for as long as necessary for the purposes set out in this Privacy Notice, including to provide the services, comply with legal obligations, resolve disputes and enforce agreements.

In general:

  • invoices, accounting records, consent records, agreements, and similar legally required records are kept for the applicable statutory retention period, which is ten years after termination of the agreement;
  • other account and service data is kept for the duration of the customer relationship and for up to 3 years afterwards;
  • where data is no longer required, we delete it or irreversibly anonymise it, unless continued retention is required by law or for the establishment, exercise or defence of legal claims.

Where possible, we may irreversibly anonymise data instead of deleting it.

12. Security

We apply appropriate technical and organisational measures to protect personal data, including access controls, role-based permissions, authentication controls, encryption in transit, secure cloud infrastructure and monitoring. Access to personal data is limited to those who need it for their role.

13. Your rights

Subject to applicable law, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate data;
  • request deletion of your data;
  • request restriction of processing;
  • object to certain processing;
  • receive data portability, where applicable;
  • withdraw consent at any time where processing is based on consent;
  • lodge a complaint with a competent data protection authority.

To exercise your rights, please contact us at info@gymone.ch.

If you are in Switzerland, you may also contact the Federal Data Protection and Information Commissioner (FDPIC). Under both GDPR and the Swiss FADP, individuals have information and correction-related rights, and GDPR also expressly requires transparency on erasure, objection, restriction and portability where applicable.

14. Changes to this Privacy Notice

We may update this Privacy Notice from time to time. The latest version will be made available on our website and, where relevant, in the app. We encourage you to review it regularly.