Privacy Policy

Welcome to IronSaathi ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

1. Information We Collect

1.1 Information You Provide

• Phone Number: Required for account creation and authentication via Firebase Phone Authentication
• Name: Your full name for account identification
• Profile Information: Optional profile image and additional details you choose to provide
• Gym Information: If you are a gym owner/admin, we collect gym details, branding preferences, and business information
• Member Information: If you are a gym member, we collect membership details, attendance records, payment history, and workout plans

1.2 Automatically Collected Information

• Device Information: Device type, operating system, unique device identifiers
• Usage Data: App usage patterns, features accessed, time spent in the app
• Location Data: Only if you grant permission for location-based features (e.g., gym check-in)
• Push Notification Tokens: Device tokens for sending push notifications

1.3 Third-Party Services

We use the following third-party services that may collect information:

• Firebase (Google): For phone authentication, push notifications, and analytics
• WhatsApp Business API: For sending templated messages (if enabled by your gym)
• SMS Providers (Twilio/MSG91): For sending SMS notifications (if enabled by your gym)
• Supabase: For cloud storage of images and files
• ExerciseDB API: For exercise database information

2. How We Use Your Information

We use the collected information for the following purposes:

• To provide and maintain our services
• To authenticate your identity and manage your account
• To process and manage gym memberships, attendance, and payments
• To send you notifications, updates, and important information about your membership
• To personalize your experience with gym-specific branding
• To improve our services and develop new features
• To detect, prevent, and address technical issues and security threats
• To comply with legal obligations

3. Data Sharing and Disclosure

3.1 With Your Gym

If you are a gym member, your information (name, phone number, attendance, payments, workout plans) is shared with your gym administrators for membership management purposes.

3.2 With Third-Party Service Providers

We share information with trusted third-party service providers who assist us in operating our services:

• Firebase (Google) for authentication and push notifications
• WhatsApp Business API and SMS providers for messaging services
• Cloud storage providers (Supabase) for file storage
• Analytics providers for understanding app usage

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

3.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

• Encryption of data in transit using HTTPS/TLS
• Secure authentication using Firebase Phone Authentication
• Access controls and authentication for backend systems
• Regular security assessments and updates
• Secure storage of sensitive credentials

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal or regulatory purposes.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Opt-Out: Opt out of certain data processing activities, such as marketing communications
• Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise these rights, please contact us at firexavinash1@gmail.com.

7. Account Deletion and Data Deletion Request

You have the right to request deletion of your account and associated data at any time. To request account deletion, please follow these steps:

7.1 How to Request Account Deletion

To request that your account and associated data be deleted, please email us at firexavinash1@gmail.com with the following information:

• Your phone number associated with your IronSaathi account
• Your full name
• A clear statement requesting account deletion
• Confirmation that you understand the consequences of account deletion

7.2 What Data Will Be Deleted

Upon receiving your deletion request, we will delete the following data associated with your account:

• Your account profile information (name, phone number, profile image)
• Your attendance records
• Your workout plans and exercise data
• Your payment history (personal payment records)
• Your app preferences and settings
• Your push notification tokens

7.3 What Data May Be Retained

We may retain certain information for the following reasons:

• Legal and Regulatory Requirements: We may retain data required by law, such as financial records for tax purposes, for the period required by applicable regulations
• Gym Records: If you are a gym member, your gym administrator may retain certain records (such as payment history) for their business records, as permitted by law
• Anonymized Data: We may retain anonymized, aggregated data that cannot be used to identify you
• Backup Systems: Deleted data may remain in our backup systems for up to 90 days before being permanently deleted

7.4 Timeline for Deletion

We will process your account deletion request within 30 days of receiving your request. You will receive a confirmation email once your account and data have been deleted. Please note that data may remain in backup systems for up to 90 days before being permanently removed.

7.5 Consequences of Account Deletion

Please be aware that account deletion is permanent and cannot be undone. Once your account is deleted:

• You will lose access to all your data and app features
• You will need to create a new account if you wish to use IronSaathi again in the future
• Your gym membership information will be removed from the system
• You will no longer receive notifications or communications from IronSaathi

If you have any questions about account deletion, please contact us at firexavinash1@gmail.com.

8. Children's Privacy

Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our services, you consent to the transfer of your information to these countries.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: firexavinash1@gmail.com
• Phone: +91 9502426844
• Website: https://ironsaathi.com