Schedule your 15-minute demo now

    We’ll tailor your demo to your immediate needs and answer all your questions. Get ready to see how it works!

    GDPR Policy

    This GDPR Policy explains how 1stProfitness (“we,” “our,” or “us”) collects, processes, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

    This Policy applies to individuals located in the European Economic Area (EEA), the United Kingdom (UK GDPR), and other regions where similar data protection laws apply.

    1. Data Controller Information

    1stProfitness acts as a Data Controller when we determine the purposes and means of processing personal data collected through our website and Services.

    In certain cases where clients use our platform to manage their own customer data, 1stProfitness may act as a Data Processor on behalf of the client.

    Contact Details:
    1stProfitness
    Email: [Insert Email Address]
    Website: [Insert Website URL]

    2. Categories of Personal Data We Collect

    We may collect and process the following categories of personal data:

    • Name and contact details (email address, phone number)

    • Billing and payment information

    • Business details

    • Account login credentials

    • IP address and device information

    • Usage data and analytics data

    • Any information submitted through forms or uploaded to our platform

    We do not intentionally collect sensitive personal data unless required for service delivery and explicitly provided by you.

    3. Legal Basis for Processing

    Under GDPR, we process personal data based on one or more of the following lawful bases:

    Contractual Necessity
    Processing is necessary to provide our Services or fulfill contractual obligations.

    Legitimate Interests
    Processing is necessary for our legitimate business interests, provided those interests do not override your rights and freedoms.

    Legal Obligation
    Processing is necessary to comply with applicable laws and regulatory requirements.

    Consent
    Where required, we process personal data based on your explicit consent, which may be withdrawn at any time.

    4. Purpose of Processing

    We process personal data for the following purposes:

    • To provide website and software services

    • To manage accounts and subscriptions

    • To process payments

    • To provide customer support

    • To improve service performance and security

    • To comply with legal obligations

    • To communicate service updates or relevant information

    5. Data Retention

    We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy, including legal, accounting, or reporting requirements.

    When data is no longer required, it is securely deleted or anonymized.

    6. Your Rights Under GDPR

    If you are located in the EEA or UK, you have the following rights:

    • Right of Access – You may request a copy of your personal data.

    • Right to Rectification – You may request correction of inaccurate data.

    • Right to Erasure (“Right to be Forgotten”) – You may request deletion of your data.

    • Right to Restrict Processing – You may request limitation of data processing.

    • Right to Data Portability – You may request transfer of your data in a structured format.

    • Right to Object – You may object to processing based on legitimate interests.

    • Right to Withdraw Consent – Where processing is based on consent.

    • Right to Lodge a Complaint – You may file a complaint with a supervisory authority.

    Requests can be made using the contact details provided above.

    7. Data Security Measures

    We implement appropriate technical and organizational measures to protect personal data, including:

    • Secure server infrastructure

    • Encryption where applicable

    • Access control restrictions

    • Regular monitoring and system updates

    While we take reasonable steps to safeguard data, no system can guarantee absolute security.

    8. Data Sharing and Third Parties

    We may share personal data with:

    • Payment processors

    • Hosting providers

    • Cloud infrastructure services

    • Technical support providers

    • Legal or regulatory authorities when required

    All third-party processors are required to comply with data protection obligations and process data only according to our instructions.

    9. International Data Transfers

    Where personal data is transferred outside the EEA or UK, we ensure appropriate safeguards are in place, such as:

    • Standard Contractual Clauses (SCCs)

    • Adequacy decisions by the European Commission

    • Other lawful transfer mechanisms under GDPR

    10. Automated Decision-Making

    1stProfitness does not engage in automated decision-making or profiling that produces legal or similarly significant effects without appropriate safeguards.

    11. Data Processor Obligations (For SaaS Clients)

    Where 1stProfitness acts as a Data Processor on behalf of clients:

    • We process data only according to documented instructions.

    • We implement appropriate security measures.

    • We assist clients in fulfilling their GDPR obligations.

    • We notify clients of any data breach without undue delay.

    12. Data Breach Notification

    In the event of a personal data breach, we will:

    • Assess the risk to affected individuals.

    • Notify the relevant supervisory authority where required.

    • Inform affected individuals where legally necessary.

    13. Updates to This GDPR Policy

    We may update this GDPR Policy periodically. Changes will be posted on this page with a revised date. Continued use of our Services constitutes acceptance of any updates.

    1stprofitness is an all-in-one gym management software designed to simplify memberships, billing, scheduling, and daily fitness operations..

    Login/Register

    1st Pro Fitness © 2026, All rights reserved.

    Powered by Middleware Digital Limited