Partner Privacy Policy

1. Information We Collect

We collect data in distinct categories to facilitate your gym listing, ensure legal compliance, and process your earnings.

A. Personal Identity & Contact Information (KYC)

To verify that you are the legitimate owner of the business, we collect:

• Full Name: As it appears on your government ID.
• Contact Number: Verified via OTP for account management and emergency communication.
• Identity Proof: Specifically Aadhaar Card details or other government-issued IDs.
• Address Proof: Documents verifying your personal residence.

B. Business & Legal Documentation

To ensure the legitimacy of the facility listed on our platform:

• Business Registration Details: Incorporation certificate or Shop & Establishment Act registration.
• GST Certificate: For tax compliance and invoicing.
• Gym License Number: To verify you are authorized to operate a fitness center.
• Operational Proofs: Utility bills or rental agreements serving as proof of the gym's physical address.

C. Gym Profile & Operational Data (Publicly Visible)

This information is collected to create your public listing for End Users:

• Gym Details: Gym Name, Gym Type (Unisex, Crossfit, etc.).
• Location Data: Precise GPS location, Building Name, Floor, Road, Area, and Landmark.
• Capacity & Timings: Maximum gym capacity and opening/closing hours.
• Amenities & Equipment: Lists of available facilities (AC, Parking, Water) and equipment inventory.
• Visual Media: High-resolution photos of the gym floor, equipment, and facade.
• Pricing: Your "Pay Per Visit" rates.

D. Financial & Settlement Information

To transfer your earnings (payouts) to you:

• Bank Account Details: Account Number, IFSC Code, Bank Name, and Branch.
• Beneficiary Name: Must match the business or owner name provided in KYC.

E. Device & Technical Data

• Device Information: Device ID, Model, OS version to prevent multiple fraudulent logins.
• Network Data: IP Address and network strength to troubleshoot connectivity for QR code scanning.

2. How We Use Your Information

A. Verification & Onboarding (The "Trust" Scenario)

• Identity Verification: We use your Aadhaar and Address Proof to conduct a background check and ensure no fraudulent entities list on Gymuzzi.
• Business Legitimacy: We validate your GST Certificate and Gym License No against government databases to ensure your gym is a legal entity.
• Location Validation: We cross-reference your uploaded address proof with the GPS location captured during onboarding to prevent "fake gym" listings.

B. Service Delivery & Listing Management

• Public Display: Your Gym Name, Location, Photos, Rates, Amenities, and Timings are displayed publicly on the User App to attract customers.
• Capacity Management: We use your capacity data to mark your gym as "Busy" or "Available" in real-time for users.

C. Financial Settlements (The "Payout" Scenario)

• Processing Earnings: Your Bank Account details are used strictly to settle the money collected from users via the QR code.
• Tax Compliance: Your GST details are used to generate invoices for the platform fees/commissions we charge.

D. Security & Fraud Prevention

• Account Safety: We use your Contact Number for Two-Factor Authentication (OTP) during login or sensitive changes (e.g., changing bank details).
• Risk Monitoring: If we detect abnormal scan patterns (e.g., self-scanning to boost ratings), we use device logs and location data to investigate.

3. Data Sharing and Disclosure

We strictly categorize who sees what data:

Third-Party Sharing:

• Payment Aggregators: We share your bank account details securely with our payment partner solely to facilitate the transfer of funds (Payouts) to you.
• Legal Authorities: We may disclose your KYC and Business details to law enforcement agencies if required by Indian law (e.g., in cases of fraud or safety incidents at your premise).

4. Data Storage and Protection

A. Security Measures

• Encryption: Sensitive data like Aadhaar numbers and Bank Account details are encrypted at rest and in transit using industry-standard protocols (AES-256).
• Access Control: Only authorized Gymuzzi verification officers have access to your submitted documents.

B. Data Retention

• Active Accounts: We retain all your data as long as you are a partner with us.
• Financial Records: Even if you delete your account, we are legally required (under Indian Tax Laws) to retain transaction history, invoices, and associated KYC data for a minimum period of 5-8 years for audit purposes.
• Deleted Accounts: Non-essential data (like gym photos) is deleted from our active servers within 90 days of account termination.

5. Your Rights and Choices

• Edit Profile: You can update operational details (Rates, Photos, Timings) directly through the Partner App.
• Update Sensitive Info: Changing "Critical Data" (Bank Details, Owner Name, GST) requires a re-verification process to prevent account takeovers. You must contact Partner Support for this.
• Withdraw Consent: You can request to de-list your gym. However, we will retain your KYC and transaction data as mentioned in the "Data Retention" section.

6. Grievance Officer

In accordance with the Information Technology Act, 2000 and rules made thereunder, if you have any privacy concerns or grievances regarding your data, you may contact:

7. Updates to Policy

We may update this policy to reflect changes in tax laws or app features. Any significant changes will be communicated to you via email or through the Partner App. Continued use of the platform after such updates constitutes acceptance of the revised policy.