Privacy Policy

Effective April 19, 2026

Gym Link ("we," "us," or "our") provides a platform for members to discover gyms, manage memberships, and check in at participating locations. This policy explains what information we collect, how we use it, and the choices you have.

Information We Collect

  • Account information: name, email, username, date of birth (if provided), and password. Authentication is handled by Supabase.
  • Profile data: optional profile photo, phone number, and membership tier.
  • Payment information: handled and stored by Stripe. We do not store full card numbers. We retain a Stripe customer/subscription reference and non-sensitive details (bank name, last four digits) for gym owners enrolled in Stripe Connect.
  • Location & check-in data: gyms you visit and when you check in. If you grant device location, it is used to sort nearby gyms; precise coordinates are not retained server-side beyond the request.
  • Device & session data: authentication tokens, IP address, and basic request metadata used for security, rate limiting, and abuse prevention.

How We Use Information

  • Provide and operate the service (accounts, check-ins, memberships).
  • Process payments and payouts through Stripe.
  • Display gyms relative to your location when you opt in.
  • Detect and prevent fraud, abuse, and unauthorized access.
  • Communicate important account or service notices.

Third-Party Processors

  • Supabase — authentication, database, and file storage.
  • Stripe — payments, subscriptions, and Connect payouts.
  • Google Maps — map rendering when you use the gym finder.
  • Vercel — application hosting and delivery.

These providers process data on our behalf under their own privacy and security policies.

Data Retention

We retain account and check-in data while your account is active. When you delete your account, we permanently remove your profile, check-in history, and related records, and cancel any active subscription in Stripe. Certain transaction records may be retained by payment processors as required by law.

Your Choices and Rights

  • Access & update: review and edit your profile from the Dashboard.
  • Delete your account: available in Dashboard → Settings. This cannot be undone.
  • Location: deny or revoke device location at any time through your OS settings.
  • Marketing: we do not sell personal information. If you receive optional messages, you may opt out at any time.

Children

Gym Link is not directed to children under 13. If we become aware that we have collected information from a child under 13 without verified parental consent, we will delete it.

Security

We use industry-standard safeguards, including encrypted connections, hashed passwords, scoped access tokens, and row-level security in our database. No system is perfectly secure; please use a strong, unique password and notify us if you suspect unauthorized access.

Changes to This Policy

We may update this policy from time to time. Material changes will be posted on this page with an updated effective date.

Contact Us

Questions or requests regarding your information: info@gym-link.com.

← Back to home