Data Protection

Privacy Policy

Effective Date: March 2026 · Product: GymMitra · Operated by eMitra Technologies

GymMitra is a B2B SaaS platform serving two types of users: (1) Gym Owners / Administrators — businesses that use GymMitra to manage operations, and (2) Gym Members — individuals whose data is entered by the gym they attend. This policy applies to both.

1

Who We Are

GymMitra is a gym management software product developed and operated by eMitra Technologies, based in Indore, Madhya Pradesh, India. For any privacy-related queries, contact us at support@emitra.dev.

2

What Data We Collect

From Gym Owners (Direct Customers)

  • Full name, email address, and phone number
  • Gym business name, address, and contact details
  • Login credentials (password stored encrypted via Supabase Auth)
  • Usage logs, feature interactions, and platform activity

From/About Gym Members (via Gym Owners)

  • Full name, phone number, and date of birth
  • Membership plan, start date, and expiry date
  • Fee payment status and billing history
  • Attendance records
  • Any additional notes or custom fields
Important: GymMitra does not directly collect data from gym members. The gym owner is responsible for informing members and obtaining any required consent.

Technical Data (Automatic)

  • IP address, browser/device type, and session data
  • Error logs and performance metrics
  • Cookies and local storage for session management
3

How We Use Your Data

To Deliver the Service

  • Create and manage gym owner accounts and workspaces
  • Store and display gym member records and attendance
  • Generate invoices, reports, and financial summaries
  • Send authentication emails via Supabase Auth

To Improve the Product

  • Analyse usage patterns to identify bugs and improve features
  • Monitor platform performance and uptime

To Communicate

  • Send transactional emails (confirmations, password resets)
  • Respond to support requests via WhatsApp or email

We do not send marketing emails without opt-in. We do not sell or share your data with third-party advertisers.

4

Data Storage and Security

Your data is stored on Supabase — a managed cloud database platform. We implement Row-Level Security (RLS) for data isolation, encrypted connections (HTTPS/TLS), password hashing via bcrypt, and strict access controls.

5

Data Retention

We retain your data for as long as your account remains active. Upon account closure or deletion request, gym owner account data is deleted within 30 days. Associated gym member records are deleted alongside. Backups may retain data for up to 90 days after deletion.

6

Data Sharing

We do not sell your data. We share data only with Supabase (database, auth, storage), Vercel (hosting, CDN), and WhatsApp Business (support). All providers are bound by their own data processing terms.

7

Your Rights Under the DPDP Act, 2023

Under India's Digital Personal Data Protection Act, 2023, you have the following rights:

  • Right to accessRequest a copy of the personal data we hold about you
  • Right to correctionRequest correction of inaccurate or incomplete data
  • Right to erasureRequest deletion of your personal data
  • Right to nominateNominate another individual to exercise your rights in case of incapacity

Gym members should first contact their gym directly, as the gym owner manages their data within our platform.

8

Contact

Emailsupport@emitra.dev
WhatsApp+91 62618 54014 (business hours)
LocationeMitra Technologies, Indore, MP, India
Terms & ConditionsRefund Policy← Back to Home