Privacy Policy of Move-o (GDPR)

Move-o is a business management application designed exclusively for fitness studios, sports schools, and kids activity clubs.

For the purposes of the General Data Protection Regulation (GDPR):

• businesses using Move-o act as Data Controllers
• the developers of Move-o act as a Data Processor

1. Roles and responsibilities

1.1 Data Controllers

Fitness studios, sports schools, and other businesses using Move-o:

• determine the purposes and means of personal data processing
• are responsible for the lawful collection and use of data
• obtain consent from clients or parents when required by law

1.2 Data Processor

The developers of Move-o:

• process data solely on behalf of business users
• do not use data for their own purposes
• do not sell or share data for marketing or advertising
• do not determine the purposes of data processing

2. Categories of processed data

The following categories of data may be processed when using the app:

• client and student data
• parent or legal guardian contact details
• membership, attendance, and scheduling data
• payment and billing information (excluding full card details)
• business account user credentials

3. Purpose of data processing

Personal data is processed strictly for the following purposes:

• providing and operating the Move-o service
• managing schedules, clients, memberships, and payments
• enabling business-initiated communication
• technical support and system security
• compliance with legal obligations

Data is not used by Move-o for advertising, marketing, or profiling.

4. Legal basis for processing

Data processing is based on:

• a contractual relationship between the business and Move-o
• legitimate interests of the business
• consent obtained by the business from data subjects where required

Move-o does not collect consent directly from clients or children.

5. Children data

Move-o is not intended for use by children.

Any data related to children:

• is entered exclusively by authorized business users
• is used only to organize classes and attendance
• is processed by Move-o solely as a technical data processor

6. Data sharing and sub-processing

Data may be shared only with:

• hosting and infrastructure providers
• payment service providers
• technical support services

All sub-processors operate under contractual obligations and comply with GDPR requirements.

7. Data storage and security

Move-o applies appropriate technical and organizational measures to protect data, including access control, encryption, and infrastructure security.

Data is stored only for the duration of the contractual relationship with the business or upon its request.

8. Rights of data subjects

Data subjects have the right to:

• access their personal data
• rectify or erase their data
• restrict processing
• data portability

These rights are exercised through the relevant business acting as the Data Controller.

9. Data deletion

Upon request of the business:

• data may be deleted or exported
• data processing is terminated after contract termination

10. Changes to this policy

Move-o may update this Privacy Policy from time to time. The current version will always be available in the app or on the official website.

11. Contact information

For any questions related to privacy and GDPR, please contact us:

Email: support@move-o.com