Skip to main content

Last Updated: August 27, 2025

Privacy Policy

GrabGains ("GrabGains," "we," "us," and "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our AI-powered fitness platform and mobile application. We are the data controller for the personal information we process under the EU General Data Protection Regulation (GDPR) and Dutch data protection laws (Algemene Verordening Gegevensbescherming – AVG).

-

1. Who We Are

GrabGains is a Netherlands-based company. For privacy matters, you can contact us at: Email: [email protected]

Supervisory Authority: Autoriteit Persoonsgegevens (Netherlands), Website: www.autoriteitpersoonsgegevens.nl
 

2. Information We Collect

2.1 Information You Provide Directly

  • Account Data: name, email, username, password, profile picture (optional), date of birth, gender (optional).
  • Fitness & Health Data: height, weight, body measurements, fitness goals, current level, equipment, workout history, recovery patterns, injuries/limitations, nutrition info, training intensity.
  • Communication Data: support messages, in-app chats, survey responses, feedback.
     

2.2 Information Collected Automatically

  • Usage Data: app interactions, features used, device details, IP address, crash logs, performance data.
  • Health Integrations (with your consent): Apple HealthKit, Google Fit/Health Connect, wearables.
     

2.3 Information from Third Parties

  • Social media login (Google, Facebook, Apple) → name, email, profile picture.
     

3. Legal Basis for Processing

We process personal data under GDPR based on:

  • Consent (e.g., health data, marketing).
  • Contract performance (to provide our services).
  • Legitimate interests (security, analytics, business ops).
  • Legal obligations (compliance with applicable law).
  • Vital interests (protecting user safety).
     

4. How We Use Your Information

We use your personal data to:

  • Create and manage accounts.
  • Generate AI-powered personalized workout plans.
  • Adapt training based on your progress and preferences.
  • Track fitness performance and provide analytics.
  • Deliver exercise videos and content.
  • Provide customer support and communications.
  • Train and improve our AI models.
  • Conduct analytics and product development.
  • Ensure app security and fraud prevention.
  • Send service updates and marketing (with consent).
     

5. How We Share Your Information

We do not sell your personal data. We may share it in these cases:

  • Service providers: AWS/Google Cloud (hosting), Stripe/App Store/Google Play (payments), Umami (analytics), Intercom/Zendesk (support)
  • Affiliates & Business Partners: where relevant, subject to this Policy.
  • Legal compliance: to meet laws, court orders, or protect rights/safety.
  • Business transfers: in case of merger, acquisition, or sale.
  • With consent: if you approve additional sharing.
     

6. Your Rights

Under GDPR/AVG, you have the right to:

  • Access, correct, or delete your data.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time.
  • Not be subject to solely automated decisions (AI workout suggestions are advisory, not binding).

To exercise your rights, contact us at [email protected]. We respond within one month.
 

7. Data Security

We use industry-standard safeguards:

  • Encryption at rest and in transit.
  • Access controls and authentication.
  • Regular security assessments.
  • Certified secure cloud providers.

No system is 100% secure, but we take all reasonable steps to protect your data.
 

8. International Data Transfers

Your data may be processed outside the EEA. We ensure protection via:

  • EU adequacy decisions.
  • Standard Contractual Clauses (SCCs).
  • Certified frameworks (where applicable).
     

9. Data Retention

  • Account Data: retained while active + up to 2 years after deletion.
  • Fitness Data: deleted within 30 days of account deletion (unless you request immediate deletion).
  • AI Training Data: aggregated/anonymized → may be kept indefinitely.
  • Support communications: 3 years.
  • Usage analytics: anonymized → may be kept indefinitely.
  • Fallback: Some data may be retained longer if legally required.
     

10. Children’s Privacy

Our Services are intended only for users aged 16 years or older. We do not knowingly collect personal data from children under 16. If we become aware that we have collected such data, we will delete it immediately.
Parents or guardians can contact us to request deletion of data relating to minors.
 

11. Cookies & Tracking

We use cookies and similar technologies to improve the Services.

  • Essential Cookies (session-based, required).
  • Analytics Cookies (via Umami).
  • Preference Cookies (language, login).
  • Marketing Cookies (with consent).
  • Persistent vs. Session Cookies: some stay after logout, others are deleted when you close the app/browser.

You can adjust cookie settings in your device or browser. Disabling may reduce functionality.
 

12. Third-Party Services

Our app integrates with:

  • Apple HealthKit
  • Google Fit / Health Connect
  • Social media logins
  • Payment processors
  • Fitness devices

We encourage you to review the privacy policies of these third parties.
 

13. Changes to This Policy

We may update this policy to reflect legal or service changes.

If significant changes occur, we will:

  • Notify you by email (if provided).
  • Post an in-app notice.
  • Update the "Last Updated" date.
     

14. Contact Us

If you have questions about this Privacy Policy, contact us at:

GrabGains
Country: Netherlands
Email: [email protected]
Website: www.grabgains.com

Supervisory Authority:
Autoriteit Persoonsgegevens (Netherlands), Postbus 93374, 2509 AJ Den Haag, www.autoriteitpersoonsgegevens.nl