Join / Login

Privacy Policy
Effective Date: 17 February 2026
Last Updated: 18 February 2026
Contact: privacy@gr8r.fit
Address: PO Box 4693, Gaborone, Botswana

GR8R Than Fitness (“GR8R”, “we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you use our websites and services, including https://gr8r.fit and https://app.gr8r.fit.

By using our platform, you agree to the practices described in this Privacy Policy.

1. Who We Are

GR8R provides a fitness and wellness platform enabling users to connect with trainers, book sessions, manage memberships, communicate, and access wellness services. Our contact email for all privacy matters is privacy@gr8r.fit.

2. Information We Collect

A. Information You Provide to Us

We collect:

  • Name and email address (including via Google Sign-In)
  • Phone number (if added)
  • Account/profile details
  • Booking information (sessions, schedules, attendance)
  • Communication messages with trainers or clubs (in-app messaging)
  • Uploaded profile images
  • Payment and billing information (excluding full card data)

B. Information Collected Automatically

We collect:

  • IP address, browser type, device type
  • Pages visited, actions taken, timestamps
  • Authentication and security logs
  • Cookies and similar tracking technologies
    (Your existing site also references cookies for login and preferences, which remain applicable.)

C. Google User Data (Google Sign-In Only)

Since you use Google Sign-In only, we access:

  • Email address
  • Name
  • Profile picture

We do NOT access Google Fit or any other Google APIs.
We request only the minimum scopes needed for identity verification.

3. How We Use Your Information

A. Core Platform Functions

We use your data to:

  • Create and manage your GR8R account
  • Authenticate your login (including Google Sign-In)
  • Enable bookings, scheduling, and sessions
  • Display your profile to trainers or clubs you interact with
  • Facilitate communication between users, trainers, and clubs
  • Support customer service and platform operations

B. Payment Processing

Payments are processed by third‑party processors:

  • DPO
  • Bank transfer providers
  • Flutterwave (planned)
  • Stripe (planned)

We do not store full payment card numbers.

C. Analytics & Improving the Service

We use:

  • Google Analytics
  • Meta tracking tools

These tools collect aggregated usage data to help improve performance and user experience.

D. Google Data Use (Sign-In Only)

Google Sign-In data is used only to:

  • Authenticate your identity
  • Create or connect your account
  • Pre-fill your profile information

We do not use Google data for advertising or share it with third parties beyond what is required to operate the platform.

4. Legal Bases for Processing (If Applicable)

We process data based on:

  • Your consent
  • Contractual necessity (e.g., providing booked services)
  • Legitimate interests in operating our platform
  • Legal obligations (e.g., financial record keeping)

5. How We Store and Protect Your Information

Your data is hosted securely on:

  • AWS
  • Microsoft Azure

Security measures include:

  • Encrypted transmission (HTTPS/TLS)
  • Access controls
  • Activity logging
  • Secure credential storage
    While no system is 100% secure, we use industry-standard practices to protect your information.

6. Data Retention

We retain:

  • User account and booking data for 7 years (legal/accounting compliance)
  • Messaging and activity logs for the same period
  • Google Sign-In identity data only as long as your account remains active

When an account is deleted:

  • Personal data is removed or anonymized unless retention is required by law
  • Backups and logs are removed in accordance with their lifecycle policies

7. Sharing Your Information

A. Service Providers

We share data with third-party providers strictly to operate the platform, such as:

  • Hosting (AWS, Azure)
  • Payment processors (DPO, bank transfer providers, Stripe, Flutterwave)
  • Messaging/SMS/email providers
  • Analytics (Google Analytics, Meta tracking tools)

These providers may only use data as necessary to perform their services.

B. Legal Compliance & Safety

We may disclose information:

  • To comply with legal obligations
  • To enforce terms
  • To protect GR8R, users, trainers, or the public

C. Business Transfers

If GR8R undergoes a merger or acquisition, data may be transferred under appropriate safeguards.

8. Cookies & Tracking

Our website uses cookies for:

  • Login and authentication
  • User preferences
  • Security and fraud prevention
  • Analytics (Google, Meta)

You may disable cookies in your browser, but some features may not function properly.
(These cookies replace the old placeholder sections.)

9. User Rights & Controls

A. Account Access and Updates

You may:

  • Update your profile information
  • Manage settings
  • Change login methods (including disconnecting Google Sign-In)

B. Account Deletion

Users can delete their accounts in the app.
Upon deletion:

  • Data is erased or anonymized except where legally required (7‑year retention rule)

C. Google Access Revocation

You can revoke GR8R’s Google Sign-In access anytime through your Google Account permissions.

10. Children’s Privacy

GR8R is not intended for users under 18.
We do not knowingly collect information from children under this age.
If you believe a minor has provided data, contact us to remove it.

11. International Data Transfers

Your data may be stored or processed in countries outside your own due to AWS/Azure infrastructure.
We use reasonable safeguards to ensure compliant transfers.

12. Changes to This Privacy Policy

We may update this policy periodically. The latest version will always be published at this page.

13. Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

14. Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

15. Contact Us

For all privacy matters:
Email: privacy@gr8r.fit
Address: PO Box 4693, Gaborone, Botswana