FITTONIC PRIVACY POLICY
last update: 15 October 2019

This Privacy Policy (hereinafter, the Policy) governs the processing of personal data of users of Fittonic app and the website with a domain name "fittonic.app" (collectively referred to as the Services).

WE ATTACH GREAT IMPORTANCE TO THE PROTECTION OF YOUR PERSONAL DATA. NOTE THAT WE NEVER RECORD VIDEO AND IMAGES FROM YOUR MOBILE DEVICE. PLEASE READ THIS POLICY CAREFULLY AND CONTACT US IF YOU HAVE ANY QUESTIONS.
1. Terms and Definitions

1.1. For the purposes hereof, the following terms and definitions are used:

App - Fittonic application.

Services - Fittonic application and the website with a domain name "fittonic.app".

Synesis (We) – Synesis, Limited Liability Company.

User (You) – any individual who uses the Services and has reached the age of full legal capacity in accordance with the legislation of the country of their citizenship.

Website – website with a domain name "fittonic.app".
2. Scope

2.1. This Policy shall govern any interactions between Synesis and users related to personal data processing during the use of the Services.

2.2. This Policy neither governs nor establishes the rights and obligations of third parties. It also does not apply to third-party applications or software which users can integrate with the Services. Thus, if you integrate any third-party applications with our Services, we will not be able to control how such applications process your personal data.

2.3. Please do not use the Services unless you consent to the provisions and scope hereof.
3. Who determines the purposes and means of personal data processing?

3.1. The purposes and means of how your personal data are processed within the Services are determined by the following legal entity:

Synesis, Limited Liability Company
20B Platonova str., 220005,
Minsk, the Republic of Belarus
Tel. + 375 17 240 36 50
e-mail (general questions): np@synesis-group.com
e-mail (personal data issues): dpo@synesis.by


4. Personal Data Collection

4.1. Personal data are any information that could enable direct or indirect identification of a person (e.g., their name, passport details, online identifier, etc.).

4.2. We collect your personal data when you use the feedback form of our Website and when you enter your personal data in the App.

4.3. We may collect the following personal data of yours while you are using the Website:
(1) Name;
(2) Telephone number;
(3) E-mail;

4.4. We may collect the following personal data of yours while you are using the App:
(1) Date of birth;
(2) Gender;
(3) Height and weight;
(4) Apple ID;
(5) Metadata: information concerning the number of exercises completed and the number of wrong and correct reps;
(6) Mobile device information: device type, OS and its version.

4.5. Note that Synesis and its employees do not have any access to the video recordings of your trainings: its processing occurs only on your mobile device and it is not transmitted to our or anyone else's servers.
5. Data Processing, Storage and Protection

5.1. Processing is understood as at least one of the following: collection, storage, modification, rectification, disclosure, structuring, use, destruction as well as any other operations performed with your personal data.

5.2. We will process your personal data only for the following purposes and on the following legal grounds:
5.3. Subject to data anonymisation, your personal data may be used by Synesis for any other purposes.

5.4. Both we and our partners will not use automated decision-making tools (including profiling) in personal data processing. Automated decision-making tools primarily include those systems that process your personal data without human intervention to make decisions that may have potential legal consequences for you.

5.5. All personal data that you provide when using the feedback form of the Website (name, telephone number, e-mail) will be stored on Google's servers, the mail service of which we use to respond to your requests and on Tilda's servers, services of which we use to coordinate your inquires about trial period.

5.6. All personal data you provide when using the App (date of birth, gender, height and weight, Apple ID, metadata) will be stored on Google's servers, cloud storage of which we use to operate the App.

5.7. Employees of Synesis shall also take all necessary organisational, legal and technical measures available to protect your personal data. Users of the Services shall also be responsible for the provision of as accurate as possible data.

5.8. If your personal data are transferred to any third party, the storage time will be determined in accordance with the privacy policy of such a third party.

5.9. Any personal data collected and processed hereunder shall be properly protected until:

(1) their disclosure upon your consent;

(2) anonymisation of such personal data;

(3) their disclosure required by applicable law.

5.10. We will do our best to keep your personal data protected by limiting the number of people who have access to your personal data, running regular scans to identify threats and using anti-virus software. However, despite any possible precautions taken on our part, we cannot guarantee full protection against information security risks.
6. Transfer and Disclosure

6.1. Your personal data could be transferred to the following legal entities:
(1) Google Inc. (USA)
Address: Google, Google Data Protection Office, 1600 Amphitheatre Pkwy, Mountain View, California 94043, USA

Google Privacy Policy
Google may have access to the personal data that you provide to us because we use Gmail service to respond to your requests and Google Cloud service to operate the App.

6.2. To ensure the provision of our services, your personal data may also be transferred to a legal entity created after reorganisation of Synesis should it be necessary.

6.3. In the event of cross-border transfer of your personal data received from the European Union to a jurisdiction not recognised by the European Commission as having an adequate level of personal data protection services, we will sign personal data processing agreements that will include provisions that are recognised by the decisions of the European Commission as adequate for the purposes of personal data protection.

6.4. Please note that disclosure of your personal data may be required in accordance with law and judicial procedures or at the request of public bodies of the country of your stay or other countries. Your personal data will be disclosed if it is necessary for the purposes of national security, law enforcement, protection of the rights and legitimate interests of Synesis and third parties or for other substantial public interest purposes.
7. Children's Personal Data

7.1. To the extent to which it is not prohibited by the applicable law, we do not authorise the use of our Services by anyone who has not reached the age of full legal capacity in accordance with the legislation of the country of their citizenship. We do not collect and process (at least knowingly) their personal data without the consent of their legal representatives.
8. User Rights

8.1. The rights of users related to the collection and processing of personal data shall be determined in accordance with the applicable law.

8.2. If you are a citizen of a European Union member state, your rights with respect to the collection and processing of personal data may be determined in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC).

In accordance with the General Data Protection Regulation you may access, change and/or make additions to, delete, restrict processing and migration of, object to or withdraw your consent to the processing of your personal data as well as lodge a complaint to the supervisory authority.

8.3. To exercise any of your rights above and any other rights guaranteed to you by applicable law and if you have any related questions, write to: cybersec@synesis.ru. For issues related to your personal data please contact: dpo@synesis.by.

8.4. Synesis reserves the right to verify your identity before exercising any rights at your request. In case we are not able to exercise any of your rights or provide any information, we will also explain the reasons to you.
9. Final Provisions

9.1. This Policy may be amended and (or) modified at any time of the Services operation. In this case we will publish a new version of the Policy on the corresponding Website page with the date of its adoption. The user of the Services shall read and acknowledge the new version hereof.

9.2. The Policy is an agreement between us and the user about the use of the Services. Any other pre-existing written or oral agreements or arrangements with respect to such use are hereby cancelled.

9.3. If any provision hereof is invalid or unenforceable, other provisions shall remain valid and enforceable to the fullest extent permitted by applicable law.

9.4. Failure to enforce your strict compliance herewith cannot be construed as our waiver of any provision hereof or any right hereunder.

9.5. The governing law is the law of the Republic of Belarus . The competent courts at the location of the companies have the exclusive jurisdiction over all disagreements and disputes arising out of or in connection with the Policy.