Privacy Policy

Effective Date: April 10, 2025

1. Introduction

Welcome! MyFit ("we," "us," "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our class booking platform, website, and related services (collectively, the "Service").

This policy applies to all users of the Service, including students and instructors (where applicable as users of the platform).

We process your personal data in compliance with the Malaysian Personal Data Protection Act 2010 ("PDPA").

Our registered office is located at 2-6, Verve Shop, 8, Jalan Kiara 5, Mont Kiara, 50480 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur.

2. Information We Collect

We collect personal data that you provide directly to us, data collected automatically, and potentially data from third parties. The types of personal data we may collect include:

• Account Information: Name, Email address, Password (stored in a secure, hashed format), Contact number, Avatar/Profile picture (optional), Referral code (if applicable), Information about who referred you (if applicable), User role
• Instructor Specific Information: Employment type, Skills possessed
• Booking and Class Information: Details of classes you book (class ID, schedule ID), Booking dates and times, Number of friends brought to a class (friend_count) - Note: We only collect the count, not personal data about your friends from you, Credits used for bookings (original and total), Attendance records for classes (if implemented)
• Payment and Credit Information: Details of credit plans or packages purchased, Purchase dates and credit expiry dates, Amount paid, Credit balance (total, remaining), Payment processor details (e.g., Stripe ID, payment method type, last four digits of card - processed via Stripe, we don’t store full card details), Transaction status and reference numbers, Details of any credit adjustments (amount, reason, date, admin performing adjustment)
• Preferences: Favourite brand(s) and location(s) you set
• Technical and Usage Information: Information automatically logged when you access the Service (potentially IP address, browser type, device information - specify if collected), Usage patterns and interaction with the Service features (e.g., via logs like BookingLogs)
• Communications: Records of communications if you contact us for support or inquiries.

3. How We Use Your Information

We use the personal data we collect for various purposes, based on legal grounds such as your consent, necessity to perform a contract, our legitimate interests, or legal obligations:

• To Provide and Manage the Service: Create and manage your user account, process your class bookings and cancellations, calculate and deduct credits for bookings, process payments, manage class schedules, track credit balances, facilitate the referral program.
• To Communicate With You: Send booking confirmations, reminders, cancellation notices, respond to inquiries, send administrative and marketing communications (with consent where required).
• To Personalize Your Experience: Display your favourite brands and locations.
• For Service Improvement and Security: Monitor usage trends, maintain security, prevent fraud, troubleshoot issues, perform audits.
• To Comply with Legal Obligations: Meet legal and regulatory requirements in Malaysia, respond to lawful requests.

4. How We Share Your Information

We do not sell your personal data. We may share your information in the following circumstances:

• With Instructors: Your name may be shared with instructors for attendance and class management.
• With Payment Processors: Necessary payment information is shared with Stripe (see their privacy policy).
• With Third-Party Service Providers: Vendors like cloud hosting, analytics, email services, and support tools, bound by confidentiality.
• With Brands/Locations (Potentially): Aggregated or anonymized data for reporting, not individual details without consent.
• Business Transfers: In case of merger, acquisition, or sale, subject to confidentiality.
• Legal Requirements: If required by law or to protect rights, safety, or investigate fraud.
• With Your Consent: For other purposes with your explicit consent.
• Regarding Friends: We only collect friend count for credit charges, not their personal data.

5. Legal Basis for Processing (PDPA)

Under the PDPA, the legal bases for processing your data include Consent, Contract, Legal Obligation, and Legitimate Interests.

6. Data Storage, Security, and Retention

Storage: Data may be stored in Malaysia or other countries, complying with PDPA.

Security: We use secure measures like password hashing and access controls, though no system is fully secure.

Retention: Data is kept as long as needed, then securely deleted or anonymized.

7. Your Rights Under PDPA

You have rights to access, correct, withdraw consent, and prevent processing under PDPA. Contact us to exercise these rights.

8. Cookies and Tracking Technologies

We may use cookies to enhance experience and analyze usage. Manage preferences via your browser.

9. Third-Party Links

We’re not responsible for third-party sites linked from our Service.

10. Children's Privacy

Our Service is not for those under 18. We don’t knowingly collect their data.

11. Changes to This Privacy Policy

We may update this policy, notifying you via the Service or email.

12. Contact Us

If you have questions or wish to exercise your PDPA rights, contact us:

MyFit
2-6, Verve Shop, 8, Jalan Kiara 5, Mont Kiara, 50480 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur
Email: admin@myfitbooking.com