FitCash Privacy Policy

This privacy policy (“ Policy ”) was last changed on January 07, 2024. We may occasionally make changes to the Policy. If we do, we shall notify either by sending you an e-mail or sending you a notification through our mobile application (“ App ”). Please make sure to read such notices carefully.

We hold the sincere belief that you should always know what data we collect from you, the purposes for which such data is used, and that you should have the ability to make informed decisions about what data you want to share with us.

This is why we want to be fully transparent about: (i) how and why we collect, store, share and use your personal data through the various capacities in which you interact with us; and (ii) the rights that you have to determine the parameters of this interaction.

While we would strongly advise you to read the Policy in full, the following summary will give you a snapshot of the salient points covered herein:

• This Policy details the critical aspects governing your personal data relationship with ‘FitCash’ which is owned and operated by FitCash.

• Your personal data relationship with FitCash varies based on the capacity in which you interact with us/ avail of our products and services (“ Services”). You could be: (i) a visitor to  https://fitcash.com.tr  (“ Website ”) or any pages thereof (“ Visitor ”); or (ii) a person who has an account with FitCash to avail our Services (“ Registered   User”);

• Based on whether you are a Visitor or Registered User, the type of data we collect and the purpose for which we use it will differ and this Policy details such variations;

• This Policy applies to all the Services provided by FitCash through the Website, App or any other associated website of FitCash;

• This Policy is a part of and should be read in conjunction with our Terms of Service; and

• This Policy will clarify the rights available to you vis-à- vis the personal data you share with us.

If you have any queries or concerns with this Policy, please contact our Grievance Officer. If you do not agree with the Policy, we would advise you to not visit/ use the Website or the App.

1. INFORMATION WE COLLECT AND HOW WE USE IT

1. WHAT DATA WE MAY COLLECT

1.      VISITOR/UNREGISTERED USER  

·         Your IP Address;

·         Your location;

·         How you behave on the Website, ( what pages you land on, how much time you spend, etc.);

·         What device you use to access the Website and its details (model, operating system, etc.);

·         Cookies and web beacon data; and/ or

2.      REGISTERED USER

·         Your name, age, gender, phone number, e-mail address, mailing address;

·         Your lifestyle, health goals or other fitness regimes;

·         Your ethnicity, genetics, health or sexual orientation;

·         Username or other relevant unique identifier;

·         How you behave on the Website, ( what pages you land on, how much time you spend, etc.);

·         Your IP Address;

·         Your location unless you deactivate location services in the relevant section of the Website/ App;

·         How you behave in the relevant product environment and use the features;

·         What device you use to access the Website/ App and its details (model, device id, operating system, etc.);

·         Cookies and web beacon data.;

·         Some health data through the integration with Google Health Connect, including active calories burned, distance and number of steps taken.

B. HOW AND WHY WE USE IT

1.      VISITOR/UNREGISTERED USER

·         We use this information to analyse and identify your behaviour and enhance the interactions you have with the Website.

·         If you submit your details and give us your consent, we may use your data to send you e- mails/ newsletters, re- target FitCash advertisements or re-market our Services using services from third-parties like Facebook and Google.

2.      REGISTERED USER

·         We collect this data in order to help you register for and facilitate provision of our Services.

·         We use this data to depending on the points system in our application for the daily steps taken by users, they earn 5 points for every 1000 steps and these points are used to enable them to buy discounted products in the stores in the application.

·         We use this data to record the users' daily steps based on the daily total number of steps taken by the users by adding the number of steps taken based on the collected points to our firestore database so that they earn 5 points for every 1000 steps based on the point system in our application and these points cannot be regained.

·         We use the data from the device you access our Website/ App to identify the login information of multiple users from the same device.

·         We use this data to communicate about existing or new offers, content, advertisements, surveys, key policies or other administrative information.

·         We also use this data to provide you with informative features and services that are developed by us from time to time.

·         We also use this data for providing, testing, improving, or recommending the Services.

·         We also use this data for analytics and reviews to improve the Services.

·         We also use this data to provide support to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law or anti- fraud activities/systems.

·         If you give us your consent, we may send you newsletters and emails to market other products and services we may provide.

·         We use your health data collected through the integration with Google Health Connect to provide personalized insights and recommendations to help you improve your well-being and access relevant health-related offerings through our App.

2. SPECIAL CATEGORIES OF DATA

PERSONAL DATA: We may collect and process ‘ special categories of personal data’ such as ethnic origin, genetics, health or sexual orientation, which are considered sensitive. We use this special category of personal data, for example to provide specialized diet plan and exercise routines. We require your explicit consent to collect and process special categories of personal data. You may refuse or revoke your consent at any time, please see the section about ' Your Rights & Preferences As A Data Subject In The EU' below.

3. WHAT ARE THE COOKIES AND WEB BEACONS REFERRED TO ABOVE?

WHAT THEY DO

COOKIES

·         Cookies are text files which are sent from our server and downloaded to your device when you visit our Website.

·         They are useful because they allow us to recognize your device when you return. You can disable them through your browser should you so wish.

·         We use cookies to see which parts of our Website are used by Registered Users/ Visitors and to record the number of visits to our Website.

·         You can find more information about cookies at:  www.allaboutcookies.org

WEB BEACON

·         Web beacon ( also known as Clear GIF, Web Bugs or Pixel Tag) is a tiny picture file embedded on the Website/ App that tracks your behaviour and navigation. It is similar to a cookie in what it does, but it does not get downloaded on to your device.

·         We use web beacons to manage cookies, record visits, and to learn marketing metrics. We also use web beacons to track and monitor email opening rates as well as link clicks.

·         You can find more information about web beacons at:  http://www.allaboutcookies.org/faqs/beacons.html

ALSO

• Contain any executable software, malicious code or virus.

Usually , browsers have default setting to accept cookies until you change your browser settings. You can choose to reject and remove cookies from our Website by changing your browser settings. If you reject or remove our cookies, it could affect how our Website works.

FOR THE AVOIDANCE OF ANY DOUBT, WE SHOULD CLARIFY THAT IN THE EVENT WE ANONYMIZE AND AGGREGATE INFORMATION COLLECTED FROM YOU, WE WILL BE ENTITLED TO USE SUCH ANONYMIZED DATA FREELY, WITHOUT ANY RESTRICTIONS OTHER THAN THOSE SET OUT UNDER APPLICABLE LAW.

4. YOUR RIGHTS & PREFERENCES AS A DATA SUBJECT IN THE EU

It might have come to your attention that a new law was passed in the European Union (EU) called the General Data Protection Regulation (GDPR). The GDPR gives certain rights to individuals who are EU data subjects, in relation to their personal data.

Subject to the GDPR and applicable law’s limitations, the rights afforded to you if you are an EU data subject are:

RIGHT TO BE INFORMED

You have a right to be informed about the manner in which any of your personal data is collected or used which we have endeavoured to do by way of this Policy.

RIGHT OF ACCESS

You have a right to access the personal data you have provided by requesting us to provide you with the same.

RIGHT TO RECTIFICATION

You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.

RIGHT TO ERASURE

You have a right to request us to delete your personal data.

RIGHT TO RESTRICT

You have a right to request us to temporarily or permanently stop processing all or some of your personal data.

RIGHT TO OBJECT

You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to us processing your personal data for the purposes of direct marketing.

RIGHT TO DATA PORTABILITY

You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third-party’s product/service.

RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING

You have a right to not be subject to a decision based solely on automated decision making, including profiling.

In case you want to exercise the rights set out above you can contact our Grievance Officer whose details are set out in Section 16 below.

The data provided by you as a Visitor, or when you sign up as a Registered User for our Services will be processed by us for the purpose of rendering Services to you or in order to take steps prior to rendering such Services, at your request. Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time by writing to us at  info@fitcash.com.tr.  Additionally, we may process your data to serve legitimate interests.

Accordingly , the grounds on which we can engage in processing are as follows:

NATURE OF DATA

GROUNDS

Visitor Data

• Consent ;

• Performance of a Contract; and

• Legitimate Interest.

Account Registration Data

• Performance of a Contract; and

• Legitimate Interest.

Special Categories of Personal Data

• Consent ; and

• Performance of a Contract.

Payment Data

• Legitimate Interest; and

• Performance of a Contract; and

• Compliance with applicable laws.

Service Usage Data

• Performance of a Contract; and

• Legitimate Interest.

Data for Marketing our Services

• Consent ; and

• Legitimate Interest.

Personal Stories

• Consent.

If you believe we have used your personal data in violation of the rights above or have not responded to your objections, you may lodge a complaint with your local supervisory authority.

5. PUBLISHED CONTENT

Any success stories, comments, messages, blogs, scribbles etc. posted / uploaded/ conveyed/ communicated by you on the public sections of the Website/ App becomes published content. We may publish such published content on our Website/ App so long as you consent. You may request that such published content be taken down at any time and we shall remove such published content. However, we are not responsible for any actions taken by third-parties with respect to such published content.

6. INFORMATION WE GET FROM OTHERS

We may receive data about you from other sources i.e., expert calls, smart watch, surveys, and such data may be added to our Website/ App from time to time. Such data may include your behaviour towards various content posted on our Website/ App from other sources. We use the data collected from other sources to prepare a specific diet plan and training regime for you. We also use this data for providing, testing, improving, or recommending the Services.

7. RETENTION OF PERSONAL INFORMATION

We will store any personal data we collect from you as long as it is necessary in order to facilitate your use of the Services and for ancillary legitimate and essential business purposes – these include, without limitation, for improving our Services, attending to technical issues, and dealing with disputes.

Your personal data will primarily be stored in electronic form. We may enter into agreement with third parties to collect, store, process your personal data but under full compliance with applicable laws. In the event, you have any telephonic interactions with our customer representatives, the call data is recorded and stored on the Google Firebase for training and quality purposes.

We may need to retain your personal data even if you seek deletion thereof, if it is needed to comply with our legal obligations, resolve disputes and enforce our agreements.

If you are a Registered User, please be advised that after you terminate your usage of a Service, we may, unless legally prohibited, delete all data provided or collected by you from our servers.

8. TRACKING BY OUR ADVERTISEMENT PARTNERS

Upon receiving your specific consent, we may share the data we collect from cookies or web beacons with our advertisement partners to track your visits, establish your non-personal identity and present you with targeted advertisements about our Services.

9. COMPLIANCE WITH CHILDREN’S ONLINE PRIVACY PROTECTION ACT

As a business service, we neither knowingly collect or store nor use any personal data of any child. Children under the age of 18 ( or such other minimum age prescribed under law of the relevant territory) a should seek the consent of their parents before providing any information about themselves, their parents, or other family members on our Website/ App.

10. TRANSFER OF INFORMATION

In the ordinary course of business, we may employ other companies and people to assist us in providing certain components of our Services in compliance with the provisions of this Policy. To do so, we may need to share your data with them.

Where applicable – if the entities to which these transfers are effected are not situated in countries deemed ‘ adequate’ by the European Commission or are not registered under the EU-US Privacy Shield framework, we shall enter into appropriate Data Protection Addendums with the transferee parties that comprehensively protect your data. We shall also put in place industry-standard technical and organizational measures ( including robust data handling policies) to ensure that such transfers are completed in accordance with applicable laws.

Some of the examples of where we may sub-contract processing activities to third parties include— record keeping, data analysis, marketing assistance, processing payments, and providing customer service.

11. THIRD PARTY LINKS

We may display links to third-party websites or applications on our Website or App for advertising or providing you with relevant content. We will not be responsible for such third-party websites or applications if you choose to access them. If you provide any data to such website/ application, please ensure you read their policies given that you will no longer be bound by this Policy in doing so.

We may receive data whenever you visit a third-party link through our Website/ App which includes the date and time of your visit to the third-party website, the web address or URL, technical information about the IP address, browser and the operating system you use and, if you are logged into FitCash, your username.

12. INTEGRATION WITH GOOGLE – LIMITED USE POLICY

We have integrated the App with services provided by Google to: (a) enable you to sign in to the App using your existing Gmail ID; and/ or (b) provide insights and analysis of your health. To this end, please note that any collection, storage, use and/ or transfer of your data that is received from:

1. Google API will, at all times, adhere to  Google API Services User DataPolicy , including the limited use requirements prescribed therein; and

2. Google Health Connect will, at all times, adhere to the Health Connect Permissions Policy, including the limited use requirements prescribed therein.

To summarize, FitCash's use and transfer to any other app of information received from Google APIs will adhere to the  Google API Services User Data Policy , including the concerned Limited Use requirements.

13. COMPELLED DISCLOSURE

In addition to the purposes set out in the Policy, we may disclose any data we collected or processed from you if it is required:

• under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;

• to protect our safety, your safety or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation or to prevent death or imminent bodily harm;

• to investigate fraud, credit risk or violation of our Acceptable Use Policy;

• in connection with legal proceedings brought against FitCash, its officers, employees, affiliates, customers or vendors;

• to establish, exercise, protect, defend and enforce our legal rights; or

• when we do a business deal or negotiate a business deal, or our assets are merged or acquired by the other business entity, or during restructuring of business or re- organization, we may have to share information provided by you with the other business entities.

14. SECURITY OF YOUR PERSONAL INFORMATION

We implement industry-standard technical and organizational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction or disclosure. When we collect particularly sensitive data ( such as a credit card number or your geo-location), it is encrypted using industry-standard cryptographic techniques including but not limited to PBKDF2, AES256, TLS1.2 & SHA256.

The collection, storage, usage, and sharing of your data by the Company shall be in compliance with the Information Technology ( Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and other applicable laws.

Your password is your first line of defence once you set up a FitCash account, we recommend that you set a strong password which you never share with anyone.

We have taken appropriate steps for the security and protection of all our digital platforms including internal applications, however, we shall not be responsible for any breach of security or the disclosure of personal data for reasons outside our control, such as hacking, social engineering, cyber terrorism, espionage by third parties, or any events by way of force majeure such as sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action of any kind, riots, insurrection, war or acts of government.

15. ACCESS, CORRECTION & DELETION

You may request access, correction or updation, and deletion of the data by contacting  info@fitcash.com.tr  You may note that deletion of certain data or withdrawal of consent may lead to cancellation of your registration with us or your access to our Services.

Based on technical feasibility, we will provide you with access to all your personal and sensitive personal data that we maintain about you. We will perform verification before providing you access to this data.

You may opt out of our marketing emails by clicking on the ‘ opt-out’ link provided in the emails. However, we may still send you non-marketing emails about your accounts or any other transactions with you.

16. GRIEVANCE OFFICER

Name : FitCash

ADDRESS: Ankara, TURKEY

EMAIL: info@fitcash.com.tr