Zmaja Fitness Privacy Policy

Privacy information for the Zmaja Pilates & Fitness mobile app and related services.

English

Last updated: 2026-04-19

Zmaja Fitness is a mobile application and related service for the Zmaja Pilates & Fitness studio. This Privacy Policy explains what information we collect, how we use it, and how we protect it when you use the app and our related services.

Information We Collect

For the operation of the app and studio services, we may collect and process:

Account information: first name, last name, email address, phone number, user role, and account status
Authentication information: email address, password, hashed password, access and refresh token data
Membership information: membership start date, end date, total trainings, used trainings, remaining trainings, and membership status
Booking information: booked sessions, cancellations, booking time, cancellation time, trial booking flag, and related session references
Session information related to your use of the app: scheduled dates, session status, training name, time, and capacity/availability data
Payment records: membership-related payments, payment method, amount, and payment date
Notification data: notification title, message, category, schedule/sent timestamps, and read/unread status
Technical and operational information needed for security and support, such as token lifecycle events and audit-related timestamps stored by our service

How We Use Information

We use personal data to:

create and manage user accounts
authenticate users and maintain secure sign-in sessions
issue, refresh, and revoke authentication tokens
support password recovery by sending a temporary password to the user email address
manage memberships, bookings, session attendance, and cancellations
manage payments connected to memberships
deliver in-app notifications and track whether they were read
operate, maintain, secure, and improve the service
comply with legal, accounting, and business recordkeeping obligations

Sharing of Information

We do not sell personal data.

We may share data only when reasonably necessary to operate the service, for example with:

infrastructure or hosting providers used to run the backend
email delivery providers used to send account-related emails such as password recovery messages
legal or regulatory authorities when required by applicable law

Data Retention

We retain personal data for as long as needed to provide and improve the service, and as described in this Privacy Policy.

Security

We value your trust in providing your personal data and strive to use commercially acceptable means of protecting it. However, no method of transmission over the internet or method of electronic storage is 100% secure and reliable, and we cannot guarantee absolute security.

Children’s Privacy

These services are not intended for anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete it from our records. If you are a parent or guardian and you are aware that your child has provided personal data, please contact us so that we can take the necessary steps.

Your Rights

Depending on applicable law, you may request access to your personal data, correction of inaccurate data, or deletion of data where deletion is legally permitted.

For privacy-related requests, contact:
cigrapilates@gmail.com

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be published through our official website or other official studio channels.

Contact Us

If you have questions or suggestions regarding this Privacy Policy, contact:
cigrapilates@gmail.com

Pilates Fitnes Zmaja
Prvomajska 8, Beograd 11080

Srpski

Poslednje ažuriranje: 19.04.2026.

Zmaja Fitness je mobilna aplikacija i prateći servis za Zmaja Pilates & Fitness studio. Ova Politika privatnosti objašnjava koje podatke prikupljamo, kako ih koristimo i kako ih štitimo kada koristite aplikaciju i povezane usluge.

Koje podatke prikupljamo

Za rad aplikacije i studija možemo prikupljati i obrađivati:

Podatke o nalogu: ime, prezime, email adresu, broj telefona, ulogu korisnika i status naloga
Podatke za autentifikaciju: email adresu, lozinku, heširanu lozinku, kao i podatke o access i refresh tokenima
Podatke o članarinama: datum početka, datum isteka, ukupan broj treninga, broj iskorišćenih treninga, broj preostalih treninga i status članarine
Podatke o rezervacijama: zakazane termine, otkazivanja, vreme rezervacije, vreme otkazivanja, oznaku probnog treninga i povezane termine
Podatke o terminima relevantne za korišćenje aplikacije: datum termina, status termina, naziv treninga, vreme i podatke o kapacitetu/popunjenosti
Evidenciju uplata: uplate povezane sa članarinama, način plaćanja, iznos i datum uplate
Podatke o obaveštenjima: naslov, poruku, kategoriju, vreme zakazivanja/slanja i status da li je obaveštenje pročitano
Tehničke i operativne podatke potrebne za bezbednost i podršku, kao što su događaji vezani za tokene i vremenski podaci koje servis čuva

Kako koristimo podatke

Lične podatke koristimo da:

kreiramo i vodimo korisničke naloge
prijavimo korisnike i održavamo bezbedne sesije
izdamo, osvežimo i opozovemo autentifikacione tokene
omogućimo oporavak lozinke slanjem privremene lozinke na email adresu korisnika
vodimo članarine, rezervacije, prisustva i otkazivanja
vodimo evidenciju uplata povezanih sa članarinama
prikažemo obaveštenja u aplikaciji i pratimo da li su pročitana
održavamo, štitimo i unapređujemo servis
ispunimo zakonske, poreske, računovodstvene i poslovne obaveze

Deljenje podataka

Ne prodajemo lične podatke.

Podatke možemo deliti samo kada je to razumno neophodno za rad servisa, na primer sa:

infrastrukturnim ili hosting provajderima koji omogućavaju rad backend sistema
email provajderima koji služe za slanje poruka vezanih za nalog, kao što je oporavak lozinke
nadležnim organima kada je to potrebno u skladu sa važećim propisima

Čuvanje podataka

Podatke čuvamo onoliko dugo koliko je potrebno za pružanje i unapređenje usluge, u skladu sa ovom Politikom privatnosti.

Bezbednost

Cenimo vaše poverenje kada nam dajete svoje lične podatke i trudimo se da koristimo komercijalno prihvatljiva sredstva zaštite. Ipak, nijedan način prenosa podataka putem interneta niti elektronskog čuvanja nije 100% siguran i pouzdan, i ne možemo garantovati apsolutnu bezbednost.

Privatnost dece

Ove usluge nisu namenjene deci mlađoj od 13 godina. Ne prikupljamo svesno lične podatke dece mlađe od 13 godina. Ako saznamo da nam je dete mlađe od 13 godina dostavilo lične podatke, obrisaćemo ih iz naše evidencije. Ako ste roditelj ili staratelj i znate da je vaše dete dostavilo lične podatke, kontaktirajte nas kako bismo mogli da preduzmemo potrebne korake.

Vaša prava

U skladu sa važećim propisima, možete tražiti pristup svojim ličnim podacima, ispravku netačnih podataka ili brisanje podataka kada je takvo brisanje zakonski dozvoljeno.

Za zahteve u vezi privatnosti kontaktirajte:
cigrapilates@gmail.com

Izmene Politike privatnosti

Ovu Politiku privatnosti možemo povremeno ažurirati. Sve izmene biće objavljene putem zvaničnog sajta ili drugih zvaničnih kanala studija.

Kontakt

Ako imate pitanja ili predloge u vezi sa ovom Politikom privatnosti, kontaktirajte:
cigrapilates@gmail.com

Pilates Fitnes Zmaja
Prvomajska 8, Beograd 11080