Massimino Logo

Massimino

Safe Workouts for Everyone

Privacy Policy

How we collect, use, and protect your information

Need help? Contact us.

Effective Date: Wednesday 18 September 2025

Last Updated: Thursday 30 October 2025

1. INTRODUCTION

Massimino (“Massimino”, “we”, “us”, “our”) provides a fitness platform connecting athletes and trainers. We are committed to protecting your privacy and processing personal data lawfully and transparently. This Privacy Policy explains what we collect, why, how we share it, how long we keep it, and your rights.

Our Privacy Commitment:

We believe privacy and safety work together. Our data practices are designed to protect both your personal information and your safety within our fitness community.

2. CONTROLLER AND CONTRACT

  • Controller: Massimino, Zonnewende 181, 7325 EP, Apeldoorn, Netherlands
  • Email: helloberesol@gmail.com (because Massimino belongs to Beresol BV)
  • EU Supervisory Authority: You may lodge a complaint with your local authority or the Dutch Data Protection Authority.

3. SCOPE OF THIS PRIVACY POLICY

This Privacy Policy applies to the website, apps, APIs, and services that link to this policy, including Massichat (AI assistant).

4. INFORMATION WE COLLECT

4.1 Information You Provide Directly

Account Information:

  • Account data: name, email, password hash, date of birth (age gating), profile photo, role (athlete/trainer)
  • Profile and preferences: bio, training goals, visibility and communication preferences
  • Health/fitness data (special category): workout logs, assessments, injuries/limitations, body metrics

Collected only with your explicit consent:

  • Communications and content: messages, comments, posts, trainer notes
  • Verification data: professional certifications (e.g., EREPS), credentials you upload; verification results
  • Device and usage: IP address, device/browser info, event logs, diagnostics
  • Cookies and similar technologies: strictly necessary, analytics, preferences, marketing (see Cookie Policy)
  • AI interactions: prompts, responses, limited context snippets used to provide Massichat functionality
  • Payments (if/when applicable): handled by third‑party processors; we receive transaction metadata but not full payment card details.

Content and Communications:

  • Posts, comments, messages, and other content you create
  • Photos and videos you upload
  • Communications with other users and our support team
  • Feedback, reviews, and ratings.

Preferences and Settings:

  • Privacy settings and communication preferences
  • Notification preferences
  • Community and content preferences.

4.2 Information Collected Automatically

Usage Information:

  • How you interact with the Platform (clicks, views, time spent)
  • Features you use and content you engage with
  • Search queries and browsing patterns
  • Device information (type, operating system, browser)

Technical Information:

  • IP address and location data (when permitted)
  • Device identifiers and network information
  • Log files and analytics data
  • Cookies and similar tracking technologies

4.3 Information from third parties

Professional Verification:

  • Certification verification from credentialing bodies
  • Background check information (for enhanced verification)

Social media integration:

  • Information from connected social media accounts (when authorized)

Payment processors:

  • Transaction information from payment providers

5. HOW WE USE YOUR INFORMATION

5.1 Core platform functions

  • Creating and managing your account
  • Facilitating connections between users
  • Enabling communication and content sharing
  • Processing payments and transactions
  • Providing customer support

5.2 Safety and community protection

**AI Processing (Massichat)

  • We use an AI service (OpenAI) to generate responses. We minimize personal data in prompts and discourage sharing sensitive information
  • Data sent to OpenAI is processed to deliver the feature; it is not used to train OpenAI’s models and is subject to SCCs for international transfers
  • You can opt out of AI features in settings; core service remains available.

AI-powered moderation:

  • Analyzing content for inappropriate or harmful material
  • Detecting potential harassment or policy violations
  • Protecting users from unwanted interactions
  • Maintaining community guidelines compliance.

Behavioural analysis:

  • Identifying patterns of inappropriate behavior
  • Preventing spam and fraudulent activity
  • Ensuring platform integrity and user safety

5.3 Platform improvement

  • Enhancing user experience and Platform features
  • Analyzing usage patterns to improve services
  • Developing new safety and moderation tools
  • Conducting research on fitness community needs

5.4 Legal and Compliance

  • Complying with applicable laws and regulations
  • Responding to legal requests and court orders
  • Protecting our rights and the rights of users
  • Investigating and preventing illegal activity

6. INFORMATION SHARING AND DISCLOSURE

6.1 User-controlled sharing

Public Profiles:

  • Information you choose to make public in your profile
  • Public posts and comments visible to the community
  • Professional credentials (for verified fitness professionals)

Private Communications:

  • Direct messages between users (not shared with others)
  • Private community content (shared only with community members)

6.2 Service Providers

We share information with trusted third-party service providers who help us operate the Platform:

  • Cloud hosting and data storage providers
  • Payment processing companies
  • Analytics and performance monitoring services
  • Customer support tools
  • Professional verification services

6.3 Safety and Legal Requirements

We may disclose information when necessary for:

  • User safety and platform security
  • Compliance with legal obligations
  • Protection of our rights and property
  • Prevention of illegal activity or harm
  • Response to valid legal requests

6.4 Business transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction.

7. YOUR PRIVACY RIGHTS AND CONTROLS

7.1 Account controls

Profile management:

  • Edit or update your profile information
  • Control visibility of your profile and content
  • Manage communication preferences
  • Delete or deactivate your account

Privacy Settings:

  • Choose who can contact you directly
  • Control who can see your content and activity
  • Opt out of certain data uses
  • Manage cookie preferences

7.2 Data Subject Rights (GDPR/CCPA)

Access: Request copies of your personal information

Correction: Update or correct inaccurate information

Deletion: Request deletion of your personal information

Portability: Receive your data in a portable format

Restriction: Limit how we process your information

Objection: Object to certain processing activities

7.3 Communication Preferences

  • Unsubscribe from marketing emails
  • Adjust push notification settings
  • Control safety and security alerts
  • Manage community update preferences

8. DATA SECURITY

8.1 Security measures

Technical Safeguards:

  • Encryption of data in transit and at rest
  • Secure data centers with physical access controls
  • Regular security audits and vulnerability testing
  • Multi-factor authentication options

Operational safeguards:

  • Employee training on privacy and security
  • Limited access to personal information on a need-to-know basis
  • Regular review of data access and handling procedures
  • Incident response and breach notification procedures

8.2 Your role in security

  • Use strong, unique passwords
  • Enable two-factor authentication
  • Keep your account information current
  • Report suspicious activity immediately

9. DATA RETENTION

9.1 Active accounts

We retain your information for as long as your account is active or as needed to provide services.

9.2 Deleted accounts

Immediate deletion:

  • Profile information and settings
  • Private messages and communications
  • Payment information (except as required for tax/legal purposes)

Extended retention (for safety/legal purposes):

  • Safety-related reports and investigations (up to 7 years)
  • Legal compliance records (as required by law)
  • Aggregated, non-personal analytics data

9.3 Content retention

Public content: may be retained even after account deletion if shared publicly

Reported content: retained for safety and moderation purposes

10. INTERNATIONAL DATA TRANSFERS

10.1 Global Operations

Massimino operates globally and may transfer your information to countries outside your residence for processing and storage.

10.2 Transfer Safeguards

We implement appropriate safeguards for international transfers:

  • Standard contractual clauses
  • Adequacy decisions where applicable
  • Other legally recognized transfer mechanisms

11. COOKIES AND TRACKING TECHNOLOGIES

11.1 Types of Cookies

Essential Cookies: Required for Platform functionality

Analytics Cookies: Help us understand Platform usage

Preference Cookies: Remember your settings and preferences

Marketing Cookies: Used for advertising and promotion

11.2 Managing Cookies

You can control cookies through:

  • Browser settings
  • Platform privacy controls
  • Third-party opt-out tools
  • Cookie preference center

12. CHILDREN'S PRIVACY

Massimino is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information, we will take steps to delete it promptly.

13. EUROPEAN PRIVACY RIGHTS

13.1 GDPR Compliance

For users in the European Economic Area, we comply with the General Data Protection Regulation (GDPR).

13.2 Legal Basis for Processing

We process personal information based on:

  • Consent (where you have given clear consent)
  • Contract performance (to provide Platform services)
  • Legitimate interests (for safety, security, and Platform improvement)
  • Legal obligations (to comply with applicable laws)

14. UPDATES TO THIS PRIVACY POLICY

14.1 Policy Changes

We may update this Privacy Policy periodically. We will notify you of material changes through:

  • Email notification
  • Platform notifications
  • Prominent notice on our website

14.2 Continued Use

Your continued use of the Platform after policy updates constitutes acceptance of the revised Privacy Policy.

15. CONTACT US

15.1 Privacy Questions

For questions about this Privacy Policy or our privacy practices:

  • Email: helloberesol@gmail.com
  • Address: Zonnewende 181, 7325EP Apeldoorn, Nederland
  • Phone: +32493365423

15.2 Data Protection Officer

For GDPR-related inquiries:

  • Email: helloberesol@gmail.com

15.3 Exercise Your Rights

To exercise your privacy rights or submit privacy requests:

  • Privacy Portal: http://massimino.fitness
  • Email: rights@massimino.com

16. ADDITIONAL INFORMATION

16.1 Third-Party Links

Our Platform may contain links to third-party websites or services. This Privacy Policy does not apply to these external sites.

16.2 Professional Services

When fitness professionals provide services through our Platform, they may have their own privacy practices. Please review their policies before engaging their services.

16.3 Community Safety

Remember that information you share in public areas of the Platform may be visible to other users. Always consider what you share publicly.

---

Your privacy and safety are our priorities. Train hard, stay safe, and keep your personal information secure.

Questions? Contact us at helloberesol@gmail.com