Privacy Policy

Effective Date: March 2026

1. Introduction

Welcome to EpicBite. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, and safeguard your data when you use our gym management software. This policy is fully compliant with the Information Technology Act, 2000 and the Digital Personal Data Protection (DPDP) Act, 2023 of India.

2. Information We Collect

We collect information that you voluntarily provide when registering or using our platform:

  • Gym Owner Data: Name, phone number, email address, and gym registration details.
  • Gym Member Data: Managed by the gym owner, which includes member names, phone numbers, email addresses, physiological basic data (height/weight), and attendance records.
  • Payment Data: Records of transactions, UPI references, and billing history. We do not store raw credit card numbers.
  • Device & Usage Info: Automatically collected data such as IP addresses, browser/device types, app engagement metrics, and FCM (Firebase Cloud Messaging) tokens for push notifications.

3. How We Use Your Information

We use the data we collect or receive to:

  • Operate, maintain, and provide the features of our gym management software.
  • Automate WhatsApp reminders and push notifications on behalf of the gym owner.
  • Process your subscription billing and provide customer support.
  • Analyze usage trends to improve platform performance and fix bugs.

4. Data Storage

Your data is stored on highly secure, enterprise-grade cloud infrastructure. Our primary databases run on Supabase PostgreSQL servers, and authentication/notifications are handled via Google Firebase. All servers are managed in compliance with modern data locality and security standards.

5. Data Sharing

We never sell your data. We only share data with trusted third-party service providers strictly necessary to operate our infrastructure (e.g., Supabase, Google Firebase, WhatsApp Cloud API). These providers are legally bound to protect your data and only use it for the intended services.

6. Data Security

We implement robust security measures to protect your data, including bank-grade encryption at rest and in transit. Access to your data is protected by Row-Level Security (RLS) policies within our databases, ensuring that gym data is strictly isolated and can only be accessed by authorized personnel of that specific gym.

7. Your Rights

Under the DPDP Act 2023, you have significant control over your data:

  • Export Data: Gym owners can export their complete member and payment data at any time via the dashboard.
  • Delete Account: You may request the complete deletion of your account and associated data.

Note for Gym Members: If you are a member of a gym using EpicBite, please contact your gym management directly regarding data access or deletion, as they act as the primary Data Fiduciary.

8. Cookies

We use standard cookies and similar tracking technologies to keep you logged in, save your preferences, and evaluate how our website is used. You can adjust your browser settings to refuse cookies, though some features of the Service may not function properly without them.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or relevant laws. We will notify you of any material changes by posting the new policy on this page and updating the "Effective Date" at the top.

10. Contact Us

If you have questions, comments, or grievances regarding this Privacy Policy or how your data is handled, please contact our Grievance Officer at:

krishana@epicbite.in