GymSysGymSys
Get started
Legal · Right to Erasure
Last updated: 18 May 2026

Delete your
account

You can request deletion of your GymSys account and the personal data associated with it at any time. This page explains how to make that request, what data is removed, and what we may have to keep for legal reasons.

01

How to request deletion

Choose any of the methods below. We respond to every request within 30 days, in line with Art. 12(3) GDPR.

  • In the GymSys mobile app: open Settings → Privacy → Delete account, confirm with your password, and tap Delete. Your request is submitted immediately and you are signed out.
  • By email: send a message to privacy@gymatic.eu from the email address you registered with. Include the gym(s) you are a member of, if known. We may ask one follow-up question to confirm your identity before processing.
  • At your gym's front desk: any GymSys gym staff member can submit a deletion request on your behalf after verifying your identity in person.
02

What is deleted

  • Your account credentials (email, password hash, authentication tokens).
  • Your member profile (full name, phone number, date of birth, gender, profile photo).
  • All biometric face data — the 512-dimensional face embeddings and any enrollment photos. Deletion is propagated to every gym access device that holds your data, typically within 24 hours.
  • Push-notification tokens and in-app preferences.
  • Wallet balance is refunded (where applicable) before deletion.
  • Active memberships are cancelled.
03

What is retained, and for how long

Some records must be kept after account deletion to comply with applicable law. The data below is stored in encrypted form, access-restricted, and used only for the stated legal purpose:

  • Payment and invoice records — 10 years (Slovak Accounting Act No. 431/2002 Coll. and VAT Act No. 222/2004 Coll.).
  • Gym access logs (date / time / device / result) — 2 years for safety, insurance, and dispute resolution.
  • Anonymized, aggregated analytics indefinitely — cannot be linked back to you.

After the statutory retention period above expires, the remaining records are permanently erased automatically.

04

Grace period and reversal

Account deletion is preceded by a 30-day grace period during which you can change your mind by contacting privacy@gymatic.eu. After 30 days the erasure is irreversible and we will not be able to restore your data, embeddings, history, or wallet balance.
05

Your wider GDPR rights

Deletion is one of several rights you have under the GDPR. You can also request a copy of your data, correction of inaccurate data, restriction of processing, or portability to another provider. See our full Privacy Policy for details, or contact privacy@gymatic.eu.
06

Contact

  • Email: privacy@gymatic.eu
  • Postal: RPM Technologies s.r.o., Bidovce 316, Slovakia
  • Supervisory authority (SK): Úrad na ochranu osobných údajov Slovenskej republiky — you may lodge a complaint at any time.