1.1 Welcome to Buttn (the "App", or “Service”). At Buttn Global Limited we value your privacy and are committed to protecting your Personal Data.
1.2 This privacy policy (“Privacy Policy”) sets out what Personal Data is collected when you use our Service, what we do with your Personal Data, what data privacy rights are available to you and who is the data controller. Should any questions remain unanswered, please contact us at: support@buttn.com.
1.3 Any translation from the English version of this Privacy Policy is provided for your convenience only. In the event of any difference in meaning or interpretation between the English language version and any translation, the English language version will prevail. The original English text shall be the sole legally binding version.
2.1 In this Privacy Policy, the following terms shall have the following meanings:
“Data Protection Laws” | means all applicable legislation in force from time to time in the United Kingdom applicable to data protection and privacy including, but not limited to, the UK GDPR, the Data Protection Act 2018 (and regulations made thereunder), and the Privacy and Electronic Communications Regulations 2003 as amended from time to time; |
---|---|
“Personal Data” | has the meaning set out in the Data Protection Laws; |
“Special Category Personal Data” | has the meaning set out in the Data Protection Laws; |
“Users” | the definition of users will also include Trainers, where applicable and relevant. |
2.2 Any other capitalised terms that are used but not defined in this Privacy Policy shall have the meanings set out in the Terms of Service . ****
3.1 Our Service is owned and operated by Buttn Global Limited, a company registered in England, having its registered office at 1st floor, 1-3 Sun Street, London, EC2A 2EP.
3.2 Buttn Global Limited is the Data Controller of your Personal Data provided to us or collected by us in the App.
Buttn Contact: Daniil Zabrotskii
Email address: dan@buttn.com
4.1 Depending on your use of the Services and whether you are a Trainer or a User, we may collect and hold some or all of the Personal Data set out below, using the methods also set out below.
4.2 Please also see our Cookie Policy on our use of Cookies and similar technologies.
A. Users of the App
We collect Personal Data that you give us voluntarily (for example, food and workout preferences). In addition, we collect Personal Data automatically (for example, your IP address). We may also receive Personal Data about you from third parties.
i.Data you provide to us
You provide us with Personal Data during the process of registering and using the App:
email, country, name, Date of Birth, phone number, gender, language, weight, height, exercise frequency, a description of your workout routine, your fitness goals, details of your injures/limitations for workouts.
ii.Data we collect automatically
The App may ask your permission prior to collecting some of the below Personal Data.
We collect data from your device. Examples of such data include: language settings, IP address, time zone, type and model of device, device settings, and operating system.
We record how you interact with our Service. For example, we may log your taps/clicks on certain areas of the interface, the features and content you interact with, how often and for how long you use the Service, and your workout program orders.
When you make payments through the Service, you need to provide financial account data, such as your credit card number, to our third-party service providers. We do not collect or store full credit card number data, though we may receive credit card-related data, data about the transaction, including: date, time and amount of the transaction, the type of payment method used.
For quality checking purposes, we collect recordings of Trainer workouts, which may contain Personal Data such as audio and video footage of the user and Trainer, as well as any Personal Data that the user voluntarily shares during the workout session.
The App will request your permission to use and access your camera in order to join in workout sessions and for recordings of Trainers. All recordings are deleted after one week.
B. Trainers
i.Data you provide to us
You provide us with Personal Data during the process of registering with us to be a Trainer.
email, country, name, DOB, phone number, gender, language, weight, height, exercise frequency, description of your workout routine, fitness goals, injures/limitations for workouts, qualifications, photo for your profile picture, videos of your workouts (optional), links to social media (optional), ID documents, hourly rate.
ii.Data we collect automatically
We collect data from your device. Examples of such data include: language settings, IP address, time zone, type and model of device, device settings, and operating system,
We record how you interact with our Service. For example, we may log your taps/clicks on certain areas of the interface, the features and content you interact with, how often and for how long you use the Service, and your workout orders.
For quality checking purposes, we collect recordings of Trainer workouts, which may contain Personal Data such as audio and video footage of the user and Trainer, as well as any Personal Data that the user voluntarily shares during the workout session.
The App will request your permission to use and access your camera in order to join in workout sessions and for recordings of Trainers. All recordings are deleted after one week.
C. Special Category Personal Data
We also collect certain Special Category Personal Data about Users and Personal Trainers, such as:
5. FOR WHAT PURPOSES DO WE PROCESS PERSONAL DATA?
5.1 We process your Personal Data:
i. To provide our Service
This includes enabling you to use the Service in a seamless manner and preventing or addressing Service errors or technical issues.
To host Personal Data and enable our Service to operate and be distributed we use Zoom, which is a video streaming provider, and AWS, which is a hosting and backend service provided by Amazon Web Services.
ii. To customise your experience
We process your Personal Data, such as your goals, to adjust the content of the Service and make changes tailored to your personal preference.
iii. To provide you with customer support
We process your Personal Data to respond to your requests for technical support, information about the Service or to any other communication you initiate. For this purpose, we may send you, for example, notifications or emails about the performance of our Service, security, payment transactions, notices regarding our Terms of Service or this Privacy Policy.
iv. To communicate with you regarding your use of our Service
We communicate with you, for example, by emails and/or push notifications. These may include, for example, emails and/or push notifications with information about the Service.
The services that we use for these purposes may collect Personal Data concerning the date and time when the message was viewed by the Users, as well as when they interacted with it, such as by clicking on links included in the message.
You can switch off push notifications by changing the relevant settings in your device.
v. To research and analyse your use of the Service
This helps us to better understand our business, analyse our operations, maintain, improve, innovate, plan, design, and develop the Service and any new products.
We also use such data for statistical analysis purposes, to test and improve our offerings to Users. This enables us to better understand what features and sections of the Service our Users like more, and what categories of Users use our Service. As a consequence, we often decide how to improve the Service based on the results obtained from this processing.
vi. To send you marketing communications
vii. To personalise our ads
We and our partners, including Meta and Google, use your Personal Data to tailor ads and possibly even show them to you at the relevant time. For example, if you have accessed our Service, you might see our ads, for example, in your Facebook feed.
You can opt of our personalised advertising by following the instructions set out below:
viii. To process your payments
ix. To enforce our Terms of Service and to prevent and combat fraud
x. To comply with legal obligations
xi. To investigate any issues or complaints that may arise
xii. To improve the safety of our services
6. UNDER WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?
6.1 Under the Data Protection Legislation, we must always have a lawful basis for using Personal Data.
6.2 In this section, we are letting you know what legal basis we use for each particular purpose of processing. For more information on a particular purpose, please refer to Section 2. The following table describes how we may use your Personal Data, and our lawful bases for doing so:
What We Do | What Data We Use | Our Lawful Basis |
---|---|---|
• Provide our Service (in accordance with our https://madmuscles.com/terms-of-service). | ||
• Customise your experience. | ||
• Manage your account and provide you with customer support. | ||
• Communicate with you regarding your use of our Service. | ||
• Process your payments. | email, country, name, DOB, phone number, gender, language, weight, height, exercise frequency, description of your workout routine, fitness goals, injures/limitations for workouts, qualifications, photo for your profile picture, links to social media, ID documents, hourly rate, usage data, transaction data, type of device, audio and video | To perform our contract with you. |
• To communicate with you regarding your use of our Service. | ||
• The legitimate interest we rely on for this purpose is our interest to encourage you to use our Service more often. We also consider the potential benefits to you, which may lead you to a better and healthier lifestyle. | Email, phone number, name, date of birth, usage data, audio and video | For our (or others') legitimate interests, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of Personal Data. |
To research and analyse your use of the Service. | email, country, name, DOB, gender, language, weight, height, exercise frequency, description of your workout routine, fitness goals, injures/limitations for workouts, qualifications, photo for your profile picture, ID documents, hourly rate, usage date, transactional data, audio and video | Our legitimate interest for this purpose is our interest in improving our Service so that we understand Users’ preferences and are able to provide you with a better experience (for example, to make the use of the Service easier and more enjoyable, or to introduce and test new features) |
To send you marketing communications | email, phone, usage data, transaction data, type of device | The legitimate interest we rely on for this processing is our interest to promote our Service in a measured and appropriate way. |
To personalise our ads | Email, country, name, DOB, gender, language, weight, height, exercise frequency, description of your workout routine, fitness goals, injures/limitations for workouts, qualifications, usage data, transaction data, type of device | The legitimate interest we rely on for this processing is our interest to promote our Service in a reasonably targeted way to enforce our https://madmuscles.com/terms-of-service. |
To prevent and combat fraud | Email, name, phone number, type of device, transaction data, photo, id documents, qualifications, usage data, audio and video | Our legitimate interests for this purpose are enforcing our legal rights, preventing and addressing fraud and unauthorised use of the Service, non-compliance with our Terms of Service. |
WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
7.1 We share information with our employees, contractors, affiliates, and third parties who help us operate, provide, improve, integrate, customize, support, and market our Service.
7.2 We may also appoint third party data processors to process Personal Data on our behalf. We will ensure processors only process data according to our instructions and have appropriate security and confidentiality measures in place.
7.3 Service providers:
We share Personal Data with third parties that we appoint to provide services or perform business functions on our behalf, based on our instructions. We may share your Personal Data with the following types of service providers:
AWS (Amazon Web Services):
AWS serves as our primary cloud computing platform, hosting and scaling our infrastructure to meet the demands of our Users. It provides a secure and reliable foundation for our applications and services.
It will process all the same data as Users and Trainers provide to us in the App.
Vercel:
Vercel is our chosen platform for deploying and hosting frontend applications. Its seamless integration with Git allows for efficient and automated deployments, enabling us to deliver updates to our Users with speed and reliability.
Zoom:
Zoom is utilised for communication services, enabling us to integrate video, and other messaging functionalities into our applications. This facilitates efficient and reliable communication between our platform and Users.
Stripe:
Stripe is our payment processing partner. It ensures secure and seamless transactions, allowing our Users to make payments or for Trainers to receive payments and transact on our App with confidence.
Google Analytics:
Google Analytics is employed to gather valuable insights into User behavior and interaction with our App. This data aids in refining our services, optimising User experience, and making informed business decisions.
Mixpanel:
Mixpanel provides advanced analytics and User engagement insights. We leverage Mixpanel to understand User journeys, track feature adoption, and enhance the overall user experience based on data-driven decisions.
Adjust:
Adjust is utilised for mobile app attribution and analytics. It helps us measure the effectiveness of our marketing campaigns, understand User acquisition, and optimise our App's performance.
Brevo:
Brevo is an email marketing and automation platform. It provides tools for creating and managing email campaigns, designing newsletters, and automating marketing processes. We use Brevo to send transactional emails and marketing emails.
Facebook Ads:
Facebook Ads is an online advertising platform developed by Facebook that allows businesses and individuals to create and display targeted advertisements on the Facebook platform. Advertisers can define specific audience demographics, interests, and behaviors to reach their desired target audience, making it a powerful tool for promoting products, services, or content to a tailored audience on the world's largest social media platform.
https://www.facebook.com/business/help/1247534515288168? id=735435806665862
OneSignal:
OneSignal is a push notification, email, SMS, and in-app messaging software. It helps us to personalise and improve a User’s experience based on how they interact with the App and services. We use OneSignal to send personalised marketing messages to Users based on the actions they have taken within the App.
7.4 Law enforcement agencies and other public authorities
7.5 Third parties as part of a merger or acquisition
7.6 Trainers
We may share your Personal Data, including your health data, with a Trainer who is booked by you to create a customized workout. We will only share the data necessary to provide the requested service. The Trainer will be required to keep your data confidential and use it only for the purpose of creating your workout.
8.1 To be in control of your Personal Data, you have the following rights:
9.AGE LIMITS
We do not knowingly process Personal Data from persons under 18 years of age. If you learn that anyone younger than 18 has provided us with Personal Data, please contact us at support@buttn.com.
10.1 We will store some of your Personal Data within the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your Personal Data will be fully protected under the EU GDPR and/or to equivalent standards by law. Transfers of Personal Data to the EEA from the UK are permitted without additional safeguards.
10.2 We may store some or all of your Personal Data in countries outside of the UK. These are known as “third countries”. We will take additional steps in order to ensure that your Personal Data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation as follows:
10.2.1 We ensure that your Personal Data is protected under binding corporate rules. Binding corporate rules are a set of common rules which all our group companies are required to follow when processing Personal Data. For further information, please refer to the Information Commissioner’s Office.
10.2.2 We will only store or transfer Personal Data in or to countries that are deemed to provide an adequate level of protection for Personal Data. For further information about adequacy decisions and adequacy regulations, please refer to the Information Commissioner’s Office.
10.2.3 We will use specific approved contracts which ensure the same level of Personal Data protection that apply under Data Protection Legislation. For further information, please refer to the information Commissioner’s Office.
10.3 Please contact us using the details for further information about the particular data protection safeguard[s] used by us when transferring your Personal Data to a third country.
10.4 The security of your Personal Data is essential to us, to protect your data, we take a number of important measures, including the following:
11.1 We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects Personal Data protection.
11.2 Any changes will be immediately posted on the App and you will be deemed to have accepted the terms of the Privacy Policy on your first use of the App following the alterations.
12.1 We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this policy unless a longer retention period is required or permitted by law.
12.2 User account data including your name, email address, password and details of classes booked will be retained for a period of 6 years after closure of your account or the end of your customer relationship with us. This Personal Data processing is necessary for contractual performance.
12.3 Health and fitness data including details of classes booked, health conditions and fitness goals disclosed during the booking process will be retained for 6 years from the end of your customer relationship. This Personal Data processing is necessary for compliance with our legal obligations.
12.4 At the end of the retention period, your Personal Data will be permanently deleted securely from all our active systems, backups and archives.
12.5 You have the right to request erasure of your Personal Data without undue delay where one of the grounds under Article 17 of the GDPR applies and we do not have a legal basis for retaining it. You can contact us to request erasure and we will respond within one month.
12.6 We may retain your Personal Data for longer than the periods described above if it is necessary for legal claims or proceedings. We will only retain your Personal Data for as long as is reasonably necessary for these purposes.
HOW “DO NOT TRACK” REQUESTS ARE HANDLED
We shall respect any Do Not Track signal sent by a User's device or browser and we shall not use tracking technologies to track individuals who have sent a Do Not Track signal.
CONTACT US
You may contact us at any time for details regarding this Privacy Policy and its previous versions. For any questions concerning your account or your Personal Data please contact us at support@buttn.com.
We recommend that you check this page regularly to keep up-to-date.
Effective as of: December 15th 2023