Privacy & Cookies Policy

Last updated: 8 April 2026 · Version 2.0

1. General information

This document sets out the rules for processing personal data within the FitFormiq platform (hereinafter: the “Platform”).

The Platform is closed (invite-only) and intended exclusively for business users (B2B).

2. Data controller

The controller of data relating to the operation of the Platform is:

Quanmedia Sp. z o.o.
ul. Żwirki 17, 90-539 Łódź, Poland
VAT: PL7272794495
Email: kontakt@fitformiq.com

3. Data processing model

Two processing models exist within the Platform:

a) Operator as controller

In respect of:

trainer accounts,
technical data,
communication and support.

b) Operator as processor

In respect of client data:

The Trainer is the controller of client data. The Operator acts solely as a data processor.

The Operator does not determine the purposes or scope of processing client data.

4. Scope of data

4.1 Trainer data (B2B)

first and last name,
business details,
email, phone,
login credentials.

4.2 Client data

(processed on behalf of the trainer)

identification data,
training and dietary data,
measurements and progress,
health data (if entered by the user).

5. Special category data (health)

Health data is processed only:
- on the trainer’s instruction,
- within the use of the Platform.
Responsibility for the legal basis for processing such data lies with the trainer as controller.

Note. The Operator is not responsible for the legality of data processing by the trainer.

6. Purposes of processing

The Operator processes data solely for the purpose of:

providing the Platform’s services,
ensuring system operation,
managing accounts and communication.

7. Legal bases

For trainers:

Art. 6(1)(b) GDPR (B2B contract).

For client data:

as determined by the trainer.

8. Retention periods

trainer data: for the duration of the cooperation,
client data: as decided by the trainer,
technical data: up to 24 months.

The Operator may retain data longer for the purpose of:

pursuing claims,
fulfilling legal obligations.

9. Data recipients

Data may be entrusted to:

hosting providers,
email providers,
IT infrastructure providers.

All entities operate under data processing agreements.

10. Transfers outside the EEA

Data is, as a rule, processed within the EEA.

In the event of transfers outside the EEA, the following safeguards are applied:

Standard Contractual Clauses (SCCs).

11. User rights

For client data — rights are exercised through the trainer as controller.
The Operator may assist in the exercise of these rights but is not their primary addressee.
In respect of trainer data, the following rights apply:
- access,
- rectification,
- erasure,
- restriction.

12. Security

The Operator applies:

HTTPS encryption,
password hashing,
access control,
backups,
security monitoring.

13. Cookies

The Platform uses cookies for:

system operation,
session maintenance,
analytics.

Strictly necessary cookies do not require consent.

14. Changes to this policy

The Operator may amend this policy at any time.

15. Contact

kontakt@fitformiq.com