Aller au contenu principal
BimStrength
Download

Privacy Policy

Last Updated: February 14, 2026

BimStrength SAS ("we", "our", "BimStrength") is committed to protecting your privacy. This policy explains how we collect, use, share and protect your personal information across all BimStrength applications and services.

Data Controller

BimStrength SAS

Email: privacy@bimstrength.com

Data Protection Officer (DPO): dpo@bimstrength.com

1. Information We Collect

Information You Provide

Account Creation

Name, email address, phone number (optional), date of birth, profile photo, biography, interests and categories of content

Social Content

Videos and photos you post, comments, messages, likes, shares, and other interactions on the BimStrength social platform

Training Data

Workout logs, exercise history, performance metrics, personal records, custom training programs (via BimStrength Training)

Nutrition Data

Food intake logs, calorie tracking, macronutrient data, meal plans, nutritional goals (via BimStrength Nutrition)

Body Tracking Data

Body weight, measurements (chest, waist, arms, legs, etc.), progress photos, body composition estimates, goals (via BimStrength Track)

Coaching Data

Client lists, coaching programs, schedules, reviews, professional credentials, marketplace profile (via BimStrength Coach)

Gym & Access Data

Gym check-in history, attendance patterns, subscription information, gym preferences (via BimStrength Access)

Communications

Messages you send us, survey responses, contest participations, support requests

Payments

Billing information for Premium subscription, transaction history (credit card data is processed exclusively by our PCI-DSS compliant payment providers — Stripe, Apple Pay, Google Pay)

Automatically Collected Information

Usage Data

Pages and features viewed across all applications, videos watched and viewing time, interactions (likes, shares, comments), searches performed, date and time of use, app switching patterns

Technical Data

IP address, browser/app type and version, operating system, device identifiers (IDFA/GAID), screen resolution, mobile network information

Location Data

Approximate location based on IP address; precise GPS location only with your explicit consent (used for gym check-in in BimStrength Access)

Information from Third Parties

Google OAuth

When you sign in with Google: your Google profile name, email address, and profile photo (with your consent). We do not access your Google contacts, files, or other Google data.

Social Login (Other)

Profile information from other authentication providers (Apple, Facebook) when you choose to sign in with them

Advertising Partners

Advertising identifiers, campaign attribution data (for free-tier users only)

Other Users

May tag you in content, mention you in comments, or share content involving you

2. How We Use Your Information

To Provide Our Services

  • Create and manage your account across all BimStrength applications
  • Personalize your content feed and recommendations
  • Enable content creation, sharing, and interactions
  • Facilitate connections between users, coaches, and clients
  • Process Premium subscription payments
  • Provide training, nutrition, and body tracking features
  • Enable gym check-in and access management

To Improve Our Services

  • Analyze usage trends across the ecosystem
  • Develop new features and applications
  • Resolve technical issues and optimize performance
  • Conduct research and statistical analysis
  • Train and improve recommendation algorithms

For Security

  • Detect and prevent fraud and unauthorized access
  • Protect against abuse, spam, and malicious behavior
  • Verify user and coach identity
  • Enforce our terms, policies, and community guidelines

For Advertising (Free Users)

  • Display personalized advertisements
  • Measure campaign effectiveness
  • Understand your interests for ad targeting

Note: Premium subscribers do not see advertisements. You can manage ad personalization in your privacy settings.

To Communicate With You

  • Send important service notifications and security alerts
  • Inform you about new features and ecosystem updates
  • Respond to your support requests
  • Send marketing communications (only with your explicit consent)

3. Sharing Your Information

With Other Users

Depending on your privacy settings: your public profile (name, photo, bio), content you post, your public interactions. Coach profiles are publicly visible on the marketplace.

Across BimStrength Applications

Your account data and certain health/fitness data are shared across the BimStrength ecosystem (Social, Training, Nutrition, Track, Coach, Access) to provide an integrated experience. You can manage cross-app data sharing in your account settings.

With Our Service Providers

We share information with third parties who help us: host our services (cloud infrastructure), process payments (Stripe), send communications (email/push), analyze usage (analytics), provide customer support, ensure security (fraud detection). All providers are contractually bound by data processing agreements (DPAs) to protect your data.

With Advertising Partners (Free Users)

For non-Premium users, we may share: advertising identifiers, aggregated usage data, inferred interests. You can limit this sharing in your privacy settings or upgrade to Premium for an ad-free experience.

For Legal Reasons

We may disclose your information if necessary to: comply with a legal obligation or court order, protect our rights or property, prevent fraud or abuse, protect the safety of our users or the public, respond to lawful requests from public authorities.

In Case of Business Transfer

If BimStrength is involved in a merger, acquisition, or asset sale, your information may be transferred to the acquiring entity. We will notify you by email and/or prominent notice before any such transfer occurs.

4. Health & Fitness Data (Special Category)

BimStrength processes data that may qualify as health data under GDPR Article 9. This includes training logs, nutrition data, body measurements, weight history, and progress photos.

Legal Basis

  • We process health data based on your explicit consent (GDPR Art. 9(2)(a))
  • You can withdraw consent at any time via your account settings
  • Withdrawing consent does not affect the lawfulness of processing done prior to withdrawal
  • Some health data processing is necessary for the performance of our contract with you (providing fitness tracking services)

Enhanced Protections

  • Health data is encrypted at rest with AES-256 encryption
  • Access to health data is restricted to essential personnel only
  • Health data is never shared with advertising partners
  • Health data is never used for ad targeting purposes
  • You can export or delete all your health data at any time

5. Your Rights (GDPR)

As a user, and particularly as an EU/EEA resident, you have the following data protection rights:

Right of Access

Request a copy of all personal data we hold about you, across all BimStrength applications.

Right of Rectification

Correct inaccurate or incomplete information in your profile and data.

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data. This will delete your account and data across all applications.

Right to Restriction of Processing

Request that we limit the use of your data while a dispute is resolved.

Right to Data Portability

Receive your data (including training, nutrition, and body tracking data) in a structured, machine-readable format (JSON/CSV).

Right to Object

Object to processing of your data for marketing, profiling, or legitimate interest purposes.

Right to Withdraw Consent

Withdraw your consent at any time for processing based on consent (e.g., health data, marketing communications).

Right Regarding Automated Decisions

Not be subject to decisions based solely on automated processing that significantly affect you, and request human review.

How to Exercise Your Rights

  • Via your account settings (Privacy section)
  • By contacting us at privacy@bimstrength.com
  • By contacting our DPO at dpo@bimstrength.com
  • Via our online data request form

We will respond to your request within one month. In complex cases, this may be extended by two additional months with prior notification.

You have the right to file a complaint with your local data protection authority. In France: CNIL (Commission Nationale de l'Informatique et des Libertés) — www.cnil.fr

6. Data Retention

Data TypeRetention Period
Account DataDuration of account + 3 years
Published Content (videos, photos)Until deleted by user or account termination + 30 days
Private Messages1 year after account deletion
Training Data (workouts, programs)Duration of account; exported on request
Nutrition Data (food logs, plans)Duration of account; exported on request
Body Tracking Data (weight, measurements)Duration of account; exported on request
Progress PhotosUntil deleted by user or account termination + 30 days
Gym Check-in HistoryDuration of account + 1 year
Coach-Client DataDuration of coaching relationship + 3 years
Payment Data10 years (French legal obligations)
Connection Logs1 year (French legal obligations)
CookiesSee Cookie Policy

7. Data Security

We implement robust technical and organizational measures to protect your data:

  • Encryption of all data in transit (HTTPS/TLS 1.3)
  • Encryption of sensitive and health data at rest (AES-256)
  • Strict role-based access controls (RBAC)
  • Regular security audits and penetration testing
  • Employee security awareness training
  • Incident response and breach notification plan
  • Two-factor authentication support
  • Regular automated backups with encrypted storage
  • DDoS protection and rate limiting
  • Compliance with industry standards (OWASP Top 10)

Despite these measures, no system is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication. Report any security concerns to security@bimstrength.com.

8. International Transfers

Your data is primarily stored on servers located within the European Union. When data is transferred outside the EU/EEA, we ensure an adequate level of protection through: EU Commission Standard Contractual Clauses (SCCs), adequacy decisions by the European Commission, and binding corporate rules where applicable. You can request information about specific transfer safeguards by contacting our DPO.

9. Third-Party Services & OAuth

Authentication Providers

  • Google OAuth: we receive your name, email, and profile photo. Google's privacy policy applies to data processed by Google.
  • Apple Sign-In: we receive your name and email (or a private relay email). Apple's privacy policy applies.
  • We do not receive or store your passwords from any OAuth provider.

Payment Processors

Payment data is processed by Stripe, Apple Pay, and Google Pay. We receive transaction confirmations but never your full credit card number. These processors are PCI-DSS Level 1 certified.

Analytics & Performance

We use analytics tools to understand how our services are used and improve performance. These tools collect anonymized or pseudonymized usage data. You can opt out of analytics tracking in your privacy settings.

10. Automated Decision-Making

Content Recommendations

We use algorithms to personalize your content feed, suggest training programs, and recommend coaches. These recommendations are based on your usage patterns, interests, and stated goals. You can reset or adjust your recommendation preferences in settings.

Content Moderation

We use automated systems to detect content that violates our Community Guidelines (spam, harmful content, etc.). Automated decisions are always subject to human review upon appeal.

No Significant Automated Decisions

We do not make decisions based solely on automated processing that have legal or similarly significant effects on you without human involvement.

11. Children's Privacy

BimStrength is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we discover that a child under 16 has provided us with personal data, we will promptly delete it and terminate the associated account. For users aged 16 to 18, additional protections apply: limited data sharing, restricted messaging features, and no targeted advertising. Parents or guardians may contact us at privacy@bimstrength.com to request deletion of a minor's data.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. For significant changes, we will notify you at least 30 days in advance by:

  • Email notification to your registered address
  • In-app notification across all BimStrength applications
  • Prominent banner on our websites

Related Documents

Terms of ServiceCookie PolicyCommunity Guidelines

Contact

For any questions about your privacy:

Privacy: privacy@bimstrength.com

DPO (Data Protection Officer): dpo@bimstrength.com

Security: security@bimstrength.com

Populaire
Explorer
Actualités
Profil