Effective Date: 15.06.2025

Complexed.fit ("we", "us", or "our") is committed to protecting the privacy and data of our users, partners, employees, and applicants. This Privacy Policy explains how we collect, use, share, and protect your personal data under:

  • The General Data Protection Regulation (GDPR) (EU/EEA),
  • The Swiss Federal Act on Data Protection (nFADP),
  • And applicable data protection laws in other jurisdictions where we operate.
  1. Who We Are

Data Controller: Complexed.fit
Legal Entity Name: Complexed Fit
Email: privacy@complexed.fit

This policy applies to users, customers, partners, employees, job applicants, and visitors globally.

  1. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to our website and app
  • Customers and users of our fitness and wellness services
  • Job applicants and recruitment candidates
  • Business partners, prospects, and vendors (sales and B2B)
  • Marketing campaign participants and newsletter subscribers
  1. Personal Data We Collect

We collect and process the following categories of data:

  1. User & Account Data
  • Name, gender, email, phone, date of birth
  • Username, password (encrypted)
  • Location (e.g., country, time zone)
  • Device data, IP address, cookies
  1. Health & Fitness Data (Special Category – GDPR Art. 9)
  • Weight, height, goals, workout history
  • Medical conditions or injuries (if voluntarily provided)
  1. Transaction & Payment Data
  • Subscription status
  • Billing details, invoices, and payment confirmations
  1. Marketing & Communication Data
  • Email preferences, campaign engagement (opens, clicks)
  • Feedback and survey responses
  1. Sales & B2B Relationship Data
  • Company name, contact person, professional emails
  • Job title, industry, communication history
  1. Recruitment Data
  • CVs, cover letters, portfolio links
  • Interview notes, assessments, references
  • Employment history and education
  • Any voluntarily disclosed sensitive information
  1. Legal Bases for Processing

We process your data under the following lawful bases:

Processing Purpose Legal Basis
Fitness service delivery Contractual necessity
Processing health data Explicit consent
Marketing communications Consent or legitimate interest
Recruitment Legitimate interest or consent
Business operations & analytics Legitimate interest
Legal compliance Legal obligation
Cross-border data transfer Adequate protection (see below)
  1. Your Rights (GDPR + Swiss nFADP)

You have the following rights under GDPR and Swiss law:

  • Right to access – Request your personal data
  • Right to rectification – Correct inaccurate data
  • Right to erasure – Request deletion of your data
  • Right to object – To processing for direct marketing or profiling
  • Right to data portability – Request transfer of data to another provider
  • Right to restrict processing
  • Right to lodge a complaint – With your local supervisory authority (EU/EEA or Switzerland)

Under Swiss law, you also have the right to be informed when data is collected, even indirectly, and a right to challenge automated decision-making.

To exercise these rights, contact us at privacy@complexed.fit.

  1. How We Use Your Data

We use your data to:

  • Manage your account and deliver personalized fitness content
  • Communicate service updates and offers
  • Analyze app usage to improve features and performance
  • Provide support and resolve technical issues
  • Conduct sales outreach and partner communication
  • Manage hiring, interviews, and applications
  • Send newsletters and marketing (with opt-in)
  • Comply with legal and tax obligations
  1. Data Sharing & International Transfers

We share data only with trusted processors and partners:

  1. Processors and Subprocessors:
  • Cloud hosting (e.g., AWS, Azure)
  • CRM, email, and analytics tools
  • Payment gateways (e.g., Stripe, PayPal)
  • Recruiting software (e.g., Greenhouse, Lever)

All processors are bound by Data Processing Agreements (DPAs).

  1. Cross-Border Transfers

If we transfer data outside the EU/Switzerland:

  • We rely on adequacy decisions (e.g., EU–Switzerland)
  • Or implement Standard Contractual Clauses (SCCs)
  • Or obtain your explicit consent for transfers where required
  1. Data Retention

We retain your personal data for as long as needed:

Data Category Retention Period
Account & fitness data Until account deletion + 6 months
Health data Until withdrawal of consent or deletion
Marketing data Until unsubscribe or 2 years of inactivity
Recruitment data 12 months post-application (unless extended by consent)
Sales & B2B data Active engagement + 3 years
Financial data 10 years (legal/tax requirement)
  1. Security Measures

We use industry-standard measures to safeguard your data:

  • TLS encryption for data in transit
  • AES encryption at rest
  • Role-based access control (RBAC)
  • 2FA for admin accounts
  • Regular security audits and compliance reviews

In case of a data breach, we will notify affected individuals and regulators as required by GDPR and Swiss law.

  1. Cookies & Tracking

We use cookies and similar technologies to:

  • Enable essential site functionality
  • Collect anonymized analytics (e.g., Google Analytics)
  • Personalize your experience and offers

Consent is obtained via a cookie banner. You can withdraw consent via browser settings

  1. What Are Cookies?

Cookies are small text files that are placed on your device (computer, phone, tablet) when you visit a website. They store information about your activity or preferences to enhance your experience.

We also use similar technologies such as pixels, web beacons, and local storage.

  1. Types of Cookies We Use
Type Description Examples
Strictly Necessary Cookies Essential for website functionality and security Session cookies, authentication tokens
Performance Cookies Collect anonymous data about how users interact with our site Google Analytics
Functional Cookies Remember choices you’ve made to personalize your experience Language preferences, saved login
Targeting / Marketing Cookies Used to deliver relevant ads and measure campaign performance Facebook Pixel, Google Ads, LinkedIn Insights
Third-Party Cookies Set by third-party services embedded in our site YouTube video embeds, chat tools
  1. Legal Basis for Using Cookies

Under GDPR and Swiss law, we can only place non-essential cookies (e.g., marketing or analytics cookies) with your explicit consent. Essential cookies may be used based on legitimate interest.

Consent is collected via our cookie banner when you first visit the site.

  1. Managing Cookies

You can manage or withdraw your cookie consent in several ways:

  1. Cookie Settings on Our Site

Click [Cookie Settings] at the bottom of our site to customize preferences or withdraw consent.

  1. Browser Controls

You can also block or delete cookies via your browser settings:

  • Chrome: chrome://settings/cookies
  • Firefox: about:preferences#privacy
  • Safari: Preferences > Privacy > Manage Website Data
  • Edge: Settings > Cookies and Site Permissions
  1. Opt-Out Tools

You may opt out of certain tracking via:

  • Google Analytics: https://tools.google.com/dlpage/gaoptout
  • Network Advertising Initiative (NAI): http://optout.networkadvertising.org/
  • European Interactive Digital Advertising Alliance (EDAA): http://www.youronlinechoices.com/
  1. Cookies We Use (Sample List)
Cookie Name Purpose Provider Expiry Type
__cf_bm Bot management Cloudflare 30 minutes Strictly necessary
_ga Visitor tracking Google Analytics 2 years Performance
_fbp Ad targeting Facebook 3 months Marketing
intercom-session Chat functionality Intercom 7 days Functional

Full cookie inventory available on request.

  1. Third-Party Cookies

Our website integrates with services that may place cookies:

  • Google (Ads, Analytics, Tag Manager)
  • Facebook/Meta (Pixel)
  • LinkedIn
  • YouTube/Vimeo (video embeds)
  • Intercom, Zendesk, or other support widgets

These providers are responsible for their own compliance and have their own privacy policies.

  1. Changes to This Policy

We may update this Cookie Policy from time to time to reflect legal or technological changes. We will notify users via banner or email if significant updates occur.

Last updated: [Insert Date]

  1. Contact Us

If you have any questions about our Cookie Policy or data practices

 

  1. Automated Decision-Making

We may use algorithms to:

  • Recommend workouts or dietary plans
  • Score job applications (with human review)

These decisions do not have legal or significant effects, and you can request human intervention.

  1. Data of Minors

Our services are not directed to children under 16. We do not knowingly collect personal data from minors without verified parental consent.

  1. Changes to This Policy

We reserve the right to update this policy to reflect changes in law or services. We will notify you via email or in-app if significant changes are made.

Last updated: [Insert Date]

  1. Contact Information

If you have questions or requests regarding your data:

Privacy Contact:
Email: privacy@complexed.fit