09 Jan 2025

09 Jan 2025

09 Jan 2025

Privacy Policy

Last updated: 19/06/2025
Effective date: 19/06/2025 or upon user acceptance

1. Introduction

Welcome to the Almax Privacy and Cookies Policy (the “Policy”). “Almax,” “we,” “us,” or “our” refers to ALMAX COLLECTIVE SINGLE-MEMBER P.C., based in Thessaloniki, Greece. This Policy describes how we collect, use, disclose, and protect your personal information when you interact with our services, website, and mobile app (collectively, the “Platform”).

Your personal information means any data that can directly or indirectly identify you. We take your privacy seriously and are committed to protecting your data under Regulation (EU) 2016/679 (GDPR) and Greek Law 4624/2019.

2. Who We Are

Almax operates fitness, wellness, and activity-related services, enabling users (“you”) to discover, book, and attend classes or services provided by independent third-party venues ("Partner Venues"). Our registered office is at 20 Valaoritou Street, Thessaloniki, Greece.

  • GEMI Reg. No.: 156260901000

  • VAT No.: 802840883

3. Information We Collect

We may collect the following categories of personal data, depending on how you interact with us:

  • Identification Data: Name, email, phone number, address, age, gender

  • Account Credentials: Login and password

  • Booking & Transaction Data: Reservation details, payment method (e.g., through Stripe), activity history

  • Device and Usage Data: IP address, browser type, geolocation (via Google Maps API), access times, visited pages

  • Media: Profile photo, fitness history, support call recordings

  • Social & Third-Party Logins: If you log in via Google, Facebook, etc., we may receive public data (e.g., profile, email, photos)

We do not request or process sensitive personal data (e.g., health or biometric data), unless explicitly required and with your consent.

4. How We Use Your Data

We use your personal data for:

  • Creating and managing your account

  • Processing bookings and payments

  • Sending notifications and support messages

  • Improving our services and user experience

  • Enforcing our Terms and Conditions

  • Marketing (if you consent)

  • Complying with legal obligations

We rely on legal bases such as contractual necessity, legitimate interest, legal compliance, and user consent.

5. Data Sharing and Third Parties

We may share your data with:

  • Payment processors (e.g., Stripe)

  • Partner Venues to confirm bookings

  • Customer support and technical services

  • Analytics and marketing tools (e.g., Google Analytics, Google Ads)

  • Legal or regulatory authorities when required

We never sell your data. We may share anonymized data for analysis or business insights.

6. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., pixels, beacons) to:

  • Improve user experience

  • Measure website performance

  • Track usage for analytics and advertising

Some cookies are essential, while others are used for functionality, analytics, or marketing. You can manage cookies through your browser settings. For more details, see our Cookie Policy.

7. International Transfers

Almax processes your data within the EU (Greece and Cyprus). We do not transfer your data outside the EU unless safeguards (e.g., SCCs) are in place.

8. Data Retention

We retain your personal data only as long as necessary:

  • For service provision and booking records

  • To comply with legal obligations (e.g., tax, invoicing)

  • Or until you delete your account

If data is no longer needed, we will anonymize or delete it. Maximum retention period: one (1) year unless required by law.

9. Security Measures

We take appropriate technical and organizational measures to protect your data, including encryption, access control, and secure hosting. However, no system is completely secure. Accessing the Platform is at your own risk.

You are responsible for keeping your login credentials safe. If you suspect a breach, notify us immediately at hello@almaxcollective.com.

10. Your Rights Under GDPR

You have the right to:

  • Access your data

  • Correct inaccurate or outdated information

  • Request deletion (“right to be forgotten”)

  • Object to processing

  • Restrict processing

  • Data portability

  • Not be subject to automated decision-making

To exercise any of these rights, email us at hello@almaxcollective.com. We aim to respond within one (1) month. Identity verification may be required.

You may also contact the Greek Data Protection Authority:

11. Children's Data

The Almax Services are not intended for anyone under 18 years old. We do not knowingly collect data from minors. If we discover such data has been collected, we will delete it. If you're a parent or guardian and believe your child has shared data, contact us.

12. Do-Not-Track and Browser Settings

Currently, we do not respond to browser “Do-Not-Track” (DNT) signals due to lack of a universal standard. If this changes, we will update our Policy accordingly.

13. Updates to This Policy

This Policy may change from time to time. The updated version will be posted with a new “Last updated” date. In the case of significant changes, we may notify you via email or in-app notification.

14. Contacting Almax

For any questions or concerns regarding your personal data or this Policy, please contact:

Email: hello@almaxcollective.com
Website: www.almaxcollective.com
Registered Office: 20 Valaoritou Street, Thessaloniki, Greece