Privacy Policy
Last updated: 19/06/2025
Effective date: 19/06/2025 or upon user acceptance
1. Introduction
Welcome to the Almax Privacy and Cookies Policy (the “Policy”). “Almax,” “we,” “us,” or “our” refers to ALMAX COLLECTIVE SINGLE-MEMBER P.C., based in Thessaloniki, Greece. This Policy describes how we collect, use, disclose, and protect your personal information when you interact with our services, website, and mobile app (collectively, the “Platform”).
Your personal information means any data that can directly or indirectly identify you. We take your privacy seriously and are committed to protecting your data under Regulation (EU) 2016/679 (GDPR) and Greek Law 4624/2019.
2. Who We Are
Almax operates fitness, wellness, and activity-related services, enabling users (“you”) to discover, book, and attend classes or services provided by independent third-party venues ("Partner Venues"). Our registered office is at 20 Valaoritou Street, Thessaloniki, Greece.
GEMI Reg. No.: 156260901000
VAT No.: 802840883
3. Information We Collect
We may collect the following categories of personal data, depending on how you interact with us:
Identification Data: Name, email, phone number, address, age, gender
Account Credentials: Login and password
Booking & Transaction Data: Reservation details, payment method (e.g., through Stripe), activity history
Device and Usage Data: IP address, browser type, geolocation (via Google Maps API), access times, visited pages
Media: Profile photo, fitness history, support call recordings
Social & Third-Party Logins: If you log in via Google, Facebook, etc., we may receive public data (e.g., profile, email, photos)
We do not request or process sensitive personal data (e.g., health or biometric data), unless explicitly required and with your consent.
4. How We Use Your Data
We use your personal data for:
Creating and managing your account
Processing bookings and payments
Sending notifications and support messages
Improving our services and user experience
Enforcing our Terms and Conditions
Marketing (if you consent)
Complying with legal obligations
We rely on legal bases such as contractual necessity, legitimate interest, legal compliance, and user consent.
5. Data Sharing and Third Parties
We may share your data with:
Payment processors (e.g., Stripe)
Partner Venues to confirm bookings
Customer support and technical services
Analytics and marketing tools (e.g., Google Analytics, Google Ads)
Legal or regulatory authorities when required
We never sell your data. We may share anonymized data for analysis or business insights.
6. Cookies and Tracking Technologies
We use cookies and similar technologies (e.g., pixels, beacons) to:
Improve user experience
Measure website performance
Track usage for analytics and advertising
Some cookies are essential, while others are used for functionality, analytics, or marketing. You can manage cookies through your browser settings. For more details, see our Cookie Policy.
7. International Transfers
Almax processes your data within the EU (Greece and Cyprus). We do not transfer your data outside the EU unless safeguards (e.g., SCCs) are in place.
8. Data Retention
We retain your personal data only as long as necessary:
For service provision and booking records
To comply with legal obligations (e.g., tax, invoicing)
Or until you delete your account
If data is no longer needed, we will anonymize or delete it. Maximum retention period: one (1) year unless required by law.
9. Security Measures
We take appropriate technical and organizational measures to protect your data, including encryption, access control, and secure hosting. However, no system is completely secure. Accessing the Platform is at your own risk.
You are responsible for keeping your login credentials safe. If you suspect a breach, notify us immediately at hello@almaxcollective.com.
10. Your Rights Under GDPR
You have the right to:
Access your data
Correct inaccurate or outdated information
Request deletion (“right to be forgotten”)
Object to processing
Restrict processing
Data portability
Not be subject to automated decision-making
To exercise any of these rights, email us at hello@almaxcollective.com. We aim to respond within one (1) month. Identity verification may be required.
You may also contact the Greek Data Protection Authority:
Website: www.dpa.gr
Phone: +30 210 6475600
Email: contact@dpa.gr
11. Children's Data
The Almax Services are not intended for anyone under 18 years old. We do not knowingly collect data from minors. If we discover such data has been collected, we will delete it. If you're a parent or guardian and believe your child has shared data, contact us.
12. Do-Not-Track and Browser Settings
Currently, we do not respond to browser “Do-Not-Track” (DNT) signals due to lack of a universal standard. If this changes, we will update our Policy accordingly.
13. Updates to This Policy
This Policy may change from time to time. The updated version will be posted with a new “Last updated” date. In the case of significant changes, we may notify you via email or in-app notification.
14. Contacting Almax
For any questions or concerns regarding your personal data or this Policy, please contact:
Email: hello@almaxcollective.com
Website: www.almaxcollective.com
Registered Office: 20 Valaoritou Street, Thessaloniki, Greece