Privacy Policy
Last updated: 3 July 2026
This Privacy Policy explains how MoveMembers ("we", "us") collects, uses and protects personal data when you use our gym management software and website at movemembers.com (the "Service"). We keep this simple and only collect what we need to run the Service.
1. Who we are
MoveMembers is operated by NOPASTUDIO, based in Singapore. For any privacy question, contact us at hello@movemembers.com.
2. Data we collect
- Account data: the gym owner or staff name, email, password (stored hashed), gym name and type.
- Gym data you enter: your members, classes, bookings, payments, notes and related records that you add to run your gym.
- Payment data: when you subscribe, payment is processed by Stripe. We do not store your full card number; we keep only a subscription reference and status.
- Technical data: basic logs (IP address, browser, timestamps) needed for security and to operate the Service.
3. How we use data
- To provide, secure and improve the Service.
- To manage your account, subscription and billing.
- To send service emails (sign-up confirmation, receipts, expiry reminders, important notices).
- To respond to your support requests.
4. Legal bases
Where the GDPR applies, we process data to perform our contract with you (providing the Service), to comply with legal obligations (for example accounting), and for our legitimate interests in securing and improving the Service.
5. Members' data (you are the controller)
The member information you enter belongs to you and your gym. For that data you are the data controller and MoveMembers acts as a data processor: we process it on your instructions solely to provide the Service. You are responsible for informing your members and having a lawful basis to store their data.
6. Service providers we use
We share the minimum data needed with trusted providers: Stripe (payments), Resend and our email provider (transactional email), and our hosting provider (running the servers). If you enable LINE messaging, messages you send pass through the LINE Messaging API. Each provider processes data under its own terms and security measures.
7. International transfers
Our providers may process data outside your country. Where required, transfers rely on appropriate safeguards such as standard contractual clauses.
8. Data retention
We keep your data for as long as your account is active. After you close your account, we delete or anonymise your data within a reasonable period, except where we must keep records to comply with the law (for example tax records).
9. Security
We use technical and organisational measures to protect data, including encrypted connections (HTTPS), hashed passwords and access controls. No method is perfectly secure, but we work to protect your information.
10. Your rights
Depending on your location, you may have the right to access, correct, export or delete your personal data, and to object to or restrict certain processing. You can export your gym data at any time from Settings, or contact us at hello@movemembers.com.
11. Cookies
We use only essential cookies needed to keep you signed in and to secure the Service. We do not use advertising cookies.
12. Children
The Service is intended for gym businesses, not for use by children. If a gym stores data about minor members, the gym is responsible for obtaining the necessary consent from a parent or guardian.
13. Changes
We may update this policy. We will post the new version here and update the date above. Significant changes will be communicated by email.
14. Contact
Questions about this policy or your data: hello@movemembers.com.