It is agreed between the Parties that Itemperance Consulting Pvt. Ltd. is a service provider in India for Fitze, an application owned by FitOnClick. The Policies governing the operations of Fitze and data protection are formulated by FitOnClick as per the laws of UAE.
This Privacy Policy (“Policy”) is designed to help you understand how we use your Personal Data in accordance with the data protection laws and regulations in the Abu Dhabi Global Market (“ADGM”) [1], UAE’s Personal Data Protection Law (“PDPL”), European Union’s General Data Protection Regulation (“GDPR”), and further guidance thereunder applicable legislation. This Policy applies to the Processing of Personal Data by Fitze, which is incorporated in ADGM, Abu Dhabi, United Arab Emirates.
We encourage you to read the whole Policy. This policy was last updated on September 23rd, 2023.
We, Fitonclick FZE, and our affiliate, subsidiary and parent companies (collectively, “Fitze”, “us”, “we” or “our”) and as applicable to the respective entity, in this Privacy policy.
Our registered office is located at:
Fitonclick FZE
T1-10-6F AKEZ Amenity Center
Al Hamra Industrial Zone-FZ
In compliance with the applicable legislation and regulations (“Applicable Legislation”), we collect several different types of information for various purposes to provide and improve our Service to you.
Personal Data is any information referring to an identified or Identifiable Natural Person [3]. This includes information like your name, (e-mail) address, and telephone number but can also include less obvious information such as your attendance at a seminar or analysis of your use of our website(s).
Additional protection is afforded under the Applicable Legislation to Special Categories of Personal Data, i.e., Personal Data revealing or concerning (directly or indirectly) racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade-union membership and health or sex life and including genetic data and biometric data where it is used for the purpose of uniquely identifying a natural person.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you through emails, phone calls, SMS, WhatsApp or social media. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link on emails or through an explicit email to support@fitze.ae requesting opt out.
We may also collect information that your browser sends whenever you visit our Service or when you access Service by or through any device (“Usage Data”).
This Usage Data may include information such as your computer’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access Service with a device, this Usage Data may include information such as the type of device you use, data from Services and fitness app, your device unique ID, the IP address of your device, your device operating system, the type of Internet browser you use, unique device identifiers and other diagnostic data.
We might also use user-generated data from the fitness activities and associated services, including fitness-generated data, fitness performance data, and sell or provide it to third parties and governments in an anonymized fashion.
By using Fitze app and services, you give up any rights to the data our platform generates while you are using it, and you are giving up any commercial rights arising from the data you generate in the app and associated Fitze platforms.
We may use and store information about your location if you give us permission to do so (“Location Data”). We use this data to provide features of our Service, to improve and customize our Service.
You can enable or disable location services when you use our Service at any time by way of your device settings.
We use cookies and similar tracking technologies to track the activity of our Service, and we hold certain information.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies such as beacons, tags, and scripts, are also used to collect and track information, and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
We may also collect the following information: sex, age, date of birth, place of birth, passport details, citizenship, registration at place of residence and actual address, telephone number (work, mobile), details of documents on education, qualification, professional training, employment agreements, NDA agreements, information on bonuses and compensation, information on marital status, family members, social security (or other taxpayer identification) number, office location, and other data related to employment with Fitze.
Our Services are not intended for use by children under the age of 18 (“Child” or “Children”).
We do not knowingly collect personally identifiable information from Children under 18. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.
This is our general Privacy Policy that applies to our operations.
This Policy may be updated from time to time and can be found in its most current format here: https://www.fitze.ae/privacy-policy/
We Process your Personal Data in our capacity as a Controller. This means we are responsible for ensuring we comply with the Applicable Legislation when Processing your Personal Data.
We have a data protection officer (DPO) to monitor our compliance with data privacy, provide advice where requested, and cooperate with supervisory authorities. You can contact our data protection officer for any queries relating to our Data Processing activities under this Policy or Applicable Legislation, by:
sending an email to: jason@cybersense.one
calling us at: +1 (570) 530-9779
For any queries relating to our Data Processing activities in relation EU (European Union) GDPR (General Data Protection Regulation) requirements, you may contact us by:
sending an email to: jason@cybersense.one
writing us at:
JORGE SIMÕES DIAS UNIPESSOAL LDA
Address: Rua Doutor Justino Cruz 90 7, 4700-314 Braga – Portugal
We only collect Personal Data about you in connection with providing our services and conducting our normal business operations, and/ or communications to invite you to our event or sharing relevant information with you. We may hold information about you if:
Depending on the purposes, the types of information we Process about you may include:
Types of Personal Data | Details |
Individual details | Name, address (including proof of address), other contact details (e.g., email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you |
Identification details | Identification numbers issued by government bodies or agencies, such as your passport number, Emirates ID or other national identity number, tax identification number and driving license number, including copies of such government-issued identification document |
Financial information | Bank account details, income, source of wealth, source of funds or other financial information |
Engagement details | Information about you which is relevant to a matter on which we are providing our Service or a client |
Anti-money laundering and sanctions data | Screening information received from various anti-money laundering, counter-terrorism financing and sanctions databases relating to you |
Special Categories of Personal Data | Information about your political affiliations or opinions or criminal record, to the extent required for compliance with Applicable Legislation. |
Identifiers | Information which can be traced back to you, such as an IP address, a website tracking code or any other information that may be automatically collected through our Website(s) or any other digital communication or network security applications used by us. |
As a policy, we do not normally collect any Special Categories of Personal Data, unless such collection is warranted under specific circumstances such as employment.
We may collect your Personal Data from various sources, including:
The sources that apply to you will depend on the purpose for which we are collecting your Personal Data. Where we obtain your information from a third party, we may ask them to provide you with a copy of this Privacy Policy (or a shortened version of it) to ensure that you know we are Processing your information and the purpose for such Processing.
In this section we set out in more detail:
Purpose for Processing | Lawful basis for Processing |
Client services We may obtain information about individuals where this is necessary or appropriate to provide services to our clients. We disclose this information to our clients in connection with our role in the relevant engagement. | For Personal Data -Performance of an engagement |
Fitness data We collect information about you in relation to your usage of our services and products. We do not collect Special Categories of Personal Data for this purpose. | For Personal Data -Consent from Data Subject |
Service providers We collect information about you in connection with your provision of services to us or your position as a representative of a provider of services to us. We do not collect Special Categories of Personal Data for this purpose, other than where we are required to do so to meet our legal obligations (see ‘Anti-Money Laundering and other legal obligations’ above). | For Personal Data -Performance of an engagement |
Seminars, events, legal updates, and other marketing activities If you wish to attend our seminars or events or receive our updates, we ask you to provide us with a limited amount of information (normally your work contact details, your employer’s name, your job title, and the legal subjects/events of interest). We use this information to communicate with you about our seminars, events, and updates, to ensure that you are an appropriate audience for them, and to conduct analysis for marketing purposes. We do not collect Special Categories of Personal Data for this purpose. | For all communications with you -Consent from Data Subject |
Visitors to our websites Where you provide us with Personal Data on our Website(s) for the purpose of inquiring about our services, we will only use it for the purpose of communicating with you in connection with your request. Most of our websites have a few non-intrusive cookies to help them work more efficiently and to provide us with information on how the website is being used You can control cookies through the settings or preferences of your browser, as well as through dedicated browser extensions or add-ons. We do not collect Special Categories of Personal Data on our Website(s). | For Personal Data – Consent for business development purposes |
Visitors to our offices We have security measures in place at our offices, which include building access controls and may include CCTV. Images captured by CCTV are securely stored and only accessed on a need-to-know basis (e.g., to investigate an incident). Visitors to our offices may be required to sign in and sign out at building reception in accordance with the building’s security policies. In addition, we may also maintain visitor records ourselves, which are securely stored and only accessible on a need-to-know basis (e.g., to investigate an incident). We do not collect Special Categories of Personal Data for this purpose. | For Personal Data – Consent for information security and physical security purposes |
Visitors to our events Where you provide us with Personal Data on our Website(s) for the purpose of inquiring about our services, we will only use it for the purpose of communicating with you in connection with your request. | For Personal Data –Consent for business development purposes |
Staff Recruitment We ask you to provide Personal Data to us as part of your job application. We will also conduct checks in order to verify your identity and the information in your application as well as to obtain further information about your suitability for a role within the group. This may include obtaining information from regulators, anti-money laundering databases, sanctions lists, etc. In some cases, this information will include Special Categories of Personal Data, where such information is required for the purpose of pre-employment verification checks or other employment-related Processing. | For Personal Data -(1) For compliance with Applicable Legislation that we are subject to For Special Categories of Personal Data -For carrying out our obligations and exercising our rights in the context of the Data Subject’s employment |
Former Staff We retain the Personal Data of former staff members to the extent that we have a statutory obligation to do so. | For all Personal Data -For compliance with Applicable Legislation that we are subject to |
We generally Process your Personal Data based on your consent (as we usually cannot rely on another lawful basis). Where we do Process your Personal Data based on your consent, you have the right to withdraw your consent at any time. To withdraw your consent, please contact us using the contact details mentioned above.
We do not sell your information nor make it generally available to others. However, we may share your information in the following circumstances:
In each case where we share your Personal Data with other parties, whether or not in an adequate jurisdiction, we take appropriate measures and ensure that the relevant party is contractually required to keep such Personal Data safe, secure and confidential in accordance with the minimum standards under the applicable legislation.
We implement appropriate steps to help maintain the security of our information systems and processes and prevent the accidental destruction, loss, or unauthorized disclosure of the Personal Data we Process.
How We Protect Your Personal Data
We maintain administrative, technical, and physical safeguards for the protection of your Personal Data.
Access to the Personal Data of our users is limited to authorized personnel who have a legitimate need to know based on their job descriptions, for example, employees who provide technical support to end users, or who service user accounts. In the case of third-party contractors who process personal information on our behalf, similar requirements are imposed. These third parties are contractually bound by confidentiality clauses, even when they leave the company. Where an individual employee no longer requires access, that individual’s credentials are revoked.
We store your personal information in our database using the protections described above. In addition, we utilize technical safeguards such as up-to-date firewall protection for an additional layer of security, high-quality anti-virus software, and we regularly update our virus definitions. Third parties who we hire to provide services and who have access to our users’ data are required to adopt appropriate measures if we deem them necessary.
Access to user information in our database by Internet requires using an encrypted VPN, except for email which requires user authentication. Third-party contractors who process Personal Data on our behalf agree to provide reasonable physical safeguards.
We strive to collect no more Personal Data from you than is required by the purpose for which we collect it. This, in turn, helps reduce the total risk of harm should data loss or a breach in security occur: the less data we collect, the smaller the overall risk.
We do not use profiling (where an electronic system uses Personal Data to try and predict something about you) or automated decision making (where an electronic system uses Personal Data to make a decision about you without human intervention).
We retain your Personal Data in accordance with our data retention policy which categorizes all the information held by us and specifies the appropriate retention period for each category of information. Those periods are based on the requirements of the relevant laws and regulations, and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and our business purposes.
We transfer Personal Data in specific circumstances. We do not work within sanction-affected states.
Where any such transfers of Personal Data to non-adequate jurisdictions take place, we take appropriate measures in accordance with the Law.
We are a global business that provides products and services all around the world. In order to reach all of our users and provide all of them with our software, we operate on an infrastructure that spans the globe. The servers that are part of this infrastructure may therefore be located in a country different than the one where you live. We provide the same level of protection to all Personal Data processed.
At the same time, when we transfer Personal Data or cooperate with a third-party vendor, we always make sure to put in place appropriate safeguards, such as Standard Contractual Clauses or adequacy decisions adopted by ADGM, to ensure that your data remains safe and secure at all times and that your rights are protected.
Situations where we transfer Personal Data include allowing access to Personal Data stored in the Amazon cloud services, the provisioning of our products and services and third-party services related to it, the processing of transactions and of your payment details, sharing of fitness data to third parties and governments, and the delivery of support services. Further, a transfer may also occur in case of a merger, acquisition or a restructuring (see the Mergers, Acquisitions and Restructurings section).
Like any other company, we too go through our own cycle of growth, expansion, streamlining and optimization. Our business decisions and market developments therefore affect our structure. As a result of such transactions, and for maintaining a continued relationship with you, we may transfer your Personal Data to a related affiliate.
If we are involved in a reorganization, merger, acquisition or sale of our assets, your Personal Data may be transferred as part of that transaction. We will notify you of any such deal and outline your choices in that event, when applicable. Information including personal data relating to our business may be shared with other parties in order to evaluate and conclude the transaction. This would also be the case if we were required by law to make such changes.
If you have any questions in relation to our use of your Personal Data, please contact us using the details provided:
For any queries relating to our Data Processing activities under this Policy or Applicable Legislation, you may contact us by:
sending an email to: jason@cybersense.one
calling us at: +1 (570) 530-9779
For any queries relating to our Data Processing activities in relation EU (European Union) GDPR (General Data Protection Regulation) requirements, you may contact us by:
sending an email to: jason@cybersense.one
writing us at:
JORGE SIMÕES DIAS UNIPESSOAL LDA
Address: Rua Doutor Justino Cruz 90 7, 4700-314 Braga – Portugal
Subject to certain exceptions outlined in local legislation, you have the right to require us to:
In certain circumstances, we may need to restrict your rights to safeguard the public interest (e.g., the prevention or detection of crime) and our interests (e.g., responding to regulatory requests) or in accordance with other exceptions and limitations specified in local legislation.
If you are not satisfied with our use of your Personal Data or our response to any request by you to exercise your rights, or if you think that we have breached any relevant provision of the Law, then you have the right to complain to the authority that supervises our Processing of your Personal Data.
Our data protection supervisory authority is the Office of Data Protection in ADGM whose contact details are as follows:
Office of the Data Protection, ADGM
Abu Dhabi Global Market
Telephone: +971 (2) 333 8888
Website: https://www.adgm.com/operating-in-adgm/office-of-data-protection
Email: Data.Protection@adgm.com
The California Consumer Privacy Act (“CCPA”) requires us to make certain additional disclosures and provides California residents with the ability to request additional information about their PII. If you are a California resident and it is determined that the CCPA applies to you, this section details those rights, how you may exercise them, and what Fitze will do in response.
Please note that the rights under the CCPA do not apply to PII collected, processed, sold or disclosed pursuant to Gramm-Leach-Bliley Act (Public Law 106-102) and Fair Credit Reporting Act (12 CFR 1022).
If you are an individual who resides in California and whose PII is collected and processed by Fitze, you may have the right to:
We follow the requirements of California Civil Code §1798.125, and will not discriminate against any consumer who exercises the rights set forth in this privacy policy.
[1] https://www.adgm.com/operating-in-adgm/office-of-data-protection
[2] “Processing” of Personal Data can include any one or more of the following, whether or not by automated means: collection, recording, organization, structuring, storage and archiving, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, transfer or otherwise making available, alignment or combination, restricting, erasure or destruction.
[3] Identifiable Natural Person means a natural living person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one (1) or more factors specific to his biological, physical, biometric, physiological, mental, genetic, economic, cultural or social identity (and “Identified Natural Person” is interpreted accordingly).