Privacy Policy

Last Updated: December 5, 2025

        Your Privacy Matters

        PerfectLine is committed to protecting your privacy. We collect minimal
        data, do not use tracking or advertising, and do not share your
        information with third parties. You have full control over your data and
        can delete your account at any time.
      

1. Introduction

Welcome to PerfectLine Gym & Fitness ("we," "us," "our," or "the App"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our mobile application.

This Privacy Policy applies to the PerfectLine Gym & Fitness mobile application operated by IT Centar, located at Cara Dušana 90, Niš, Serbia.

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

When you register and use the App, we collect the following information:

Required Information:

Email Address: Used for account authentication, communication, and password recovery
Password: Encrypted and stored securely for account access
First Name and Last Name: For identification and personalization

Optional Information:

Phone Number: For contact purposes (in international format)
Date of Birth: For age verification and personalized services
JMBG (Serbian National ID): For identity verification (Serbian users)
Gender: For demographic purposes
Location: City or area (text field, not GPS coordinates)
Profile Photo: Avatar image URL (if provided)

2.2 Automatically Collected Information

Account and Membership Data:

User ID (system-generated)
Account creation date
Email verification status
Role ID (membership level)
Membership type, start date, end date, and status
Last membership renewal date

Transaction Data:

Payment history (amounts, dates, status)
Account balance
Transaction types (payments, refunds, purchases)

Technical Data:

Authentication tokens (stored locally on your device)
Language preference
App usage patterns (locally stored)

Barcode Data:

Generated check-in barcodes (temporary, refreshed every 55 seconds)
Barcode expiration timestamps

2.3 Information We DO NOT Collect

        What We Don't Collect:
        GPS location or precise geolocation data
Device identifiers for tracking purposes
Browsing history or web activity

            Camera or photo library access (unless you explicitly grant it)
          
Contacts or address book
Microphone or audio data
Third-party advertising IDs
Cross-app tracking data
Biometric data
Health or fitness data

      

3. How We Use Your Information

We use the collected information for the following purposes:

Purpose	Information Used
Account Management	Email, password, name, profile information
Authentication & Security	Email, password, authentication tokens, verification codes
Gym Check-In	User ID, barcode generation, membership status
Membership Management	Membership type, dates, status, renewal information
Transaction History	Payment records, account balance, transaction details
Communication	Email address for notifications, verification, support
Customer Support	All account information as needed to resolve issues
App Functionality	Language preference, locally stored settings
Legal Compliance	All data as required by law or legal process

3.1 What We DON'T Do With Your Data

        
            No Advertising: We do not use your data for
            advertising purposes
          
            No Tracking: We do not track your behavior across
            apps or websites
          
            No Analytics: We do not use third-party analytics
            services
          
            No Profiling: We do not create user profiles for
            marketing
          
            No Selling Data: We never sell your personal
            information to third parties
          
            No Sharing: We do not share your data with third
            parties (except as required by law)

4. How We Share Your Information

4.1 Third-Party Sharing

We do NOT share your personal information with third parties for advertising, marketing, or analytics purposes.

4.2 Limited Disclosure Scenarios

We may disclose your information only in the following limited circumstances:

Legal Obligations:

To comply with applicable laws, regulations, or legal processes
To respond to lawful requests from public authorities (e.g., court orders, subpoenas)
To enforce our Terms of Service or protect our rights and property

Business Transfers:

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity (you will be notified)

With Your Consent:

We may share information with your explicit consent for specific purposes

4.3 Service Providers

We use the following service provider to operate the App:

Backend Infrastructure: IT Centar (developer and hosting provider) operates the API and database servers located in Serbia

No other third-party services, analytics tools, advertising networks, or tracking services are used.

5. Data Storage and Security

5.1 Where Your Data is Stored

Server Location: Your data is stored on secure servers operated by IT Centar in Serbia
Local Storage: Authentication tokens and cached data are stored locally on your device using AsyncStorage (encrypted by your device's operating system)

5.2 Security Measures

We implement industry-standard security measures to protect your information:

Encryption in Transit: All data transmitted between the App and our servers uses HTTPS/SSL encryption
Password Security: Passwords are hashed and encrypted; we never store plain-text passwords
Bearer Token Authentication: Secure token-based authentication system
Automatic Logout: Sessions expire and require re-authentication after inactivity
Access Controls: Limited access to data by authorized personnel only
Time-Limited Barcodes: Check-in barcodes expire every 55 seconds to prevent misuse

5.3 Data Retention

Active Accounts: We retain your data for as long as your account is active or as needed to provide services
Deleted Accounts: When you delete your account, all personal data is permanently removed from our servers within 30 days
Legal Requirements: We may retain certain data longer if required by law (e.g., financial records for tax purposes)

5.4 Data Security Limitations

While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Portability

View Your Data: Access all your personal information in the App (Profile section)
Transaction History: View complete transaction history
Membership Details: Access membership information and status

6.2 Correction and Update

Edit Profile: Update your name, email, phone, birthdate, gender, location, and photo from the Edit Profile screen
Change Password: Update your password at any time (requires email verification)

6.3 Deletion (Right to Be Forgotten)

Delete Account: Permanently delete your account from Settings > Delete Account
Requires Confirmation: You must enter your password to confirm deletion
Permanent Action: Account deletion is irreversible
Deletion Timeline: All data removed from servers within 30 days
What Gets Deleted: Personal information, transaction history, membership data, and account balance

6.4 Notification Preferences

Push Notifications: Toggle push notifications on/off in Settings (feature not currently active)
Email Communications: You will receive essential emails (verification codes, password resets); opt out of promotional emails by contacting us

6.5 Language Preference

Change Language: Switch between English and Serbian in Settings

6.6 Data Export Request

To request a copy of your data in a portable format, contact us at office@itcentar.rs.

7. Children's Privacy

The App is not intended for children under 17 years of age. We do not knowingly collect personal information from children under 17.

If we become aware that we have collected personal information from a child under 17 without parental consent, we will take steps to delete that information immediately.

If you believe we have inadvertently collected information from a child under 17, please contact us at office@itcentar.rs.

8. International Data Transfers

Your information is processed and stored in Serbia. If you are accessing the App from outside Serbia, please be aware that your information may be transferred to, stored, and processed in Serbia.

By using the App, you consent to the transfer of your information to Serbia and agree to the data practices described in this Privacy Policy.

9. Cookies and Tracking Technologies

We do NOT use cookies or tracking technologies.

The App does not:

Use cookies
Use web beacons or pixels
Use third-party analytics (e.g., Google Analytics, Firebase Analytics)
Use advertising IDs or tracking SDKs
Track your behavior across apps or websites

The only data stored locally on your device is:

Authentication tokens (for keeping you logged in)
Language preference
Cached profile information (for offline viewing)

10. Third-Party Links

The App may contain links to external websites or services (such as gym website or social media). We are not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

Notification: We will notify you of material changes via email or in-app notification
Effective Date: Changes are effective upon posting to the App or our website
Your Consent: Continued use of the App after changes constitutes acceptance of the updated Privacy Policy
Review Regularly: We encourage you to review this Privacy Policy periodically

12. Your California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: Request information about the personal data we collect, use, and disclose
Right to Delete: Request deletion of your personal information (available via in-app account deletion)
Right to Opt-Out: Opt out of sale of personal information (we do NOT sell personal information)
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at office@itcentar.rs.

13. European Users (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

13.1 Legal Basis for Processing

Contract Performance: Processing necessary to provide the App services
Legitimate Interests: To operate and improve the App
Consent: For optional data collection (e.g., profile photo)
Legal Obligation: To comply with applicable laws

13.2 Your GDPR Rights

Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your data (available via in-app deletion)
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for optional data collection
Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at office@itcentar.rs or use the in-app account deletion feature.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

IT Centar
Cara Dušana 90
Niš, Serbia
Email: office@itcentar.rs
Phone: +381 62 250 241
Company Registration Number: 60213712

15. Consent

By using the PerfectLine Gym & Fitness App, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.