1. Data controller
The data controller is JimTime, with registered office at Via Bona Lombarda 15a, 23017 Morbegno (SO), Italy — VAT IT01069920146.
For any request regarding the processing of personal data, you can write to info@jimtime.it.
Information on the processing of personal data pursuant to Articles 13 and 14 of EU Regulation 2016/679 (GDPR).
Last updated: 19 May 2026
The data controller is JimTime, with registered office at Via Bona Lombarda 15a, 23017 Morbegno (SO), Italy — VAT IT01069920146.
For any request regarding the processing of personal data, you can write to info@jimtime.it.
JimTime collects and processes the following categories of data:
Registration data: name, surname, email address, password (in hashed form), role (gym, coach, nutritionist, athlete).
Profile data: for athletes this may include date of birth, sex, weight, height, training goals and health data (e.g. heart rate from wearable devices) voluntarily provided by the user.
Usage data: training session logs, bookings, attendance, in-app chat communications with the professional.
Payment data: managed entirely by the Stripe provider; JimTime does not store credit card data on its own servers.
Technical data: IP address, device identifiers, browser, operating system, collected automatically for security and diagnostic purposes.
Data is processed for the following purposes:
a) Providing the requested service (account management, workouts, bookings) — legal basis: performance of a contract (art. 6.1.b GDPR).
b) Compliance with fiscal and accounting legal obligations — legal basis: legal obligation (art. 6.1.c GDPR).
c) Sending service communications (confirmations, notifications, deadlines) — legal basis: performance of the contract.
d) Improving the product through aggregated and anonymized analysis — legal basis: legitimate interest (art. 6.1.f GDPR).
e) Sending promotional communications — legal basis: explicit consent (art. 6.1.a GDPR), revocable at any time.
The processing of health-related data (weight, heart rate, etc.) takes place exclusively on the basis of the data subject's explicit consent pursuant to art. 9.2.a GDPR.
To deliver the service, JimTime relies on the following providers, acting as data processors:
Stripe Inc. (USA) — payment processing. Extra-EU transfer covered by Standard Contractual Clauses.
Vercel Inc. (USA) — public website hosting. Extra-EU transfer covered by SCCs.
Railway Corp. (USA) — application and database hosting. SCCs.
Cloudflare Inc. (USA) — CDN, edge security, DDoS protection. SCCs.
OneSignal Inc. (USA) — push notification delivery. SCCs.
Sentry (USA) — application error tracking (anonymized technical data).
Aruba S.p.A. (Italy) — transactional email delivery.
Data is never sold, leased or shared with third parties for direct marketing purposes without explicit consent from the data subject.
Account data is retained for the entire duration of the contractual relationship and for the 10 years following its termination, in compliance with fiscal and accounting legal obligations.
Aggregated and anonymized usage data may be retained without time limits for statistical purposes.
Users can request early deletion of data not subject to retention obligations via written request to info@jimtime.it.
Under Articles 15-22 of the GDPR, you have the right to:
a) Access your personal data and obtain a copy.
b) Request rectification of inaccurate data or completion of incomplete data.
c) Request erasure of data (right to be forgotten), within the limits set by law.
d) Request restriction of processing.
e) Object to processing for direct marketing or legitimate interest purposes.
f) Request data portability in a structured and readable format.
g) Withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.
h) Lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).
Requests should be addressed via email to info@jimtime.it and will be processed within 30 days of receipt.
JimTime reserves the right to update this notice to reflect regulatory changes or service evolution. The updated version will be published on this page with the last-updated date clearly visible. In case of substantial changes, registered users will receive an email notification.