Privacy Policy

Last updated : 30/12/2025

1. Introduction

This Privacy Policy explains how MVO Limited (“MVO”, “we”, “us”, or “our”) collects, uses, stores, and protects personal data when you use our mobile application, website, and services (together, the “Services”).

We are committed to protecting your privacy and handling your personal data transparently and securely, in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

2. Who We Are

Legal entity : MVO Limited

Country of incorporation : Cyprus

Registered address : Alexandreias 6, Limassol, 3013, Cyprus

Operational address : Eleftherias 83, Limassol, 3042, Cyprus

Contact email : [email protected]

Contact phone number : +357 99 853 888

For any questions regarding this Privacy Policy or your personal data, you may contact us at [email protected]

3. Personal Data We Collect

We may collect and process the following categories of personal data:

A. Identity and Contact Information

First and last name

Email address

Phone number

Date of birth or age confirmation

B. Account and Booking Information

Account credentials (email/password or phone OTP)

Class bookings, attendance history, and cancellations

Memberships, credit packs, and usage history

C. Health and Safety Information

Fitness readiness acknowledgements and health disclaimers required to participate in classes

Emergency contact details (where provided)

D. Payment Information

Payments are processed securely by Stripe

We do not store or process credit or debit card details ourselves

E. Technical and Usage Data

Device type, operating system, and app version

App usage data and interactions

Crash reports and performance logs

This data is collected to ensure the proper functioning, security, and improvement of our Services.

F. Location Data

Approximate location (city or studio level only). We do not collect precise GPS location data.

4. How We Use Your Data

We use your personal data for the following purposes:

Managing class bookings, attendance, and accounts
Processing payments and issuing receipts or refunds
Sending operational communications (booking confirmations, reminders, changes)
Sending marketing communications (news, offers, updates), where you have not opted out
Providing customer support and responding to enquiries
Analysing usage to improve our Services and user experience
Ensuring safety, security, and compliance with legal obligations

You may opt out of marketing communications at any time using the unsubscribe link or by contacting us.

5. Photography and Video Recording

From time to time, photographs and video recordings may be captured within the studio during classes or events for marketing and promotional purposes.

Where individuals are identifiable in such content, the legal basis for processing is MVO’s legitimate interest in promoting its services and maintaining brand presence. We carefully consider the impact on individuals and aim to ensure that content is appropriate, respectful, and proportionate.

Images and recordings may be used across:

If you do not wish to appear in photographs or recordings, you may object at any time by contacting us at [email protected]. We will review your request and take reasonable steps to avoid capturing or using your image in future materials.

Images are retained only for as long as reasonably necessary for promotional purposes, unless a valid objection is received earlier.

6. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

7. Third-Party Service Providers

We share personal data only with trusted third parties necessary to operate our Services:

Pine Fitness – booking system, CRM, scheduling, and app infrastructure
Stripe – secure payment processing
Google Analytics – aggregated and anonymised analytics to understand app and website usage
Apple and Google – app distribution, notifications, and platform services
Microsoft (Outlook / Microsoft 365) – email communications and support

These providers process data under contractual obligations and appropriate safeguards.

8. International Data Transfers

Personal data may be processed or stored within the European Union (EU) / European Economic Area (EEA) or, where applicable, outside the EEA by our service providers.

Where data is transferred outside the EEA, appropriate safeguards are applied, such as Standard Contractual Clauses, to ensure adequate data protection.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, including legal, accounting, or reporting requirements.

When data is no longer required, it is securely deleted or anonymised.

10. Your Rights

Under GDPR, you have the right to:

Access your personal data
Request correction of inaccurate data
Request deletion of your data
Restrict or object to processing
Withdraw consent at any time
Request data portability

To exercise any of these rights, please contact [email protected].

You also have the right to lodge a complaint with the Cyprus Office of the Commissioner for Personal Data Protection or your local supervisory authority.

11. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or alteration.

12. Children

Our Services are intended for individuals who meet the minimum age requirements stated in our Terms & Conditions. We do not knowingly collect personal data from children below the applicable age without appropriate consent.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be published at this URL with an updated “Last updated” date.

14. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us at: [email protected]