Privacy Policy

This Policy provides basic information about the purposes, means of processing and security of your personal data as a user of the website (also referred to as the Platform). By reading the Privacy Policy you will learn who the data controller of your personal data is, what personal data is collected by the Platform, for what purposes it is used and how it is protected.


    1. The Data Controller is Digital Rep Sp. z o.o., registered office address: Chmielna 2/31, 00-020 Warszawa, PL, entered in the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Division of the National Court Register under KRS number: 0000915075, share capital: 5 000,00 zł, Tax Identification Number (NIP): 5252872328, company statistical number (REGON): 389664477.

    2. Contact with the Data Controller is possible via the contact form available on the Platform.


    1. Personal data collected by the Data Controller through the Platform is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR and other relevant data protection legal acts.

    2. The Data Controller processes personal data in accordance with the following principles:

      1. based on a legal basis and in accordance with the law

      2. not more than necessary

      3. no longer than necessary

      4. ensuring adequate data security


    1. The Data Controller processes your personal data in the following cases:

      1. Sending a message via the contact form

        If you use the contact form, you will be asked for your email address so that we can respond to you. If you do not have an account with us, your data will be deleted as soon as we respond to your message.

      2. Using a free account

        If you choose to register an account on the Platform, you will be asked to provide an email address (which will be the login to your Account), your preferred interface language and time zone. We need this information in order to provide the services specified in the agreement. We may also use your email address to send you commercial information by email, but only if you give us your consent to do so by checking the appropriate box during registration (consent can later be withdrawn using the appropriate option in your profile settings after signing in to your account on the Platform).

        If you choose to delete your account, your data will be archived and stored in this form for a period of 3 years for the purpose of considering any complaints and claims relating to the use of our services.

      3. Use of paid services

        If you choose to purchase a subscription as part of your account on the Platform, in addition to the data collected as part of your use of the free account, we will ask you to provide us with your personal data, such as your name, surname, address and, in the case you purchase the subscription as a business, your VAT ID and company name. We need this data in order to provide the services specified in the agreement.

        As with the free account, if you choose to delete your account, your data will be archived and stored in this form for a period of 3 years for the purposes of considering any complaints or claims relating to the use of our services.

      4. Subscribing to the newsletter

        If you decide to subscribe to the Fitebo newsletter, you will be asked to enter your e-mail address. It will be used by us for marketing purposes. From time to time, we will send you messages containing information about new articles that have appeared on the blog, as well as available offers, promotions and new functionalities appearing on the Fitebo platform. The legal basis for data processing is the consent given when subscribing to the newsletter. This consent may be withdrawn at any time, which will make us stop sending messages and delete your data from our databases.

    1. Personal data of your clients

      1. One of the features available on the Platform is the Client Card, which is designed to help you manage your relationship with your customers.

        1. You can enter your clients' data such as: name, surname, email address, phone number, full date of birth, price of your services for this client, height, number of training days per week, current injuries and posture defects, information about fitness equipment at the client's disposal, subjective level of training advancement, training preferences, as well as any comments you have.
        2. In the Client Card you can also record client’s measurements such as weight and circumferences of: chest, waist, hips, high hip, left arm, right arm, left forearm, right forearm, left thigh, right thigh, left calf, right calf.
        3. You can also add your client’s photos in the Client Card, front silhouette photo, back silhouette photo, and side silhouette photo.
        4. In addition, as part of a paid subscription, you can grant your client access to the Client App (more information on the Client App can be found in the Terms of Service). Using it, your client can manage certain data within their Client Card, including:
          • View, add, edit, and delete measurements as specified in point 3.b.i.2 of the Privacy Policy,
          • View, add and delete photos as specified in point 3.b.i.3 of the Privacy Policy,
          • Send reports, containing the following data: personal information about well-being (mood, sleep quality, motivation to perform training, training attendance, effectiveness in training, adherence to the diet plan, assessment of the level of difficulty and satisfaction with the current training plan, fatigue after training, speed of regeneration after training), information about the area and level of pain experienced due to overload or injury, any additional remarks.
          • View, add, edit, and delete entries about their completed workouts, based on the training plans you prepared.

        This data is collected in order to provide the services specified in the agreement.

        By using the Client Card, you are acting as a data controller of the personal data of your clients for whom you provide services. In contrast, we, as the Service Provider providing the data entry tools, are the data processor. Under the provisions of the GDPR, this will therefore be an entrustment of processing of personal data, where you entrust the data to us. We will perform this task in accordance with the provisions we have set out in the Terms of Service, and Data Processing Agreement.

        Your clients' personal information, when stored in the database, is encrypted to prevent unauthorized access.

    1. The provision of personal data by the user is voluntary.

    2. When using the Platform, additional information may be collected, in particular: the IP address assigned to your computer or the external IP address of your Internet provider, domain name, browser type, access time, operating system type. We register this information for statistical and analytical purposes as well as for monitoring traffic on the Platform with the use of cookies, based on the Data Controller's legitimate interest related to the correct functioning of the Platform and conducting website traffic analysis.

    3. Personal data will also be processed by automated means in the form of profiling, provided that you consent to this on the basis of Article 6(1)(a) of the GDPR. If you express your consent, you will be assigned a profile for the purposes of decision making based on your choices, and analysis or prediction of your preferences and behavior.

    4. The platform uses Google reCAPTCHA technology on the following pages: contact, account registration, password reminder, account activation link resend request. This is used to distinguish whether a request has been made by an individual or has been abused by automated programs/bots. This helps to maintain the security of the Platform, is therefore our legitimate interest and fulfils our legal obligation. The service includes the transmission of your IP address and possibly other data required by Google Inc. for the operation of the reCaptcha service. In this respect, different data protection regulations of Google Inc. apply. Further information on data protection by Google Inc. can be found at


    1. Users' personal data is transferred to service providers used by the Data Controller in running the website. The service providers to whom the personal data is transferred, depending on the contractual arrangements and circumstances, are either subject to the Data Controller's instructions as to the purposes and means of processing the data (processors) or determine themselves the purposes and means of processing the data (controllers).

    2. Your personal information is stored only within the European Economic Area (EEA).

    3. A list of service providers to whom we share data is available at


    1. The data subject has the right to access the content of their personal data and the right to rectification, erasure, restriction of processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.

    2. The legal basis for the user's request:

      1. Right of access to data - Article 15 of the GDPR

      2. Right to rectification - Article 16 of the GDPR.

      3. Right to erasure of data (so-called right to be forgotten) - Article 17 of the GDPR.

      4. Right to restriction of processing - Article 18 of the GDPR.

      5. Right to data portability - Article 20 of the GDPR.

      6. Right to object - Article 21 of the GDPR

      7. Right to withdrawal of consent - Article 7(3) of the GDPR.

    3. In order to exercise the rights referred to in point 5.b., you can send a relevant message via the contact form.

    4. When the user makes a request exercising their rights referred to in point 5.b., the Data Controller shall either comply with the request immediately or refuse to comply with it, but no later than within one month of receiving the request. However, if - due to the complexity of the request or the number of requests - the Data Controller is not able to meet the request within a month, they will meet it within the next two months by informing the user about the intended extension of the deadline and the reasons for it within a month of receiving the request.

    5. If it is determined that the processing of personal data violates the provisions of the GDPR, the data subject has the right to file a claim with the Supervisory Authority, represented in Poland by the Polish Data Protection Authority. Any data subject who resides outside of Poland may file a claim with the Supervisory Authority appointed in their country of residence.


    1. Cookies are IT data, in particular text files that are stored on your device, i.e. your computer, laptop or smartphone, depending on which device you use to use the Platform. Cookies usually contain the name of the website from which they come, the time of storage on your terminal device and a unique number. You can decide how cookies are used - these settings are available in each web browser.

    2. Cookies are primarily for your convenience - by using them, the loading time of the website is significantly reduced on subsequent visits.

    3. Cookies features and purposes:

      1. adjust the content of web pages of the service to the User. They optimize the User's navigation on the website, in particular these files allow for recognition of the device by which the website is displayed and for setting of its parameters in such a way that the navigation does not cause problems and is optimized in respect of individual needs of the User.

      2. allow you to view a website that is tailored to your individual needs;

      3. create statistics thanks to which the Data Controller knows which content is of interest to the Users. This allows for continuous improvement of the site and such a construction of content that will suit the visitors of the site.

      4. allow multiple use of the login option by the User, which is much more convenient for you, because when moving around the site and visiting multiple times you are not forced to enter your login and password each time.

    4. The Platform uses two main types of cookies: "session" and "permanent". Session cookies are temporary files that are stored in the final device of the User until logging out, leaving the website or switching off the software (web browser). Permanent cookies are stored in the final device of the User for the time specified in the parameters of cookies or until they are deleted by the User.

    5. You may delete cookies at any time.

    6. Restrictions on the use of cookies introduced by the User may affect some of the Platform's functionality, making it significantly more difficult to freely use all of its options.

    7. Cookies are placed in the User's device and can also be used by advertisers and other partners cooperating with the Platform's operator. The User may, however, delete them at any time.

    8. If you are in doubt about your cookie settings, please contact the operator of your web browser.

    9. If you do not agree to the Site's use of cookies, please exit the Site or activate the appropriate settings on your web browser.

    10. Consent to the use of statistical cookies is voluntary; it may be granted or withdrawn at any time by clicking this link.