Privacy Policy

Effective date: 14 June 2026 · Last updated: 14 June 2026

A downloadable copy of this policy is available as a PDF.

This Privacy Policy explains how 1ops (“1ops”, “we”, “us” or “our”) collects, uses, stores, shares and protects your personal data when you visit our website https://1ops.in (the “Website”), enquire about us, or use our gym management software and related services (collectively, the “Services”).

We are committed to handling your personal data responsibly and in accordance with applicable Indian law, including the Digital Personal Data Protection Act, 2023 (“DPDP Act”), the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”), as amended from time to time.

Please read this carefully. By accessing the Website, submitting an enquiry, creating an account, or otherwise using the Services, you confirm that you have read and understood this Privacy Policy and consent to the collection, use, sharing and processing of your personal data as described below — including its use for marketing and promotional purposes (see Section 6 and Section 8). If you do not agree, please do not use the Website or the Services.

1. Who we are

The Website and Services are owned and operated by 1ops, a sole proprietorship firm of Mr. Raj Marde, the proprietor. For the purpose of the DPDP Act, 1ops is the Data Fiduciary in respect of the personal data it determines the purpose and means of processing.

1ops (Sole Proprietor: Raj Marde)
Aparna Society, Niphad, Nashik, Maharashtra – 422303, India
Email: contact@1ops.in · Phone/WhatsApp: +91 77418 90511
Website: https://1ops.in

2. Scope of this policy

This policy applies to personal data of:

Website visitors and prospects who browse the Website or submit an enquiry/demo request;
Customers (gym owners/operators and their staff) who subscribe to or use the Services; and
Other individuals whose personal data we receive in connection with the Services.

Where our customers (gyms) use the Services to process the personal data of their members, we generally act as a Data Processor on their behalf — see Section 10.

3. Key definitions

“Personal data” means any data about an individual who is identifiable by or in relation to such data.
“Data Principal” means the individual to whom the personal data relates (i.e. you).
“Data Fiduciary” means the person who alone or with others determines the purpose and means of processing of personal data.
“Data Processor” means any person who processes personal data on behalf of a Data Fiduciary.
“Sensitive personal data or information” (SPDI) has the meaning given to it under the SPDI Rules (e.g. passwords, financial information such as payment instrument details, biometric information, health information).
“Processing” means any operation performed on personal data, such as collection, storage, use, sharing, disclosure or erasure.

4. Information we collect

We collect the following categories of personal data:

Category	Examples
Enquiry / contact data	Your name, gym/business name, email address, phone or WhatsApp number, and the contents of any message you send via our contact form or to us directly.
Account & profile data	Login credentials, business details, staff/user names, roles and contact details of customers who register for the Services.
Operational data (entered by customers)	Gym member records, attendance/check-in logs, membership plans, trainer and equipment records, and similar data entered into the Services by our customers.
Payment data	Transaction amount, date, plan, payment status and reference IDs. Online card/UPI/netbanking details are collected and processed directly by our payment gateway (Razorpay) — we do not store your full card numbers or banking credentials.
Biometric data	Where biometric attendance devices are used, biometric templates are typically stored on the device and/or the customer’s system; we process the resulting attendance events. Biometric information is treated as sensitive personal data.
Technical & usage data	IP address, device/browser type, pages visited, approximate location, timestamps, and similar log and analytics data.
Cookies & identifiers	Cookies and similar technologies as described in Section 15.

5. How we collect it

Directly from you — when you fill the enquiry form, request a demo, email or message us, register for the Services, or make a payment.
Automatically — through cookies, server logs and analytics when you use the Website or Services.
From our customers — when a gym enters or uploads data (including member data) into the Services.
From third parties — such as our payment gateway and messaging providers, in connection with delivering the Services.

6. How and why we use your personal data

We process personal data for the following purposes, on the basis of your consent and/or for legitimate uses permitted under the DPDP Act:

To respond to your enquiries and provide a demo, trial, quote or onboarding;
To create and administer your account and provide, operate, maintain and secure the Services;
To process payments and generate invoices/receipts;
To send service-related communications (e.g. renewals, receipts, security and account notices, and product updates);
To provide customer support and resolve issues and disputes;
To analyse and improve the Website, Services and customer experience;
For marketing and promotional purposes — to send you information about our current and future products, services, features, offers and events, and to carry out market research, profiling and analytics to make those communications more relevant (see Section 8);
To offer and promote products and services of our trusted business partners, and, where you have consented, to share your contact details with such partners so that they may market relevant products and services to you (see Section 8 and Section 9);
To comply with applicable law, respond to lawful requests, and enforce our terms; and
For any other purpose disclosed to you at the time of collection or to which you consent.

Future marketing & product sales — please note. You expressly acknowledge and consent that the personal data you provide (including name, email and phone/WhatsApp number) may be retained and used by 1ops, and shared with its selected business partners, to market and sell current and future products and services to you, by email, SMS, phone call, WhatsApp and other electronic means. You can opt out of marketing at any time — see Section 7 and Section 8.

Where the law requires consent, we process your personal data only with your consent, which you give by using the Website/Services and by accepting this policy. Your consent is free, specific, informed, unconditional and unambiguous, and is limited to the purposes set out above.

You may withdraw your consent at any time, with effect for the future, by writing to us at contact@1ops.in. Withdrawing consent will not affect the lawfulness of processing carried out before withdrawal. Please note that if you withdraw consent necessary to provide the Services, we may be unable to continue providing them.

8. Marketing & promotional communications

With your consent, we (and our selected business partners) may send you marketing and promotional communications about products, services, features, offers and events that may interest you, via email, SMS, telephone, WhatsApp and other electronic channels.

You can opt out of marketing communications at any time by:

using the “unsubscribe” link in our emails;
replying STOP (or as instructed) to an SMS/WhatsApp message; or
emailing contact@1ops.in with the subject “Unsubscribe”.

Even if you opt out of marketing, we may still send you essential service-related and transactional communications.

We do not sell your personal data for money. We may share your personal data in the following limited circumstances:

(a) Service providers & processors

We engage trusted third parties to process personal data on our behalf, under appropriate confidentiality and data-protection obligations, only to deliver the Services:

Provider	Purpose
Razorpay	Processing online payments (UPI, cards, netbanking) and generating payment records.
Meta — WhatsApp Cloud API	Sending WhatsApp messages such as welcome notes, renewal/expiry reminders, receipts and notifications.
Web3Forms	Delivering Website enquiry/contact-form submissions to our inbox.
Cloud hosting & infrastructure providers	Hosting our databases, servers and backups.
Analytics providers	Understanding Website/Service usage to improve our offering.

(b) Business partners (marketing)

Where you have consented, we may share your contact details with selected business partners so that they may offer and market products and services that may be relevant to you. You may withdraw this consent at any time as described in Section 7 and Section 8.

(c) Legal & regulatory

We may disclose personal data where required to comply with applicable law, a court order, or a lawful request by a government or regulatory authority, or to establish, exercise or defend legal claims, or to protect the rights, safety and property of 1ops, our users or the public.

(d) Business transfers

If 1ops is involved in a merger, acquisition, restructuring, financing or sale of assets, your personal data may be transferred as part of that transaction, subject to this policy.

10. Personal data of gym members (our role as Processor)

When our customers (gyms) use the Services to manage their members, the gym is the Data Fiduciary for that member data and is responsible for obtaining the necessary consents and notices from its members. 1ops acts as a Data Processor and processes such data only on the gym’s documented instructions and to provide the Services. If you are a gym member and wish to exercise your rights, please contact your gym; we will support the gym in responding to your request.

11. Data security

We implement reasonable security practices and procedures designed to protect personal data against unauthorised access, use, alteration, disclosure or destruction, including:

storage in access-controlled databases with role-based permissions;
encryption of authentication tokens and use of secure (HTTPS/TLS) connections;
regular backups and access logging; and
limiting access to personal data to authorised personnel and processors on a need-to-know basis.

While we strive to protect your personal data, no method of transmission or storage is completely secure. In the event of a personal data breach, we will take appropriate steps and provide notifications as required under applicable law.

12. Data retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, including to provide the Services, to comply with our legal, tax and accounting obligations, to resolve disputes and to enforce our agreements. When personal data is no longer required and there is no legal obligation to retain it, we will delete, erase or anonymise it. Customers may also request deletion of their account data as described below.

13. Your rights

Subject to applicable law, and in particular the DPDP Act, you (as a Data Principal) have the right to:

Access — obtain a summary of the personal data we process about you and the processing activities;
Correction & updating — have inaccurate or incomplete personal data corrected, completed or updated;
Erasure — request deletion of your personal data where it is no longer required for the purpose for which it was collected, unless retention is required by law;
Withdraw consent — withdraw consent at any time (Section 7);
Grievance redressal — have your grievances addressed by us (Section 19); and
Nominate — nominate another individual to exercise your rights in the event of your death or incapacity.

To exercise any of these rights, please contact us at contact@1ops.in. We may need to verify your identity before acting on your request. You also have the right to register a complaint with the Data Protection Board of India in accordance with the DPDP Act.

14. Children’s data

The Services are intended for businesses and are not directed at children. We do not knowingly collect personal data of children (individuals below 18 years of age) without verifiable consent of a parent or lawful guardian, and we will not undertake tracking, behavioural monitoring or targeted advertising directed at children. If you believe we have inadvertently collected a child’s data, please contact us and we will take appropriate steps to delete it.

15. Cookies & tracking technologies

The Website may use cookies and similar technologies to operate the site, remember preferences, and understand how the site is used so we can improve it. You can control or disable cookies through your browser settings; however, some parts of the Website may not function properly without them.

16. Where your data is stored

Your personal data is primarily stored and processed on servers located in India and/or with reputable cloud providers. Where any transfer of personal data outside India occurs through our service providers, we will do so only in accordance with applicable law and subject to appropriate safeguards.

17. Third-party links

The Website may contain links to third-party websites or services that are not operated by us. This Privacy Policy does not apply to those third parties, and we are not responsible for their content or privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.

18. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you. Your continued use of the Website or Services after such changes constitutes acceptance of the revised policy.

19. Grievance Officer & contact

In accordance with the Information Technology Act, 2000 and the rules made thereunder, and the DPDP Act, the contact details of our Grievance Officer are below. If you have any questions, concerns or complaints about this policy or how we handle your personal data, please reach out:

Grievance Officer: Mr. Raj Marde
1ops (Sole Proprietorship)
Aparna Society, Niphad, Nashik, Maharashtra – 422303, India
Email: contact@1ops.in · Phone/WhatsApp: +91 77418 90511

We will acknowledge complaints within a reasonable time and endeavour to resolve them in accordance with applicable law.

20. Governing law & jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of India. Subject to applicable law, the courts at Nashik, Maharashtra shall have exclusive jurisdiction over any disputes arising out of or in connection with this policy.