π Table of Contents
- 1. Overview
- 2. Information We Collect
- 3. How We Use Your Information
- 4. WhatsApp Communications
- 5. Data Sharing and Disclosure
- 6. Data Security
- 7. Your Rights and Choices
- 8. Health Data Protection
- 9. Cookies and Tracking
- 10. Third-Party Services
- 11. Data Retention
- 12. International Data Transfers
- 13. Children's Privacy
- 14. Policy Updates
- 15. Contact Information
1. Overview
10X Shape ("we," "our," or "us") is a digital wellness transformation platform. We are committed to protecting your privacy and personal information in accordance with applicable Indian data protection laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act).
π Our Privacy Commitment
We believe that your personal information belongs to you. This Privacy Policy explains how we collect, use, protect, and share your information when you use our wellness coaching services, website, mobile applications, and WhatsApp-based communication services.
By using our services, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with our practices, please do not use our services.
2. Information We Collect
2.1 Personal Information
We collect the following types of personal information:
- Contact Information: Name, email address, phone number, WhatsApp number, postal address
- Account Information: Username, password, profile preferences, account settings
- Demographic Information: Age, gender, location, occupation
- Payment Information: Billing details, payment method information (processed securely through third-party processors)
2.2 Health and Wellness Information
π₯ Sensitive Health Data We May Collect:
- Current weight, height, and body measurements
- Fitness goals and health objectives
- Dietary preferences, restrictions, and allergies
- Exercise habits and physical activity levels
- Sleep patterns and lifestyle information
- Progress photos and transformation images (with explicit consent)
- Medical conditions relevant to fitness and nutrition (only if voluntarily provided)
- Wellness assessments and progress tracking data
2.3 Technical Information
- Device Information: IP address, browser type, device type, operating system
- Usage Data: Pages visited, features used, time spent on platform, interaction patterns
- Communication Data: WhatsApp messages, email communications, support conversations
- Location Data: Approximate location based on IP address (not precise GPS location unless explicitly provided)
2.4 Information from Third Parties
We may receive information about you from:
- Social media platforms (if you choose to connect your accounts)
- Fitness tracking devices and apps (with your permission)
- Payment processors and financial institutions
- Marketing partners and referral sources
3. How We Use Your Information
3.1 Primary Services
- Personalized Coaching: Create customized nutrition and fitness plans based on your goals and preferences
- Progress Tracking: Monitor your transformation journey and provide insights
- Communication: Send you program updates, motivation, and support via WhatsApp and email
- Account Management: Manage your subscription, billing, and account preferences
3.2 Platform Improvement
- Analyze usage patterns to improve our services
- Develop new features and functionalities
- Conduct research to enhance coaching methodologies
- Optimize user experience and platform performance
3.3 Legal and Compliance
- Comply with applicable laws and regulations
- Respond to legal requests and court orders
- Protect against fraud and security threats
- Enforce our terms of service and policies
4. WhatsApp Communications
π± WhatsApp Integration Notice
We use WhatsApp Business API to provide personalized coaching support, send program updates, and facilitate communication between you and your assigned coaches. All WhatsApp communications are subject to both our Privacy Policy and WhatsApp's Privacy Policy.
4.1 WhatsApp Data Processing
- Message Content: We process your WhatsApp messages to provide coaching support and respond to inquiries
- Communication History: We maintain records of our WhatsApp communications for quality assurance and service improvement
- Automated Responses: We may use AI-powered systems to provide automated responses and recommendations
- Media Files: Photos, videos, and documents shared via WhatsApp are processed to provide personalized coaching
4.2 WhatsApp Consent and Opt-out
By providing your WhatsApp number, you explicitly consent to receive communications from us via WhatsApp. You can opt-out of WhatsApp communications at any time by:
- Replying "STOP" to any WhatsApp message from us
- Contacting our support team
- Updating your communication preferences in your account settings
5. Data Sharing and Disclosure
5.1 We Do NOT Sell Your Data
Important: We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
5.2 Limited Sharing Scenarios
We may share your information only in the following circumstances:
- Service Providers: Third-party companies that help us provide our services (e.g., payment processors, cloud storage providers, communication platforms)
- Business Transfers: In case of merger, acquisition, or sale of our business
- Legal Requirements: When required by law, court order, or government regulations
- Safety and Security: To protect the rights, property, or safety of our users or the public
- Consent: When you explicitly consent to sharing your information
5.3 Coach Access to Your Data
Your assigned coaches have access to relevant information needed to provide personalized coaching services, including your health goals, progress data, and communication history. All coaches are bound by strict confidentiality agreements.
6. Data Security
6.1 Security Measures
We implement comprehensive security measures to protect your personal information:
- Encryption: Data transmission and storage use industry-standard encryption protocols
- Access Controls: Strict access controls limit who can view your personal information
- Regular Audits: Regular security audits and assessments to identify and address vulnerabilities
- Secure Infrastructure: Use of secure cloud infrastructure with redundancy and backup systems
- Employee Training: Regular privacy and security training for all employees
6.2 Data Breach Response
In the unlikely event of a data breach that may affect your personal information, we will:
- Notify affected users within 72 hours of discovering the breach
- Report the incident to relevant authorities as required by law
- Take immediate steps to contain and remediate the breach
- Provide guidance on protective measures you can take
7. Your Rights and Choices
Under the Digital Personal Data Protection Act, 2023 and other applicable laws, you have the following rights:
π Right to Access
Request a copy of all personal information we hold about you, including how it's being used.
βοΈ Right to Correct
Request correction of inaccurate or incomplete personal information in our records.
ποΈ Right to Delete
Request deletion of your personal information, subject to legal and contractual obligations.
βΈοΈ Right to Restrict
Request limitation of how we process your personal information in certain circumstances.
π€ Right to Portability
Request your personal information in a portable format to transfer to another service.
π« Right to Object
Object to processing of your personal information for specific purposes, including marketing.
7.1 Exercising Your Rights
To exercise any of these rights, please contact us at:
- Email: admin@10xshape.com
- Subject Line: "Privacy Rights Request - [Your Request Type]"
- Include: Your full name, registered email address, and specific request details
We will respond to your request within 30 days and may require identity verification.
8. Health Data Protection
π₯ Special Protection for Health Information
We recognize that health and wellness information is particularly sensitive. We implement additional safeguards and obtain explicit consent for processing health-related data.
8.1 Health Data Safeguards
- Explicit consent required before collecting sensitive health information
- Enhanced encryption and security measures for health data
- Limited access to health information on a need-to-know basis
- Regular deletion of unnecessary health data
- Compliance with healthcare privacy standards
8.2 Medical Disclaimer
Important: Our services are for general wellness and fitness purposes only. We are not providing medical advice, diagnosis, or treatment. Always consult with healthcare professionals before making significant changes to your diet or exercise routine.
10. Third-Party Services
We use several third-party services to enhance our platform functionality:
- Payment Processors: Razorpay, Stripe (for secure payment processing)
- Communication: WhatsApp Business API, Email service providers
- Analytics: Google Analytics, Facebook Pixel (with appropriate consent)
- Cloud Services: AWS, Google Cloud Platform (for data storage and processing)
- Customer Support: Live chat and ticketing systems
These third parties have their own privacy policies and terms of service. We recommend reviewing their policies to understand how they handle your information.
11. Data Retention
11.1 Retention Periods
- Account Information: Retained while your account is active plus 6 Months after account closure
- Health and Wellness Data: Retained for 1 year for continuity of care, or until you request deletion
- Communication Records: Retained for 6 Months for quality assurance and support purposes
- Payment Information: Retained for 1 year as required by financial regulations
- Marketing Data: Retained until you withdraw consent or opt-out
11.2 Data Deletion
We will securely delete your personal information when it's no longer needed for the purposes for which it was collected, unless we're required to retain it by law.
12. International Data Transfers
Your personal information is primarily stored and processed in India. However, some of our service providers may be located outside India. When we transfer your data internationally, we ensure:
- Adequate level of data protection through appropriate safeguards
- Compliance with applicable data transfer regulations
- Contractual protections with international service providers
- Your explicit consent when required by law
13. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
For users aged 16-18, we require parental consent before providing our services, as our programs involve health and fitness guidance that may require adult supervision.
14. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable laws. When we make material changes, we will:
- Notify you by email or WhatsApp message
- Display a prominent notice on our website
- Update the "Last Updated" date at the top of this policy
- Provide a summary of key changes when significant
Your continued use of our services after the effective date of the updated policy constitutes acceptance of the changes.
15. Contact Information
π§ Privacy Questions & Requests
If you have any questions about this Privacy Policy or want to exercise your privacy rights, please contact us:
admin@10shape.com
(Subject: Privacy Policy Inquiry)
House no 1283, Sector 14
Hisar, Haryana 125001, India
+91-9729345766
(Business hours only)
Available via email for
privacy-related inquiries
π Response Time Commitment
We commit to responding to all privacy-related inquiries within 30 days. For urgent matters, we'll provide an initial response within 72 hours.
βοΈ Legal Compliance
10X Shape is a company registered in India. This Privacy Policy is governed by Indian law, including the Digital Personal Data Protection Act, 2023, and the Information Technology Act, 2000.
Effective Date: September 15, 2025 | Version: 1.0 | Next Review: March 15, 2026