Home Promotion
← Back to Home View Terms of Service →
PRIVACY POLICY

BMass

Last Updated: November 10, 2025

This privacy policy for Kása Gellért – Persoană Fizică Autorizată (doing business as BMass) (“we”, “us”, or “our”) describes how and why we might collect, store, use, and/or share (“process”) your information when you use our services (“Services”), such as when you:

  • Download and use our mobile application BMass, or any other application of ours that links to this Privacy Policy; or
  • Visit any website or landing page we operate that links to this Privacy Policy; or
  • Interact with us in other related ways, including support, feedback, or business inquiries.

Questions or concerns? Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, contact us at geralldthe3rd@gmail.com.

Summary of Key Points

In short: This section gives you a quick overview. For full details, read the entire policy below.

  • What personal information do we process? We process limited personal information, such as account identifiers, usage data, and purchase/ subscription information, depending on how you interact with the App.
  • Do we process any sensitive personal information? We do not intentionally seek or require sensitive data. If you voluntarily enter information that relates to your health or wellbeing, it remains under your control, and you may delete it at any time.
  • Do we receive information from third parties? We generally do not buy or receive personal data from external data brokers. We may receive technical and billing information from platforms such as Apple and Google for purchases and subscriptions.
  • How do we process your information? We process information to operate, secure, and improve the App, to verify purchases, to provide support, and to comply with legal obligations. We only process data when we have a valid legal basis to do so.
  • Do we share personal information? We share data only with trusted service providers (such as Firebase and app stores) when necessary to provide the Services, and under contracts that require them to protect your information.
  • How do we keep your information safe? We use a combination of technical and organizational measures (including encryption, access controls, and secure infrastructure). However, no system is 100% secure, and we cannot guarantee absolute security.
  • What are your rights? Depending on where you live (e.g. EU/EEA, UK, US, etc.), you may have rights to access, correct, delete, or limit the processing of your personal data. You can exercise these rights by contacting us.

Table of Contents

  1. What Information Do We Collect?
  2. How Do We Process Your Information?
  3. What Legal Bases Do We Rely On?
  4. When and With Whom Do We Share Your Information?
  5. What Is Our Stance on Third-Party Websites and Services?
  6. Is Your Information Transferred Internationally?
  7. How Long Do We Keep Your Information?
  8. How Do We Keep Your Information Safe?
  9. Do We Collect Information From Minors?
  10. What Are Your Privacy Rights?
  11. Controls for Do-Not-Track Features
  12. Do United States Residents Have Specific Privacy Rights?
  13. Do Other Regions Have Specific Privacy Rights?
  14. Do We Make Updates to This Policy?
  15. How Can You Contact Us About This Policy?
  16. How Can You Review, Update, or Delete Your Data?

1. What Information Do We Collect?

Personal Information You Provide to Us

In short: We collect personal information that you voluntarily provide when you use the App or communicate with us.

The personal information we collect depends on how you interact with the Services, the choices you make, and the features you use. This may include:

  • Account and Authentication Data: Such as email address, username, or identifiers from Apple, Google, or Firebase authentication.
  • Profile and Progress Data: Such as your in-app settings, preferences, completed missions, streaks, and other usage-related information you generate inside BMass.
  • Communications Data: If you contact us by email or through any form, we may collect your name, email address, and the content of your message to respond and keep a record of the interaction.

Potential Health-Related Information

BMass focuses on habits, posture, performance, and lifestyle optimization. You may optionally enter information related to your routines, habits, or goals. We do not require you to enter medical diagnoses or highly sensitive health data.

You should not enter any information you consider highly sensitive unless you clearly understand and accept that it will be processed under this Policy. You can delete entries at any time through the App or by contacting us.

Payment and Purchase Data

When you make a purchase or subscribe to premium features, payments are processed by the relevant app store (Apple App Store or Google Play). We do not receive or store your full payment card details.

We may receive limited billing-related information from app stores, such as:

  • Subscription status (active/cancelled, start and renewal dates);
  • Country or region code for tax and compliance purposes;
  • Non-sensitive transaction identifiers needed to grant or revoke access to premium features.

Information Automatically Collected

In short: Some technical data is collected automatically to operate and secure the Services.

When you use the App, we may automatically collect:

  • Device and Usage Information: Such as device model, operating system, app version, language, time zone, and general usage events (e.g. feature usage, screens viewed, session duration).
  • Log and Diagnostic Data: Crash reports, performance metrics, and error logs that help us identify and fix issues.
  • Approximate Location Information: Only in an aggregated or non-precise form, such as country or region, derived from your IP or app store metadata, primarily for analytics and localization.

This information does not typically identify you directly, but in combination with other data, it may be considered personal information under certain laws.

2. How Do We Process Your Information?

In short: We process your information to provide, improve, and secure the App, comply with law, and only when we have a valid legal basis.

We may process your personal information for purposes such as:

  • Providing the Services: To allow you to create and maintain an account, log in, track missions, view your progress, and access your data across devices.
  • Managing Purchases and Subscriptions: To verify in-app purchases, manage subscription status, and ensure you receive the correct level of access.
  • Improving the App: To analyze how features are used, fix bugs, optimize performance, and design new functionality.
  • Security and Abuse Prevention: To detect unauthorized access, prevent misuse, and protect our infrastructure.
  • Legal and Regulatory Compliance: To respond to legal requests, comply with applicable laws, and protect our legal rights.
  • Communication: To respond to your inquiries, support requests, or feedback.

We do not use your personal information to run behavioral advertising or sell your data to third-party marketers.

3. What Legal Bases Do We Rely On?

If You Are in the EU, EEA, or UK

In short: We only process your information when we have a legal reason under GDPR/UK GDPR.

We may rely on the following legal bases:

  • Contract: When processing is necessary to provide the Services you requested (e.g. creating an account, delivering premium features you paid for).
  • Legitimate Interests: When processing is reasonably necessary for our legitimate business interests (e.g. improving the App, preventing fraud), and your interests and fundamental rights do not override those interests.
  • Legal Obligation: When processing is required to comply with applicable laws, court orders, or regulatory requests.
  • Consent: When you have explicitly consented to certain processing (e.g. optional analytics categories, certain notifications). You may withdraw consent at any time by adjusting settings or contacting us.

If You Are in Canada

We may process your information with your express or implied consent, or where permitted by applicable law without consent (for example, for fraud prevention or legal reasons). You may withdraw consent at any time, subject to legal or contractual limitations.

4. When and With Whom Do We Share Your Information?

In short: We share information only when necessary and under strict protection.

We may share your information with:

Service Providers and Vendors

We may share data with third-party companies that help us operate the Services, including:

  • Firebase / Google Cloud: for authentication, data storage, analytics, and crash reporting.
  • Apple / Google: for processing in-app purchases and subscriptions.
  • Email or Support Tools: if we use third-party software to manage support requests.

These providers act as processors under written contracts that require them to protect your data, use it only for our specified purposes, and delete it when no longer needed.

Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, your information may be transferred as part of the transaction, in compliance with applicable law. We will take steps to ensure the recipient respects this Privacy Policy or provides equivalent protection.

Legal and Safety Requirements

We may disclose information where we believe it is necessary to:

  • Comply with applicable law, regulation, or legal process;
  • Respond to lawful requests from public authorities;
  • Protect the rights, property, or safety of BMass, our users, or others.

5. What Is Our Stance on Third-Party Websites and Services?

The Services may contain links to third-party websites, resources, or content that we do not control (for example: app stores, external articles, or social profiles). We are not responsible for the privacy or security practices of such third parties.

Any data you provide to third-party services is governed by their own privacy policies, not this one. We recommend you review their terms and privacy notices before providing information.

6. Is Your Information Transferred Internationally?

In short: Yes. Data may be processed in countries other than your own.

Our core infrastructure is hosted by providers such as Firebase/Google Cloud, which may store and process data in multiple data centers, including in the European Union and the United States.

When we transfer data from the EU/EEA or UK to a country that does not provide the same level of data protection, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms, as required by law.

7. How Long Do We Keep Your Information?

In short: We keep your information only as long as necessary.

We retain personal data only for as long as needed to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law (for example, for tax, accounting, or legal defense).

  • Account and Profile Data: Kept for as long as your account is active. If you delete your account, we will delete or irreversibly anonymize associated data within a reasonable period, typically within 30–60 days, unless legal retention obligations apply.
  • Purchase and Subscription Records: Retained in line with tax and financial regulations, usually for several years as required by law.
  • Analytics and Logs: Retained for a limited time (for example, up to 12–18 months) to analyze usage and maintain security, then aggregated or anonymized.

8. How Do We Keep Your Information Safe?

We use a combination of technical, organizational, and administrative safeguards designed to protect your data, including:

  • Encryption in transit via HTTPS/TLS;
  • Secure authentication and restricted internal access;
  • Regular monitoring of infrastructure for vulnerabilities;
  • Backups and redundancy to prevent data loss.

Despite these efforts, no system is perfectly secure. You acknowledge that transmitting information over the internet always involves some risk. We cannot guarantee that unauthorized third parties will never be able to defeat our security measures.

9. Do We Collect Information From Minors?

In short: We do not knowingly collect personal data from children under 13 (or under the minimum age in their jurisdiction).

The Services are not directed at children under the age of 13. If we learn that we have collected personal information from a child under this age without verifiable parental consent, we will delete it as soon as reasonably practicable.

If you believe we may have collected data from a child in violation of this policy, please contact us at support@bmass.app.

10. What Are Your Privacy Rights?

Your rights depend on where you live. Subject to applicable law, you may have the right to:

  • Request access to your personal information;
  • Request correction of inaccurate or incomplete data;
  • Request deletion of your data (“right to be forgotten”);
  • Request restriction of processing in certain cases;
  • Object to processing based on legitimate interests;
  • Request data portability (where applicable);
  • Withdraw consent where processing is based on consent.

To exercise these rights, you may contact us at geralldthe3rd@gmail.com. We may need to verify your identity before fulfilling your request, as required by law.

11. Controls for Do-Not-Track Features

Some browsers and mobile systems offer a “Do-Not-Track” (DNT) setting. At this time, no uniform standard for responding to DNT signals has been adopted, and our Services do not currently respond to such signals.

If a standard is later adopted, we may update this Policy and our practices accordingly.

12. Do United States Residents Have Specific Privacy Rights?

If you are a resident of states such as California, Virginia, Colorado, Connecticut, or Utah, you may have additional rights under state privacy laws (for example, CCPA/CPRA in California). These may include rights to:

  • Request to know what categories of personal information we collect and how we use and share it;
  • Request deletion of certain personal information;
  • Opt out of certain forms of data sharing (we do not “sell” personal data as defined by these laws);
  • Not be discriminated against for exercising your privacy rights.

You can exercise these rights by contacting us at geralldthe3rd@gmail.com.

13. Do Other Regions Have Specific Privacy Rights?

Residents of other regions (including but not limited to Australia, New Zealand, South Africa, and Brazil) may have additional privacy rights under local law. We will respect and respond to valid requests in accordance with applicable regulations.

If you are unsure which rights apply to you, you can contact your local data protection authority or reach out to us for clarification.

14. Do We Make Updates to This Policy?

In short: Yes. We update this Policy when necessary to stay compliant with relevant laws and to reflect changes in our Services.

The “Last Updated” date at the top of this page indicates when this Policy was last revised. The updated version becomes effective as soon as it is accessible. We may notify you of material changes through the App, by email, or by another reasonable method.

15. How Can You Contact Us About This Policy?

If you have questions or comments about this Privacy Policy, or wish to exercise your rights, you may contact us at:

Email: geralldthe3rd@gmail.com

16. How Can You Review, Update, or Delete Your Data?

You may be able to review and update certain information directly within the App (for example, by editing your profile or preferences). If the App offers an in-app “Delete Account” option, using it will schedule your account and related data for deletion, except where retention is required by law.

You can also request access, correction, or deletion of your data by emailing us at geralldthe3rd@gmail.com. We will handle your request in accordance with applicable laws and will inform you of the outcome.

© 2025 BMass. All rights reserved.