Legal

Privacy Policy

Effective Date: 5 June 2026

LTD Forma Technologies Georgia · Registration Number: 400369828 · Tbilisi, Tskneti Highway 49, Georgia · info@formatech.shop

This Privacy Policy explains how LTD Forma Technologies Georgia (“Forma”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects your personal data when you use the Forma mobile application, visit formatech.shop, connect to a compatible Forma walking pad, participate in workplace activity challenges, or communicate with us.

1. Who We Are

  • Data Controller: LTD Forma Technologies Georgia
  • Registration Number: 400369828
  • Registered Address: Tbilisi, Tskneti Highway 49, Georgia
  • Country: Georgia
  • Privacy Contact: info@formatech.shop

2. Scope of This Policy

This Policy applies to the Forma mobile application for iOS and Android, the Forma website, user accounts, workplace challenges, leaderboards, push notifications, customer support, walking-pad connectivity, and any employer or HR dashboard services.

Where an employer or organisation provides access to Forma, that organisation may act as an independent data controller and determine why your data is processed. Forma may process your data on that organisation’s behalf under a data-processing agreement. You should also review your employer’s own privacy notice.

3. Personal Data We Collect

The exact data collected depends on the features you use and how your organisation configures the service.

3.1 Account and Profile Data

  • Full name, email address, telephone number, or other login identifier
  • Password (stored in hashed or otherwise protected form) or third-party authentication identifier
  • Employer, organisation, team, department, office, or location
  • Profile photo, nickname, or avatar (when voluntarily added)
  • Account status, role, language, and notification preferences

3.2 Walking-Pad and Activity Data

  • Walking-pad identifier and Bluetooth connection information
  • Steps recorded during a walking-pad session
  • Session date, start and end time, duration, distance, speed, and related metrics
  • Estimated calories and other calculated statistics (where displayed)
  • Challenge participation, points, achievements, streaks, rankings, and leaderboard position
  • Team and office totals and aggregated participation statistics

Activity metrics are intended for workplace wellness and engagement. They may not be medically accurate and must not be treated as clinical or diagnostic information.

3.3 Device, Technical, and Usage Data

  • Device type, operating system, app version, language, time zone, and approximate region
  • IP address, app instance identifier, push-notification token, and similar technical identifiers
  • App screens viewed, feature interactions, session timestamps, and usage events
  • Crash reports, diagnostic logs, security events, and performance data
  • Bluetooth permission status and connection events used to communicate with the walking pad

3.4 Communications and Support Data

  • Messages and enquiries sent to us
  • Support requests, feedback, survey responses, and issue reports
  • Business communications with an employer, administrator, or authorised representative

3.5 Data We Do Not Intentionally Collect

Unless a future feature is clearly presented to you and separately disclosed, Forma does not intentionally collect precise GPS location, contacts, photographs, microphone recordings, payment-card details, Apple Health or HealthKit data, Google Health Connect data, heart rate, blood oxygen, or other body-sensor data through the mobile application.

4. How We Collect Data

  • Directly from you when you create or update an account, communicate with us, or set preferences
  • From a compatible Forma walking pad when you connect via Bluetooth and start a session
  • Automatically from the app and device via logs, diagnostics, security systems, and analytics
  • From your employer or organisation when it creates, invites, manages, or administers your account
  • From service providers used for hosting, authentication, analytics, notifications, or support

5. Why We Use Personal Data

  • Create, authenticate, maintain, and secure user accounts
  • Connect the app to compatible Forma walking pads and record session data
  • Display activity history, progress, and personal statistics
  • Operate challenges, teams, points, achievements, and leaderboards
  • Provide employer or HR dashboards and aggregated workplace reports
  • Send service messages, security alerts, reminders, and push notifications
  • Provide customer support and respond to enquiries
  • Monitor performance, diagnose errors, improve features, and develop the service
  • Prevent fraud, abuse, unauthorised access, and security incidents
  • Comply with legal, regulatory, accounting, and contractual obligations
  • Establish, exercise, or defend legal claims
  • Send optional product news or marketing communications where permitted

Depending on circumstances and applicable law — including the Law of Georgia on Personal Data Protection — we rely on one or more of the following legal bases:

  • Performance of a contract, or steps taken at your request before entering into a contract
  • Your consent, including for optional permissions, marketing, or non-essential technologies
  • Our legitimate interests in operating, securing, improving, and supporting the service, where those interests are not overridden by your rights
  • Compliance with a legal obligation
  • The instructions and lawful basis of your employer or organisation where Forma acts as its data processor

You may withdraw consent at any time. Withdrawal does not affect processing that was lawful before withdrawal.

7. Bluetooth and Device Permissions

The app requests Bluetooth or nearby-device permission to discover, connect to, and receive activity data from compatible Forma walking pads. This permission is used solely for that purpose and is requested only when needed.

You may disable permissions at any time in your device settings. Doing so may make automatic walking-pad connection and session recording unavailable.

8. Leaderboards, Challenges, and Data Visibility

When you participate in a workplace challenge, selected profile and activity information may be visible to other authorised participants in the same organisation, office, team, or challenge. This may include your name or nickname, avatar, points, steps, rank, achievements, and team affiliation.

Employer administrators may view individual or aggregated data depending on the organisation’s configuration and agreement with Forma. The app indicates relevant visibility settings. If you do not want the disclosed information to appear in a leaderboard or report, please contact your administrator or Forma to discuss available options.

9. Automated Calculations and Rankings

Forma automatically calculates points, estimated distance, estimated calories, achievements, and leaderboard positions from recorded activity. These calculations are used solely to operate the service and do not constitute decisions that produce legal or similarly significant effects. Rankings may contain inaccuracies caused by connectivity issues, device limitations, or incorrect use.

10. How We Share Data

We do not sell personal data. We share data only where reasonably necessary with:

  • Your employer, organisation, team administrator, or authorised HR representative, under the applicable service configuration and agreement
  • Other authorised challenge or leaderboard participants, as described above
  • Cloud hosting, database, authentication, analytics, crash-reporting, communication, notification, customer-support, and IT-security providers
  • Professional advisers, auditors, insurers, and contractors under appropriate confidentiality obligations
  • Authorities, regulators, courts, or law-enforcement bodies where required by law or necessary to protect rights and safety
  • A buyer, investor, successor, or adviser in connection with a merger, restructuring, or sale, subject to appropriate safeguards

11. Third-Party Services and SDKs

The app may include third-party software development kits and services for hosting, authentication, analytics, diagnostics, push notifications, and customer support. These providers may process limited technical or usage information on our behalf.

All third-party SDKs included in the released app are identified in the App Store privacy disclosures and Google Play Data Safety form. Forma uses reasonable contractual and technical safeguards with each provider.

12. International Data Transfers

Personal data may be stored or processed in Georgia and in other countries where Forma or its service providers operate. These countries may have different data-protection standards.

Where required, we use appropriate safeguards for international transfers, which may include adequacy decisions, standard contractual clauses, data-processing agreements, encryption, and access controls.

13. Data Retention

We retain personal data only for as long as necessary for the purposes in this Policy, contractual requirements, security, dispute resolution, and legal obligations. Typical retention periods are:

  • Account and activity data: while the account is active and for up to 24 months after closure, unless a shorter or longer period is required by law or an employer agreement
  • Challenge and leaderboard records: for the duration of the challenge and a reasonable archival period, normally up to 24 months
  • Support communications: normally up to 24 months after the request is resolved
  • Security, diagnostic, and technical logs: normally 30 days to 12 months
  • Contractual, tax, and accounting records: for the period required by applicable law
  • Marketing preferences: until consent is withdrawn or you object, plus a suppression record to respect your choice

Data may be deleted, anonymised, or aggregated when no longer needed. Anonymised data that cannot identify a person may be retained for analytics, research, and service improvement.

14. Data Security

We apply reasonable technical and organisational measures to protect personal data, including access controls, authentication, encryption in transit, secure hosting, monitoring, backups, staff confidentiality obligations, and vendor reviews.

No internet service is completely secure. You are responsible for keeping your login credentials confidential, securing your device, and promptly notifying us of any suspected unauthorised access.

15. Your Privacy Rights

Subject to applicable law, you may have the right to:

  • Request information about and access to your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your personal data
  • Request restriction or suspension of certain processing
  • Object to processing based on legitimate interests or to direct marketing
  • Withdraw consent at any time
  • Receive eligible data in a structured, commonly used, machine-readable format (data portability)
  • Request transfer of eligible data to another controller where technically feasible
  • Lodge a complaint with a competent data-protection authority or seek a judicial remedy

To exercise a right, email info@formatech.shop with the subject line “Privacy Request”. We may verify your identity before acting. Where Forma processes your data solely on behalf of your employer, we may direct the request to that employer or assist it in responding.

16. Account and Data Deletion

If you have a Forma account, you may initiate account deletion directly within the app via Settings > Account > Delete Account. A deletion request may also be submitted to info@formatech.shop or via the account-deletion page at formatech.shop/account-deletion.

After verification, we will delete or anonymise your account and associated personal data unless retention is required by law, necessary for security or dispute resolution, or controlled by an employer with an independent lawful retention obligation. We will explain any material exception where legally permitted.

Uninstalling the app does not automatically delete your account or any server-side data.

17. Push Notifications and Marketing

The app may send operational notifications such as challenge updates, reminders, achievements, and security alerts. You can manage push notifications through the app or your device settings, although disabling them may reduce functionality.

Optional marketing communications will be sent only where permitted. You may unsubscribe or object at any time. Necessary service and security messages may continue.

18. Children

Forma is designed for workplace and organisational use and is not directed to children. We do not knowingly permit users under the age of 16 to create independent accounts or knowingly collect their personal data through the app. If we learn that such data was collected without appropriate authorisation, we will take reasonable steps to delete it promptly.

19. Cookies and Website Technologies

The Forma website may use essential cookies and, with your consent where required, analytics or similar technologies. You can manage non-essential cookies through the consent tool on the website or your browser settings. A separate cookie notice on the website provides additional details where non-essential technologies are active.

20. Changes to This Policy

We may update this Policy when our service, technology, legal obligations, or data practices change. We will publish the updated version with a revised effective date. For material changes, we will provide an in-app notice, email, or other prominent communication where appropriate.

21. Contact and Complaints

You may also lodge a complaint with the Personal Data Protection Service of Georgia or any other competent data-protection authority or court under applicable law.