Privacy Policy
This privacy policy is applicable to the ArchFix app (hereinafter referred to as “Application”) for mobile devices, which was developed by ARCHFIX D.O.O. NIŠ (hereinafter referred to as “Service Provider”) as an Ad Supported service. This service is provided “AS IS”.
Effective Date: 2026-05-07
About ArchFix
ArchFix is an innovative mobile application designed for parents of children aged 3 to 16 who have flexible flat feet. The Application provides personalized exercise programs based on a medically validated method and algorithm that adapts to the needs of the child. ArchFix is a support tool for prevention and treatment of flexible flat feet - it is not a diagnostic tool, does not replace medical examinations, and is not intended for rigid flat feet.
What Information Does the Application Obtain and How Is It Used?
User Provided Information
The Application acquires the information you supply when you download and register the Application. Registration with the Service Provider is not mandatory. However, bear in mind that you might not be able to utilize some of the features offered by the Application unless you register with them.
When you register and subscribe to the program, the following personal data may be collected:
- Full name
- Email address
- Photographs of the child’s footprints (for CSI index calculation)
The Service Provider may also use the information you provided to contact you from time to time to provide you with important information, required notices, and marketing promotions.
Automatically Collected Information
In addition, the Application may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application.
How Your Data Is Used
Purpose of Data Collection
Your personal data is collected and processed for the following purposes:
- Account Access: To enable registration, account creation, and access to the Application’s features.
- Personalized Program: To calculate the CSI (Chippaux-Smirak Index) from your child’s footprint photographs and generate a personalized exercise plan adapted to your child’s level of deformity.
- Contract Fulfillment: To enable the execution of the service agreement, including access to the program, video content, progress tracking, and group consultations.
- Safety & Compliance: To ensure the safety of all users, particularly minors, and to prevent any potential violations of legal norms.
- Payment Processing: To facilitate the payment system for the program subscription.
- Algorithm Improvement: Aggregated and anonymized data (including footprint data) may be used to improve the Application’s algorithm and features.
Device Location Information
This Application does not collect or use location information from your mobile device.
Artificial Intelligence
The Application uses Artificial Intelligence (AI) technologies to enhance the user experience. Specifically, AI may suggest exercises or content based on your child’s profile and progress within the Application. All AI processing is performed in accordance with this Privacy Policy and applicable data protection laws.
Third-Party Services
Only aggregated, anonymized data is periodically transmitted to external services to aid the Service Provider in improving the Application and their service. The Service Provider may share your information with third parties in the ways that are described in this privacy policy.
Please note that the Application utilizes third-party services that have their own Privacy Policy about handling data. Below are the links to the Privacy Policy of the third-party service providers used by the Application:
The Service Provider may disclose User Provided and Automatically Collected Information:
- As required by law, such as to comply with a subpoena or similar legal process;
- When they believe in good faith that disclosure is necessary to protect their rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
- With their trusted service providers who work on their behalf, do not have an independent use of the information disclosed to them, and have agreed to adhere to the rules set forth in this privacy policy.
Transfer of Data to Third Parties
The Service Provider does not transfer personal data to third parties domestically or internationally, except with the explicit consent of the data subject, or in exceptional situations prescribed by law. Personal data will be disclosed to public authorities only when required by law.
In the event of a sale of the business entity, databases associated with the Application will transfer to the buyer, who will be bound by all previously signed agreements with users, including these Terms of Use and this Privacy Policy.
Data Protection & Security
The Service Provider is concerned about safeguarding the confidentiality of your information. The Service Provider provides physical, electronic, and procedural safeguards to protect information processed and maintained.
- Access to personal data is limited to authorized employees and contractors who need to know that information in order to operate, develop, or improve the Application.
- Data is stored in electronic form in secured databases with antivirus protection.
- Hosting companies are obligated to treat personal data in the same manner as the Service Provider.
- In the event of a data breach, hacker attack, or database theft, the Service Provider will notify the Commissioner for Information of Public Importance and Personal Data Protection (Republic of Serbia).
- In the event of suspected unauthorized access to computing devices, the Service Provider will promptly change passwords and take all necessary measures to prevent future security incidents.
Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
Your Rights
As a user of the Application, you have the following rights regarding your personal data:
- Right to Information: You have the right to be informed about your rights, obligations, and matters relating to the processing of your personal data, even before processing begins.
- Right of Access: You have the right to request access to your personal data and to determine the subject, manner, purpose, and scope of processing.
- Right to Rectification: You have the right to request correction, supplementation, or updating of your personal data.
- Right to Erasure: You have the right to request deletion of your personal data, as well as cessation or temporary suspension of processing. Please note that exercising this right will result in the deletion of your account and loss of access to the program.
- Right to Withdraw Consent: Where the legal basis for processing is consent, you have the right to withdraw that consent at any time in writing.
- Right to Restriction of Processing: You have the right to request that the processing of your personal data be restricted.
- Right to Data Portability: You have the right to request the transfer of your personal data to another controller, where technically feasible and where the data is in a structured, machine-readable format.
- Right to Object: You have the right to object to the processing of your personal data at any time, including the right not to be subject to a decision based solely on automated processing, including profiling.
- Right to Object to Direct Marketing: You have the right to object to the processing of your personal data for direct marketing purposes.
The Service Provider does not engage in automated decision-making or profiling.
Opt-Out Rights
You can halt all collection of information by the Application easily by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
Data Retention Policy
The Service Provider will retain User Provided data for as long as you use the Application and for a reasonable time thereafter, specifically for as long as the service agreement is in force or until the user deletes their account.
The Service Provider will retain Automatically Collected information for up to 24 months and thereafter may store it in aggregate.
In certain cases, personal data may be retained for a longer period to fulfill legal obligations or to establish, exercise, or defend legal claims, in accordance with applicable laws.
If you’d like the Service Provider to delete User Provided Data that you have provided via the Application, please contact them at info@archfix.net and we will respond in a reasonable time. Please note that some or all of the User Provided Data may be required in order for the Application to function properly.
When deleting personal data, you have the option to separately request the deletion of your child’s footprint data from the database - this must be explicitly selected within the Application. If you choose not to delete footprint data, it will be retained in fully anonymized form and will not be linked to your child or to your personal information.
Children
The Service Provider does not use the Application to knowingly solicit data from or market to children under the age of 13.
The Application does not address anyone under the age of 13. The Service Provider does not knowingly collect personally identifiable information from children under 13 years of age. In the case the Service Provider discovers that a child under 13 has provided personal information, the Service Provider will immediately delete this from their servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact the Service Provider at info@archfix.net so that they will be able to take the necessary actions.
Note: The Application collects footprint photographs and related data of children (aged 3-16) solely with the explicit consent of a parent or legal guardian, for the purpose of calculating the CSI index and generating personalized exercise plans. This data is processed in accordance with this Privacy Policy and applicable data protection laws.
Lead Form / Sales Inquiries
In addition to the Application, ArchFix operates a website (archfix.net) where prospective users may request a sales call by submitting a contact form. This section describes how data submitted via that form is processed.
Information Collected
When you submit the lead form, the following personal data is collected:
- Full name
- Email address
- Phone number
- Preferred hours for contact
- Age of your child (or children)
Purpose
This data is collected exclusively for the purpose of contacting you to present the ArchFix program and answer your questions. It is not used for any other marketing purpose without your separate, additional consent.
Lawful Basis
The lawful basis for this processing is your explicit, freely given consent, indicated by ticking the consent checkbox on the form before submission. You may withdraw this consent at any time (see Your Rights).
Recipients and Processors
Lead data is stored in our database (operated by MongoDB Atlas, acting as a data processor) and mirrored into a Google Sheet (Google Workspace, acting as a data processor) used internally by our sales team. No data is transferred to third parties beyond these processors without your additional consent.
Retention
Lead data is retained for a maximum of 12 months from the date of last contact. After this period the data is deleted, except where you have become a paying customer - in which case the retention rules elsewhere in this Privacy Policy that govern customer data apply instead.
Your Rights Regarding Lead Data
All rights described in the Your Rights section of this Privacy Policy apply equally to lead form data. In particular, you may:
- Withdraw consent at any time by emailing info@archfix.net - we will delete your data within a reasonable period after receiving the request.
- Request access, correction, or erasure of the data via the same email.
Children
The lead form collects the age of the child solely to confirm that the child falls within the program’s target group (ages 3 to 16). No other information about the child is collected. Only the parent or legal guardian may submit the form.
Data Protection Officer
The Data Protection Officer for ArchFix is Dimitrije Zdravković, Director and Legal Representative of ARCHFIX D.O.O. NIŠ, ul. Aleksandra Medvedeva 2A, Niš.
In the event of any personal data breach, you have the right to contact the Data Protection Officer.
Supervisory Authority
If you are not satisfied with the Service Provider’s response to your data protection request, you have the right to file a complaint with the competent authority:
Commissioner for Information of Public Importance and Personal Data Protection Bulevar kralja Aleksandra 15, 11000 Belgrade, Republic of Serbia Email: office@poverenik.rs Phone: +381 11 3408 900
If you are located in the European Union or the United Kingdom, you also have the right to lodge a complaint with the supervisory authority in your country of residence.
Changes
This Privacy Policy may be updated from time to time for any reason. The Service Provider will notify you of any changes to the Privacy Policy by updating this page with the new Privacy Policy. Users will be notified of any significant changes. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.
Your Consent
By using the Application, you are giving your consent to the Service Provider’s processing of your information as set forth in this Privacy Policy now and as amended by us. “Processing” means using cookies on a computer/handheld device or using or touching information in any way, including, but not limited to, collecting, storing, deleting, using, combining, and disclosing information.
By subscribing to the program and signing the service agreement, you provide voluntary and explicit consent, based on full information about how the ArchFix Application works, for the processing of your personal data and the personal data of your minor child (of whom you are the legal guardian), for the purpose of accessing and performing exercises based on the available paid video content, in accordance with applicable data protection laws.
Applicable Law
The operation of the ArchFix Application is governed primarily by the Law on Electronic Commerce, the Law on Obligations, the Law on Advertising, the Law on Copyright and Related Rights, the Law on Trademarks, the Law on Personal Data Protection, and other regulations of the legal system of the Republic of Serbia.
Contact Us
If you have any questions regarding privacy while using the Application, or have questions about the practices, please contact the Service Provider via email at info@archfix.net.
This privacy policy page was generated with the assistance of App Privacy Policy Generator.