Skip to content
Get the app
Legal

Privacy policy

This policy explains what personal data Sendit collects, why we collect it, how we use and protect it, who we share it with, and the rights you have over it. We’ve written it to be read.

Effective · 31 May 2026Last updated · 31 May 2026

Sendit (the “app”) and this website (together, the “Service”) are operated by Remiam Limited. We take your privacy seriously: we collect only what we need to run a climbing app you can trust, we never sell your personal data, and we give you real control over it.

1. Who we are

The Service is provided by Remiam Limited (“Sendit”, “we”, “us”, “our”), a company registered in England and Wales under company number 10829191. For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, Remiam Limited is the data controller responsible for your personal data.

If you have any questions about this policy or how we handle your data, you can reach us at [email protected].

2. Scope of this policy

This policy applies to personal data we process about you when you download or use the Sendit app, visit this website, create an account, or otherwise interact with us. It does not apply to third-party products or services that have their own privacy policies — for example the Apple App Store, Google Play, Apple Health, Google Fit, or the makers of any board or heart-rate hardware you connect (see section 13).

“Personal data” means any information that identifies, or can reasonably be used to identify, you.

3. Information we collect

We collect the following categories of information, depending on how you use the Service.

3.1 Information you give us

  • Account & profile. Your email address or sign-in identifier, username and display name, and anything you choose to add — bio, home gym, avatar and top grade.
  • Content you create. Posts, photos and videos, comments, reviews, technique tips, groups, events, discussions and the climbs and sessions you log.
  • Communications. Messages you send us (for example support requests) and the information you include in them.

3.2 Information we collect automatically

  • Activity & sensor data. Tracked sessions derived from your phone’s motion and barometric sensors — estimated height gained, leaps, lean, steepness and time on the wall.
  • Device & technical data. Basic device, operating-system and app-version information, and diagnostic logs needed to run the Service and fix problems.
  • Usage analytics. On this website, and only if you accept analytics cookies, aggregate information about how pages are used (see section 6).

3.3 Information you choose to connect

  • Health data. Only with your explicit permission, heart-rate readings and the workouts we write back to Apple Health (iOS) or Google Fit (Android). See section 5.
  • Connected hardware. The status of a Bluetooth heart-rate strap or compatible board you pair, used to deliver those features while connected.

4. How we use it & our lawful bases

Under UK GDPR we must have a lawful basis for each purpose for which we use your personal data. The table below sets out what we do and why.

What we doLawful basis
Create and run your account, feed, profile, sessions, groups, events and the board libraryPerformance of our contract with you
Keep the Service secure, prevent abuse, and investigate problemsOur legitimate interests in a safe, working Service
Understand, in aggregate, how the product is used so we can improve itYour consent (analytics cookies) / legitimate interests
Read and write your health dataYour explicit consent (special category data)
Respond to your messages and provide supportLegitimate interests / performance of our contract
Comply with legal obligations and respond to lawful requestsLegal obligation

Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal. We do not sell your personal data, and we do not use it to serve third-party advertising.

5. Health & special category data

Health data — such as heart rate and the workouts synced to Apple Health or Google Fit — is “special category” data under UK GDPR and receives extra protection. We process it only on the basis of your explicit consent, which you give by turning on each health connection in the app. You can withdraw that consent at any time in the app’s settings, after which we stop reading from and writing to those platforms. Your health data is used to power your session graphs and your own records — never to advertise to you, and never sold.

6. Cookies & analytics

This website uses a small number of cookies and similar technologies. Strictly-necessary cookies keep the site working and remember your choices (including your cookie preference and light/dark theme). Analytics cookies are off by default and load only after you accept them in the cookie banner — we use Google Consent Mode v2, so analytics and advertising storage stay denied until you opt in. You can change or withdraw your choice at any time via “Cookie preferences” in the footer.

7. How we share information

We share personal data only where necessary, and only with:

  • Service providers (processors) who run parts of the Service on our behalf — for example hosting, storage, content delivery and, on this website, analytics — under contracts that require them to protect your data and use it only as we instruct.
  • Health platforms you connect (Apple Health, Google Fit), at your direction and under their own privacy policies.
  • Other users, where you choose to make content public — your posts, profile and public groups are visible according to the settings you pick.
  • Authorities or third parties where we are required to by law, or to protect the rights, safety and property of Sendit, our users or the public.
  • A successor in the event of a merger, acquisition or reorganisation, subject to this policy.

8. International data transfers

Some of our service providers may process data outside the United Kingdom. Where they do, we take steps to ensure your data receives an equivalent level of protection — for example by relying on UK adequacy regulations or the International Data Transfer Agreement (or the EU Standard Contractual Clauses with the UK Addendum) as appropriate.

9. How long we keep it

We keep your personal data for as long as your account is active or as needed to provide the Service. When you delete your account we delete or anonymise your personal data within a reasonable period, except where we need to retain certain information to comply with legal obligations, resolve disputes or enforce our agreements. Aggregated or anonymised data that no longer identifies you may be kept.

10. How we protect it

We use appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse or alteration — including encryption in transit, access controls and the principle of least privilege. No method of transmission or storage is perfectly secure, but we work hard to keep your information safe and to respond promptly to any incident.

11. Your rights & choices

Under UK GDPR you have the right to:

  • access the personal data we hold about you, and receive a copy of it;
  • have inaccurate data corrected, and incomplete data completed;
  • have your data erased (the “right to be forgotten”) in certain circumstances;
  • restrict or object to certain processing, including processing based on legitimate interests;
  • data portability — receive certain data in a portable, machine-readable format;
  • withdraw consent at any time where we rely on it; and
  • lodge a complaint with a supervisory authority.

To exercise any of these rights, email [email protected]. We will respond within the time limits set by law. You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk, though we’d appreciate the chance to resolve your concern first.

12. Children’s privacy

Sendit is not directed at children under 13 (or the minimum age required in your country), and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.

13. Third-party services

The Service integrates with, or links to, third parties — including the Apple App Store and Google Play, Apple Health and Google Fit, Bluetooth board and heart-rate hardware, and map and location data providers. These are governed by their own terms and privacy policies, and we are not responsible for their practices. Please review them before connecting or relying on those services.

14. Changes to this policy

We may update this policy as the Service evolves or the law changes. When we do, we’ll revise the “last updated” date above, and for significant changes we’ll provide a more prominent notice. Your continued use of the Service after an update means you accept the revised policy.

15. How to contact us

For any privacy question or request, contact the data controller:

Remiam Limited (company no. 10829191)
Registered in England and Wales
[email protected]